|
Plagegeister aller Art und deren Bekämpfung: Kaum mache ich Google Chrome an sagt Avast ich hätte Virenseiten am startWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
16.06.2015, 20:35 | #1 |
| Kaum mache ich Google Chrome an sagt Avast ich hätte Virenseiten am start Heho bin neu hier und hab ein problem. Wenn ich google chrome öffne dann sagt mir mein Avast Sicherheitssystem alle paar minuten das ich auf irgendwelchen schädlichen Websites gegangen bin und blockt diese. Manchmal sind es sogar 2-3 stück hintereinander und ich weiß nicht weiter .-. Hab 2 mal durchlauf gestartet und der sagt das alles in ordnung sei aber es läuft immer weiter. Weiß vielleicht wer was das sein könnte wenn ja wäre ich sehr dankbar |
16.06.2015, 21:13 | #2 |
/// TB-Ausbilder /// Anleitungs-Guru | Kaum mache ich Google Chrome an sagt Avast ich hätte Virenseiten am startMein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
Hinweis: Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst. Los geht's: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff Posten in CODE-Tags: So gehts... Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
17.06.2015, 11:23 | #3 |
| Kaum mache ich Google Chrome an sagt Avast ich hätte Virenseiten am startCode:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015 Ran by Kagan Bagci (administrator) on KAGANBAGCI-PC on 17-06-2015 12:21:24 Running from C:\Users\Kagan Bagci\Downloads Loaded Profiles: Kagan Bagci (Available Profiles: Kagan Bagci) Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 9 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (ABBYY) C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe (Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (Steganos Software GmbH) C:\Program Files\OkayFreedom\OkayFreedomService.exe (Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Carbonite, Inc.) C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe (Akamai Technologies, Inc.) C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe () C:\Users\Kagan Bagci\AppData\Roaming\Settings Manager\SettingsManager.exe () C:\Users\Kagan Bagci\AppData\Roaming\Update Manager\UM.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Steganos Software GmbH) C:\Program Files\OkayFreedom\Updater.exe (Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe (Akamai Technologies, Inc.) C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Steganos Software GmbH) C:\Program Files\OkayFreedom\OkayFreedomClient.exe (Microsoft Corporation) C:\Windows\System32\conime.exe (www.motioninjoy.com) C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (Joyent, Inc) C:\Users\Kagan Bagci\AppData\Roaming\Steganos\OkayFreedom\Proxy\node.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\Kagan Bagci\Downloads\FRST (1).exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [192512 2008-08-22] (Wistron) HKLM\...\Run: [LMgrOSD] => C:\Program Files\Launch Manager\OSD.exe [430080 2008-05-16] (Wistron Corp.) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1328424 2008-07-03] (Synaptics, Inc.) HKLM\...\Run: [CarboniteSetupLite] => C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe [306112 2008-04-07] (Carbonite, Inc.) HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [24064 2008-11-06] (Google) HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [28672 2007-02-20] ( ) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.) HKLM\...\Run: [] => [X] HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-09-02] (AVAST Software) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.) HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [351968 2014-09-08] () HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Facebook Update] => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-28] (Facebook Inc.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Google Update] => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-11] (Google Inc.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Advanced SystemCare 6] => C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-04-18] (IObit) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Overwolf] => C:\Program Files\Overwolf\Overwolf.exe -silent HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [BitTorrent] => C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent\BitTorrent.exe [1442904 2015-02-14] (BitTorrent Inc.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Battle.net] => C:\Program Files\Battle.net\Battle.net Launcher.exe [2861104 2015-05-28] (Blizzard Entertainment) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Settings Manager] => C:\Users\Kagan Bagci\AppData\Roaming\Settings Manager\SettingsManager.EXE [897520 2015-05-22] () HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [UM] => C:\Users\Kagan Bagci\AppData\Roaming\Update Manager\UM.EXE [776880 2015-06-12] () HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files\OkayFreedom\OkayFreedomClient.exe [6591912 2015-04-22] (Steganos Software GmbH) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [OKAYFREEDOM_Update] => C:\Program Files\OkayFreedom\Updater.exe [3864488 2015-04-22] (Steganos Software GmbH) HKU\S-1-5-18\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe Startup: C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2013-02-09] () Startup: C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk [2013-07-15] ShortcutTarget: Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk -> C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2014-09-02] (AVAST Software) ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) AutoConfigURL: [S-1-5-21-410520579-760464469-3575665083-1000] => hxxp://127.0.0.1:8445/okf.pac HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.mystartsearch.com/?type=hp&ts=1431023221&z=01b37b3de1539111e9b146bg7zcc6gde6o1c8e6t0q&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808R0150201502 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1431023221&z=01b37b3de1539111e9b146bg7zcc6gde6o1c8e6t0q&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808R0150201502&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1431023221&z=01b37b3de1539111e9b146bg7zcc6gde6o1c8e6t0q&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808R0150201502 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1431023221&z=01b37b3de1539111e9b146bg7zcc6gde6o1c8e6t0q&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808R0150201502&q={searchTerms} HKU\S-1-5-21-410520579-760464469-3575665083-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1431023221&z=01b37b3de1539111e9b146bg7zcc6gde6o1c8e6t0q&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808R0150201502&q={searchTerms} HKU\S-1-5-21-410520579-760464469-3575665083-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank HKU\S-1-5-21-410520579-760464469-3575665083-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1431023221&z=01b37b3de1539111e9b146bg7zcc6gde6o1c8e6t0q&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808R0150201502&q={searchTerms} URLSearchHook: HKLM - (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No File URLSearchHook: HKLM - (No Name) - {da7f5ae1-3be3-43c0-8098-c1d183616e97} - No File SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1431023221&z=01b37b3de1539111e9b146bg7zcc6gde6o1c8e6t0q&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808R0150201502&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1431023221&z=01b37b3de1539111e9b146bg7zcc6gde6o1c8e6t0q&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808R0150201502&q={searchTerms} SearchScopes: HKLM -> {F09E38FE-BD31-4213-94EE-511AB559B58D} URL = hxxp://www.sm.de/?q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {5AB1FAB0-D468-46DF-94F7-109F64BDC9B4} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=FFFEB447-F2F8-4077-85EB-796D5026A171&apn_sauid=E029870B-C567-4E27-8172-ADB38D7B7123 SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\.DEFAULT -> {5AB1FAB0-D468-46DF-94F7-109F64BDC9B4} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=FFFEB447-F2F8-4077-85EB-796D5026A171&apn_sauid=E029870B-C567-4E27-8172-ADB38D7B7123 SearchScopes: HKU\S-1-5-21-410520579-760464469-3575665083-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-410520579-760464469-3575665083-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-410520579-760464469-3575665083-1000 -> {8D8842C9-F69B-4590-AD17-7C3F251E88A4} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=614363&p={searchTerms} SearchScopes: HKU\S-1-5-21-410520579-760464469-3575665083-1000 -> {F09E38FE-BD31-4213-94EE-511AB559B58D} URL = hxxp://www.sm.de/?q={searchTerms} BHO: RoyaalCioaupon -> {A18CD12D-C55F-45AF-871F-F25AD339D36F} -> C:\Program Files\RoyaalCioaupon\XJuMb9DIwwa9pZ.dll [2015-06-15] () Toolbar: HKU\.DEFAULT -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKU\S-1-5-21-410520579-760464469-3575665083-1000 -> No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - No File Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.) Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default FF DefaultSearchEngine: mystartsearch FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=614363&p= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-12] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] () FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC) FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @talk.google.com/O1DPlugin -> C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kagan Bagci\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-01] (Unity Technologies ApS) FF user.js: detected! => C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\user.js [2015-05-21] FF Plugin ProgramFiles/Appdata: C:\Users\Kagan Bagci\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Kagan Bagci\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google) FF SearchPlugin: C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\searchplugins\mystartsearch.xml [2015-05-16] FF SearchPlugin: C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\searchplugins\suchmaschine.xml [2015-03-20] FF SearchPlugin: C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\searchplugins\yahoo_ff.xml [2015-03-20] FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-03-18] FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2015-01-21] FF Extension: Movie2kDownloader - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-11-20] FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-12-19] FF HKLM\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\extensions\sweetsearch@gmail.com FF HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [not found] FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\extensions\ascsurfingprotection@iobit.com [not found] FF Extension: No Name - C:\Program Files\IObit Apps Toolbar\FF [not found] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-15] CHR Extension: (Form Filler) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjjngeaknajbdcgpfkgnonkmififhfo [2015-06-15] CHR Extension: (Google Search) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-15] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-27] CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2013-03-18] CHR Extension: (Google Wallet) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-12-20] CHR Extension: (Adblock Pro) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-05-27] CHR Extension: (Adblock Pro) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\odoejnlfacfofgbahnomeeojkkgcglan [2015-05-27] CHR Extension: (Gmail) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-15] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-02] CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx [2013-03-18] CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12] CHR HKU\S-1-5-21-410520579-760464469-3575665083-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [Not Found] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 5589d471; c:\Program Files\SoftwareAlert\SoftwareAlert.dll [2291712 2015-05-27] () [File not signed] R2 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2010-02-01] (ABBYY) S3 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] () R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-02] (AVAST Software) R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [815104 2008-04-30] (Intel(R) Corporation) [File not signed] S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2008-11-06] (Macrovision Europe Ltd.) [File not signed] S3 GoogleDesktopManager-071508-051939; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [24064 2008-11-06] (Google) [File not signed] R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1848168 2015-03-30] (LogMeIn Inc.) R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-03-30] (LogMeIn, Inc.) R2 OkayFreedom VPN Starter Service; C:\Program Files\OkayFreedom\OkayFreedomService.exe [330168 2015-04-22] (Steganos Software GmbH) R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed] R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-04-30] (Intel(R) Corporation) [File not signed] R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation) R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118784 2008-01-15] (Wistron Corp.) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2013-12-05] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2013-12-05] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-12-05] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774392 2013-12-05] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [403440 2013-12-05] (AVAST Software) R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2013-12-05] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [178304 2013-12-05] () S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2013-02-07] (Phoenix Technologies) [File not signed] R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-02-12] (DT Soft Ltd) S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [65896 2013-07-12] (FTDI Ltd.) R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) S3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] () [File not signed] S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy) [File not signed] R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2014-05-07] (Samsung Electronics) [File not signed] S3 WinRing0_1_2_0; C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [14416 2012-11-13] (OpenLibSys.org) S2 aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [X] S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S3 RTHDMIAzAudService; system32\drivers\RtHDMIV.sys [X] S1 SYMTDI; \SystemRoot\System32\Drivers\SYMTDI.SYS [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-17 12:21 - 2015-06-17 12:21 - 00029088 _____ C:\Users\Kagan Bagci\Downloads\FRST.txt 2015-06-17 12:21 - 2015-06-17 12:21 - 00000000 ____D C:\FRST 2015-06-17 12:20 - 2015-06-17 12:21 - 01148416 _____ (Farbar) C:\Users\Kagan Bagci\Downloads\FRST (1).exe 2015-06-17 12:19 - 2015-06-17 12:19 - 02109952 _____ (Farbar) C:\Users\Kagan Bagci\Downloads\FRST64 (1).exe 2015-06-16 22:32 - 2015-06-16 22:39 - 00981877 _____ C:\Users\Kagan Bagci\Downloads\FRST.exe 2015-06-15 14:27 - 2015-06-16 15:27 - 00000000 ____D C:\Program Files\RoyaalCioaupon 2015-06-15 14:27 - 2015-06-16 15:27 - 00000000 ____D C:\Program Files\Form Filler 2015-06-15 14:26 - 2015-06-16 15:27 - 00000000 ____D C:\Program Files\RuoyaalCouPPon 2015-06-15 14:26 - 2015-06-16 15:27 - 00000000 ____D C:\Program Files\RRoyalCOupon 2015-06-13 17:52 - 2015-06-13 17:52 - 00001543 _____ C:\Users\Public\Desktop\Unepic.lnk 2015-06-13 17:46 - 2015-06-13 17:50 - 212530976 _____ (GOG.com ) C:\Users\Kagan Bagci\Downloads\setup_unepic_2.8.0.13.exe 2015-06-12 23:20 - 2015-04-24 17:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-12 23:19 - 2015-05-21 16:22 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-12 23:19 - 2015-05-09 01:08 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-06-12 22:59 - 2015-05-05 00:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-06-12 22:59 - 2015-05-05 00:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-06-12 22:59 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-06-12 22:59 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-06-12 22:59 - 2015-05-04 23:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-06-10 23:15 - 2015-06-13 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2015-06-10 23:15 - 2015-06-10 23:15 - 00001797 _____ C:\Users\Public\Desktop\Battle Realms Complete (German).lnk 2015-06-10 23:14 - 2015-06-13 17:51 - 00000000 ____D C:\GOG Games 2015-06-10 23:00 - 2015-06-10 23:10 - 554494280 _____ (GOG.com ) C:\Users\Kagan Bagci\Downloads\setup_battle_realms_complete_german_2.0.0.9.exe 2015-06-10 16:35 - 2015-05-31 01:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-10 16:35 - 2015-05-31 01:53 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-10 16:35 - 2015-05-31 01:50 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-10 16:35 - 2015-05-31 01:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-10 16:35 - 2015-05-31 01:49 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-10 16:35 - 2015-05-31 01:49 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-10 16:35 - 2015-05-31 01:49 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-06-10 16:35 - 2015-05-31 01:48 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-06-10 16:35 - 2015-05-31 01:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-06-10 16:35 - 2015-05-31 01:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-10 16:35 - 2015-05-31 01:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-06-10 16:35 - 2015-05-31 01:47 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-06-10 16:34 - 2015-05-31 02:03 - 12385280 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-10 16:34 - 2015-05-31 01:55 - 01809920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-10 16:34 - 2015-05-31 01:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-10 16:26 - 2015-06-10 16:26 - 02197648 _____ (Irfan Skiljan) C:\Users\Kagan Bagci\Downloads\iview438g_setup.exe 2015-06-10 16:26 - 2015-06-10 16:26 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView 2015-06-10 16:26 - 2015-06-10 16:26 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\IrfanView 2015-06-10 16:26 - 2015-06-10 16:26 - 00000000 ____D C:\Program Files\IrfanView 2015-06-03 22:39 - 2015-06-03 22:39 - 35595593 _____ C:\Users\Kagan Bagci\Desktop\Clockwork.zip 2015-06-03 22:29 - 2015-06-03 22:29 - 00180095 _____ C:\Users\Kagan Bagci\Downloads\a4dven6_460sv (1).wmv 2015-06-03 17:37 - 2015-06-03 17:37 - 00638976 _____ C:\Users\Kagan Bagci\Downloads\Detection (1).msi 2015-06-01 15:24 - 2015-06-01 15:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Apocalypse - The Hunt Begins 2015-06-01 14:15 - 2015-06-01 15:05 - 1216383942 _____ (Ultimate Apocalypse Mod Team ) C:\Users\Kagan Bagci\Downloads\Ultimate_Apocalypse_-_The_Hunt_Begins.exe 2015-06-01 13:49 - 2015-06-01 13:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Apocalypse - THB Patch 2015-06-01 13:48 - 2015-06-01 13:48 - 00758745 _____ (Ultimate Apocalypse Mod Team ) C:\Users\Kagan Bagci\Downloads\Ultimate Apocalypse - THB Patch v1.8.1.exe 2015-05-28 19:11 - 2015-05-28 19:11 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\openvr 2015-05-27 20:14 - 2015-05-27 20:14 - 00000000 ____D C:\Program Files\SoftwareAlert 2015-05-27 14:01 - 2015-05-27 20:14 - 00000000 ____D C:\ProgramData\431b2240000043bd 2015-05-27 13:57 - 2015-06-10 16:06 - 00001966 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-05-27 13:57 - 2015-05-27 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-05-27 13:53 - 2015-05-27 13:53 - 00880208 _____ (Google Inc.) C:\Users\Kagan Bagci\Downloads\ChromeSetup.exe 2015-05-27 13:39 - 2015-05-27 15:13 - 00000000 ____D C:\Program Files\Second Home 2015-05-27 13:37 - 2015-06-15 14:27 - 00000000 ____D C:\ProgramData\12105833042991166924 2015-05-27 13:37 - 2015-06-15 14:26 - 00000000 ____D C:\Program Files\PrInceCoupon 2015-05-27 13:37 - 2015-06-10 17:06 - 00000000 ____D C:\Program Files\ShoppierMaaster 2015-05-27 13:37 - 2015-05-27 