|
Plagegeister aller Art und deren Bekämpfung: entferne sweetpageWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
04.05.2014, 11:13 | #1 |
| entferne sweetpage auf der Suche nach einem Treiber für die Kodak-Camera hab ich den Treiber nicht gefunden. Dafür erscheint jedesmal die SweetPage, nervige Aufforderung, den PC zu bereinigen und den Browser und MediaPlayer zu aktualisieren. Es ist nicht möglich, das zu killen! Help, help, help; danke |
04.05.2014, 11:40 | #2 |
/// TB-Ausbilder | entferne sweetpageMein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags: So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
|
04.05.2014, 12:05 | #3 |
| entferne sweetpageFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014 Ran by Kawey (administrator) on KAWEY-PC on 04-05-2014 12:59:04 Running from C:\Users\Kawey\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe (Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe () C:\Program Files\003\buuoujqmrk64.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe () C:\Program Files (x86)\Caramava\updateCaramava.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe () C:\Program Files (x86)\Caramava\bin\utilCaramava.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-10] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-03-08] (Synaptics Incorporated) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-09] (AVAST Software) HKLM-x32\...\Run: [] => [X] Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2568023682-207481756-3843068466-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung) HKU\S-1-5-21-2568023682-207481756-3843068466-1000\...\MountPoints2: {e5ab1670-7892-11e3-a6cb-3c970eac15f9} - E:\AutoRun.exe AppInit_DLLs: C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll => C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll File Not Found IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bootstrap.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\hpwucli.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\imfrmwrk.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\jumpflip: [Debugger] tasklist.exe IFEO\open energymanagement.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp:/// HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Sweet Page HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://de.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Sweet Page HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Sweet Page HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Sweet Page HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Sweet Page HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms} URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe Webs Searches SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms} SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms} SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzutA0CzyyBtD0E0A0CtCyD0FzytC0DyDtCtN0D0Tzu0SyBzytAtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyDyD0E0ByEtCyCyBtGzyyDtB0BtGtDyE0EtDtGtBtD0D0DtGtC0C0DyCyEyEyC0EyEyD0Dzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyByB0AtA0E0A0CtGtCyCtAzztG0A0EtDtDtG0EtD0BtBtGtCyC0F0A0CtD0A0AtAyBtB0B2Q&cr=687468405&ir= SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=12302&tm=321&src=ds&p={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms} SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=33201e43-a4a5-d890-52fb-99fd5190aa5e&searchtype=ds&q={searchTerms}&installDate=07/11/2013 SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms} SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=12302&tm=321&src=ds&p={searchTerms} SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms} SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=882339C1-50C2-4324-946A-024990A2909C&ref=toolbox&q={searchTerms} SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1E06BC8556697888&affID=128492&tsp=5222 SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=33201e43-a4a5-d890-52fb-99fd5190aa5e&searchtype=ds&q={searchTerms}&installDate=07/11/2013 SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1E06BC8556697888&affID=128492&tsp=5222 SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms} SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzutA0CzyyBtD0E0A0CtCyD0FzytC0DyDtCtN0D0Tzu0SyBzytAtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyDyD0E0ByEtCyCyBtGzyyDtB0BtGtDyE0EtDtGtBtD0D0DtGtC0C0DyCyEyEyC0EyEyD0Dzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyByB0AtA0E0A0CtGtCyCtAzztG0A0EtDtDtG0EtD0BtBtGtCyC0F0A0CtD0A0AtAyBtB0B2Q&cr=687468405&ir= SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=12302&tm=321&src=ds&p={searchTerms} SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms} SearchScopes: HKCU - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=882339C1-50C2-4324-946A-024990A2909C&ref=toolbox&q={searchTerms} BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO-x32: iminent Helper Object - {112BA211-334C-4A90-90EC-2AD1CDAB287C} - No File BHO-x32: Caramava - {1e50bbda-c15a-47d5-9853-d829ff890664} - C:\Program Files (x86)\Caramava\Caramavabho.dll (Caramava) BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM-x32 - Iminent Toolbar - {1FAFD711-ABF9-4F6A-8130-5166C7371427} - No File Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{84A47CCA-2016-4EB2-9976-DDB4A782B000}: [NameServer]62.109.121.1 62.109.121.2 FireFox: ======== FF ProfilePath: C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013 FF SelectedSearchEngine: sweet-page FF Homepage: hxxp://www.sweet-page.com/?type=hppp&ts=1399130289&from=tugs&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.) FF Plugin-x32: @zylom.com/ZylomGamesPlayer - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF SearchPlugin: C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\searchplugins\ixquick-https.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\StartWeb.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: MediaPlayerplus - C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-04-25] FF Extension: Adblock Plus - C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-03] FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-06] FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\90i27aem.default\extensions\quick_start@gmail.com FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox Chrome: ======= CHR HomePage: hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD4F79A21-7465-46DE-A457-C0A42C3CC60E&SSPV= CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD4F79A21-7465-46DE-A457-C0A42C3CC60E&SSPV=" CHR DefaultSearchKeyword: conduit.search CHR DefaultSearchProvider: Conduit Search CHR DefaultSearchURL: hxxp://search.conduit.com/Results.aspx?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPD4F79A21-7465-46DE-A457-C0A42C3CC60E&q={searchTerms}&SSPV= CHR DefaultNewTabURL: CHR Extension: (Google Docs) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-27] CHR Extension: (Google Drive) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-27] CHR Extension: (YouTube) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-27] CHR Extension: (Google-Suche) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-27] CHR Extension: (MediaPlayerplus) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-04-09] CHR Extension: (Google Wallet) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-27] CHR Extension: (Google Mail) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-27] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-09] CHR HKLM-x32\...\Chrome\Extension: [pkhojieggfgllhllcegoffdcnmdeojgb] - C:\Program Files (x86)\IminentToolbar\1.8.25.0\iminent.crx [2014-04-09] ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-09] (AVAST Software) R2 buuoujqmrk64; C:\Program Files\003\buuoujqmrk64.exe [706560 2014-04-20] () R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [47416 2014-02-05] (Hewlett-Packard Company) R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED) S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] () R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2138936 2014-03-20] (TuneUp Software) R2 Update Caramava; C:\Program Files (x86)\Caramava\updateCaramava.exe [350496 2014-04-18] () R2 Util Caramava; C:\Program Files (x86)\Caramava\bin\utilCaramava.exe [350496 2014-04-20] () R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [566272 2014-04-20] (Cherished Technololgy LIMITED) S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-09] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-09] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-09] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-09] () S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20568 2009-12-22] (Devguru Co., Ltd) S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3532160 2011-10-11] (Sonix Technology Co., Ltd.) S3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation) S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2013-08-21] (MCCI Corporation) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software) S3 AmUStor; system32\drivers\AmUStor.SYS [X] S0 LHDmgr; System32\DRIVERS\LhdX64.sys [X] S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X] U2 TMAgent; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-04 12:44 - 2014-05-04 12:44 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT.exe 2014-05-04 12:44 - 2014-05-04 12:44 - 00000000 ____D () C:\Windows\ERUNT 2014-05-04 12:39 - 2014-05-04 12:59 - 00021952 _____ () C:\Users\Kawey\Downloads\FRST.txt 2014-05-04 12:39 - 2014-05-04 12:59 - 00000000 ____D () C:\FRST 2014-05-04 12:39 - 2014-05-04 12:40 - 00018676 _____ () C:\Users\Kawey\Downloads\Addition.txt 2014-05-04 12:38 - 2014-05-04 12:38 - 02062336 _____ (Farbar) C:\Users\Kawey\Downloads\FRST64.exe 2014-05-04 12:38 - 2014-05-04 12:38 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(2).exe 2014-05-04 12:36 - 2014-05-04 12:36 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(1).exe 2014-05-04 12:35 - 2014-05-04 12:35 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST.exe 2014-05-03 21:55 - 2014-05-03 21:56 - 00008494 _____ () C:\Windows\DPINST.LOG 2014-05-03 21:54 - 2014-05-03 21:55 - 09020696 _____ (Hamrick Software) C:\Users\Kawey\Downloads\vuex6494(1).exe 2014-05-03 08:50 - 2014-05-03 08:50 - 00499072 _____ () C:\Users\Kawey\Downloads\Java(1).exe 2014-05-03 08:49 - 2014-05-03 08:49 - 00499072 _____ () C:\Users\Kawey\Downloads\Java.exe 2014-05-02 15:11 - 2014-05-02 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\Documents\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Local\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\TomTom 2014-05-02 15:10 - 2014-05-02 15:34 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2 2014-05-02 15:10 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V 2014-05-02 15:07 - 2014-05-02 15:07 - 00000000 ____D () C:\Program Files (x86)\TomTom DesktopSuite 2014-05-02 14:05 - 2014-05-04 12:52 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Nico Mak Computing 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Nico Mak Computing 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector 2014-05-02 14:05 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe 2014-05-02 14:02 - 2014-05-02 14:02 - 04892480 _____ (WinZip International LLC ) C:\Users\Kawey\Downloads\wzmp_8.exe 2014-05-02 10:26 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-02 10:26 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-02 10:26 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-02 10:26 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-01 18:34 - 2014-05-01 19:10 - 00000000 ____D () C:\Users\Kawey\Documents\TCM 2014-04-30 21:50 - 2012-06-05 09:37 - 00256904 _____ (Trend Micro Inc.) C:\Windows\SysWOW64\Drivers\tmcomm.sys 2014-04-30 21:46 - 2014-04-30 21:46 - 02002944 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher.exe 2014-04-30 21:40 - 2014-05-01 12:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-04-30 19:10 - 2014-05-04 12:50 - 00001579 _____ () C:\Windows\setupact.log 2014-04-30 19:10 - 2014-04-30 19:10 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-30 12:33 - 2014-04-30 12:33 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-04-30 11:46 - 2014-04-30 11:46 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-30 11:45 - 2014-04-30 11:45 - 03671432 _____ (Piriform Ltd) C:\Users\Kawey\Downloads\ccsetup413_slim.exe 2014-04-30 11:00 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-04-30 11:00 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-04-29 17:04 - 2014-05-03 15:54 - 00000000 ____D () C:\Heilkunde 2014-04-28 10:13 - 2014-04-28 10:14 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE(1).exe 2014-04-28 09:32 - 2014-04-28 09:33 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE.exe 2014-04-27 11:24 - 2014-04-27 11:24 - 00503392 _____ () C:\Users\Kawey\Downloads\Player(2).exe 2014-04-27 11:24 - 2014-04-27 11:24 - 00000000 ____D () C:\Users\Kawey\AppData\Local\SearchProtect 2014-04-27 11:23 - 2014-04-27 11:23 - 00503392 _____ () C:\Users\Kawey\Downloads\Player(1).exe 2014-04-27 11:22 - 2014-04-27 11:22 - 00000000 ____D () C:\ProgramData\IProt 2014-04-27 11:20 - 2014-04-27 11:20 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\ShenProfessional 3.1.lnk 2014-04-27 11:20 - 2014-04-27 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShenProfessional 3.1 2014-04-27 11:14 - 2014-04-27 11:20 - 00760333 _____ () C:\Program Files (x86)\ShenUnInstall.txt 2014-04-27 11:14 - 2014-04-27 11:20 - 00000000 ____D () C:\Program Files (x86)\ShenProfessional 3.1 2014-04-27 11:14 - 2014-03-12 17:39 - 00572448 _____ (Pantaray Research Ltd.) C:\Program Files (x86)\ShenUnInstall.exe 2014-04-27 11:14 - 2011-12-18 09:00 - 00012420 _____ () C:\Program Files (x86)\Deutsch.lng 2014-04-27 11:13 - 2014-04-27 11:20 - 00801542 _____ () C:\Program Files (x86)\Setup.log 2014-04-27 11:01 - 2014-04-27 11:08 - 197984521 _____ (shen.de) C:\Users\Kawey\Downloads\ShenProfessional-3-1.exe 2014-04-27 10:35 - 2014-04-27 10:35 - 00003088 _____ () C:\Windows\System32\Tasks\{6FFDF4FA-9810-4B47-9A34-C3807772493D} 2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\ProgramData\dvdfab 2014-04-25 14:30 - 2014-04-25 14:30 - 00001016 _____ () C:\Users\Kawey\Desktop\DVDFab 8 Qt.lnk 2014-04-25 14:28 - 2014-04-25 14:29 - 21323352 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab8230Qt.exe 2014-04-24 15:36 - 2014-04-24 15:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\Firefox - CHIP-Downloader.exe 2014-04-22 11:50 - 2014-04-22 11:50 - 00907018 _____ () C:\Users\Kawey\Downloads\adblockplus-2.5.1.zip 2014-04-22 11:50 - 2014-04-22 11:50 - 00000000 ____D () C:\Users\Kawey\Downloads\adblockplus-2.5.1 2014-04-22 11:48 - 2014-04-22 11:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\adblockplus-2.5.1 - CHIP-Downloader.exe 2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\Documents\PcSetup 2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6 2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 6 2014-04-21 18:48 - 2014-04-21 18:49 - 13312568 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab6218.exe 2014-04-21 18:08 - 2014-04-21 18:57 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab 2014-04-21 18:08 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab9 2014-04-21 17:47 - 2014-04-21 17:47 - 01672252 _____ () C:\Users\Kawey\Downloads\a-user-guide-of-dvdfab9.zip 2014-04-21 15:47 - 2014-04-21 15:47 - 00000000 _____ () C:\Users\Kawey\AppData\Roaming\CopyToGo.dat 2014-04-21 15:29 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2014-04-21 15:29 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2014-04-21 15:29 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2014-04-21 15:29 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2014-04-21 15:29 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2014-04-21 15:29 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2014-04-21 15:29 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2014-04-21 15:29 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2014-04-21 15:29 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2014-04-21 15:29 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2014-04-21 15:29 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2014-04-21 15:29 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2014-04-21 15:29 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2014-04-21 15:29 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2014-04-21 15:11 - 2014-04-21 15:23 - 322746776 _____ (Corel) C:\Users\Kawey\Downloads\KEYDC6PLMLPC.exe 2014-04-21 13:48 - 2014-04-21 13:57 - 00000125 ___SH () C:\ProgramData\.zreglib 2014-04-21 13:45 - 2014-04-21 14:47 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes 2014-04-21 13:45 - 2014-04-21 14:46 - 00000000 ____D () C:\ProgramData\SlySoft 2014-04-21 13:45 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\SlySoft 2014-04-21 13:43 - 2014-04-21 13:44 - 10873088 _____ () C:\Users\Kawey\Downloads\SetupAnyDVD7460.exe 2014-04-21 13:43 - 2014-04-21 13:44 - 05185720 _____ () C:\Users\Kawey\Downloads\SetupCloneDVD2930Slysoft.exe 2014-04-21 12:30 - 2014-04-21 14:48 - 00000000 ____D () C:\ProgramData\Freemake 2014-04-21 12:30 - 2014-04-21 14:48 - 00000000 ____D () C:\Program Files (x86)\Freemake 2014-04-21 12:27 - 2014-04-21 12:27 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Kawey\Downloads\FreemakeVideoConverterSetup.exe 2014-04-21 11:30 - 2014-04-21 11:30 - 13833720 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab7070.exe 2014-04-20 20:01 - 2014-04-20 20:01 - 00000000 ____D () C:\Users\Kawey\AppData\Local\com 2014-04-20 19:58 - 2014-04-20 20:00 - 00000000 ____D () C:\Program Files\003 2014-04-20 19:57 - 2014-04-20 19:57 - 00450152 _____ () C:\Users\Kawey\Downloads\Player.exe 2014-04-20 19:54 - 2014-04-20 19:54 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\30183 2014-04-20 19:42 - 2014-04-20 19:42 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\DVDFab 2014-04-20 19:07 - 2014-04-25 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt 2014-04-20 19:07 - 2014-04-25 14:30 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 Qt 2014-04-20 19:02 - 2014-04-20 19:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\EuroTrade A.L. Ltd 2014-04-20 19:00 - 2014-04-20 20:16 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Lollipop 2014-04-20 19:00 - 2014-04-20 19:00 - 00000000 ____D () C:\Program Files (x86)\PassWidget-soft 2014-04-20 18:59 - 2014-04-20 18:59 - 04714928 _____ () C:\Users\Kawey\Downloads\installer_dvdfab_platinum_8_0_8_7_beta_Deutsch.exe 2014-04-20 18:46 - 2014-04-20 18:46 - 00673984 _____ () C:\Users\Kawey\Downloads\Brothersoft_downloader_For_DVDFab_Platinum(1).exe 2014-04-20 18:44 - 2014-04-20 22:50 - 00000000 ____D () C:\Program Files (x86)\Caramava 2014-04-20 18:41 - 2014-04-20 18:42 - 00673984 _____ () C:\Users\Kawey\Downloads\Brothersoft_downloader_For_DVDFab_Platinum.exe 2014-04-20 16:03 - 2014-04-20 16:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(7).exe 2014-04-20 00:37 - 2014-04-20 00:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\137 2014-04-19 23:53 - 2014-04-19 23:53 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(6).exe 2014-04-19 21:54 - 2014-04-19 21:54 - 00669648 _____ ( ) C:\Users\Kawey\Downloads\UltimateCodec(2).exe 2014-04-19 20:36 - 2014-04-19 20:36 - 00033947 _____ () C:\Users\Kawey\Downloads\anleitung.htm 2014-04-19 14:06 - 2014-04-19 14:06 - 13888037 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_i686-Win_GUI.exe 2014-04-18 19:16 - 2014-05-02 15:39 - 00000066 _____ () C:\Users\Kawey\AppData\default.pls 2014-04-18 18:49 - 2014-04-18 18:49 - 00386896 _____ (Softonic ) C:\Users\Kawey\Downloads\SoftonicDownloader_fuer_handbrake.exe 2014-04-18 18:43 - 2014-04-18 18:43 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\9130 2014-04-18 18:02 - 2014-04-19 21:46 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\HandBrake 2014-04-18 18:01 - 2014-04-18 18:01 - 14298467 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe 2014-04-18 17:16 - 2014-04-18 17:19 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140(1).exe 2014-04-18 12:57 - 2014-04-20 17:35 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 2014-04-18 12:46 - 2014-04-18 12:47 - 00386888 _____ (Softonic ) C:\Users\Kawey\Downloads\SoftonicDownloader_for_dvdfab.exe 2014-04-17 23:52 - 2014-04-21 18:52 - 00000034 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.log 2014-04-17 23:51 - 2014-04-21 18:52 - 00099384 _____ () C:\Users\Kawey\AppData\Roaming\inst.exe 2014-04-17 23:51 - 2014-04-21 18:52 - 00082816 _____ (VSO Software) C:\Users\Kawey\AppData\Roaming\pcouffin.sys 2014-04-17 23:51 - 2014-04-21 18:52 - 00007859 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.cat 2014-04-17 23:51 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Vso 2014-04-17 23:51 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys 2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieUserList 2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieSiteList 2014-04-17 21:37 - 2014-04-17 21:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\23260 2014-04-17 21:15 - 2014-04-17 21:15 - 02170880 _____ () C:\Users\Kawey\Downloads\ffmpeg15.exe 2014-04-17 21:15 - 2014-04-17 21:15 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\NCH Software 2014-04-17 20:57 - 2014-04-17 21:04 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software 2014-04-17 20:57 - 2014-04-17 20:57 - 00817696 _____ (NCH Software) C:\Users\Kawey\Downloads\burnsetup.exe 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\NCH Software 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\Program Files (x86)\NCH Software 2014-04-17 20:20 - 2014-04-17 20:20 - 00000000 ____D () C:\ProgramData\vsosdk 2014-04-17 19:52 - 2014-04-21 18:08 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9 2014-04-17 19:39 - 2014-04-17 19:41 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140.exe 2014-04-16 23:36 - 2014-04-16 23:36 - 00993712 _____ () C:\Users\Kawey\Downloads\setup(2).exe 2014-04-16 18:32 - 2014-04-16 18:32 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup(1).exe 2014-04-16 18:27 - 2014-04-16 18:27 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup.exe 2014-04-10 00:23 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-10 00:23 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-04-10 00:22 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-10 00:22 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-10 00:22 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-10 00:22 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-10 00:22 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-10 00:22 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-10 00:22 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-10 00:22 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-10 00:22 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-10 00:22 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-10 00:22 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-04-10 00:22 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-10 00:22 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-10 00:22 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-10 00:22 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-04-10 00:22 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-04-10 00:22 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-10 00:22 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-10 00:22 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-10 00:22 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-04-10 00:22 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-04-10 00:22 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-04-10 00:22 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-04-10 00:22 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-10 00:22 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-04-10 00:22 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-04-10 00:22 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-04-10 00:22 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-10 00:22 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-10 00:22 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-10 00:22 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-04-10 00:22 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-04-10 00:22 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-10 00:22 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-04-10 00:22 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-04-10 00:22 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-04-10 00:22 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-10 00:22 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-10 00:22 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-10 00:22 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-04-10 00:22 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-04-10 00:22 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-04-09 21:01 - 2014-04-09 21:01 - 05056648 _____ (Systweak Inc ) C:\Users\Kawey\Downloads\rcpsetupg_apptvlatest-apptvlatest_1946.exe 2014-04-09 11:13 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-09 11:13 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-04-09 11:13 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-04-09 11:13 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-04-09 11:13 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-04-09 11:13 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-04-09 11:13 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-09 11:13 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-04-09 11:13 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-04-09 11:13 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-04-09 11:13 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-04-09 11:13 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-09 11:13 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-09 11:13 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-09 11:13 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-09 11:13 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-04-09 11:13 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-09 11:09 - 2014-04-09 11:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr ==================== One Month Modified Files and Folders ======= 2014-05-04 12:59 - 2014-05-04 12:39 - 00021952 _____ () C:\Users\Kawey\Downloads\FRST.txt 2014-05-04 12:59 - 2014-05-04 12:39 - 00000000 ____D () C:\FRST 2014-05-04 12:58 - 2014-02-02 21:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-04 12:52 - 2014-05-02 14:05 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup 2014-05-04 12:51 - 2014-04-03 23:12 - 00001472 _____ () C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-5.job 2014-05-04 12:51 - 2014-04-03 23:10 - 00002782 _____ () C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-3.job 2014-05-04 12:51 - 2014-04-03 23:10 - 00002142 _____ () C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-4.job 2014-05-04 12:50 - 2014-04-30 19:10 - 00001579 _____ () C:\Windows\setupact.log 2014-05-04 12:50 - 2014-04-03 23:12 - 00001368 _____ () C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-2.job 2014-05-04 12:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-04 12:49 - 2013-10-14 18:16 - 01241052 _____ () C:\Windows\WindowsUpdate.log 2014-05-04 12:44 - 2014-05-04 12:44 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT.exe 2014-05-04 12:44 - 2014-05-04 12:44 - 00000000 ____D () C:\Windows\ERUNT 2014-05-04 12:40 - 2014-05-04 12:39 - 00018676 _____ () C:\Users\Kawey\Downloads\Addition.txt 2014-05-04 12:38 - 2014-05-04 12:38 - 02062336 _____ (Farbar) C:\Users\Kawey\Downloads\FRST64.exe 2014-05-04 12:38 - 2014-05-04 12:38 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(2).exe 2014-05-04 12:36 - 2014-05-04 12:36 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(1).exe 2014-05-04 12:35 - 2014-05-04 12:35 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST.exe 2014-05-04 11:04 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-04 11:04 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-03 23:08 - 2014-02-06 20:14 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Deployment 2014-05-03 21:56 - 2014-05-03 21:55 - 00008494 _____ () C:\Windows\DPINST.LOG 2014-05-03 21:55 - 2014-05-03 21:54 - 09020696 _____ (Hamrick Software) C:\Users\Kawey\Downloads\vuex6494(1).exe 2014-05-03 21:55 - 2014-03-05 19:34 - 00000977 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk 2014-05-03 21:09 - 2013-10-16 23:53 - 00000000 ____D () C:\ARBEIT & BEWERBUNGEN 2014-05-03 15:54 - 2014-04-29 17:04 - 00000000 ____D () C:\Heilkunde 2014-05-03 15:54 - 2014-01-14 09:26 - 00000000 ____D () C:\Gesundheit 2014-05-03 08:50 - 2014-05-03 08:50 - 00499072 _____ () C:\Users\Kawey\Downloads\Java(1).exe 2014-05-03 08:49 - 2014-05-03 08:49 - 00499072 _____ () C:\Users\Kawey\Downloads\Java.exe 2014-05-02 15:39 - 2014-04-18 19:16 - 00000066 _____ () C:\Users\Kawey\AppData\default.pls 2014-05-02 15:34 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2014-05-02 15:34 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2 2014-05-02 15:30 - 2013-10-25 19:28 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Downloaded Installations 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\Documents\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Local\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\TomTom 2014-05-02 15:10 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V 2014-05-02 15:07 - 2014-05-02 15:07 - 00000000 ____D () C:\Program Files (x86)\TomTom DesktopSuite 2014-05-02 15:01 - 2013-10-15 04:09 - 00699666 _____ () C:\Windows\system32\perfh007.dat 2014-05-02 15:01 - 2013-10-15 04:09 - 00149774 _____ () C:\Windows\system32\perfc007.dat 2014-05-02 15:01 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Nico Mak Computing 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Nico Mak Computing 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector 2014-05-02 14:02 - 2014-05-02 14:02 - 04892480 _____ (WinZip International LLC ) C:\Users\Kawey\Downloads\wzmp_8.exe 2014-05-01 19:10 - 2014-05-01 18:34 - 00000000 ____D () C:\Users\Kawey\Documents\TCM 2014-05-01 18:17 - 2013-10-14 20:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-05-01 12:39 - 2014-04-30 21:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-04-30 22:16 - 2014-02-02 00:47 - 00102725 _____ () C:\Users\Kawey\AppData\Local\ars.cache 2014-04-30 21:46 - 2014-04-30 21:46 - 02002944 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher.exe 2014-04-30 19:10 - 2014-04-30 19:10 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-30 12:33 - 2014-04-30 12:33 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-04-30 12:06 - 2013-11-04 00:19 - 00000000 ____D () C:\SpaKa 2014-04-30 11:47 - 2013-11-05 12:59 - 00000000 ____D () C:\Windows\Minidump 2014-04-30 11:47 - 2013-10-15 04:12 - 00000000 ____D () C:\Windows\Panther 2014-04-30 11:46 - 2014-04-30 11:46 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-30 11:45 - 2014-04-30 11:45 - 03671432 _____ (Piriform Ltd) C:\Users\Kawey\Downloads\ccsetup413_slim.exe 2014-04-29 18:58 - 2014-02-02 21:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-04-29 18:58 - 2013-10-15 23:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-04-29 18:58 - 2013-10-15 23:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-04-29 17:11 - 2013-10-14 18:31 - 00000000 ____D () C:\Users\Kawey\AppData\Local\VirtualStore 2014-04-29 16:01 - 2014-05-02 10:26 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-29 15:40 - 2014-05-02 10:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-29 15:14 - 2014-02-06 00:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-04-29 14:48 - 2014-05-02 10:26 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-29 14:34 - 2014-05-02 10:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-28 10:14 - 2014-04-28 10:13 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE(1).exe 2014-04-28 09:33 - 2014-04-28 09:32 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE.exe 2014-04-27 11:24 - 2014-04-27 11:24 - 00503392 _____ () C:\Users\Kawey\Downloads\Player(2).exe 2014-04-27 11:24 - 2014-04-27 11:24 - 00000000 ____D () C:\Users\Kawey\AppData\Local\SearchProtect 2014-04-27 11:23 - 2014-04-27 11:23 - 00503392 _____ () C:\Users\Kawey\Downloads\Player(1).exe 2014-04-27 11:22 - 2014-04-27 11:22 - 00000000 ____D () C:\ProgramData\IProt 2014-04-27 11:20 - 2014-04-27 11:20 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\ShenProfessional 3.1.lnk 2014-04-27 11:20 - 2014-04-27 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShenProfessional 3.1 2014-04-27 11:20 - 2014-04-27 11:14 - 00760333 _____ () C:\Program Files (x86)\ShenUnInstall.txt 2014-04-27 11:20 - 2014-04-27 11:14 - 00000000 ____D () C:\Program Files (x86)\ShenProfessional 3.1 2014-04-27 11:20 - 2014-04-27 11:13 - 00801542 _____ () C:\Program Files (x86)\Setup.log 2014-04-27 11:08 - 2014-04-27 11:01 - 197984521 _____ (shen.de) C:\Users\Kawey\Downloads\ShenProfessional-3-1.exe 2014-04-27 10:35 - 2014-04-27 10:35 - 00003088 _____ () C:\Windows\System32\Tasks\{6FFDF4FA-9810-4B47-9A34-C3807772493D} 2014-04-26 17:54 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\ProgramData\dvdfab 2014-04-25 14:30 - 2014-04-25 14:30 - 00001016 _____ () C:\Users\Kawey\Desktop\DVDFab 8 Qt.lnk 2014-04-25 14:30 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt 2014-04-25 14:30 - 2014-04-20 19:07 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 Qt 2014-04-25 14:29 - 2014-04-25 14:28 - 21323352 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab8230Qt.exe 2014-04-24 16:15 - 2014-03-29 17:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-24 16:15 - 2014-03-14 14:47 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-24 15:36 - 2014-04-24 15:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\Firefox - CHIP-Downloader.exe 2014-04-22 11:50 - 2014-04-22 11:50 - 00907018 _____ () C:\Users\Kawey\Downloads\adblockplus-2.5.1.zip 2014-04-22 11:50 - 2014-04-22 11:50 - 00000000 ____D () C:\Users\Kawey\Downloads\adblockplus-2.5.1 2014-04-22 11:48 - 2014-04-22 11:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\adblockplus-2.5.1 - CHIP-Downloader.exe 2014-04-21 