15:13 - 00000000 ____D C:\Program Files\ColoiuckkFeorSale 2015-05-27 13:17 - 2015-06-15 14:53 - 00000024 _____ C:\Users\Kagan Bagci\AppData\Roaming\appdataFr25.bin 2015-05-27 12:57 - 2015-06-16 15:45 - 00000079 _____ C:\Program Files\prefs.js 2015-05-27 11:36 - 2015-06-16 21:02 - 00004428 _____ C:\Windows\PFRO.log 2015-05-26 12:48 - 2015-05-26 12:48 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Samsung 2015-05-26 12:48 - 2015-05-26 12:48 - 00000000 ____D C:\Program Files\Common Files\Common Desktop Agent 2015-05-26 12:47 - 2015-05-26 12:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers 2015-05-26 12:45 - 2015-05-26 12:48 - 00000000 ____D C:\ProgramData\Samsung 2015-05-26 12:45 - 2015-05-26 12:45 - 00000000 ____D C:\Program Files\SamsungPrinterLiveUpdate 2015-05-26 12:44 - 2015-05-26 12:48 - 00000000 ____D C:\Program Files\Samsung 2015-05-26 12:44 - 2014-10-30 13:43 - 00686896 _____ (Samsung Electronics) C:\Windows\system32\eed_sl.exe 2015-05-26 12:44 - 2014-10-30 13:43 - 00025600 _____ () C:\Windows\system32\sst6clm.dll 2015-05-26 12:44 - 2014-10-30 13:42 - 02284032 _____ C:\Windows\system32\eed_ec.dll 2015-05-26 12:44 - 2014-09-19 00:10 - 00094208 ____N C:\Windows\system32\ssdevm.dll 2015-05-26 12:44 - 2014-03-05 15:59 - 00158040 _____ (SS) C:\Windows\system32\sst6cci.exe 2015-05-26 12:44 - 2014-03-05 15:58 - 00000273 _____ C:\Windows\system32\eed_sl.exe.config 2015-05-26 12:44 - 2013-04-03 16:32 - 00212600 _____ C:\Windows\system32\SBuySupplies.exe 2015-05-26 12:44 - 2012-08-02 13:07 - 04161048 ____N C:\Windows\sst6cA4.prn 2015-05-26 12:44 - 2012-08-02 13:07 - 03701631 ____N C:\Windows\sst6cLTR.prn 2015-05-26 12:44 - 2012-01-09 13:41 - 00000361 _____ C:\Windows\system32\sst6clm.smt 2015-05-26 12:44 - 2012-01-09 13:40 - 00065536 _____ (SS) C:\Windows\system32\sst6cci.dll 2015-05-26 12:41 - 2015-05-26 12:41 - 03439936 _____ C:\Users\Kagan Bagci\Downloads\SamsungPrinterInstaller.exe 2015-05-25 22:13 - 2015-05-25 22:13 - 00006594 _____ C:\Users\Public\Documents\s.t.a.l.k.e.r.ltx 2015-05-24 21:33 - 2015-05-24 21:33 - 00003294 _____ C:\Users\Kagan Bagci\Downloads\PPSSPP_Cheat_Lists.rar 2015-05-23 21:48 - 2015-05-23 21:48 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\AVG 2015-05-23 21:41 - 2015-05-23 21:41 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\Avg 2015-05-23 21:38 - 2015-05-23 21:49 - 00000000 ____D C:\ProgramData\AVG 2015-05-23 21:31 - 2015-05-23 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO 2015-05-23 21:31 - 2015-05-23 21:31 - 03067400 _____ C:\Users\Kagan Bagci\Downloads\Setup_MagicISO.exe 2015-05-21 21:29 - 2015-05-21 21:29 - 01384064 _____ (Skype Technologies S.A.) C:\Users\Kagan Bagci\Downloads\SkypeSetup.exe 2015-05-21 21:21 - 2015-05-21 21:21 - 00001236 _____ C:\Users\Kagan Bagci\AppData\Local\recently-used.xbel ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-17 12:17 - 2013-02-15 21:31 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job 2015-06-17 12:16 - 2013-07-09 16:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-06-17 12:16 - 2013-01-28 13:51 - 00000952 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job 2015-06-17 12:16 - 2012-11-15 20:24 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-06-17 12:16 - 2012-11-14 23:45 - 00000352 _____ C:\Windows\Tasks\Recovery DVD Creator-Kagan Bagci.job 2015-06-17 12:16 - 2012-11-14 23:45 - 00000352 _____ C:\Windows\Tasks\Erweiterte Garantie-Kagan Bagci.job 2015-06-17 12:16 - 2012-11-14 22:42 - 01865072 _____ C:\Windows\WindowsUpdate.log 2015-06-17 12:16 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-17 12:16 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-16 21:09 - 2015-05-07 20:27 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Steganos VPN 2015-06-16 21:04 - 2014-01-03 02:51 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\LogMeIn Hamachi 2015-06-16 21:03 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-16 15:40 - 2013-01-28 13:51 - 00000930 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job 2015-06-16 15:35 - 2013-02-15 21:31 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job 2015-06-15 14:27 - 2013-08-22 19:05 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-06-13 23:28 - 2013-01-31 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2015-06-13 17:50 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache 2015-06-13 17:45 - 2015-05-07 13:25 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Update Manager 2015-06-13 17:45 - 2014-10-04 21:07 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent 2015-06-12 23:40 - 2006-11-02 14:47 - 00326632 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-12 23:37 - 2006-11-02 15:01 - 00032634 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-06-12 23:36 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE 2015-06-12 23:20 - 2008-11-06 13:48 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-06-12 23:19 - 2013-11-12 20:36 - 00000000 ____D C:\Windows\system32\MRT 2015-06-12 23:02 - 2006-11-02 12:24 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2015-06-12 22:57 - 2013-07-09 16:04 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-06-12 22:57 - 2013-07-09 16:04 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-06-10 17:11 - 2013-02-10 01:31 - 00000000 ____D C:\Users\Kagan Bagci\Tracing 2015-06-10 17:11 - 2012-11-15 20:08 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Skype 2015-06-10 16:09 - 2012-11-20 14:19 - 00000000 ____D C:\Program Files\Steam 2015-06-03 22:31 - 2015-05-07 19:26 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\ppsspp 2015-06-03 22:31 - 2012-12-25 15:09 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\Schulzeug 2015-06-03 22:31 - 2012-12-20 18:09 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\Musik 2015-06-03 22:30 - 2012-12-25 15:09 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\Bilder 2015-06-03 17:38 - 2012-12-02 19:17 - 00000000 ____D C:\Program Files\SystemRequirementsLab 2015-05-31 21:35 - 2006-11-02 12:33 - 01581308 _____ C:\Windows\system32\PerfStringBackup.INI 2015-05-28 20:55 - 2012-11-20 14:19 - 00000000 ____D C:\Program Files\Common Files\Steam 2015-05-28 16:54 - 2015-02-01 18:01 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\Battle.net 2015-05-28 16:15 - 2012-11-25 22:18 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\TS3Client 2015-05-28 16:10 - 2015-02-01 17:59 - 00000000 ____D C:\Program Files\Battle.net 2015-05-27 15:17 - 2012-12-02 00:23 - 00000000 ___RD C:\Users\Kagan Bagci\Desktop\Programme 2015-05-27 14:01 - 2015-05-07 20:28 - 00000000 ____D C:\Program Files\System Optimizer 2015-05-27 13:56 - 2008-11-06 13:37 - 00000000 ____D C:\Program Files\Google 2015-05-27 11:31 - 2013-03-25 21:34 - 00001356 _____ C:\Users\Kagan Bagci\AppData\Local\d3d9caps.dat 2015-05-26 12:45 - 2012-11-14 23:40 - 00000000 ____D C:\Users\Kagan Bagci 2015-05-21 21:31 - 2008-11-06 13:55 - 00000000 ____D C:\ProgramData\Skype 2015-05-21 21:21 - 2012-11-15 20:19 - 00000000 ___RD C:\Program Files\Skype 2015-05-21 17:51 - 2013-02-12 23:05 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\DAEMON Tools Lite 2015-05-21 17:40 - 2014-03-31 22:01 - 00000000 ____D C:\ProgramData\Origin 2015-05-21 17:39 - 2015-01-07 16:15 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\NexonLauncher 2015-05-21 17:39 - 2015-01-07 16:14 - 00000000 ____D C:\Program Files\Nexon 2015-05-21 17:39 - 2014-01-26 23:13 - 00000000 ____D C:\Program Files\MyHeritage 2015-05-21 17:38 - 2014-12-27 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2015-05-21 17:37 - 2008-11-06 13:12 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2015-05-21 17:33 - 2015-01-26 18:26 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin 2015-05-21 17:32 - 2015-01-26 18:37 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames 2015-05-21 17:32 - 2015-01-26 17:33 - 00000000 ____D C:\AeriaGames 2015-05-20 15:37 - 2012-11-14 23:49 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Adobe ==================== Files in the root of some directories ======= 2015-05-27 12:57 - 2015-06-16 15:45 - 0000079 _____ () C:\Program Files\prefs.js 2015-05-27 13:17 - 2015-06-15 14:53 - 0000024 _____ () C:\Users\Kagan Bagci\AppData\Roaming\appdataFr25.bin 2013-03-25 21:34 - 2015-05-27 11:31 - 0001356 _____ () C:\Users\Kagan Bagci\AppData\Local\d3d9caps.dat 2012-11-15 20:49 - 2013-01-27 00:30 - 0030720 _____ () C:\Users\Kagan Bagci\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-01-11 20:36 - 2014-01-11 20:36 - 0005567 _____ () C:\Users\Kagan Bagci\AppData\Local\HWVendorDetection.log 2015-05-21 21:21 - 2015-05-21 21:21 - 0001236 _____ () C:\Users\Kagan Bagci\AppData\Local\recently-used.xbel 2013-03-18 21:00 - 2013-03-18 21:00 - 1426411 ____N () C:\Users\Kagan Bagci\AppData\Local\Tempmusic.ogg 2013-02-10 21:23 - 2013-02-10 21:23 - 0509465 _____ () C:\ProgramData\1360516069.bdinstall.bin 2013-03-20 15:48 - 2013-03-20 15:48 - 0227776 _____ () C:\ProgramData\1363787221.bdinstall.bin 2013-07-15 14:56 - 2013-07-15 14:56 - 0000057 _____ () C:\ProgramData\Ament.ini Some files in TEMP: ==================== C:\Users\Kagan Bagci\AppData\Local\Temp\DseShExt-x86.dll C:\Users\Kagan Bagci\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\Kagan Bagci\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-16 21:09 ==================== End of log ============================ [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2015 Ran by Kagan Bagci at 2015-06-17 12:22:16 Running from C:\Users\Kagan Bagci\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-410520579-760464469-3575665083-500 - Administrator - Disabled) Gast (S-1-5-21-410520579-760464469-3575665083-501 - Limited - Disabled) Kagan Bagci (S-1-5-21-410520579-760464469-3575665083-1000 - Administrator - Enabled) => C:\Users\Kagan Bagci ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) ABBYY PDF Transformer 3.0 (HKLM\...\ABBYY PDF Transformer 3.0) (Version: 3.00.317.68010 - ABBYY) ABBYY PDF Transformer 3.0 (Version: 3.00.317.68010 - ABBYY) Hidden Activation Assistant for the 2007 Microsoft Office suites (Version: - Microsoft Corporation) Hidden Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Photoshop Elements 6 (HKLM\...