18:57 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab 2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\Documents\PcSetup 2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6 2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 6 2014-04-21 18:52 - 2014-04-17 23:52 - 00000034 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.log 2014-04-21 18:52 - 2014-04-17 23:51 - 00099384 _____ () C:\Users\Kawey\AppData\Roaming\inst.exe 2014-04-21 18:52 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Users\Kawey\AppData\Roaming\pcouffin.sys 2014-04-21 18:52 - 2014-04-17 23:51 - 00007859 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.cat 2014-04-21 18:52 - 2014-04-17 23:51 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Vso 2014-04-21 18:49 - 2014-04-21 18:48 - 13312568 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab6218.exe 2014-04-21 18:08 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab9 2014-04-21 18:08 - 2014-04-17 19:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9 2014-04-21 17:48 - 2013-10-15 22:37 - 00000000 ____D () C:\PC 2014-04-21 17:47 - 2014-04-21 17:47 - 01672252 _____ () C:\Users\Kawey\Downloads\a-user-guide-of-dvdfab9.zip 2014-04-21 15:55 - 2013-10-14 19:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-04-21 15:47 - 2014-04-21 15:47 - 00000000 _____ () C:\Users\Kawey\AppData\Roaming\CopyToGo.dat 2014-04-21 15:23 - 2014-04-21 15:11 - 322746776 _____ (Corel) C:\Users\Kawey\Downloads\KEYDC6PLMLPC.exe 2014-04-21 14:48 - 2014-04-21 12:30 - 00000000 ____D () C:\ProgramData\Freemake 2014-04-21 14:48 - 2014-04-21 12:30 - 00000000 ____D () C:\Program Files (x86)\Freemake 2014-04-21 14:47 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes 2014-04-21 14:46 - 2014-04-21 13:45 - 00000000 ____D () C:\ProgramData\SlySoft 2014-04-21 13:57 - 2014-04-21 13:48 - 00000125 ___SH () C:\ProgramData\.zreglib 2014-04-21 13:45 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\SlySoft 2014-04-21 13:44 - 2014-04-21 13:43 - 10873088 _____ () C:\Users\Kawey\Downloads\SetupAnyDVD7460.exe 2014-04-21 13:44 - 2014-04-21 13:43 - 05185720 _____ () C:\Users\Kawey\Downloads\SetupCloneDVD2930Slysoft.exe 2014-04-21 12:27 - 2014-04-21 12:27 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Kawey\Downloads\FreemakeVideoConverterSetup.exe 2014-04-21 12:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-04-21 11:30 - 2014-04-21 11:30 - 13833720 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab7070.exe 2014-04-20 22:50 - 2014-04-20 18:44 - 00000000 ____D () C:\Program Files (x86)\Caramava 2014-04-20 20:16 - 2014-04-20 19:00 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Lollipop 2014-04-20 20:01 - 2014-04-20 20:01 - 00000000 ____D () C:\Users\Kawey\AppData\Local\com 2014-04-20 20:00 - 2014-04-20 19:58 - 00000000 ____D () C:\Program Files\003 2014-04-20 19:57 - 2014-04-20 19:57 - 00450152 _____ () C:\Users\Kawey\Downloads\Player.exe 2014-04-20 19:54 - 2014-04-20 19:54 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\30183 2014-04-20 19:42 - 2014-04-20 19:42 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\DVDFab 2014-04-20 19:02 - 2014-04-20 19:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\EuroTrade A.L. Ltd 2014-04-20 19:01 - 2014-04-03 23:14 - 00000000 ____D () C:\ProgramData\WPM 2014-04-20 19:01 - 2014-04-03 23:14 - 00000000 ____D () C:\ProgramData\IePluginService 2014-04-20 19:01 - 2014-04-03 23:14 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-04-20 19:00 - 2014-04-20 19:00 - 00000000 ____D () C:\Program Files (x86)\PassWidget-soft 2014-04-20 19:00 - 2014-04-03 23:13 - 00001613 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-20 18:59 - 2014-04-20 18:59 - 04714928 _____ () C:\Users\Kawey\Downloads\installer_dvdfab_platinum_8_0_8_7_beta_Deutsch.exe 2014-04-20 18:46 - 2014-04-20 18:46 - 00673984 _____ () C:\Users\Kawey\Downloads\Brothersoft_downloader_For_DVDFab_Platinum(1).exe 2014-04-20 18:42 - 2014-04-20 18:41 - 00673984 _____ () C:\Users\Kawey\Downloads\Brothersoft_downloader_For_DVDFab_Platinum.exe 2014-04-20 17:35 - 2014-04-18 12:57 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 2014-04-20 16:22 - 2014-02-02 00:47 - 00294540 _____ () C:\Users\Kawey\AppData\Local\census.cache 2014-04-20 16:03 - 2014-04-20 16:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(7).exe 2014-04-20 00:37 - 2014-04-20 00:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\137 2014-04-19 23:53 - 2014-04-19 23:53 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(6).exe 2014-04-19 21:54 - 2014-04-19 21:54 - 00669648 _____ ( ) C:\Users\Kawey\Downloads\UltimateCodec(2).exe 2014-04-19 21:46 - 2014-04-18 18:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\HandBrake 2014-04-19 20:36 - 2014-04-19 20:36 - 00033947 _____ () C:\Users\Kawey\Downloads\anleitung.htm 2014-04-19 14:06 - 2014-04-19 14:06 - 13888037 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_i686-Win_GUI.exe 2014-04-18 18:49 - 2014-04-18 18:49 - 00386896 _____ (Softonic ) C:\Users\Kawey\Downloads\SoftonicDownloader_fuer_handbrake.exe 2014-04-18 18:43 - 2014-04-18 18:43 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\9130 2014-04-18 18:01 - 2014-04-18 18:01 - 14298467 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe 2014-04-18 17:19 - 2014-04-18 17:16 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140(1).exe 2014-04-18 12:47 - 2014-04-18 12:46 - 00386888 _____ (Softonic ) C:\Users\Kawey\Downloads\SoftonicDownloader_for_dvdfab.exe 2014-04-18 00:00 - 2013-10-14 20:26 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014 2014-04-17 23:51 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys 2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieUserList 2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieSiteList 2014-04-17 21:37 - 2014-04-17 21:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\23260 2014-04-17 21:15 - 2014-04-17 21:15 - 02170880 _____ () C:\Users\Kawey\Downloads\ffmpeg15.exe 2014-04-17 21:15 - 2014-04-17 21:15 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\NCH Software 2014-04-17 21:04 - 2014-04-17 20:57 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software 2014-04-17 20:57 - 2014-04-17 20:57 - 00817696 _____ (NCH Software) C:\Users\Kawey\Downloads\burnsetup.exe 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\NCH Software 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\Program Files (x86)\NCH Software 2014-04-17 20:20 - 2014-04-17 20:20 - 00000000 ____D () C:\ProgramData\vsosdk 2014-04-17 19:41 - 2014-04-17 19:39 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140.exe 2014-04-16 23:36 - 2014-04-16 23:36 - 00993712 _____ () C:\Users\Kawey\Downloads\setup(2).exe 2014-04-16 18:32 - 2014-04-16 18:32 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup(1).exe 2014-04-16 18:31 - 2013-10-15 21:52 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Adobe 2014-04-16 18:27 - 2014-04-16 18:27 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup.exe 2014-04-15 16:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-04-14 04:24 - 2014-04-30 11:00 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-04-14 04:19 - 2014-04-30 11:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-04-10 13:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-04-10 00:22 - 2013-10-22 19:13 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-10 00:20 - 2013-10-22 19:13 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-09 23:41 - 2013-12-27 20:39 - 00000000 ____D () C:\Program Files (x86)\Google 2014-04-09 21:01 - 2014-04-09 21:01 - 05056648 _____ (Systweak Inc ) C:\Users\Kawey\Downloads\rcpsetupg_apptvlatest-apptvlatest_1946.exe 2014-04-09 11:09 - 2014-04-09 11:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-04-09 11:09 - 2014-02-06 00:16 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-04-09 11:09 - 2014-02-06 00:16 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-04-09 11:09 - 2014-02-06 00:16 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-04-09 11:09 - 2014-02-06 00:16 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-04-09 11:09 - 2014-02-06 00:16 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-04-09 11:09 - 2014-02-06 00:16 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-04-09 11:09 - 2014-02-06 00:16 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-04-09 11:09 - 2014-02-06 00:16 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-04-04 11:15 - 2013-10-15 21:55 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-04-04 11:11 - 2014-04-03 23:10 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-22 15:23 ==================== End Of Log ============================ |
04.05.2014, 12:06 | #4 |
/// TB-Ausbilder | entferne sweetpage Addition.txt fehlt noch |
04.05.2014, 12:23 | #5 |
| entferne sweetpage FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014 Ran by Kawey (administrator) on KAWEY-PC on 04-05-2014 13:20:33 Running from C:\Users\Kawey\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe (Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe () C:\Program Files\003\buuoujqmrk64.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe () C:\Program Files (x86)\Caramava\updateCaramava.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe () C:\Program Files (x86)\Caramava\bin\utilCaramava.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-10] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-03-08] (Synaptics Incorporated) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-09] (AVAST Software) HKLM-x32\...\Run: [] => [X] Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2568023682-207481756-3843068466-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung) HKU\S-1-5-21-2568023682-207481756-3843068466-1000\...\MountPoints2: {e5ab1670-7892-11e3-a6cb-3c970eac15f9} - E:\AutoRun.exe AppInit_DLLs: C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll => C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll File Not Found IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bootstrap.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\hpwucli.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\imfrmwrk.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\jumpflip: [Debugger] tasklist.exe IFEO\open energymanagement.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp:/// HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://de.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms} URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1396559579&from=tugs&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms} SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms} SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzutA0CzyyBtD0E0A0CtCyD0FzytC0DyDtCtN0D0Tzu0SyBzytAtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyDyD0E0ByEtCyCyBtGzyyDtB0BtGtDyE0EtDtGtBtD0D0DtGtC0C0DyCyEyEyC0EyEyD0Dzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyByB0AtA0E0A0CtGtCyCtAzztG0A0EtDtDtG0EtD0BtBtGtCyC0F0A0CtD0A0AtAyBtB0B2Q&cr=687468405&ir= SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=12302&tm=321&src=ds&p={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms} SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=33201e43-a4a5-d890-52fb-99fd5190aa5e&searchtype=ds&q={searchTerms}&installDate=07/11/2013 SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms} SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=12302&tm=321&src=ds&p={searchTerms} SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms} SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=882339C1-50C2-4324-946A-024990A2909C&ref=toolbox&q={searchTerms} SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1E06BC8556697888&affID=128492&tsp=5222 SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=33201e43-a4a5-d890-52fb-99fd5190aa5e&searchtype=ds&q={searchTerms}&installDate=07/11/2013 SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1E06BC8556697888&affID=128492&tsp=5222 SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms} SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzutA0CzyyBtD0E0A0CtCyD0FzytC0DyDtCtN0D0Tzu0SyBzytAtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyDyD0E0ByEtCyCyBtGzyyDtB0BtGtDyE0EtDtGtBtD0D0DtGtC0C0DyCyEyEyC0EyEyD0Dzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyByB0AtA0E0A0CtGtCyCtAzztG0A0EtDtDtG0EtD0BtBtGtCyC0F0A0CtD0A0AtAyBtB0B2Q&cr=687468405&ir= SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=12302&tm=321&src=ds&p={searchTerms} SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms} SearchScopes: HKCU - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=882339C1-50C2-4324-946A-024990A2909C&ref=toolbox&q={searchTerms} BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO-x32: iminent Helper Object - {112BA211-334C-4A90-90EC-2AD1CDAB287C} - No File BHO-x32: Caramava - {1e50bbda-c15a-47d5-9853-d829ff890664} - C:\Program Files (x86)\Caramava\Caramavabho.dll (Caramava) BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM-x32 - Iminent Toolbar - {1FAFD711-ABF9-4F6A-8130-5166C7371427} - No File Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{84A47CCA-2016-4EB2-9976-DDB4A782B000}: [NameServer]62.109.121.1 62.109.121.2 FireFox: ======== FF ProfilePath: C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013 FF SelectedSearchEngine: sweet-page FF Homepage: hxxp://www.sweet-page.com/?type=hppp&ts=1399130289&from=tugs&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.) FF Plugin-x32: @zylom.com/ZylomGamesPlayer - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF SearchPlugin: C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\searchplugins\ixquick-https.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\StartWeb.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: MediaPlayerplus - C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-04-25] FF Extension: Adblock Plus - C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-03] FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-06] FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\90i27aem.default\extensions\quick_start@gmail.com FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox Chrome: ======= CHR HomePage: hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD4F79A21-7465-46DE-A457-C0A42C3CC60E&SSPV= CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD4F79A21-7465-46DE-A457-C0A42C3CC60E&SSPV=" CHR DefaultSearchKeyword: conduit.search CHR DefaultSearchProvider: Conduit Search CHR DefaultSearchURL: hxxp://search.conduit.com/Results.aspx?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPD4F79A21-7465-46DE-A457-C0A42C3CC60E&q={searchTerms}&SSPV= CHR DefaultNewTabURL: CHR Extension: (Google Docs) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-27] CHR Extension: (Google Drive) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-27] CHR Extension: (YouTube) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-27] CHR Extension: (Google-Suche) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-27] CHR Extension: (MediaPlayerplus) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-04-09] CHR Extension: (Google Wallet) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-27] CHR Extension: (Google Mail) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-27] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-09] CHR HKLM-x32\...