\AdobePE6) (Version: - ) Adobe Reader 8 (HKLM\...\AdobeReader) (Version: - ) Advanced SystemCare 6 (HKLM\...\Advanced SystemCare 6_is1) (Version: 6.2 - IObit) AGEIA PhysX v8.01.18 (HKLM\...\{A5B5A16D-277A-476B-8F62-1029A2F23072}) (Version: 8.01.18 - AGEIA Technologies, Inc.) Akamai NetSession Interface (HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ATI Catalyst Install Manager (HKLM\...\{0BB178A9-D9F6-4D97-3D43-3CD5B3C9B67D}) (Version: 3.0.682.0 - ATI Technologies, Inc.) ATI VGA driver Ver V V 8.512 (Version: - ) Hidden avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2008 - Avast Software) Battle Realms Complete (German) (HKLM\...\GOGPACKBATTLEREALMS_is1) (Version: 2.0.0.9 - GOG.com) Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment) BioShock 2 (Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden BitTorrent (HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\BitTorrent) (Version: 7.9.2.38657 - BitTorrent Inc.) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Browser Address Error Redirector (Version: - ) Hidden Call Of Cthulhu DCoTE (HKLM\...\{E4406ED3-B04C-44F1-ABB4-08775B74934F}) (Version: 1.00.000 - ) Carbonite (HKLM\...\Carbonite) (Version: - ) ccc-core-static (Version: 2008.0703.2236.38526 - Ihr Firmenname) Hidden CCleaner (HKLM\...\CCleaner) (Version: 3.27 - Piriform) ColoiuckkFeorSale (HKLM\...\{6C998B44-82D8-CC7E-D847-4CD73036412A}) (Version: - "") <==== ATTENTION Common Desktop Agent (Version: 1.62.0 - OEM) Hidden Community Map packs 1-4 for soulstorm (HKLM\...\Community_0) (Version: - ) Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Cry of Fear (HKLM\...\Steam App 223710) (Version: - Team Psykskallar) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd) Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version: - FromSoftware) Dawn of War - Tyranid Mod v0.45SS (HKLM\...\Tyranid_Mod_v04SS) (Version: "0.45SS" - "Team Super Ninja") DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC) Dungeon Defenders (HKLM\...\Steam App 65800) (Version: - Trendy Entertainment) DVDVideoSoftTB DE Toolbar (HKLM\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE) Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Five Nights at Freddy's (HKLM\...\Steam App 319510) (Version: - Scott Cawthon) Five Nights at Freddy's 2 (HKLM\...\Steam App 332800) (Version: - Scott Cawthon) Gameforge Live 2.0.5 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge) Goat Simulator (HKLM\...\Steam App 265930) (Version: - Coffee Stain Studios) Google BAE (HKLM\...\GoogleBAE) (Version: - ) Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.) Google Desktop (Version: 5.7.0807.15159 - Google) Hidden Google Drive (HKLM\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.) Google Talk Plugin (HKLM\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google) Google Toolbar (HKLM\...\GoogleToolbar) (Version: - ) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden GoogleDesktop (HKLM\...\GoogleDesktop_XX) (Version: - ) Half-Life (HKLM\...\Steam App 70) (Version: - Valve) Half-Life 2 (HKLM\...\Steam App 220) (Version: - Valve) Half-Life: Opposing Force (HKLM\...\Steam App 50) (Version: - Gearbox) HDRegDE (HKLM\...\{D359B12F-9B1A-46FD-B70C-F507B5B11590}) (Version: 2.0.0 - Acxiom) Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment) HP Photosmart 5510 series - Grundlegende Software für das Gerät (HKLM\...\{9951F1F7-773D-45FE-B6AE-FDFC481655B1}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) Infocentre Rev. 2.0.0.1 (HKLM\...\Infocentre) (Version: - ) Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org) Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{26921B2E-3E62-47F9-A514-1FC4A83BD738}) (Version: 12.00.0004 - Intel(R) Corporation) IObit Apps Toolbar v8.3 (HKLM\...\{B14D51F5-F44F-4D77-86D0-777D6CB6C235}) (Version: 8.3 - Spigot, Inc.) <==== ATTENTION IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan) iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.) Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle) Launch Manager V1.5.3 (HKLM\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.3 - Wistron Corp.) launch manager Ver 1.5.3 (Version: - ) Hidden LG United Mobile Drivers (HKLM\...\{C2944BE7-9BFF-4EF0-A362-CB3281B7C50D}) (Version: 3.6.0.0 - LG Electronics) LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.) LogMeIn Hamachi (Version: 2.2.0.328 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) Metaboli (HKLM\...\METABOLI) (Version: - ) Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Games for Windows - LIVE (HKLM\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Works 9 (HKLM\...\works9) (Version: - ) Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Microsoft® Office 2007 (HKLM\...\OFF2k7_GE) (Version: - ) MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com) Mozilla Firefox 35.0 (x86 de) (HKLM\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 8 Essentials (HKLM\...\Nero8) (Version: - ) Norton Internet Security (HKLM\...\NIS2008_DE) (Version: - ) OkayFreedom (HKLM\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.5.2 - Steganos Software GmbH) OpenAL (HKLM\...\OpenAL) (Version: - ) OpenOffice.org 3.4.1 (HKLM\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation) ORION: Prelude (HKLM\...\Steam App 104900) (Version: - Spiral Game Studios) Packard Bell ImageWriter (HKLM\...\ImageWriter) (Version: - ) Packard Bell LCD Test (HKLM\...\LCDTest) (Version: - ) Packard Bell Updator (HKLM\...\Updator) (Version: - ) PrInceCoupon (HKLM\...\{D86C82B0-1F02-816A-5F3D-6466F6A67566}) (Version: - "") <==== ATTENTION QuickShare (HKLM\...\{063C68D3-B0B7-4FBC-AE78-A81906C11888}) (Version: 10.165.60.13189 - Linkury Inc.) <==== ATTENTION Razer Game Booster (HKLM\...\{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}) (Version: 3.5.6.0 - Razer USA Ltd.) Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000 - Realtek) Hidden Realtek cardreader driver Ver6.0.6000.10092 (Version: - ) Hidden Realtek High Definition Audio driver Ver6.0.1.5672 (Version: - ) Hidden Realtek LAN driver Ver6.206.502.2008 (Version: - ) Hidden Realtek USB 2.0 Card Reader (Version: - Realtek Semiconductor Corp.) Hidden Repetier-Host Version 0.95D (HKLM\...\{1143F758-929B-4EEB-8784-46CCB622F037}_is1) (Version: 0.95D - repetier) RoyaalCioaupon (HKLM\...\{40DC4B27-4588-C56F-7737-D03A0ACE4383}) (Version: - "") <==== ATTENTION Samsung CLP-360 Series (HKLM\...\Samsung CLP-360 Series) (Version: 1.20 (16.12.2014) - Samsung Electronics Co., Ltd.) Samsung Drucker-Diagnose (HKLM\...\Samsung Printer Diagnostics) (Version: 1.0.1.16 - Samsung Electronics Co., Ltd.) Samsung Easy Printer Manager (HKLM\...\Samsung Easy Printer Manager) (Version: 1.05.79.00(26.03.2015) - Samsung Electronics Co., Ltd.) Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.1.3.2 - Seagate Technology) Second Home (HKLM\...\{E370F69F-ED3F-925F-31FC-14D1329A713B}) (Version: - "") Settings Manager (HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Settings Manager) (Version: 21.4.0.1 - Spigot, Inc.) <==== ATTENTION SetUp My PC (HKLM\...\SETUPMYPC_DE) (Version: - ) ShoppierMaaster (HKLM\...\{35E0D123-1F22-9AE6-F973-B7ECA46E8BFE}) (Version: - "") <==== ATTENTION Sichern Sie Ihre Daten (Version: - Carbonite Inc.) Hidden Skins (Version: 2008.0703.2236.38526 - ATI) Hidden Skype 3.6.2.248 (HKLM\...\SKYPE) (Version: - ) Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.) Skype™ 7.5 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.) SoftwareAlert (HKLM\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{5589d471}) (Version: - Software Publisher) <==== ATTENTION Startfenster (HKLM\...\Startfenster) (Version: - Startfenster) Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Synaptics Pointing Device Driver (Version: 11.1.21.0 - Synaptics) Hidden Synaptics TouchPad driver Ver 11.1.21.0 (Version: - ) Hidden System Requirements Lab CYRI (HKLM\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC) System Requirements Lab Detection (HKLM\...\{2B204A6B-167C-4C37-B40E-56570C96491E}) (Version: 6.1.4.0 - Husdawg, LLC) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic) Torchlight II (HKLM\...\Steam App 200710) (Version: - Runic Games) UA Map Pack (HKLM\...\UA Map Pack) (Version: - ) Ultimate Apocalypse - THB Patch version 1.8.1 (HKLM\...\{2D2D99BC-4565-4A97-85E9-4BFCFE95965A}_is1) (Version: 1.8.1 - Ultimate Apocalypse Mod Team) Ultimate Apocalypse - The Hunt Begins version 1.8.0 (HKLM\...\{A21FAC0C-E2CD-4A79-A88F-4174EA62451A}_is1) (Version: 1.8.0 - Ultimate Apocalypse Mod Team) Ultimate Apocalypse mod 1.73 (HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Ultimate Apocalypse mod 1.73) (Version: - ) Unepic (HKLM\...\1207659227_is1) (Version: 2.8.0.13 - GOG.com) Unity Web Player (HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN) Volgarr the Viking v2.0.0.1 1.0 (HKLM\...\Volgarr the Viking v2.0.0.1 1.0) (Version: 1.0 - Cat-A-Cat) Warhammer 40,000: Dawn of War – Soulstorm (HKLM\...\Steam App 9450) (Version: - Relic Entertainment) WhiteSmoke New V6 Toolbar for IE (HKLM\...\IECT3311268) (Version: 6.16.2.2 - WhiteSmoke New V6) <==== ATTENTION Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI) Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI) Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation) Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) World of Warcraft (HKLM\...\World of Warcraft) (Version: - Blizzard Entertainment) Xvid 1.1.