\Chrome\Extension: [pkhojieggfgllhllcegoffdcnmdeojgb] - C:\Program Files (x86)\IminentToolbar\1.8.25.0\iminent.crx [2014-04-09] ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-09] (AVAST Software) R2 buuoujqmrk64; C:\Program Files\003\buuoujqmrk64.exe [706560 2014-04-20] () R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [47416 2014-02-05] (Hewlett-Packard Company) R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED) S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] () R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2138936 2014-03-20] (TuneUp Software) R2 Update Caramava; C:\Program Files (x86)\Caramava\updateCaramava.exe [350496 2014-04-18] () R2 Util Caramava; C:\Program Files (x86)\Caramava\bin\utilCaramava.exe [350496 2014-04-20] () R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [566272 2014-04-20] (Cherished Technololgy LIMITED) S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-09] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-09] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-09] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-09] () S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20568 2009-12-22] (Devguru Co., Ltd) S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3532160 2011-10-11] (Sonix Technology Co., Ltd.) S3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation) S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2013-08-21] (MCCI Corporation) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software) S3 AmUStor; system32\drivers\AmUStor.SYS [X] S0 LHDmgr; System32\DRIVERS\LhdX64.sys [X] S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X] U2 TMAgent; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-04 12:44 - 2014-05-04 12:44 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT.exe 2014-05-04 12:44 - 2014-05-04 12:44 - 00000000 ____D () C:\Windows\ERUNT 2014-05-04 12:39 - 2014-05-04 13:20 - 00021839 _____ () C:\Users\Kawey\Downloads\FRST.txt 2014-05-04 12:39 - 2014-05-04 13:20 - 00000000 ____D () C:\FRST 2014-05-04 12:39 - 2014-05-04 12:40 - 00018676 _____ () C:\Users\Kawey\Downloads\Addition.txt 2014-05-04 12:38 - 2014-05-04 12:38 - 02062336 _____ (Farbar) C:\Users\Kawey\Downloads\FRST64.exe 2014-05-04 12:38 - 2014-05-04 12:38 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(2).exe 2014-05-04 12:36 - 2014-05-04 12:36 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(1).exe 2014-05-04 12:35 - 2014-05-04 12:35 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST.exe 2014-05-03 21:55 - 2014-05-03 21:56 - 00008494 _____ () C:\Windows\DPINST.LOG 2014-05-03 21:54 - 2014-05-03 21:55 - 09020696 _____ (Hamrick Software) C:\Users\Kawey\Downloads\vuex6494(1).exe 2014-05-03 08:50 - 2014-05-03 08:50 - 00499072 _____ () C:\Users\Kawey\Downloads\Java(1).exe 2014-05-03 08:49 - 2014-05-03 08:49 - 00499072 _____ () C:\Users\Kawey\Downloads\Java.exe 2014-05-02 15:11 - 2014-05-02 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\Documents\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Local\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\TomTom 2014-05-02 15:10 - 2014-05-02 15:34 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2 2014-05-02 15:10 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V 2014-05-02 15:07 - 2014-05-02 15:07 - 00000000 ____D () C:\Program Files (x86)\TomTom DesktopSuite 2014-05-02 14:05 - 2014-05-04 12:52 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Nico Mak Computing 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Nico Mak Computing 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector 2014-05-02 14:05 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe 2014-05-02 14:02 - 2014-05-02 14:02 - 04892480 _____ (WinZip International LLC ) C:\Users\Kawey\Downloads\wzmp_8.exe 2014-05-02 10:26 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-02 10:26 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-02 10:26 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-02 10:26 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-01 18:34 - 2014-05-01 19:10 - 00000000 ____D () C:\Users\Kawey\Documents\TCM 2014-04-30 21:50 - 2012-06-05 09:37 - 00256904 _____ (Trend Micro Inc.) C:\Windows\SysWOW64\Drivers\tmcomm.sys 2014-04-30 21:46 - 2014-04-30 21:46 - 02002944 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher.exe 2014-04-30 21:40 - 2014-05-01 12:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-04-30 19:10 - 2014-05-04 12:50 - 00001579 _____ () C:\Windows\setupact.log 2014-04-30 19:10 - 2014-04-30 19:10 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-30 12:33 - 2014-04-30 12:33 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-04-30 11:46 - 2014-04-30 11:46 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-30 11:45 - 2014-04-30 11:45 - 03671432 _____ (Piriform Ltd) C:\Users\Kawey\Downloads\ccsetup413_slim.exe 2014-04-30 11:00 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-04-30 11:00 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-04-29 17:04 - 2014-05-03 15:54 - 00000000 ____D () C:\Heilkunde 2014-04-28 10:13 - 2014-04-28 10:14 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE(1).exe 2014-04-28 09:32 - 2014-04-28 09:33 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE.exe 2014-04-27 11:24 - 2014-04-27 11:24 - 00503392 _____ () C:\Users\Kawey\Downloads\Player(2).exe 2014-04-27 11:24 - 2014-04-27 11:24 - 00000000 ____D () C:\Users\Kawey\AppData\Local\SearchProtect 2014-04-27 11:23 - 2014-04-27 11:23 - 00503392 _____ () C:\Users\Kawey\Downloads\Player(1).exe 2014-04-27 11:22 - 2014-04-27 11:22 - 00000000 ____D () C:\ProgramData\IProt 2014-04-27 11:20 - 2014-04-27 11:20 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\ShenProfessional 3.1.lnk 2014-04-27 11:20 - 2014-04-27 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShenProfessional 3.1 2014-04-27 11:14 - 2014-04-27 11:20 - 00760333 _____ () C:\Program Files (x86)\ShenUnInstall.txt 2014-04-27 11:14 - 2014-04-27 11:20 - 00000000 ____D () C:\Program Files (x86)\ShenProfessional 3.1 2014-04-27 11:14 - 2014-03-12 17:39 - 00572448 _____ (Pantaray Research Ltd.) C:\Program Files (x86)\ShenUnInstall.exe 2014-04-27 11:14 - 2011-12-18 09:00 - 00012420 _____ () C:\Program Files (x86)\Deutsch.lng 2014-04-27 11:13 - 2014-04-27 11:20 - 00801542 _____ () C:\Program Files (x86)\Setup.log 2014-04-27 11:01 - 2014-04-27 11:08 - 197984521 _____ (shen.de) C:\Users\Kawey\Downloads\ShenProfessional-3-1.exe 2014-04-27 10:35 - 2014-04-27 10:35 - 00003088 _____ () C:\Windows\System32\Tasks\{6FFDF4FA-9810-4B47-9A34-C3807772493D} 2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\ProgramData\dvdfab 2014-04-25 14:30 - 2014-04-25 14:30 - 00001016 _____ () C:\Users\Kawey\Desktop\DVDFab 8 Qt.lnk 2014-04-25 14:28 - 2014-04-25 14:29 - 21323352 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab8230Qt.exe 2014-04-24 15:36 - 2014-04-24 15:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\Firefox - CHIP-Downloader.exe 2014-04-22 11:50 - 2014-04-22 11:50 - 00907018 _____ () C:\Users\Kawey\Downloads\adblockplus-2.5.1.zip 2014-04-22 11:50 - 2014-04-22 11:50 - 00000000 ____D () C:\Users\Kawey\Downloads\adblockplus-2.5.1 2014-04-22 11:48 - 2014-04-22 11:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\adblockplus-2.5.1 - CHIP-Downloader.exe 2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\Documents\PcSetup 2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6 2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 6 2014-04-21 18:48 - 2014-04-21 18:49 - 13312568 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab6218.exe 2014-04-21 18:08 - 2014-04-21 18:57 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab 2014-04-21 18:08 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab9 2014-04-21 17:47 - 2014-04-21 17:47 - 01672252 _____ () C:\Users\Kawey\Downloads\a-user-guide-of-dvdfab9.zip 2014-04-21 15:47 - 2014-04-21 15:47 - 00000000 _____ () C:\Users\Kawey\AppData\Roaming\CopyToGo.dat 2014-04-21 15:29 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2014-04-21 15:29 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2014-04-21 15:29 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2014-04-21 15:29 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2014-04-21 15:29 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2014-04-21 15:29 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2014-04-21 15:29 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2014-04-21 15:29 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2014-04-21 15:29 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2014-04-21 15:29 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2014-04-21 15:29 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2014-04-21 15:29 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2014-04-21 15:29 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2014-04-21 15:29 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2014-04-21 15:11 - 2014-04-21 15:23 - 322746776 _____ (Corel) C:\Users\Kawey\Downloads\KEYDC6PLMLPC.exe 2014-04-21 13:48 - 2014-04-21 13:57 - 00000125 ___SH () C:\ProgramData\.zreglib 2014-04-21 13:45 - 2014-04-21 14:47 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes 2014-04-21 13:45 - 2014-04-21 14:46 - 00000000 ____D () C:\ProgramData\SlySoft 2014-04-21 13:45 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\SlySoft 2014-04-21 13:43 - 2014-04-21 13:44 - 10873088 _____ () C:\Users\Kawey\Downloads\SetupAnyDVD7460.exe 2014-04-21 13:43 - 2014-04-21 13:44 - 05185720 _____ () C:\Users\Kawey\Downloads\SetupCloneDVD2930Slysoft.exe 2014-04-21 12:30 - 2014-04-21 14:48 - 00000000 ____D () C:\ProgramData\Freemake 2014-04-21 12:30 - 2014-04-21 14:48 - 00000000 ____D () C:\Program Files (x86)\Freemake 2014-04-21 12:27 - 2014-04-21 12:27 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Kawey\Downloads\FreemakeVideoConverterSetup.exe 2014-04-21 11:30 - 2014-04-21 11:30 - 13833720 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab7070.exe 2014-04-20 20:01 - 2014-04-20 20:01 - 00000000 ____D () C:\Users\Kawey\AppData\Local\com 2014-04-20 19:58 - 2014-04-20 20:00 - 00000000 ____D () C:\Program Files\003 2014-04-20 19:57 - 2014-04-20 19:57 - 00450152 _____ () C:\Users\Kawey\Downloads\Player.exe 2014-04-20 19:54 - 2014-04-20 19:54 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\30183 2014-04-20 19:42 - 2014-04-20 19:42 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\DVDFab 2014-04-20 19:07 - 2014-04-25 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt 2014-04-20 19:07 - 2014-04-25 14:30 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 Qt 2014-04-20 19:02 - 2014-04-20 19:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\EuroTrade A.L. Ltd 2014-04-20 19:00 - 2014-04-20 20:16 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Lollipop 2014-04-20 19:00 - 2014-04-20 19:00 - 00000000 ____D () C:\Program Files (x86)\PassWidget-soft 2014-04-20 18:59 - 2014-04-20 18:59 - 04714928 _____ () C:\Users\Kawey\Downloads\installer_dvdfab_platinum_8_0_8_7_beta_Deutsch.exe 2014-04-20 18:46 - 2014-04-20 18:46 - 00673984 _____ () C:\Users\Kawey\Downloads\Brothersoft_downloader_For_DVDFab_Platinum(1).exe 2014-04-20 18:44 - 2014-04-20 22:50 - 00000000 ____D () C:\Program Files (x86)\Caramava 2014-04-20 18:41 - 2014-04-20 18:42 - 00673984 _____ () C:\Users\Kawey\Downloads\Brothersoft_downloader_For_DVDFab_Platinum.exe 2014-04-20 16:03 - 2014-04-20 16:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(7).exe 2014-04-20 00:37 - 2014-04-20 00:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\137 2014-04-19 23:53 - 2014-04-19 23:53 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(6).exe 2014-04-19 21:54 - 2014-04-19 21:54 - 00669648 _____ ( ) C:\Users\Kawey\Downloads\UltimateCodec(2).exe 2014-04-19 20:36 - 2014-04-19 20:36 - 00033947 _____ () C:\Users\Kawey\Downloads\anleitung.htm 2014-04-19 14:06 - 2014-04-19 14:06 - 13888037 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_i686-Win_GUI.exe 2014-04-18 19:16 - 2014-05-02 15:39 - 00000066 _____ () C:\Users\Kawey\AppData\default.pls 2014-04-18 18:49 - 2014-04-18 18:49 - 00386896 _____ (Softonic ) C:\Users\Kawey\Downloads\SoftonicDownloader_fuer_handbrake.exe 2014-04-18 18:43 - 2014-04-18 18:43 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\9130 2014-04-18 18:02 - 2014-04-19 21:46 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\HandBrake 2014-04-18 18:01 - 2014-04-18 18:01 - 14298467 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe 2014-04-18 17:16 - 2014-04-18 17:19 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140(1).exe 2014-04-18 12:57 - 2014-04-20 17:35 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 2014-04-18 12:46 - 2014-04-18 12:47 - 00386888 _____ (Softonic ) C:\Users\Kawey\Downloads\SoftonicDownloader_for_dvdfab.exe 2014-04-17 23:52 - 2014-04-21 18:52 - 00000034 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.log 2014-04-17 23:51 - 2014-04-21 18:52 - 00099384 _____ () C:\Users\Kawey\AppData\Roaming\inst.exe 2014-04-17 23:51 - 2014-04-21 18:52 - 00082816 _____ (VSO Software) C:\Users\Kawey\AppData\Roaming\pcouffin.sys 2014-04-17 23:51 - 2014-04-21 18:52 - 00007859 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.cat 2014-04-17 23:51 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Vso 2014-04-17 23:51 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys 2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieUserList 2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieSiteList 2014-04-17 21:37 - 2014-04-17 21:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\23260 2014-04-17 21:15 - 2014-04-17 21:15 - 02170880 _____ () C:\Users\Kawey\Downloads\ffmpeg15.exe 2014-04-17 21:15 - 2014-04-17 21:15 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\NCH Software 2014-04-17 20:57 - 2014-04-17 21:04 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software 2014-04-17 20:57 - 2014-04-17 20:57 - 00817696 _____ (NCH Software) C:\Users\Kawey\Downloads\burnsetup.exe 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\NCH Software 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\Program Files (x86)\NCH Software 2014-04-17 20:20 - 2014-04-17 20:20 - 00000000 ____D () C:\ProgramData\vsosdk 2014-04-17 19:52 - 2014-04-21 18:08 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9 2014-04-17 19:39 - 2014-04-17 19:41 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140.exe 2014-04-16 23:36 - 2014-04-16 23:36 - 00993712 _____ () C:\Users\Kawey\Downloads\setup(2).exe 2014-04-16 18:32 - 2014-04-16 18:32 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup(1).exe 2014-04-16 18:27 - 2014-04-16 18:27 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup.exe 2014-04-10 00:23 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-10 00:23 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-04-10 00:22 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-10 00:22 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-10 00:22 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-10 00:22 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-10 00:22 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-10 00:22 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-10 00:22 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-10 00:22 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-10 00:22 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-10 00:22 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-10 00:22 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-04-10 00:22 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-10 00:22 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-10 00:22 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-10 00:22 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-04-10 00:22 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-04-10 00:22 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-10 00:22 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-10 00:22 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-10 00:22 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-04-10 00:22 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-04-10 00:22 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-04-10 00:22 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-04-10 00:22 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-10 00:22 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-04-10 00:22 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-04-10 00:22 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-04-10 00:22 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-10 00:22 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-10 00:22 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-10 00:22 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-04-10 00:22 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-04-10 00:22 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-10 00:22 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-04-10 00:22 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-04-10 00:22 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-04-10 00:22 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-10 00:22 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-10 00:22 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-10 00:22 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-04-10 00:22 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-04-10 00:22 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-04-09 21:01 - 2014-04-09 21:01 - 05056648 _____ (Systweak Inc ) C:\Users\Kawey\Downloads\rcpsetupg_apptvlatest-apptvlatest_1946.exe 2014-04-09 11:13 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-09 11:13 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-04-09 11:13 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-04-09 11:13 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-04-09 11:13 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-04-09 11:13 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-04-09 11:13 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-09 11:13 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-04-09 11:13 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-04-09 11:13 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-04-09 11:13 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-04-09 11:13 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-09 11:13 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-09 11:13 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-09 11:13 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-09 11:13 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-04-09 11:13 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-09 11:09 - 2014-04-09 11:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr ==================== One Month Modified Files and Folders ======= 2014-05-04 13:20 - 2014-05-04 12:39 - 00021839 _____ () C:\Users\Kawey\Downloads\FRST.txt 2014-05-04 13:20 - 2014-05-04 12:39 - 00000000 ____D () C:\FRST 2014-05-04 12:59 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-04 12:59 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-04 12:58 - 2014-02-02 21:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-04 12:55 - 2013-10-14 18:16 - 01241052 _____ () C:\Windows\WindowsUpdate.log 2014-05-04 12:52 - 2014-05-02 14:05 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup 2014-05-04 12:51 - 2014-04-03 23:12 - 00001472 _____ () C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-5.job 2014-05-04 12:51 - 2014-04-03 23:10 - 00002782 _____ () C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-3.job 2014-05-04 12:51 - 2014-04-03 23:10 - 00002142 _____ () C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-4.job 2014-05-04 12:50 - 2014-04-30 19:10 - 00001579 _____ () C:\Windows\setupact.log 2014-05-04 12:50 - 2014-04-03 23:12 - 00001368 _____ () C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-2.job 2014-05-04 12:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-04 12:44 - 2014-05-04 12:44 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT.exe 2014-05-04 12:44 - 2014-05-04 12:44 - 00000000 ____D () C:\Windows\ERUNT 2014-05-04 12:40 - 2014-05-04 12:39 - 00018676 _____ () C:\Users\Kawey\Downloads\Addition.txt 2014-05-04 12:38 - 2014-05-04 12:38 - 02062336 _____ (Farbar) C:\Users\Kawey\Downloads\FRST64.exe 2014-05-04 12:38 - 2014-05-04 12:38 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(2).exe 2014-05-04 12:36 - 2014-05-04 12:36 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(1).exe 2014-05-04 12:35 - 2014-05-04 12:35 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST.exe 2014-05-03 23:08 - 2014-02-06 20:14 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Deployment 2014-05-03 21:56 - 2014-05-03 21:55 - 00008494 _____ () C:\Windows\DPINST.LOG 2014-05-03 21:55 - 2014-05-03 21:54 - 09020696 _____ (Hamrick Software) C:\Users\Kawey\Downloads\vuex6494(1).exe 2014-05-03 21:55 - 2014-03-05 19:34 - 00000977 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk 2014-05-03 21:09 - 2013-10-16 23:53 - 00000000 ____D () C:\ARBEIT & BEWERBUNGEN 2014-05-03 15:54 - 2014-04-29 17:04 - 00000000 ____D () C:\Heilkunde 2014-05-03 15:54 - 2014-01-14 09:26 - 00000000 ____D () C:\Gesundheit 2014-05-03 08:50 - 2014-05-03 08:50 - 00499072 _____ () C:\Users\Kawey\Downloads\Java(1).exe 2014-05-03 08:49 - 2014-05-03 08:49 - 00499072 _____ () C:\Users\Kawey\Downloads\Java.exe 2014-05-02 15:39 - 2014-04-18 19:16 - 00000066 _____ () C:\Users\Kawey\AppData\default.pls 2014-05-02 15:34 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2014-05-02 15:34 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2 2014-05-02 15:30 - 2013-10-25 19:28 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Downloaded Installations 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\Documents\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Local\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\TomTom 2014-05-02 15:10 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V 2014-05-02 15:07 - 2014-05-02 15:07 - 00000000 ____D () C:\Program Files (x86)\TomTom DesktopSuite 2014-05-02 15:01 - 2013-10-15 04:09 - 00699666 _____ () C:\Windows\system32\perfh007.dat 2014-05-02 15:01 - 2013-10-15 04:09 - 00149774 _____ () C:\Windows\system32\perfc007.dat 2014-05-02 15:01 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Nico Mak Computing 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Nico Mak Computing 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector 2014-05-02 14:02 - 2014-05-02 14:02 - 04892480 _____ (WinZip International LLC ) C:\Users\Kawey\Downloads\wzmp_8.exe 2014-05-01 19:10 - 2014-05-01 18:34 - 00000000 ____D () C:\Users\Kawey\Documents\TCM 2014-05-01 18:17 - 2013-10-14 20:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-05-01 12:39 - 2014-04-30 21:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-04-30 22:16 - 2014-02-02 00:47 - 00102725 _____ () C:\Users\Kawey\AppData\Local\ars.cache 2014-04-30 21:46 - 2014-04-30 21:46 - 02002944 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher.exe 2014-04-30 19:10 - 2014-04-30 19:10 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-30 12:33 - 2014-04-30 12:33 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-04-30 12:06 - 2013-11-04 00:19 - 00000000 ____D () C:\SpaKa 2014-04-30 11:47 - 2013-11-05 12:59 - 00000000 ____D () C:\Windows\Minidump 2014-04-30 11:47 - 2013-10-15 04:12 - 00000000 ____D () C:\Windows\Panther 2014-04-30 11:46 - 2014-04-30 11:46 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-30 11:45 - 2014-04-30 11:45 - 03671432 _____ (Piriform Ltd) C:\Users\Kawey\Downloads\ccsetup413_slim.exe 2014-04-29 18:58 - 2014-02-02 21:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-04-29 18:58 - 2013-10-15 23:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-04-29 18:58 - 2013-10-15 23:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-04-29 17:11 - 2013-10-14 18:31 - 00000000 ____D () C:\Users\Kawey\AppData\Local\VirtualStore 2014-04-29 16:01 - 2014-05-02 10:26 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-29 15:40 - 2014-05-02 10:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-29 15:14 - 2014-02-06 00:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-04-29 14:48 - 2014-05-02 10:26 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-29 14:34 - 2014-05-02 10:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-28 10:14 - 2014-04-28 10:13 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE(1).exe 2014-04-28 09:33 - 2014-04-28 09:32 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE.exe 2014-04-27 11:24 - 2014-04-27 11:24 - 00503392 _____ () C:\Users\Kawey\Downloads\Player(2).exe 2014-04-27 11:24 - 2014-04-27 11:24 - 00000000 ____D () C:\Users\Kawey\AppData\Local\SearchProtect 2014-04-27 11:23 - 2014-04-27 11:23 - 00503392 _____ () C:\Users\Kawey\Downloads\Player(1).exe 2014-04-27 11:22 - 2014-04-27 11:22 - 00000000 ____D () C:\ProgramData\IProt 2014-04-27 11:20 - 2014-04-27 11:20 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\ShenProfessional 3.1.lnk 2014-04-27 11:20 - 2014-04-27 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShenProfessional 3.1 2014-04-27 11:20 - 2014-04-27 11:14 - 00760333 _____ () C:\Program Files (x86)\ShenUnInstall.txt 2014-04-27 11:20 - 2014-04-27 11:14 - 00000000 ____D () C:\Program Files (x86)\ShenProfessional 3.1 2014-04-27 11:20 - 2014-04-27 11:13 - 00801542 _____ () C:\Program Files (x86)\Setup.log 2014-04-27 11:08 - 2014-04-27 11:01 - 197984521 _____ (shen.de) C:\Users\Kawey\Downloads\ShenProfessional-3-1.exe 2014-04-27 10:35 - 2014-04-27 10:35 - 00003088 _____ () C:\Windows\System32\Tasks\{6FFDF4FA-9810-4B47-9A34-C3807772493D} 2014-04-26 17:54 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\ProgramData\dvdfab 2014-04-25 14:30 - 2014-04-25 14:30 - 00001016 _____ () C:\Users\Kawey\Desktop\DVDFab 8 Qt.lnk 2014-04-25 14:30 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt 2014-04-25 14:30 - 2014-04-20 19:07 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 Qt 2014-04-25 14:29 - 2014-04-25 14:28 - 21323352 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab8230Qt.exe 2014-04-24 16:15 - 2014-03-29 17:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-24 16:15 - 2014-03-14 14:47 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-24 15:36 - 2014-04-24 15:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\Firefox - CHIP-Downloader.exe 2014-04-22 11:50 - 2014-04-22 11:50 - 00907018 _____ () C:\Users\Kawey\Downloads\adblockplus-2.5.1.zip 2014-04-22 11:50 - 2014-04-22 11:50 - 00000000 ____D () C:\Users\Kawey\Downloads\adblockplus-2.5.1 2014-04-22 11:48 - 2014-04-22 11:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\adblockplus-2.5.1 - CHIP-Downloader.exe 2014-04-21 18:57 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab 2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\Documents\PcSetup 2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6 2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 6 2014-04-21 18:52 - 2014-04-17 23:52 - 00000034 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.log 2014-04-21 18:52 - 2014-04-17 23:51 - 00099384 _____ () C:\Users\Kawey\AppData\Roaming\inst.exe 2014-04-21 18:52 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Users\Kawey\AppData\Roaming\pcouffin.sys 2014-04-21 18:52 - 2014-04-17 23:51 - 00007859 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.cat 2014-04-21 18:52 - 2014-04-17 23:51 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Vso 2014-04-21 18:49 - 2014-04-21 18:48 - 13312568 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab6218.exe 2014-04-21 18:08 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab9 2014-04-21 18:08 - 2014-04-17 19:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9 2014-04-21 17:48 - 2013-10-15 22:37 - 00000000 ____D () C:\PC 2014-04-21 17:47 - 2014-04-21 17:47 - 01672252 _____ () C:\Users\Kawey\Downloads\a-user-guide-of-dvdfab9.zip 2014-04-21 15:55 - 2013-10-14 19:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-04-21 15:47 - 2014-04-21 15:47 - 00000000 _____ () C:\Users\Kawey\AppData\Roaming\CopyToGo.dat 2014-04-21 15:23 - 2014-04-21 15:11 - 322746776 _____ (Corel) C:\Users\Kawey\Downloads\KEYDC6PLMLPC.exe 2014-04-21 14:48 - 2014-04-21 12:30 - 00000000 ____D () C:\ProgramData\Freemake 2014-04-21 14:48 - 2014-04-21 12:30 - 00000000 ____D () C:\Program Files (x86)\Freemake 2014-04-21 14:47 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes 2014-04-21 14:46 - 2014-04-21 13:45 - 00000000 ____D () C:\ProgramData\SlySoft 2014-04-21 13:57 - 2014-04-21 13:48 - 00000125 ___SH () C:\ProgramData\.zreglib 2014-04-21 13:45 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\SlySoft 2014-04-21 13:44 - 2014-04-21 13:43 - 10873088 _____ () C:\Users\Kawey\Downloads\SetupAnyDVD7460.exe 2014-04-21 13:44 - 2014-04-21 13:43 - 05185720 _____ () C:\Users\Kawey\Downloads\SetupCloneDVD2930Slysoft.exe 2014-04-21 12:27 - 2014-04-21 12:27 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Kawey\Downloads\FreemakeVideoConverterSetup.exe 2014-04-21 12:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-04-21 11:30 - 2014-04-21 11:30 - 13833720 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab7070.exe 2014-04-20 22:50 - 2014-04-20 18:44 - 00000000 ____D () C:\Program Files (x86)\Caramava 2014-04-20 20:16 - 2014-04-20 19:00 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Lollipop 2014-04-20 20:01 - 2014-04-20 20:01 - 00000000 ____D () C:\Users\Kawey\AppData\Local\com 2014-04-20 20:00 - 2014-04-20 19:58 - 00000000 ____D () C:\Program Files\003 2014-04-20 19:57 - 2014-04-20 19:57 - 00450152 _____ () C:\Users\Kawey\Downloads\Player.exe 2014-04-20 19:54 - 2014-04-20 19:54 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\30183 2014-04-20 19:42 - 2014-04-20 19:42 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\DVDFab 2014-04-20 19:02 - 2014-04-20 19:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\EuroTrade A.L. Ltd 2014-04-20 19:01 - 2014-04-03 23:14 - 00000000 ____D () C:\ProgramData\WPM 2014-04-20 19:01 - 2014-04-03 23:14 - 00000000 ____D () C:\ProgramData\IePluginService 2014-04-20 19:01 - 2014-04-03 23:14 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-04-20 19:00 - 2014-04-20 19:00 - 00000000 ____D () C:\Program Files (x86)\PassWidget-soft 2014-04-20 19:00 - 2014-04-03 23:13 - 00001613 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-20 18:59 - 2014-04-20 18:59 - 04714928 _____ () C:\Users\Kawey\Downloads\installer_dvdfab_platinum_8_0_8_7_beta_Deutsch.exe 2014-04-20 18:46 - 2014-04-20 18:46 - 00673984 _____ () C:\Users\Kawey\Downloads\Brothersoft_downloader_For_DVDFab_Platinum(1).exe 2014-04-20 18:42 - 2014-04-20 18:41 - 00673984 _____ () C:\Users\Kawey\Downloads\Brothersoft_downloader_For_DVDFab_Platinum.exe 2014-04-20 17:35 - 2014-04-18 12:57 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 2014-04-20 16:22 - 2014-02-02 00:47 - 00294540 _____ () C:\Users\Kawey\AppData\Local\census.cache 2014-04-20 16:03 - 2014-04-20 16:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(7).exe 2014-04-20 00:37 - 2014-04-20 00:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\137 2014-04-19 23:53 - 2014-04-19 23:53 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(6).exe 2014-04-19 21:54 - 2014-04-19 21:54 - 00669648 _____ ( ) C:\Users\Kawey\Downloads\UltimateCodec(2).exe 2014-04-19 21:46 - 2014-04-18 18:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\HandBrake 2014-04-19 20:36 - 2014-04-19 20:36 - 00033947 _____ () C:\Users\Kawey\Downloads\anleitung.htm 2014-04-19 14:06 - 2014-04-19 14:06 - 13888037 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_i686-Win_GUI.exe 2014-04-18 18:49 - 2014-04-18 18:49 - 00386896 _____ (Softonic ) C:\Users\Kawey\Downloads\SoftonicDownloader_fuer_handbrake.exe 2014-04-18 18:43 - 2014-04-18 18:43 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\9130 2014-04-18 18:01 - 2014-04-18 18:01 - 14298467 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe 2014-04-18 17:19 - 2014-04-18 17:16 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140(1).exe 2014-04-18 12:47 - 2014-04-18 12:46 - 00386888 _____ (Softonic ) C:\Users\Kawey\Downloads\SoftonicDownloader_for_dvdfab.exe 2014-04-18 00:00 - 2013-10-14 20:26 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014 2014-04-17 23:51 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys 2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieUserList 2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieSiteList 2014-04-17 21:37 - 2014-04-17 21:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\23260 2014-04-17 21:15 - 2014-04-17 21:15 - 02170880 _____ () C:\Users\Kawey\Downloads\ffmpeg15.exe 2014-04-17 21:15 - 2014-04-17 21:15 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\NCH Software 2014-04-17 21:04 - 2014-04-17 20:57 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software 2014-04-17 20:57 - 2014-04-17 20:57 - 00817696 _____ (NCH Software) C:\Users\Kawey\Downloads\burnsetup.exe 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\NCH Software 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\Program Files (x86)\NCH Software 2014-04-17 20:20 - 2014-04-17 20:20 - 00000000 ____D () C:\ProgramData\vsosdk 2014-04-17 19:41 - 2014-04-17 19:39 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140.exe 2014-04-16 23:36 - 2014-04-16 23:36 - 00993712 _____ () C:\Users\Kawey\Downloads\setup(2).exe 2014-04-16 18:32 - 2014-04-16 18:32 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup(1).exe 2014-04-16 18:31 - 2013-10-15 21:52 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Adobe 2014-04-16 18:27 - 2014-04-16 18:27 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup.exe 2014-04-15 16:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-04-14 04:24 - 2014-04-30 11:00 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-04-14 04:19 - 2014-04-30 11:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-04-10 13:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-04-10 00:22 - 2013-10-22 19:13 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-10 00:20 - 2013-10-22 19:13 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-09 23:41 - 2013-12-27 20:39 - 00000000 ____D () C:\Program Files (x86)\Google 2014-04-09 21:01 - 2014-04-09 21:01 - 05056648 _____ (Systweak Inc ) C:\Users\Kawey\Downloads\rcpsetupg_apptvlatest-apptvlatest_1946.exe 2014-04-09 11:09 - 2014-04-09 11:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-04-09 11:09 - 2014-02-06 00:16 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-04-09 11:09 - 2014-02-06 00:16 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-04-09 11:09 - 2014-02-06 00:16 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-04-09 11:09 - 2014-02-06 00:16 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-04-09 11:09 - 2014-02-06 00:16 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-04-09 11:09 - 2014-02-06 00:16 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-04-09 11:09 - 2014-02-06 00:16 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-04-09 11:09 - 2014-02-06 00:16 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-04-04 11:15 - 2013-10-15 21:55 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-04-04 11:11 - 2014-04-03 23:10 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-22 15:23 ==================== End Of Log ============================ --- --- --- --- --- --- ich finde das wo? Danke |
04.05.2014, 12:24 | #6 |
/// TB-Ausbilder | entferne sweetpage lass mal, wir machen es anders. Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4 Kontrollscan mit FRST Führe wie zuvor beschrieben einen Scan mit FRST aus. Setze dazu einen Haken bei Addition.txt rechts unten und klicke auf Scan. Es werden zwei Logdateien erzeugt. Poste mir diese. Bitte poste mit deiner nächsten Antwort
|
04.05.2014, 13:09 | #7 |
| entferne sweetpageCode:
ATTFilter # AdwCleaner v3.205 - Bericht erstellt am 04/05/2014 um 13:59:08 # Aktualisiert 28/04/2014 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzername : Kawey - KAWEY-PC # Gestartet von : C:\Users\Kawey\Downloads\adwcleaner.exe # Option : Löschen ***** [ Dienste ] ***** Dienst Gelöscht : buuoujqmrk64 Dienst Gelöscht : IePluginService Dienst Gelöscht : Wpm ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\Program Files (x86)\Fortunitas Ordner Gelöscht : C:\Program Files (x86)\MediaPlayerplus Ordner Gelöscht : C:\Program Files (x86)\SupTab Ordner Gelöscht : C:\Program Files (x86)\SuperLyrics-16 Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect Ordner Gelöscht : C:\Program Files\003 Ordner Gelöscht : C:\Users\Kawey\AppData\Local\lollipop Ordner Gelöscht : C:\Users\Kawey\AppData\Local\SearchProtect Ordner Gelöscht : C:\Users\Kawey\AppData\Local\Tuguu_SL Ordner Gelöscht : C:\Users\Kawey\AppData\Roaming\DigitalSites Ordner Gelöscht : C:\Users\Kawey\AppData\Roaming\SupTab Ordner Gelöscht : C:\Users\Kawey\AppData\Roaming\webssearches Ordner Gelöscht : C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com Ordner Gelöscht : C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd Datei Gelöscht : C:\Windows\System32\roboot64.exe Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\StartWeb.xml Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml Datei Gelöscht : C:\Windows\System32\Tasks\Advanced System Protector Datei Gelöscht : C:\Windows\System32\Tasks\MySearchDial Datei Gelöscht : C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-2.job Datei Gelöscht : C:\Windows\System32\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-2 Datei Gelöscht : C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-3.job Datei Gelöscht : C:\Windows\System32\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-3 Datei Gelöscht : C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-4.job Datei Gelöscht : C:\Windows\System32\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-4 Datei Gelöscht : C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-5.job Datei Gelöscht : C:\Windows\System32\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-5 ***** [ Verknüpfungen ] ***** Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk Verknüpfung Desinfiziert : C:\Users\Kawey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Verknüpfung Desinfiziert : C:\Users\Kawey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk Verknüpfung Desinfiziert : C:\Users\Kawey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ***** [ Registrierungsdatenbank ] ***** Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.iminentESrvc Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.iminentESrvc.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iminent.iminentappCore Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iminent.iminentappCore.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iminent.iminentHlpr Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iminent.iminentHlpr.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0054246.Sandbox Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0054246.Sandbox.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vuescan_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vuescan_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{112BA211-334C-4A90-90EC-2AD1CDAB287C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1FAFD711-ABF9-4F6A-8130-5166C7371427} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99E71BF1-5F51-4AF9-830B-67015D59640D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9FD0C1D9-180B-4834-B80B-4B7325AF90E1} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A2CC3C46-143B-4142-9D5A-B8543F0A6F55} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522422246} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544424446} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{112BA211-334C-4A90-90EC-2AD1CDAB287C} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{828DC97A-2277-4E10-92A9-4907FA0922A9} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F1C81E40-2485-4DB6-8C9D-04BD596B281E} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11f3ef39-17fe-42f3-a985-bc211800d723} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{528e4069-acef-4f7b-b4a6-fe74749d4539} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5f9a73f8-fd01-44c9-8350-49b673b9696f} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87b74557-e5a8-4c80-971e-3a03ac848d30} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c2448860-2d00-4f1a-a7d1-3f0e3aa98e72} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1FAFD711-ABF9-4F6A-8130-5166C7371427}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522422246} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646} Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11f3ef39-17fe-42f3-a985-bc211800d723} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{528e4069-acef-4f7b-b4a6-fe74749d4539} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5f9a73f8-fd01-44c9-8350-49b673b9696f} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87b74557-e5a8-4c80-971e-3a03ac848d30} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c2448860-2d00-4f1a-a7d1-3f0e3aa98e72} Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command Schlüssel Gelöscht : HKCU\Software\AnyProtect Schlüssel Gelöscht : HKCU\Software\AVG Secure Search Schlüssel Gelöscht : HKCU\Software\blockAndSurf Schlüssel Gelöscht : HKCU\Software\lollipop Schlüssel Gelöscht : HKCU\Software\MediaPlayerplus Schlüssel Gelöscht : HKCU\Software\mysearchdial.com Schlüssel Gelöscht : HKCU\Software\OCS Schlüssel Gelöscht : HKCU\Software\SearchProtectINT Schlüssel Gelöscht : HKCU\Software\SearchProtectInt2 Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\blockAndSurf Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\MediaPlayerplus Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Supra Savings Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SuperLyrics-16 Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C} Schlüssel Gelöscht : HKLM\Software\MediaPlayerplus Schlüssel Gelöscht : HKLM\Software\supTab Schlüssel Gelöscht : HKLM\Software\supWPM Schlüssel Gelöscht : HKLM\Software\sweet-pageSoftware Schlüssel Gelöscht : HKLM\Software\Vittalia Schlüssel Gelöscht : HKLM\Software\webssearchesSoftware Schlüssel Gelöscht : HKLM\Software\Wpm Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DigitalSite Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DomaIQ Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\installedbrowserextensions Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Speedchecker Limited Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\suprasavings Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.17041 Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] -\\ Mozilla Firefox v28.0 (de) [ Datei : C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\prefs.js ] Zeile gelöscht : user_pref("browser.search.selectedEngine", "sweet-page"); Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.sweet-page.com/?type=hppp&ts=1399130289&from=tugs&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX"); Zeile gelöscht : user_pref("extensions.crossrider.bic", "14598d741266e32bebc80a6fee20d2c8"); -\\ Google Chrome v [ Datei : C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\preferences ] Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPD4F79A21-7465-46DE-A457-C0A42C3CC60E&q={searchTerms}&SSPV= Gelöscht [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzutA0CzyyBtD0E0A0CtCyD0FzytC0DyDtCtN0D0Tzu0SyBzytAtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyDyD0E0ByEtCyCyBtGzyyDtB0BtGtDyE0EtDtGtBtD0D0DtGtC0C0DyCyEyEyC0EyEyD0Dzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyByB0AtA0E0A0CtGtCyCtAzztG0A0EtDtDtG0EtD0BtBtGtCyC0F0A0CtD0A0AtAyBtB0B2Q&cr=687468405&ir= Gelöscht [Startup_urls] : hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD4F79A21-7465-46DE-A457-C0A42C3CC60E&SSPV= Gelöscht [Homepage] : hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD4F79A21-7465-46DE-A457-C0A42C3CC60E&SSPV= Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb ************************* AdwCleaner[R0].txt - [34810 octets] - [04/05/2014 13:58:12] AdwCleaner[S0].txt - [28443 octets] - [04/05/2014 13:59:08] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [28504 octets] ########## |
04.05.2014, 13:20 | #8 |
/// TB-Ausbilder | entferne sweetpage fehlen noch MBAM und JRT. |
04.05.2014, 16:03 | #9 |
| entferne sweetpage kommt gleich, hatte verstanden, alles nacheinander. MBAM hat jetzt schon reichlich gefunden und braucht noch `n Moment. Schritt 3 und 4 in result ebenfalls anhängen? Vielen Dank schon mal für die Arbeit! L.G.kawey Hallo Mathias, hoffentlich sind alle Anweisungen korrrekt durchgeführt? Ich gehe davon aus, diese Prgs öfter mal azuwenden. Vielen Dank nochmal für die gute Führung. Kawey FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014 Ran by Kawey (administrator) on KAWEY-PC on 04-05-2014 16:50:49 Running from C:\Users\Kawey\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe (Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-10] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-03-08] (Synaptics Incorporated) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-09] (AVAST Software) HKLM-x32\...\Run: [] => [X] Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2568023682-207481756-3843068466-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung) HKU\S-1-5-21-2568023682-207481756-3843068466-1000\...\MountPoints2: {e5ab1670-7892-11e3-a6cb-3c970eac15f9} - E:\AutoRun.exe IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\bootstrap.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\hpwucli.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\imfrmwrk.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\open energymanagement.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp:/// HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://de.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id} URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms} SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms} BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{84A47CCA-2016-4EB2-9976-DDB4A782B000}: [NameServer]62.109.121.2 62.109.121.1 FireFox: ======== FF ProfilePath: C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.) FF Plugin-x32: @zylom.com/ZylomGamesPlayer - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF SearchPlugin: C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\searchplugins\ixquick-https.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Adblock Plus - C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-03] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-06] Chrome: ======= CHR DefaultSearchKeyword: conduit.search CHR DefaultSearchProvider: Conduit Search CHR DefaultNewTabURL: CHR Extension: (Google Docs) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-27] CHR Extension: (Google Drive) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-27] CHR Extension: (YouTube) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-27] CHR Extension: (Google-Suche) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-27] CHR Extension: (Google Wallet) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-27] CHR Extension: (Google Mail) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-27] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-09] ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-09] (AVAST Software) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [47416 2014-02-05] (Hewlett-Packard Company) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] () R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2138936 2014-03-20] (TuneUp Software) S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-09] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-09] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-09] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-09] () S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20568 2009-12-22] (Devguru Co., Ltd) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-04] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation) S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3532160 2011-10-11] (Sonix Technology Co., Ltd.) S3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation) S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2013-08-21] (MCCI Corporation) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software) S3 AmUStor; system32\drivers\AmUStor.SYS [X] S0 LHDmgr; System32\DRIVERS\LhdX64.sys [X] S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X] U2 TMAgent; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-04 16:48 - 2014-05-04 16:48 - 00001027 _____ () C:\Users\Kawey\Desktop\JRT.txt 2014-05-04 16:37 - 2014-05-04 16:37 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT(1).exe 2014-05-04 14:11 - 2014-05-04 16:22 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-04 14:10 - 2014-05-04 14:10 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-04 14:10 - 2014-05-04 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-04 14:10 - 2014-05-04 14:10 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-04 14:10 - 2014-05-04 14:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-04 14:10 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-04 14:10 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-04 14:10 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-04 14:07 - 2014-05-04 14:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kawey\Downloads\mbam-setup-2.0.1.1004.exe 2014-05-04 14:00 - 2014-05-04 14:27 - 00039302 _____ () C:\Windows\PFRO.log 2014-05-04 13:58 - 2014-05-04 13:59 - 00000000 ____D () C:\AdwCleaner 2014-05-04 13:58 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-05-04 13:57 - 2014-05-04 13:57 - 01310621 _____ () C:\Users\Kawey\Downloads\adwcleaner.exe 2014-05-04 12:44 - 2014-05-04 12:44 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT.exe 2014-05-04 12:44 - 2014-05-04 12:44 - 00000000 ____D () C:\Windows\ERUNT 2014-05-04 12:39 - 2014-05-04 16:50 - 00012607 _____ () C:\Users\Kawey\Downloads\FRST.txt 2014-05-04 12:39 - 2014-05-04 16:50 - 00000000 ____D () C:\FRST 2014-05-04 12:39 - 2014-05-04 13:41 - 00018746 _____ () C:\Users\Kawey\Downloads\Addition.txt 2014-05-04 12:38 - 2014-05-04 12:38 - 02062336 _____ (Farbar) C:\Users\Kawey\Downloads\FRST64.exe 2014-05-04 12:38 - 2014-05-04 12:38 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(2).exe 2014-05-04 12:36 - 2014-05-04 12:36 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(1).exe 2014-05-04 12:35 - 2014-05-04 12:35 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST.exe 2014-05-03 21:55 - 2014-05-03 21:56 - 00008494 _____ () C:\Windows\DPINST.LOG 2014-05-03 21:54 - 2014-05-03 21:55 - 09020696 _____ (Hamrick Software) C:\Users\Kawey\Downloads\vuex6494(1).exe 2014-05-02 15:11 - 2014-05-02 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\Documents\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Local\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\TomTom 2014-05-02 15:10 - 2014-05-02 15:34 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2 2014-05-02 15:10 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V 2014-05-02 15:07 - 2014-05-02 15:07 - 00000000 ____D () C:\Program Files (x86)\TomTom DesktopSuite 2014-05-02 14:05 - 2014-05-04 14:29 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Nico Mak Computing 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Nico Mak Computing 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector 2014-05-02 14:05 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe 2014-05-02 14:02 - 2014-05-02 14:02 - 04892480 _____ (WinZip International LLC ) C:\Users\Kawey\Downloads\wzmp_8.exe 2014-05-02 10:26 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-02 10:26 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-02 10:26 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-02 10:26 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-01 18:34 - 2014-05-01 19:10 - 00000000 ____D () C:\Users\Kawey\Documents\TCM 2014-04-30 21:50 - 2012-06-05 09:37 - 00256904 _____ (Trend Micro Inc.) C:\Windows\SysWOW64\Drivers\tmcomm.sys 2014-04-30 21:46 - 2014-04-30 21:46 - 02002944 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher.exe 2014-04-30 21:40 - 2014-05-01 12:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-04-30 19:10 - 2014-05-04 14:27 - 00001747 _____ () C:\Windows\setupact.log 2014-04-30 19:10 - 2014-04-30 19:10 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-30 12:33 - 2014-04-30 12:33 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-04-30 11:46 - 2014-04-30 11:46 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-30 11:45 - 2014-04-30 11:45 - 03671432 _____ (Piriform Ltd) C:\Users\Kawey\Downloads\ccsetup413_slim.exe 2014-04-30 11:00 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-04-30 11:00 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-04-29 17:04 - 2014-05-03 15:54 - 00000000 ____D () C:\Heilkunde 2014-04-28 10:13 - 2014-04-28 10:14 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE(1).exe 2014-04-28 09:32 - 2014-04-28 09:33 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE.exe 2014-04-27 11:22 - 2014-04-27 11:22 - 00000000 ____D () C:\ProgramData\IProt 2014-04-27 11:20 - 2014-04-27 11:20 