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi)) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{63D99C74-1867-B00A-B48A-F226B9837657}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.26.9\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File ==================== Restore Points ========================= 25-05-2015 17:37:46 Geplanter Prüfpunkt 26-05-2015 08:33:10 Windows Update 26-05-2015 12:44:37 Gerätetreiber-Paketinstallation: Samsung Drucker 29-05-2015 19:46:51 Windows Update 02-06-2015 19:31:11 Windows Update 03-06-2015 14:38:19 Geplanter Prüfpunkt 03-06-2015 17:37:56 Installed System Requirements Lab Detection 07-06-2015 20:55:50 Windows Update 10-06-2015 17:02:03 Windows Defender Checkpoint 12-06-2015 22:58:23 Windows Update 16-06-2015 15:39:47 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {420237FD-AF49-42FB-96F7-C643BD150FF1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-02] (AVAST Software) Task: {4D79B07F-3ADC-475B-A278-7F3E7B10BA44} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {4DE81CF0-AEB5-48F0-984A-E9F1D115C877} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-28] (Facebook Inc.) Task: {61CC9DC8-EC5B-4AAA-936E-385737A03E73} - System32\Tasks\Erweiterte Garantie-Kagan Bagci => C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-02-04] (Packard Bell BV) Task: {67042091-C4B7-4D01-B99C-8113C89EFCC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-15] (Google Inc.) Task: {85C2DA55-956B-4054-A27D-58F5B75EBE56} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-12] (Adobe Systems Incorporated) Task: {8AD7C484-9944-4BE7-B42B-17858E021DBD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-01-23] (Piriform Ltd) Task: {988F56DC-F274-4C4C-8EA6-BF708CC24CB2} - System32\Tasks\Recovery DVD Creator-Kagan Bagci => C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe [2008-02-04] (Packard Bell BV) Task: {9B4352D2-DDA9-40A4-A1E0-583C162BD30B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-11] (Google Inc.) Task: {A59EDF3E-5B9C-47D4-82CD-05DDF035B9CA} - System32\Tasks\{7C7143E3-9922-433E-9333-D7D15C6C71C7} => pcalua.exe -a "C:\Users\Kagan Bagci\Desktop\libusb-win32-filter-bin-0.1.10.1.exe" -d "C:\Users\Kagan Bagci\Desktop" Task: {B9338F41-8D44-4BB5-8FB4-9FBD26643559} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-15] (Google Inc.) Task: {BFB85395-DCA3-418B-9699-F594136DF958} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-11] (Google Inc.) Task: {C6127032-F189-4535-A026-4462F91D8D4F} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {C731D6DA-B4AE-470C-8041-8E544CCC2F67} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe [2012-11-13] () Task: {D96479A1-D81E-48BE-9429-1157B7F2612B} - System32\Tasks\{692E16B8-5C7F-4ACC-A311-B180845E0984} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?page=tsProgressBar Task: {DC57B16D-CE35-499C-9913-257352FB9D6F} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe [2013-04-08] (IObit) Task: {DDDF64F1-7681-4AD4-B482-8A3E7FA07592} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-28] (Facebook Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Erweiterte Garantie-Kagan Bagci.job => C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Recovery DVD Creator-Kagan Bagci.job => C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe ==================== Loaded Modules (Whitelisted) ============== 2013-03-18 20:42 - 2013-01-15 18:47 - 00517440 _____ () C:\Program Files\IObit\Advanced SystemCare 6\sqlite3.dll 2013-12-05 20:38 - 2014-09-02 12:13 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2008-04-30 20:13 - 2008-04-30 20:13 - 00200704 _____ () C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL 2015-06-16 15:27 - 2015-06-16 15:27 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15061600\algo.dll 2015-06-17 12:17 - 2015-06-17 12:17 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15061700\algo.dll 2015-05-27 20:14 - 2015-05-27 20:14 - 02291712 _____ () c:\Program Files\SoftwareAlert\SoftwareAlert.dll 2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2008-08-20 04:25 - 2008-07-04 05:37 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll 2013-12-05 20:39 - 2014-09-02 12:13 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-09-08 13:30 - 2014-09-08 13:30 - 00351968 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe 2014-09-08 13:32 - 2014-09-08 13:32 - 00050688 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll 2013-03-18 20:42 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madExcept_.bpl 2013-03-18 20:42 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madBasic_.bpl 2013-03-18 20:42 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madDisAsm_.bpl 2015-05-22 18:44 - 2015-05-22 18:44 - 00897520 _____ () C:\Users\Kagan Bagci\AppData\Roaming\Settings Manager\SettingsManager.exe 2015-05-05 17:40 - 2015-06-12 22:57 - 00776880 _____ () C:\Users\Kagan Bagci\AppData\Roaming\Update Manager\UM.exe 2008-11-06 13:17 - 2008-11-06 13:17 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll 2015-06-10 16:06 - 2015-06-05 20:22 - 15003464 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Kagan Bagci\Downloads\ce4955free.exe:BDU AlternateDataStreams: C:\Users\Kagan Bagci\Downloads\chromeinstall-7u17.exe:BDU AlternateDataStreams: C:\Users\Kagan Bagci\Downloads\setup (1).exe:BDU AlternateDataStreams: C:\Users\Kagan Bagci\Downloads\TERASetup.exe:BDU ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\aeriagames.com -> hxxps://aeriagames.com IE trusted site: HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\aeriagames.com -> hxxp://aeriagames.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kagan Bagci\Desktop\2397008-1531880985-RJTni.jpg DNS Servers: 192.168.2.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [{37A4B201-F203-4386-9C96-AE37072F31F1}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe FirewallRules: [{7EC03DDA-38D1-4DFA-9319-072098A30382}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe FirewallRules: [TCP Query User{07AB1E1E-1C02-4C46-A238-15F1996BF40E}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe FirewallRules: [UDP Query User{C5F6B9AE-AE9F-4220-BAA9-2E1F147A84C9}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe FirewallRules: [{A81D73E2-D551-418F-B51F-C3D0D94F4208}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{FB5D8F79-4BFD-4BA8-99C7-1BF0D29695DB}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{2DB6A7CC-EAD3-46D8-A62B-9B0559581F73}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{F46C548D-EC46-4D8B-B3C0-14D2A7FC7F9C}C:\program files\runes of magic\client.exe] => (Allow) C:\program files\runes of magic\client.exe FirewallRules: [UDP Query User{44948248-23E9-4B9B-AC02-B77B7F79D4C4}C:\program files\runes of magic\client.exe] => (Allow) C:\program files\runes of magic\client.exe FirewallRules: [{AE7327F5-7515-44D9-A5B4-0D59FBE418C0}] => (Allow) LPort=80 FirewallRules: [{F33838AA-7C2E-4F98-B27D-F63B407DA383}] => (Allow) LPort=80 FirewallRules: [{33C1E5CE-0512-4A20-8E78-9BC68A90A9D5}] => (Allow) LPort=80 FirewallRules: [{9DFDC90A-8370-4B7F-B736-D627255537E3}] => (Allow) C:\Program Files\Steam\Steam.exe FirewallRules: [{34873EEA-32E9-4998-BF27-EC9712AAE121}] => (Allow) C:\Program Files\Steam\Steam.exe FirewallRules: [{89D21C15-18EA-4C32-8B77-0CBAA8D415CF}] => (Allow) c:\BrickForce\BfLauncher.exe FirewallRules: [{BF735AE1-4D4D-4632-86C5-2FD949B3AC06}] => (Allow) c:\BrickForce\BrickForce.exe FirewallRules: [{B6DCF34B-543E-4F52-BF5F-08CAF773BA03}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{4464244B-B8DF-40F1-808B-C54DAE5717CD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{21804082-1DC9-499F-9CCD-0D5BBFA1F3BD}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\half-life\hl.exe FirewallRules: [{6C0C397B-5722-4861-84B0-E916AD2D5C72}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\half-life\hl.exe FirewallRules: [{4725C7CD-29CA-4EA3-8A02-914962762632}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe FirewallRules: [{1B5F7671-1BD4-4E32-A9A2-118D383D1413}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{821EF3BD-8C42-43B4-AF5B-607801098C7F}] => (Allow) svchost.exe FirewallRules: [{D3F1DC62-46EA-4186-B2DB-0066E868A5B9}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [TCP Query User{1CF6EBC4-753C-4C31-B7F3-97DBA99F9305}C:\users\kagan bagci\desktop\whitefinger1.0\darkplaces.exe] => (Allow) C:\users\kagan bagci\desktop\whitefinger1.0\darkplaces.exe FirewallRules: [UDP Query User{EC8DFABE-10CB-4C6E-BB3C-529B6D961F1E}C:\users\kagan bagci\desktop\whitefinger1.0\darkplaces.exe] => (Allow) C:\users\kagan bagci\desktop\whitefinger1.0\darkplaces.exe FirewallRules: [{945630B1-1C22-4F43-B52E-930786277A7B}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe FirewallRules: [{C458B229-3FB9-4BB5-B9D8-8301396AEEBC}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{1F203F08-3E9B-4EF3-A273-1EAD47C7D5FA}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe FirewallRules: [{5A908225-4AA4-4683-BC36-ED80CFC40C03}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{7F7602D7-57A3-4CF4-8F26-D50D13A128AD}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe FirewallRules: [{FFC4382B-43A2-4127-8A22-1C83C5C1C259}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{DF42ED22-AB76-46DC-9D54-81064AE2B93F}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe FirewallRules: [{785C404B-8205-49A6-946A-EB6E1B371B2E}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe FirewallRules: [{93C71602-24B6-4F39-BACE-8AC44F970DD2}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{A14D2050-4A44-477D-AB80-9E0E101CAD1B}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe FirewallRules: [{AB60DCF7-679C-406C-99B9-84ED97CE01DB}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{3DAE4C50-C814-499D-9DA5-17653931910D}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe FirewallRules: [{8365CDDC-FB96-4BAE-8FE9-1D613867096C}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{7F133585-2B74-4D48-A70C-7AC041F9210D}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe FirewallRules: [TCP Query User{4CDE0EC4-9674-4803-B28A-7A95145BFEF4}C:\users\kagan bagci\desktop\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe] => (Allow) C:\users\kagan bagci\desktop\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe FirewallRules: [UDP Query User{351F4EE0-4CCD-454E-8C3A-C7C7A9ED340D}C:\users\kagan bagci\desktop\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe] => (Allow) C:\users\kagan bagci\desktop\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe FirewallRules: [TCP Query User{8BACB417-AF23-4D82-9051-DA81D6DDAC20}C:\users\kagan bagci\desktop\ghoulsforest3dbeta1.3.0\ghouls forest 3d.exe] => (Allow) C:\users\kagan bagci\desktop\ghoulsforest3dbeta1.3.0\ghouls forest 3d.exe FirewallRules: [UDP Query User{CB459407-E6DB-4E97-BE4D-380343F062E6}C:\users\kagan bagci\desktop\ghoulsforest3dbeta1.3.0\ghouls forest 3d.exe] => (Allow) C:\users\kagan bagci\desktop\ghoulsforest3dbeta1.3.0\ghouls forest 3d.exe FirewallRules: [{C50026E4-3104-4285-8042-40A831D43BDE}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\garrysmod\hl2.exe FirewallRules: [{8D003BEA-C3AF-43CF-88B3-E528C62A7A79}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\garrysmod\hl2.exe FirewallRules: [TCP Query User{98425062-8699-42E3-8500-C10E149BE7BD}C:\udk\forget me not annie\binaries\win32\udk.exe] => (Allow) C:\udk\forget me not annie\binaries\win32\udk.exe FirewallRules: [UDP Query User{DBC9E44C-37AF-4172-B723-D9E5D62322FB}C:\udk\forget me not annie\binaries\win32\udk.exe] => (Allow) C:\udk\forget me not annie\binaries\win32\udk.exe FirewallRules: [{9A8E3F26-1B46-449C-B8D6-BEF38EB281E9}] => (Allow) C:\Program Files\Dragon's Prophet\dp_x86.exe FirewallRules: [{28C771E9-E619-4D09-BC5C-E5B5A95F166A}] => (Allow) C:\Program Files\Dragon's Prophet\dp_x86.exe FirewallRules: [{66C50E31-5BCC-496D-A2AE-FD5DAB6519F0}] => (Allow) C:\Program Files\Dragon's Prophet\dp_x64.exe FirewallRules: [{FEEA5A36-6549-44FE-A244-BB42E4DC875B}] => (Allow) C:\Program Files\Dragon's Prophet\launcher.exe FirewallRules: [{BA5057B0-A777-40E0-A595-6A256BEE57E8}] => (Allow) C:\Program Files\Dragon's Prophet\dp_x64.exe FirewallRules: [{8B7F8917-3F26-44A8-9629-12A7705E66DD}] => (Allow) C:\Program Files\Dragon's Prophet\launcher.exe FirewallRules: [TCP Query User{BAFC5699-B6F0-42BD-AA1D-5A30812A0FFD}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{792D8630-F7DE-4178-8CC8-9AAA7BFF4CF9}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{4677CB95-3B03-49E0-B513-111C974DF195}C:\users\kagan bagci\desktop\world_of_tanks\worldoftanks.exe] => (Allow) C:\users\kagan bagci\desktop\world_of_tanks\worldoftanks.exe FirewallRules: [UDP Query User{D48BC7FA-6BA9-4767-B817-30E64667B2A6}C:\users\kagan bagci\desktop\world_of_tanks\worldoftanks.exe] => (Allow) C:\users\kagan bagci\desktop\world_of_tanks\worldoftanks.exe FirewallRules: [TCP Query User{AED913D2-F398-4ADA-9CC2-B95757F2177A}C:\users\kagan bagci\desktop\world_of_tanks\wotlauncher.exe] => (Allow) C:\users\kagan bagci\desktop\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{31F42C98-8B59-4148-B29F-BDD8CB9B93A6}C:\users\kagan bagci\desktop\world_of_tanks\wotlauncher.exe] => (Allow) C:\users\kagan bagci\desktop\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{B0082B91-71C4-4F40-B70F-DDF1AC85FB54}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe FirewallRules: [UDP Query User{08CD6DC4-FE23-4AE5-9F65-34B6FEFF4890}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe FirewallRules: [{562A6746-9B46-423F-A265-C45962080E11}] => (Allow) C:\Program Files\Gameforge4D\Elsword_DE\data\x2.exe FirewallRules: [{00C043A5-5188-4532-A75E-1BA457F4C6E0}] => (Allow) C:\Program Files\Gameforge4D\Elsword_DE\data\x2.exe FirewallRules: [TCP Query User{ECCC19B2-9149-443A-A9D0-C1B6EE51AE9C}C:\program files\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe] => (Allow) C:\program files\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe FirewallRules: [UDP Query User{9F304512-C240-40C8-A379-7D15895AAC13}C:\program files\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe] => (Allow) C:\program files\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe FirewallRules: [TCP Query User{C4DAFC5C-B25A-4244-A32C-9538792CBB78}C:\program files\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files\steam\steamapps\common\cry of fear\cof.exe FirewallRules: [UDP Query User{E373DD06-A489-4292-9442-AD786F71647D}C:\program files\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files\steam\steamapps\common\cry of fear\cof.exe FirewallRules: [TCP Query User{A1616B0A-9ED1-4DF0-825E-0D570FA37EB8}C:\program files\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files\steam\steamapps\common\cry of fear\cof.exe FirewallRules: [UDP Query User{14E2296D-79E4-401B-8AFB-55477C355CD0}C:\program files\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files\steam\steamapps\common\cry of fear\cof.exe FirewallRules: [{0820525C-3B0F-4A1F-B6E5-C3C9D2980061}] => (Allow) C:\Program Files\Steam\SteamApps\common\Torchlight II\ModLauncher.exe FirewallRules: [{DFD2223B-E451-49BB-943A-45DC24EFF775}] => (Allow) C:\Program Files\Steam\SteamApps\common\Torchlight II\ModLauncher.exe FirewallRules: [{7DAF3C1D-D459-4851-A1D8-0652395A640B}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe FirewallRules: [{4E5CE63B-660D-46DA-A3A8-40FE329D096E}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{614795C3-D1BB-4FC4-9071-F1C7688E9150}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [TCP Query User{521840FE-61EF-4A82-911A-FBE75D89A57A}C:\program files\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) C:\program files\steam\steamapps\common\torchlight ii\torchlight2.exe FirewallRules: [UDP Query User{B543D5CB-65EA-442A-993A-0D8C82993DD2}C:\program files\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) C:\program files\steam\steamapps\common\torchlight ii\torchlight2.exe FirewallRules: [{3243D382-AA5E-42EA-8872-DFAA7F27FE52}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe FirewallRules: [{F59C80A8-2AED-474A-AD0B-58ED6D78687F}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe FirewallRules: [TCP Query User{B04414EC-ADA4-4343-94CC-CB6F9F940F49}C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe FirewallRules: [UDP Query User{F238EED5-DEA4-4007-AFFA-46574F74EBC0}C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe FirewallRules: [{D5F7FF9A-6644-493B-93B3-59859057A510}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\opposing force\hl.exe FirewallRules: [{27E0AFD6-736F-4133-9205-8C98642D8DC9}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\opposing force\hl.exe FirewallRules: [{4F3B7EE7-9EB9-461B-B74D-C2279D513E70}] => (Allow) C:\Program Files\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe FirewallRules: [{42990F9A-E5D9-4C1A-A1B6-B937D97F7010}] => (Allow) C:\Program Files\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe FirewallRules: [{8A676AE9-BDC5-4760-A1BC-C4B817B547CD}] => (Allow) C:\Program Files\Steam\SteamApps\common\Half-Life 2\hl2.exe FirewallRules: [{AA74E6F5-2AF4-4458-A4E9-AE6B99096DA3}] => (Allow) C:\Program Files\Steam\SteamApps\common\Half-Life 2\hl2.exe FirewallRules: [{FA6B2022-4726-423B-B1C4-36896A269FA3}] => (Allow) C:\Program Files\Steam\SteamApps\common\Terraria\Terraria.exe FirewallRules: [{CE4DB209-9A01-4B25-8886-B4706D0369E3}] => (Allow) C:\Program Files\Steam\SteamApps\common\Terraria\Terraria.exe FirewallRules: [TCP Query User{3FF9028B-6306-4E7F-B448-09A8115A8DB4}C:\program files\steam\steamapps\common\terraria\terrariaserver.exe] => (Block) C:\program files\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [UDP Query User{21AF891A-7361-4D41-980C-E565DBF5A652}C:\program files\steam\steamapps\common\terraria\terrariaserver.exe] => (Block) C:\program files\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [TCP Query User{00C479E1-C818-4FF1-BDDD-5E400843DE1E}C:\program files\steam\steam.exe] => (Allow) C:\program files\steam\steam.exe FirewallRules: [UDP Query User{9168C763-C30B-471C-9657-DA4DBDDC3D82}C:\program files\steam\steam.exe] => (Allow) C:\program files\steam\steam.exe FirewallRules: [TCP Query User{7E157346-1CD9-4714-96A0-18D425DCEAC6}C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe FirewallRules: [UDP Query User{6D9F6EC6-FE29-48CD-A87D-DB2426FAA6B3}C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe FirewallRules: [TCP Query User{9932CFAC-A916-455B-A075-5DE7E9DB12C2}C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe FirewallRules: [UDP Query User{0F905FC1-8163-4487-A7E6-7B8B526A7AD4}C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe FirewallRules: [{F46E1BC2-4F69-46D5-9ABE-B83DF194136A}] => (Allow) C:\Program Files\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe FirewallRules: [{EB1A1E9B-8ECD-439E-8CC7-445CAFB97636}] => (Allow) C:\Program Files\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe FirewallRules: [TCP Query User{90DB0671-B6D4-478B-B1D7-5BDDAF0E8AA3}C:\users\kagan bagci\desktop\spiele und etc\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\spiele und etc\brutal doom mit neuen waffen\zandronum.exe FirewallRules: [UDP Query User{52380365-8A93-48E4-93F2-27C0B7D063E2}C:\users\kagan bagci\desktop\spiele und etc\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\spiele und etc\brutal doom mit neuen waffen\zandronum.exe FirewallRules: [{7BDDA3C1-82FE-442D-A50B-50FD4F2CE9D0}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{C0B3B7E8-4801-4491-AB45-1E9F8926DEC9}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe FirewallRules: [{0509B901-42E5-4357-9009-F89D827147DE}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe FirewallRules: [{831359BB-DD03-430A-BF68-99480FBA3FBE}] => (Allow) C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{15727555-DCDF-4109-91A0-A3CF0B314B08}] => (Allow) C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{FA84AFB7-C756-482F-BD24-15C3D9D08AC2}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{8F51A668-FA7E-4F40-B1CC-271404E73F34}] => (Allow) C:\Program Files\GameforgeLive\Games\DEU_deu\Elsword\data\x2.exe FirewallRules: [{03FF5574-AB3B-48C9-A6B3-14A82A6DBB0E}] => (Allow) C:\Program Files\GameforgeLive\Games\DEU_deu\Elsword\data\x2.exe FirewallRules: [{8F41CEE4-5CB8-4878-BD03-5823F87FF28E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{8D0ED363-69DD-4F02-9324-A3AEE1DAF6A7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{765E88A6-4948-4FB2-937A-4DDB0FF83AEE}C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{5444F18C-06B6-4998-BAB1-F08259B27C71}C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe FirewallRules: [{2D09BD47-94BC-41AA-BD32-DC5AE596D44E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{6C91CF7A-873A-4EE4-8FC5-8E6A6D9F9FB5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{AADDB1B7-C36B-4F0C-9C94-EE373FE9C08A}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe FirewallRules: [{41B3A67F-56AF-4A55-A3B1-05BBB6EE0CD9}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe FirewallRules: [{7C7B35BB-225C-4847-B751-13F2703E12A1}] => (Allow) C:\Program Files\Steam\SteamApps\common\Five Nights at Freddy's\FiveNightsatFreddys.exe FirewallRules: [{E02A3374-A816-4BB9-BC22-89FD458B04C8}] => (Allow) C:\Program Files\Steam\SteamApps\common\Five Nights at Freddy's\FiveNightsatFreddys.exe FirewallRules: [{03AAFD9B-3E6E-4F20-9729-5ED93D950717}] => (Allow) C:\Program Files\Steam\SteamApps\common\Five Nights at Freddy's 2\FiveNightsatFreddys2.exe FirewallRules: [{6CE98861-02B1-4B29-9B8D-EC6640C0ADC1}] => (Allow) C:\Program Files\Steam\SteamApps\common\Five Nights at Freddy's 2\FiveNightsatFreddys2.exe FirewallRules: [TCP Query User{016DBACF-289F-458E-A531-2B85769FC8D9}C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{03F4C02D-DC1D-4BD6-BE9B-3CAA4CC5DCBC}C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe FirewallRules: [{2A53BC7C-6BD7-4F50-AC4F-E1F5BCD7A532}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe FirewallRules: [{2B4A3B52-344D-4634-954F-D7A98F7C8B6B}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe FirewallRules: [{49ED5F59-678B-4831-9444-4FBEC937BF85}] => (Allow) C:\Users\Kagan Bagci\AppData\Roaming\Steganos\OkayFreedom\Proxy\node.exe FirewallRules: [{EAECAEA3-FCFD-4708-A2DD-9CE00AE15804}] => (Allow) C:\Program Files\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe FirewallRules: [{E061B626-9DA7-4606-B079-4AA966E4A8D3}] => (Allow) C:\Program Files\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe FirewallRules: [{D87C2A32-C994-4A07-842E-AB971008DE9F}] => (Allow) C:\Users\KAGANB~1\AppData\Local\Temp\2cc498d0\WebInstallAgent\SPNTInst.exe FirewallRules: [{6282A914-DD0F-43A4-9B5A-D3FF3C6855CA}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe FirewallRules: [{0BFF20FD-F0DB-4D69-B2F1-ECD5A56DA45E}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe FirewallRules: [{BFD4CFA3-569E-4993-BCD6-3A19FD8B0B42}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe FirewallRules: [{05FEC9DE-A7E6-42F9-8C41-DF9535294F73}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\uninstall.exe FirewallRules: [{F7BB2E41-E0F2-4B1C-B8E4-EA695293C3AB}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe FirewallRules: [{A4858C07-7A45-4076-B29D-51174BD23FB4}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe FirewallRules: [{B5704504-CFA1-4612-A4CC-25E28326EA5F}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe FirewallRules: [{A6DDA808-E474-4C92-9C2F-99D1906FBE49}] => (Allow) C:\Program Files\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe FirewallRules: [{BF04E4FE-A929-41E0-AE45-F59728E3289A}] => (Allow) C:\Program Files\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe FirewallRules: [{F40D6676-FEBE-4D47-81EA-E2ED9B6B6DF4}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe FirewallRules: [{B1B553AE-3E19-4B13-AA69-C023568729B6}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe FirewallRules: [{866E40A1-A328-4B96-86C4-4395EEB6F0F6}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe FirewallRules: [{354441E4-36E5-4D32-A705-D704A0A88EC9}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe FirewallRules: [{64BBC013-F4D0-4FEB-B201-5DA8D5478B4A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{AAFBFD6E-2CA7-4619-ACCC-F57A1102E4C4}C:\gog games\battle realms complete (german)\battle_realms_f.exe] => (Allow) C:\gog games\battle realms complete (german)\battle_realms_f.exe FirewallRules: [UDP Query User{63A5DA41-AFD2-438D-BA2C-7067731A2793}C:\gog games\battle realms complete (german)\battle_realms_f.exe] => (Allow) C:\gog games\battle realms complete (german)\battle_realms_f.exe FirewallRules: [TCP Query User{197D79CC-177C-46A7-A5C7-E2B3718570EE}C:\gog games\unepic\unepic.exe] => (Allow) C:\gog games\unepic\unepic.exe FirewallRules: [UDP Query User{E06CEDB6-B292-446A-9B35-A4139C0B55FD}C:\gog games\unepic\unepic.exe] => (Allow) C:\gog games\unepic\unepic.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/16/2015 09:03:47 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/16/2015 03:39:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddCoreCsiFiles : BeginFileEnumeration() failed. System Error: Zugriff verweigert Error: (06/16/2015 03:39:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddCoreCsiFiles : BeginFileEnumeration() failed. System Error: Zugriff verweigert Error: (06/14/2015 08:19:32 PM) (Source: Google Update) (EventID: 20) (User: KaganBagci-PC) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=FireFox, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=0, script=hxxp://127.0.0.1:8445/okf.pac. trying CUP:WinHTTP. Send request returned 0x800421f8. Http status code 504. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=FireFox, direct connection. trying CUP:Win Error: (06/14/2015 06:03:49 PM) (Source: Google Update) (EventID: 20) (User: KaganBagci-PC) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=FireFox, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=0, script=hxxp://127.0.0.1:8445/okf.pac. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80040801. Http status code 0. trying WinHTTP. Send request returned 0x80040801. Http status code 0. trying CUP:iexplore. Send request returned 0x80040801. Http status code 0. Trying config: source=FireFox, direct connection. trying CUP:WinHT Error: (06/12/2015 11:41:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/12/2015 11:17:19 PM) (Source: Perflib) (EventID: 1010) (User: ) Description: SpoolerC:\Windows\system32\winspool.drv4 Error: (06/12/2015 11:17:19 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4 Error: (06/12/2015 11:17:18 PM) (Source: Perflib) (EventID: 1010) (User: ) Description: EmdCacheC:\Windows\system32\emdmgmt.dll4 Error: (06/12/2015 10:58:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddCoreCsiFiles : BeginFileEnumeration() failed. System Error: Zugriff verweigert System errors: ============= Error: (06/17/2015 00:16:31 PM) (Source: Dhcp) (EventID: 1002) (User: ) Description: Die IP-Adresslease 192.168.0.17 für die Netzwerkkarte mit der Netzwerkadresse 00215D829EB0 wurde durch den DHCP-Server 192.168.2.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet). Error: (06/16/2015 09:03:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: SYMTDI Error: (06/16/2015 09:03:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (06/16/2015 09:03:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: aswFsBlk%%2 Error: (06/16/2015 09:03:20 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 16.06.2015 um 20:58:05 unerwartet heruntergefahren. Error: (06/16/2015 08:58:25 PM) (Source: Dhcp) (EventID: 1002) (User: ) Description: Die IP-Adresslease 192.168.2.101 für die Netzwerkkarte mit der Netzwerkadresse 00215D829EB0 wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet). Error: (06/16/2015 03:26:33 PM) (Source: Dhcp) (EventID: 1002) (User: ) Description: Die IP-Adresslease 192.168.0.17 für die Netzwerkkarte mit der Netzwerkadresse 00215D829EB0 wurde durch den DHCP-Server 192.168.2.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet). Error: (06/16/2015 03:26:33 PM) (Source: Dhcpv6) (EventID: 1000) (User: ) Description: Die Lease dieses Computers zu der IP-Adresse *üû@ý über die Netzwerkkarte mit der Netzwerkadresse 00215D829EB0 ist verloren gegangen. Error: (06/15/2015 10:55:21 PM) (Source: Tcpip) (EventID: 4199) (User: ) Description: Das System hat einen Adressenkonflikt der IP-Adresse 2a02:8108:9640:1eec::298-FE-94-5A-75-74758096385 mit dem Computer mit der Netzwerkhardwareadresse 98-FE-94-5A-75-74 ermittelt. Netzwerkvorgänge könnten daher auf diesem System unterbrochen werden. Error: (06/15/2015 09:46:43 PM) (Source: Dhcp) (EventID: 1002) (User: ) Description: Die IP-Adresslease 192.168.2.102 für die Netzwerkkarte mit der Netzwerkadresse 00215D829EB0 wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet). Microsoft Office: ========================= Error: (04/09/2013 03:15:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10 seconds with 0 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2013-12-05 18:34:52.094 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-05 18:34:51.735 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-05 18:34:51.360 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-05 18:34:51.002 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-05 18:34:50.643 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-05 18:34:50.284 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-05 18:34:44.138 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-05 18:34:43.748 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-05 18:34:43.373 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-12-05 18:34:43.014 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz Percentage of memory in use: 71% Total physical RAM: 3065.95 MB Available physical RAM: 867.17 MB Total Pagefile: 8974.2 MB Available Pagefile: 6952.53 MB Total Virtual: 2047.88 MB Available Virtual: 1879.75 MB ==================== Drives ================================ Drive c: (HDD) (Fixed) (Total:286.09 GB) (Free:10.33 GB) NTFS ==>[Drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 40FB6491) Partition 1: (Not Active) - (Size=12 GB) - (Type=27) Partition 2: (Active) - (Size=286.1 GB) - (Type=07 NTFS) ==================== End of log ============================ |
17.06.2015, 20:13 | #4 |
/// TB-Ausbilder /// Anleitungs-Guru | Kaum mache ich Google Chrome an sagt Avast ich hätte Virenseiten am start Hi, Schritt 1 Lade Dir bitte von hier Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Schritt 2 Downloade Dir bitte AdwCleaner auf deinen Desktop.