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\ShenProfessional 3.1.lnk 2014-04-27 11:20 - 2014-04-27 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShenProfessional 3.1 2014-04-27 11:14 - 2014-04-27 11:20 - 00760333 _____ () C:\Program Files (x86)\ShenUnInstall.txt 2014-04-27 11:14 - 2014-04-27 11:20 - 00000000 ____D () C:\Program Files (x86)\ShenProfessional 3.1 2014-04-27 11:14 - 2014-03-12 17:39 - 00572448 _____ (Pantaray Research Ltd.) C:\Program Files (x86)\ShenUnInstall.exe 2014-04-27 11:14 - 2011-12-18 09:00 - 00012420 _____ () C:\Program Files (x86)\Deutsch.lng 2014-04-27 11:13 - 2014-04-27 11:20 - 00801542 _____ () C:\Program Files (x86)\Setup.log 2014-04-27 11:01 - 2014-04-27 11:08 - 197984521 _____ (shen.de) C:\Users\Kawey\Downloads\ShenProfessional-3-1.exe 2014-04-27 10:35 - 2014-04-27 10:35 - 00003088 _____ () C:\Windows\System32\Tasks\{6FFDF4FA-9810-4B47-9A34-C3807772493D} 2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\ProgramData\dvdfab 2014-04-25 14:30 - 2014-04-25 14:30 - 00001016 _____ () C:\Users\Kawey\Desktop\DVDFab 8 Qt.lnk 2014-04-25 14:28 - 2014-04-25 14:29 - 21323352 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab8230Qt.exe 2014-04-24 15:36 - 2014-04-24 15:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\Firefox - CHIP-Downloader.exe 2014-04-22 11:50 - 2014-04-22 11:50 - 00907018 _____ () C:\Users\Kawey\Downloads\adblockplus-2.5.1.zip 2014-04-22 11:50 - 2014-04-22 11:50 - 00000000 ____D () C:\Users\Kawey\Downloads\adblockplus-2.5.1 2014-04-22 11:48 - 2014-04-22 11:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\adblockplus-2.5.1 - CHIP-Downloader.exe 2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\Documents\PcSetup 2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6 2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 6 2014-04-21 18:48 - 2014-04-21 18:49 - 13312568 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab6218.exe 2014-04-21 18:08 - 2014-04-21 18:57 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab 2014-04-21 18:08 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab9 2014-04-21 17:47 - 2014-04-21 17:47 - 01672252 _____ () C:\Users\Kawey\Downloads\a-user-guide-of-dvdfab9.zip 2014-04-21 15:47 - 2014-04-21 15:47 - 00000000 _____ () C:\Users\Kawey\AppData\Roaming\CopyToGo.dat 2014-04-21 15:29 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2014-04-21 15:29 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2014-04-21 15:29 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2014-04-21 15:29 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2014-04-21 15:29 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2014-04-21 15:29 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2014-04-21 15:29 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2014-04-21 15:29 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2014-04-21 15:29 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2014-04-21 15:29 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2014-04-21 15:29 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2014-04-21 15:29 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2014-04-21 15:29 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2014-04-21 15:29 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2014-04-21 15:11 - 2014-04-21 15:23 - 322746776 _____ (Corel) C:\Users\Kawey\Downloads\KEYDC6PLMLPC.exe 2014-04-21 13:48 - 2014-04-21 13:57 - 00000125 ___SH () C:\ProgramData\.zreglib 2014-04-21 13:45 - 2014-04-21 14:47 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes 2014-04-21 13:45 - 2014-04-21 14:46 - 00000000 ____D () C:\ProgramData\SlySoft 2014-04-21 13:45 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\SlySoft 2014-04-21 13:43 - 2014-04-21 13:44 - 10873088 _____ () C:\Users\Kawey\Downloads\SetupAnyDVD7460.exe 2014-04-21 13:43 - 2014-04-21 13:44 - 05185720 _____ () C:\Users\Kawey\Downloads\SetupCloneDVD2930Slysoft.exe 2014-04-21 12:30 - 2014-04-21 14:48 - 00000000 ____D () C:\ProgramData\Freemake 2014-04-21 12:30 - 2014-04-21 14:48 - 00000000 ____D () C:\Program Files (x86)\Freemake 2014-04-21 12:27 - 2014-04-21 12:27 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Kawey\Downloads\FreemakeVideoConverterSetup.exe 2014-04-21 11:30 - 2014-04-21 11:30 - 13833720 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab7070.exe 2014-04-20 20:01 - 2014-04-20 20:01 - 00000000 ____D () C:\Users\Kawey\AppData\Local\com 2014-04-20 19:54 - 2014-04-20 19:54 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\30183 2014-04-20 19:42 - 2014-04-20 19:42 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\DVDFab 2014-04-20 19:07 - 2014-04-25 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt 2014-04-20 19:07 - 2014-04-25 14:30 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 Qt 2014-04-20 19:02 - 2014-04-20 19:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\EuroTrade A.L. Ltd 2014-04-20 16:03 - 2014-04-20 16:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(7).exe 2014-04-20 00:37 - 2014-04-20 00:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\137 2014-04-19 23:53 - 2014-04-19 23:53 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(6).exe 2014-04-19 20:36 - 2014-04-19 20:36 - 00033947 _____ () C:\Users\Kawey\Downloads\anleitung.htm 2014-04-19 14:06 - 2014-04-19 14:06 - 13888037 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_i686-Win_GUI.exe 2014-04-18 19:16 - 2014-05-02 15:39 - 00000066 _____ () C:\Users\Kawey\AppData\default.pls 2014-04-18 18:43 - 2014-04-18 18:43 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\9130 2014-04-18 18:02 - 2014-04-19 21:46 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\HandBrake 2014-04-18 18:01 - 2014-04-18 18:01 - 14298467 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe 2014-04-18 17:16 - 2014-04-18 17:19 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140(1).exe 2014-04-18 12:57 - 2014-04-20 17:35 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 2014-04-17 23:52 - 2014-04-21 18:52 - 00000034 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.log 2014-04-17 23:51 - 2014-04-21 18:52 - 00099384 _____ () C:\Users\Kawey\AppData\Roaming\inst.exe 2014-04-17 23:51 - 2014-04-21 18:52 - 00082816 _____ (VSO Software) C:\Users\Kawey\AppData\Roaming\pcouffin.sys 2014-04-17 23:51 - 2014-04-21 18:52 - 00007859 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.cat 2014-04-17 23:51 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Vso 2014-04-17 23:51 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys 2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieUserList 2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieSiteList 2014-04-17 21:37 - 2014-04-17 21:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\23260 2014-04-17 21:15 - 2014-04-17 21:15 - 02170880 _____ () C:\Users\Kawey\Downloads\ffmpeg15.exe 2014-04-17 21:15 - 2014-04-17 21:15 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\NCH Software 2014-04-17 20:57 - 2014-04-17 21:04 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software 2014-04-17 20:57 - 2014-04-17 20:57 - 00817696 _____ (NCH Software) C:\Users\Kawey\Downloads\burnsetup.exe 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\NCH Software 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\Program Files (x86)\NCH Software 2014-04-17 20:20 - 2014-04-17 20:20 - 00000000 ____D () C:\ProgramData\vsosdk 2014-04-17 19:52 - 2014-04-21 18:08 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9 2014-04-17 19:39 - 2014-04-17 19:41 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140.exe 2014-04-16 18:32 - 2014-04-16 18:32 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup(1).exe 2014-04-16 18:27 - 2014-04-16 18:27 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup.exe 2014-04-10 00:23 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-10 00:23 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-04-10 00:22 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-10 00:22 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-10 00:22 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-10 00:22 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-10 00:22 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-10 00:22 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-10 00:22 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-10 00:22 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-10 00:22 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-10 00:22 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-10 00:22 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-04-10 00:22 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-10 00:22 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-10 00:22 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-10 00:22 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-04-10 00:22 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-04-10 00:22 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-10 00:22 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-10 00:22 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-10 00:22 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-04-10 00:22 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-04-10 00:22 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-04-10 00:22 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-04-10 00:22 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-10 00:22 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-04-10 00:22 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-04-10 00:22 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-04-10 00:22 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-10 00:22 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-10 00:22 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-10 00:22 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-04-10 00:22 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-04-10 00:22 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-10 00:22 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-04-10 00:22 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-04-10 00:22 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-04-10 00:22 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-10 00:22 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-10 00:22 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-10 00:22 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-04-10 00:22 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-04-10 00:22 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-04-09 11:13 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-09 11:13 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-04-09 11:13 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-04-09 11:13 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-04-09 11:13 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-04-09 11:13 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-04-09 11:13 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-09 11:13 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-04-09 11:13 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-04-09 11:13 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-04-09 11:13 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-04-09 11:13 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-09 11:13 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-09 11:13 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-09 11:13 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-09 11:13 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-04-09 11:13 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-09 11:09 - 2014-04-09 11:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr ==================== One Month Modified Files and Folders ======= 2014-05-04 16:50 - 2014-05-04 12:39 - 00012607 _____ () C:\Users\Kawey\Downloads\FRST.txt 2014-05-04 16:50 - 2014-05-04 12:39 - 00000000 ____D () C:\FRST 2014-05-04 16:49 - 2013-10-15 22:37 - 00000000 ____D () C:\PC 2014-05-04 16:48 - 2014-05-04 16:48 - 00001027 _____ () C:\Users\Kawey\Desktop\JRT.txt 2014-05-04 16:37 - 2014-05-04 16:37 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT(1).exe 2014-05-04 16:22 - 2014-05-04 14:11 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-04 16:04 - 2013-10-14 18:16 - 01268546 _____ () C:\Windows\WindowsUpdate.log 2014-05-04 15:58 - 2014-02-02 21:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-04 14:35 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-04 14:35 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-04 14:29 - 2014-05-02 14:05 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup 2014-05-04 14:27 - 2014-05-04 14:00 - 00039302 _____ () C:\Windows\PFRO.log 2014-05-04 14:27 - 2014-04-30 19:10 - 00001747 _____ () C:\Windows\setupact.log 2014-05-04 14:27 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker 2014-05-04 14:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-04 14:26 - 2014-04-03 23:14 - 00000000 ____D () C:\ProgramData\WPM 2014-05-04 14:10 - 2014-05-04 14:10 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-04 14:10 - 2014-05-04 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-04 14:10 - 2014-05-04 14:10 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-04 14:10 - 2014-05-04 14:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-04 14:07 - 2014-05-04 14:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kawey\Downloads\mbam-setup-2.0.1.1004.exe 2014-05-04 13:59 - 2014-05-04 13:58 - 00000000 ____D () C:\AdwCleaner 2014-05-04 13:59 - 2014-04-03 23:13 - 00000977 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-05-04 13:57 - 2014-05-04 13:57 - 01310621 _____ () C:\Users\Kawey\Downloads\adwcleaner.exe 2014-05-04 13:41 - 2014-05-04 12:39 - 00018746 _____ () C:\Users\Kawey\Downloads\Addition.txt 2014-05-04 12:44 - 2014-05-04 12:44 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT.exe 2014-05-04 12:44 - 2014-05-04 12:44 - 00000000 ____D () C:\Windows\ERUNT 2014-05-04 12:38 - 2014-05-04 12:38 - 02062336 _____ (Farbar) C:\Users\Kawey\Downloads\FRST64.exe 2014-05-04 12:38 - 2014-05-04 12:38 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(2).exe 2014-05-04 12:36 - 2014-05-04 12:36 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(1).exe 2014-05-04 12:35 - 2014-05-04 12:35 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST.exe 2014-05-03 23:08 - 2014-02-06 20:14 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Deployment 2014-05-03 21:56 - 2014-05-03 21:55 - 00008494 _____ () C:\Windows\DPINST.LOG 2014-05-03 21:55 - 2014-05-03 21:54 - 09020696 _____ (Hamrick Software) C:\Users\Kawey\Downloads\vuex6494(1).exe 2014-05-03 21:55 - 2014-03-05 19:34 - 00000977 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk 2014-05-03 21:09 - 2013-10-16 23:53 - 00000000 ____D () C:\ARBEIT & BEWERBUNGEN 2014-05-03 15:54 - 2014-04-29 17:04 - 00000000 ____D () C:\Heilkunde 2014-05-03 15:54 - 2014-01-14 09:26 - 00000000 ____D () C:\Gesundheit 2014-05-02 15:39 - 2014-04-18 19:16 - 00000066 _____ () C:\Users\Kawey\AppData\default.pls 2014-05-02 15:34 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2014-05-02 15:34 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2 2014-05-02 15:30 - 2013-10-25 19:28 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Downloaded Installations 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\Documents\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Local\TomTom 2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\TomTom 2014-05-02 15:10 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V 2014-05-02 15:07 - 2014-05-02 15:07 - 00000000 ____D () C:\Program Files (x86)\TomTom DesktopSuite 2014-05-02 15:01 - 2013-10-15 04:09 - 00699666 _____ () C:\Windows\system32\perfh007.dat 2014-05-02 15:01 - 2013-10-15 04:09 - 00149774 _____ () C:\Windows\system32\perfc007.dat 2014-05-02 15:01 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Nico Mak Computing 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Nico Mak Computing 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector 2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector 2014-05-02 14:02 - 2014-05-02 14:02 - 04892480 _____ (WinZip International LLC ) C:\Users\Kawey\Downloads\wzmp_8.exe 2014-05-01 19:10 - 2014-05-01 18:34 - 00000000 ____D () C:\Users\Kawey\Documents\TCM 2014-05-01 18:17 - 2013-10-14 20:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-05-01 12:39 - 2014-04-30 21:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-04-30 22:16 - 2014-02-02 00:47 - 00102725 _____ () C:\Users\Kawey\AppData\Local\ars.cache 2014-04-30 21:46 - 2014-04-30 21:46 - 02002944 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher.exe 2014-04-30 19:10 - 2014-04-30 19:10 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-30 12:33 - 2014-04-30 12:33 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-04-30 12:06 - 2013-11-04 00:19 - 00000000 ____D () C:\SpaKa 2014-04-30 11:47 - 2013-11-05 12:59 - 00000000 ____D () C:\Windows\Minidump 2014-04-30 11:47 - 2013-10-15 04:12 - 00000000 ____D () C:\Windows\Panther 2014-04-30 11:46 - 2014-04-30 11:46 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-30 11:45 - 2014-04-30 11:45 - 03671432 _____ (Piriform Ltd) C:\Users\Kawey\Downloads\ccsetup413_slim.exe 2014-04-29 18:58 - 2014-02-02 21:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-04-29 18:58 - 2013-10-15 23:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-04-29 18:58 - 2013-10-15 23:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-04-29 17:11 - 2013-10-14 18:31 - 00000000 ____D () C:\Users\Kawey\AppData\Local\VirtualStore 2014-04-29 16:01 - 2014-05-02 10:26 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-29 15:40 - 2014-05-02 10:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-29 15:14 - 2014-02-06 00:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-04-29 14:48 - 2014-05-02 10:26 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-29 14:34 - 2014-05-02 10:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-28 10:14 - 2014-04-28 10:13 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE(1).exe 2014-04-28 09:33 - 2014-04-28 09:32 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE.exe 2014-04-27 11:22 - 2014-04-27 11:22 - 00000000 ____D () C:\ProgramData\IProt 2014-04-27 11:20 - 2014-04-27 11:20 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\ShenProfessional 3.1.lnk 2014-04-27 11:20 - 2014-04-27 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShenProfessional 3.1 2014-04-27 11:20 - 2014-04-27 11:14 - 00760333 _____ () C:\Program Files (x86)\ShenUnInstall.txt 2014-04-27 11:20 - 2014-04-27 11:14 - 00000000 ____D () C:\Program Files (x86)\ShenProfessional 3.1 2014-04-27 11:20 - 2014-04-27 11:13 - 00801542 _____ () C:\Program Files (x86)\Setup.log 2014-04-27 11:08 - 2014-04-27 11:01 - 197984521 _____ (shen.de) C:\Users\Kawey\Downloads\ShenProfessional-3-1.exe 2014-04-27 10:35 - 2014-04-27 10:35 - 00003088 _____ () C:\Windows\System32\Tasks\{6FFDF4FA-9810-4B47-9A34-C3807772493D} 2014-04-26 17:54 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\ProgramData\dvdfab 2014-04-25 14:30 - 2014-04-25 14:30 - 00001016 _____ () C:\Users\Kawey\Desktop\DVDFab 8 Qt.lnk 2014-04-25 14:30 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt 2014-04-25 14:30 - 2014-04-20 19:07 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 Qt 2014-04-25 14:29 - 2014-04-25 14:28 - 21323352 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab8230Qt.exe 2014-04-24 16:15 - 2014-03-29 17:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-24 16:15 - 2014-03-14 14:47 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-24 15:36 - 2014-04-24 15:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\Firefox - CHIP-Downloader.exe 2014-04-22 11:50 - 2014-04-22 11:50 - 00907018 _____ () C:\Users\Kawey\Downloads\adblockplus-2.5.1.zip 2014-04-22 11:50 - 2014-04-22 11:50 - 00000000 ____D () C:\Users\Kawey\Downloads\adblockplus-2.5.1 2014-04-22 11:48 - 2014-04-22 11:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\adblockplus-2.5.1 - CHIP-Downloader.exe 2014-04-21 18:57 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab 2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\Documents\PcSetup 2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6 2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 6 2014-04-21 18:52 - 2014-04-17 23:52 - 00000034 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.log 2014-04-21 18:52 - 2014-04-17 23:51 - 00099384 _____ () C:\Users\Kawey\AppData\Roaming\inst.exe 2014-04-21 18:52 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Users\Kawey\AppData\Roaming\pcouffin.sys 2014-04-21 18:52 - 2014-04-17 23:51 - 00007859 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.cat 2014-04-21 18:52 - 2014-04-17 23:51 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Vso 2014-04-21 18:49 - 2014-04-21 18:48 - 13312568 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab6218.exe 2014-04-21 18:08 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab9 2014-04-21 18:08 - 2014-04-17 19:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9 2014-04-21 17:47 - 2014-04-21 17:47 - 01672252 _____ () C:\Users\Kawey\Downloads\a-user-guide-of-dvdfab9.zip 2014-04-21 15:55 - 2013-10-14 19:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-04-21 15:47 - 2014-04-21 15:47 - 00000000 _____ () C:\Users\Kawey\AppData\Roaming\CopyToGo.dat 2014-04-21 15:23 - 2014-04-21 15:11 - 322746776 _____ (Corel) C:\Users\Kawey\Downloads\KEYDC6PLMLPC.exe 2014-04-21 14:48 - 2014-04-21 12:30 - 00000000 ____D () C:\ProgramData\Freemake 2014-04-21 14:48 - 2014-04-21 12:30 - 00000000 ____D () C:\Program Files (x86)\Freemake 2014-04-21 14:47 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes 2014-04-21 14:46 - 2014-04-21 13:45 - 00000000 ____D () C:\ProgramData\SlySoft 2014-04-21 13:57 - 2014-04-21 13:48 - 00000125 ___SH () C:\ProgramData\.zreglib 2014-04-21 13:45 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\SlySoft 2014-04-21 13:44 - 2014-04-21 13:43 - 10873088 _____ () C:\Users\Kawey\Downloads\SetupAnyDVD7460.exe 2014-04-21 13:44 - 2014-04-21 13:43 - 05185720 _____ () C:\Users\Kawey\Downloads\SetupCloneDVD2930Slysoft.exe 2014-04-21 12:27 - 2014-04-21 12:27 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Kawey\Downloads\FreemakeVideoConverterSetup.exe 2014-04-21 12:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-04-21 11:30 - 2014-04-21 11:30 - 13833720 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab7070.exe 2014-04-20 20:01 - 2014-04-20 20:01 - 00000000 ____D () C:\Users\Kawey\AppData\Local\com 2014-04-20 19:54 - 2014-04-20 19:54 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\30183 2014-04-20 19:42 - 2014-04-20 19:42 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\DVDFab 2014-04-20 19:02 - 2014-04-20 19:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\EuroTrade A.L. Ltd 2014-04-20 17:35 - 2014-04-18 12:57 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 2014-04-20 16:22 - 2014-02-02 00:47 - 00294540 _____ () C:\Users\Kawey\AppData\Local\census.cache 2014-04-20 16:03 - 2014-04-20 16:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(7).exe 2014-04-20 00:37 - 2014-04-20 00:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\137 2014-04-19 23:53 - 2014-04-19 23:53 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(6).exe 2014-04-19 21:46 - 2014-04-18 18:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\HandBrake 2014-04-19 20:36 - 2014-04-19 20:36 - 00033947 _____ () C:\Users\Kawey\Downloads\anleitung.htm 2014-04-19 14:06 - 2014-04-19 14:06 - 13888037 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_i686-Win_GUI.exe 2014-04-18 18:43 - 2014-04-18 18:43 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\9130 2014-04-18 18:01 - 2014-04-18 18:01 - 14298467 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe 2014-04-18 17:19 - 2014-04-18 17:16 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140(1).exe 2014-04-18 00:00 - 2013-10-14 20:26 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014 2014-04-17 23:51 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys 2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieUserList 2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieSiteList 2014-04-17 21:37 - 2014-04-17 21:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\23260 2014-04-17 21:15 - 2014-04-17 21:15 - 02170880 _____ () C:\Users\Kawey\Downloads\ffmpeg15.exe 2014-04-17 21:15 - 2014-04-17 21:15 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\NCH Software 2014-04-17 21:04 - 2014-04-17 20:57 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software 2014-04-17 20:57 - 2014-04-17 20:57 - 00817696 _____ (NCH Software) C:\Users\Kawey\Downloads\burnsetup.exe 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\NCH Software 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme 2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\Program Files (x86)\NCH Software 2014-04-17 20:20 - 2014-04-17 20:20 - 00000000 ____D () C:\ProgramData\vsosdk 2014-04-17 19:41 - 2014-04-17 19:39 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140.exe 2014-04-16 18:32 - 2014-04-16 18:32 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup(1).exe 2014-04-16 18:31 - 2013-10-15 21:52 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Adobe 2014-04-16 18:27 - 2014-04-16 18:27 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup.exe 2014-04-15 16:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-04-14 04:24 - 2014-04-30 11:00 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-04-14 04:19 - 2014-04-30 11:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-04-10 13:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-04-10 00:22 - 2013-10-22 19:13 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-10 00:20 - 2013-10-22 19:13 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-09 23:41 - 2013-12-27 20:39 - 00000000 ____D () C:\Program Files (x86)\Google 2014-04-09 11:09 - 2014-04-09 11:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-04-09 11:09 - 2014-02-06 00:16 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-04-09 11:09 - 2014-02-06 00:16 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-04-09 11:09 - 2014-02-06 00:16 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-04-09 11:09 - 2014-02-06 00:16 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-04-09 11:09 - 2014-02-06 00:16 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-04-09 11:09 - 2014-02-06 00:16 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-04-09 11:09 - 2014-02-06 00:16 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-04-09 11:09 - 2014-02-06 00:16 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-04-04 11:15 - 2013-10-15 21:55 - 00000000 ____D () C:\Program Files (x86)\Adobe Some content of TEMP: ==================== C:\Users\Kawey\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-22 15:23 ==================== End Of Log ============================ --- --- --- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2014 Ran by Kawey at 2014-05-04 16:51:24 Running from C:\Users\Kawey\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated) CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform) DVDFab 6.2.1.8 (31/12/2009) (HKLM-x32\...\DVDFab 6_is1) (Version: - Fengtao Software Inc.) DVDFab 8.2.3.0 (21/12/2013) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version: - Fengtao Software Inc.) HP Deskjet 1000 J110 series - Grundlegende Software für das Gerät (HKLM\...\{CED47C99-8892-4956-BCA7-CC3123531371}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) Intel PROSet Wireless (Version: - ) Hidden Intel® PROSet/Wireless WiFi-Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation) Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla) Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.) ShenProfessional 3.1 (HKLM-x32\...\ShenProfessional 3.1) (Version: 3.1 - ShenProfessional) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.3.0 - Synaptics Incorporated) TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Ihr Firmenname) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) VueScan x64 (HKLM\...\VueScan x64) (Version: - ) Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo) Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia) WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.10798 - WinZip International LLC) Zattoo Live TV (HKCU\...\6d7aa3e3bf931c56) (Version: 1.0.0.33 - Zattoo Europa AG) ==================== Restore Points ========================= 19-04-2014 22:07:05 Windows Update 20-04-2014 17:58:52 Uniblue SpeedUpMyPC installation 21-04-2014 13:29:11 DirectX wurde installiert 21-04-2014 13:30:39 Installiert DVD Copy 21-04-2014 13:50:01 Konfiguriert DVD Copy 23-04-2014 09:09:39 Windows Update 29-04-2014 11:11:50 Windows Update 30-04-2014 10:33:17 Windows Update 02-05-2014 08:26:19 Windows Update 02-05-2014 13:34:05 Installed TomTom HOME. 03-05-2014 19:55:53 Gerätetreiber-Paketinstallation: Hamrick Software Bildverarbeitungsgeräte ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {064CD96A-E037-4F69-9002-2A33D2D0D4BF} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe Task: {15140370-AF7C-457A-97C3-ACB5DAEA7741} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28] (Hewlett-Packard) Task: {2713F8E2-8311-487D-95EC-E4FCBB37EA29} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-09] (AVAST Software) Task: {4C7F1864-B354-4ADC-B52F-640D174023B9} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-03-20] (TuneUp Software) Task: {525F893F-C78A-4CAA-82F9-8CF218586A52} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2013-07-15] (Nico Mak Computing) Task: {5A619D2B-62EB-48B4-8D47-524DD44DAE59} - \b8e2dbf6-f651-4529-84b2-6113f5365cc5-2 No Task File <==== ATTENTION Task: {5C454E41-A1AD-458A-9457-82221CA45541} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated) Task: {6BCCE080-ACD7-44FB-9A1C-4D20B1BEFE05} - \Advanced System Protector No Task File <==== ATTENTION Task: {8BD63277-C514-4E5E-8D92-891CED161CC6} - \b8e2dbf6-f651-4529-84b2-6113f5365cc5-3 No Task File <==== ATTENTION Task: {90F53596-3544-4868-9410-A2DAEEDAE1E4} - \MySearchDial No Task File <==== ATTENTION Task: {B23CA7B7-CDBE-4463-8F5B-C935EBFEB070} - \b8e2dbf6-f651-4529-84b2-6113f5365cc5-4 No Task File <==== ATTENTION Task: {C216408D-9926-4951-B17C-675E25B1BDA9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated) Task: {C8797928-0C3A-4480-9CB8-40ED80E39856} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd) Task: {D547AED2-0141-4A70-A155-720283360C5A} - \b8e2dbf6-f651-4529-84b2-6113f5365cc5-5 No Task File <==== ATTENTION Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2014-03-20 15:44 - 2014-03-20 15:44 - 00675640 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll 2013-12-13 13:20 - 2013-12-13 13:20 - 03359600 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll 2014-05-04 11:16 - 2014-05-04 11:16 - 02252800 _____ () C:\Program Files\AVAST Software\Avast\defs\14050400\algo.dll 2014-05-02 14:05 - 2013-02-28 16:53 - 00886272 _____ () C:\Program Files (x86)\WinZip Malware Protector\System.Data.SQLite.dll 2014-05-02 14:05 - 2013-07-15 16:53 - 01717936 _____ () C:\Program Files (x86)\WinZip Malware Protector\aspsys.dll 2014-02-06 00:15 - 2014-02-06 00:15 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-04-30 21:40 - 2014-04-30 21:40 - 03019888 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll 2014-04-30 21:40 - 2014-04-30 21:40 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll 2014-04-30 21:40 - 2014-04-30 21:40 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll 2014-03-29 17:53 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\TEMP:373E1720 ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Microsoft Office Sessions: ========================= ==================== Memory info =========================== Percentage of memory in use: 46% Total physical RAM: 3941.41 MB Available physical RAM: 2094.66 MB Total Pagefile: 7881.01 MB Available Pagefile: 5890.87 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:298.09 GB) (Free:243.12 GB) NTFS ==>[Drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: C3FFC3FF) Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Malwarebytes Anti-Malware Malwarebytes | Free Anti-Malware & Internet Security Software Scan Date: 04.05.2014 Scan Time: 16:27:30 Logfile: mbam.txt Administrator: Yes Version: 2.00.1.1004 Malware Database: v2014.05.04.05 Rootkit Database: v2014.03.27.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Chameleon: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Kawey Scan Type: Hyper Scan Result: Completed Objects Scanned: 202342 Time Elapsed: 5 min, 1 sec Memory: Enabled Startup: Enabled Filesystem: Disabled Archives: Enabled Rootkits: Disabled Shuriken: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Home Premium x64 Ran by Kawey on 04.05.2014 at 16:38:18,85 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411411162} ~~~ Files ~~~ Folders ~~~ FireFox Emptied folder: C:\Users\Kawey\AppData\Roaming\mozilla\firefox\profiles\73f0idua.default-1398406683013\minidumps [8 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 04.05.2014 at 16:48:46,59 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [/CODE] |
05.05.2014, 13:56 | #10 |
/// TB-Ausbilder | entferne sweetpage Du schreibst, MBAM hat viel gefunden, aber die Logdatei, die du mir davon gepostet hast, ist leer (ohne Funde)... wie das? |
05.05.2014, 21:31 | #11 |
| entferne sweetpage Hallo Mathias, bevor ich die Resultate von MBAM in den Editor dokumentieren konnte, fuhr der PC auch schon runter; beim nächsten Mal war alles sauber. Ich habe alle PRG aufgerufen und durchgeführt, die Logdateien auf den Weg gebracht. Alles sieht sehr gut aus und funktioniert störungsfrei. Vielen Dank für die Hilfe; Donation folgt. L. G. Kawey |
06.05.2014, 13:22 | #12 |
/// TB-Ausbilder | entferne sweetpage Ich bin froh, dass wir helfen konnten In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank! Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
Themen zu entferne sweetpage |
aufforderung, bereinige, bereinigen, browser, entferne, erschein, erscheint, gefunde, help, jedesmal, mediaplayer, nervige, nicht möglich, suche, sweetpage, sweetpage entfernen, treiber |