(neue Version!) Schritt 3
Schritt 4 Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Scan. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
17.06.2015, 21:42 | #5 |
| Alles gemacht AdwCleaner: Code:
ATTFilter # AdwCleaner v4.206 - Bericht erstellt 17/06/2015 um 21:44:45 # Aktualisiert 01/06/2015 von Xplode # Datenbank : 2015-06-17.1 [Server] # Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (x86) # Benutzername : Kagan Bagci - KAGANBAGCI-PC # Gestarted von : C:\Users\Kagan Bagci\Downloads\AdwCleaner_4.206.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\ProgramData\2a0f46e800006aef Ordner Gelöscht : C:\ProgramData\431b2240000043bd Ordner Gelöscht : C:\Program Files\System Optimizer Ordner Gelöscht : C:\Program Files\ColoiuckkFeorSale Ordner Gelöscht : C:\Program Files\PrInceCoupon Ordner Gelöscht : C:\Program Files\RoyaalCioaupon Ordner Gelöscht : C:\Program Files\RRoyalCOupon Ordner Gelöscht : C:\Program Files\RuoyaalCouPPon Ordner Gelöscht : C:\Program Files\ShoppierMaaster Ordner Gelöscht : C:\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE Ordner Gelöscht : C:\Users\Kagan Bagci\AppData\Roaming\Update Manager Ordner Gelöscht : C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\ascsurfingprotection@iobit.com Ordner Gelöscht : C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd Ordner Gelöscht : C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjjngeaknajbdcgpfkgnonkmififhfo Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_amfclgbdpgndipgoegfpkkgobahigbcl_0.localstorage Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mhkaekfpcppmmioggniknbnbdbcigpkk Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp Datei Gelöscht : C:\Users\Kagan Bagci\Favorites\Startfenster.lnk Datei Gelöscht : C:\Users\Kagan Bagci\Favorites\Links\Startfenster.lnk Datei Gelöscht : C:\Program Files\mozilla firefox\dbghelp.dll Datei Gelöscht : C:\Program Files\prefs.js Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\searchplugins\mystartsearch.xml Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\yahoo_ff.xml Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\searchplugins\yahoo_ff.xml Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\user.js ***** [ Geplante Tasks ] ***** ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com] Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PA18CD12D_C55F_45AF_871F_F25AD339D36F_.PA18CD12D_C55F_45AF_871F_F25AD339D36F_ Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PA18CD12D_C55F_45AF_871F_F25AD339D36F_.PA18CD12D_C55F_45AF_871F_F25AD339D36F_.9 Schlüssel Gelöscht : HKLM\SOFTWARE\ecc06a27-07df-647d-b5d8-500ed23a19b2 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A18CD12D-C55F-45AF-871F-F25AD339D36F} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{33B8CF8E-1B37-40DD-A652-F97EDFCA9565} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A336F17E-321F-43FA-9BE6-873BBDFF418E} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A18CD12D-C55F-45AF-871F-F25AD339D36F} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{457EF9F0-0A7C-4302-B47B-C207A8DE8598} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A18CD12D-C55F-45AF-871F-F25AD339D36F} Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F09E38FE-BD31-4213-94EE-511AB559B58D} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F09E38FE-BD31-4213-94EE-511AB559B58D} Schlüssel Gelöscht : HKCU\Software\eSupport.com Schlüssel Gelöscht : HKCU\Software\OCS Schlüssel Gelöscht : HKCU\Software\System Optimizer Schlüssel Gelöscht : HKCU\Software\PRODUCTSETUP Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F} Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} Schlüssel Gelöscht : HKLM\SOFTWARE\Speedchecker Limited Schlüssel Gelöscht : HKLM\SOFTWARE\mystartsearchSoftware Schlüssel Gelöscht : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81} Schlüssel Gelöscht : HKLM\SOFTWARE\FFPluginHp Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{40DC4B27-4588-C56F-7737-D03A0ACE4383} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509 Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local;<local> ***** [ Internetbrowser ] ***** -\\ Internet Explorer v9.0.8112.16659 Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] -\\ Mozilla Firefox v35.0 (x86 de) [zigocm5w.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaultenginename", "mystartsearch"); [zigocm5w.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.alias", "mystartsearch"); [zigocm5w.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/favicon.ico"); [zigocm5w.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.name", "mystartsearch"); [zigocm5w.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=ds&ts=1431023221&z=01b37b3de1539111e9b146bg7zcc6gde6o1c8e6t0q&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808R01502015[...] -\\ Google Chrome v43.0.2357.124 ************************* AdwCleaner[R0].txt - [28769 Bytes] - [05/12/2013 15:42:38] AdwCleaner[R1].txt - [10106 Bytes] - [17/06/2015 21:41:32] AdwCleaner[S0].txt - [27746 Bytes] - [05/12/2013 15:46:21] AdwCleaner[S1].txt - [8677 Bytes] - [17/06/2015 21:44:45] ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [8736 Bytes] ########## Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 17.06.2015 Suchlauf-Zeit: 21:57:46 Logdatei: Malwarebytes.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.06.17.04 Rootkit Datenbank: v2015.06.15.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows Vista Service Pack 2 CPU: x86 Dateisystem: NTFS Benutzer: Kagan Bagci Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 347342 Verstrichene Zeit: 23 Min, 20 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 0 (Keine schädliche Elemente gefunden) Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 0 (Keine schädliche Elemente gefunden) Dateien: 0 (Keine schädliche Elemente gefunden) Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) |
17.06.2015, 21:43 | #6 |
| Kaum mache ich Google Chrome an sagt Avast ich hätte Virenseiten am start FRST und Addition: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015 Ran by Kagan Bagci (administrator) on KAGANBAGCI-PC on 17-06-2015 22:26:05 Running from C:\Users\Kagan Bagci\Downloads Loaded Profiles: Kagan Bagci (Available Profiles: Kagan Bagci) Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 9 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ABBYY) C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe (Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (Steganos Software GmbH) C:\Program Files\OkayFreedom\OkayFreedomService.exe (Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Carbonite, Inc.) C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (Akamai Technologies, Inc.) C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Akamai Technologies, Inc.) C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Steganos Software GmbH) C:\Program Files\OkayFreedom\OkayFreedomClient.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Joyent, Inc) C:\Users\Kagan Bagci\AppData\Roaming\Steganos\OkayFreedom\Proxy\node.exe (Microsoft Corporation) C:\Windows\System32\conime.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\Kagan Bagci\Downloads\FRST (1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [192512 2008-08-22] (Wistron) HKLM\...\Run: [LMgrOSD] => C:\Program Files\Launch Manager\OSD.exe [430080 2008-05-16] (Wistron Corp.) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1328424 2008-07-03] (Synaptics, Inc.) HKLM\...\Run: [CarboniteSetupLite] => C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe [306112 2008-04-07] (Carbonite, Inc.) HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [24064 2008-11-06] (Google) HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [28672 2007-02-20] ( ) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-09-02] (AVAST Software) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.) HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [351968 2014-09-08] () HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Facebook Update] => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-28] (Facebook Inc.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Google Update] => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-11] (Google Inc.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Advanced SystemCare 6] => C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-04-18] (IObit) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Overwolf] => C:\Program Files\Overwolf\Overwolf.exe -silent HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [BitTorrent] => C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent\BitTorrent.exe [1442904 2015-02-14] (BitTorrent Inc.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Battle.net] => C:\Program Files\Battle.net\Battle.net Launcher.exe [2861104 2015-05-28] (Blizzard Entertainment) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [UM] => C:\Users\Kagan Bagci\AppData\Roaming\Update Manager\UM.EXE HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files\OkayFreedom\OkayFreedomClient.exe [6591912 2015-04-22] (Steganos Software GmbH) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [OKAYFREEDOM_Update] => C:\Program Files\OkayFreedom\Updater.exe [3864488 2015-04-22] (Steganos Software GmbH) HKU\S-1-5-18\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe Startup: C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2013-02-09] () Startup: C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk [2013-07-15] ShortcutTarget: Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk -> C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2014-09-02] (AVAST Software) ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) AutoConfigURL: [S-1-5-21-410520579-760464469-3575665083-1000] => hxxp://127.0.0.1:8445/okf.pac HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-410520579-760464469-3575665083-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank URLSearchHook: HKLM - (No Name) - {da7f5ae1-3be3-43c0-8098-c1d183616e97} - No File SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\.DEFAULT -> {5AB1FAB0-D468-46DF-94F7-109F64BDC9B4} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=FFFEB447-F2F8-4077-85EB-796D5026A171&apn_sauid=E029870B-C567-4E27-8172-ADB38D7B7123 SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKU\.DEFAULT -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.) Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-12] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] () FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC) FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @talk.google.com/O1DPlugin -> C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kagan Bagci\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-01] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Users\Kagan Bagci\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Kagan Bagci\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google) FF SearchPlugin: C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\searchplugins\suchmaschine.xml [2015-03-20] FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-03-18] FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2015-01-21] FF Extension: Movie2kDownloader - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-11-20] FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-12-19] FF HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [not found] FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\extensions\ascsurfingprotection@iobit.com [not found] FF Extension: No Name - C:\Program Files\IObit Apps Toolbar\FF [not found] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-15] CHR Extension: (Google Search) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-15] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-27] CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2015-06-17] CHR Extension: (Google Wallet) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-12-20] CHR Extension: (Adblock Pro) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-05-27] CHR Extension: (Adblock Pro) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\odoejnlfacfofgbahnomeeojkkgcglan [2015-05-27] CHR Extension: (Gmail) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-15] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-02] CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx [2013-03-18] CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2010-02-01] (ABBYY) S3 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] () R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-02] (AVAST Software) R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [815104 2008-04-30] (Intel(R) Corporation) [File not signed] S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2008-11-06] (Macrovision Europe Ltd.) [File not signed] S3 GoogleDesktopManager-071508-051939; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [24064 2008-11-06] (Google) [File not signed] R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1848168 2015-03-30] (LogMeIn Inc.) R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-03-30] (LogMeIn, Inc.) R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 OkayFreedom VPN Starter Service; C:\Program Files\OkayFreedom\OkayFreedomService.exe [330168 2015-04-22] (Steganos Software GmbH) R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed] R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-04-30] (Intel(R) Corporation) [File not signed] R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation) R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118784 2008-01-15] (Wistron Corp.) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2013-12-05] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2013-12-05] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-12-05] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774392 2013-12-05] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [403440 2013-12-05] (AVAST Software) R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2013-12-05] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [178304 2013-12-05] () S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2013-02-07] (Phoenix Technologies) [File not signed] R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-02-12] (DT Soft Ltd) S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [65896 2013-07-12] (FTDI Ltd.) R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) S3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] () [File not signed] R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-06-17] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation) S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy) [File not signed] R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2014-05-07] (Samsung Electronics) [File not signed] S3 WinRing0_1_2_0; C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [14416 2012-11-13] (OpenLibSys.org) S2 aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [X] S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S3 RTHDMIAzAudService; system32\drivers\RtHDMIV.sys [X] S1 SYMTDI; \SystemRoot\System32\Drivers\SYMTDI.SYS [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-17 22:23 - 2015-06-17 22:23 - 00001227 _____ C:\Users\Kagan Bagci\Desktop\Malwarebytes.txt 2015-06-17 21:56 - 2015-06-17 21:57 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-06-17 21:55 - 2015-06-17 21:55 - 00000902 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-06-17 21:55 - 2015-06-17 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-06-17 21:55 - 2015-06-17 21:55 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 2015-06-17 21:55 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-06-17 21:55 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-06-17 21:54 - 2015-06-17 21:55 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Kagan Bagci\Downloads\mbam-setup-2.1.6.1022.exe 2015-06-17 21:40 - 2015-06-17 21:40 - 02231296 _____ C:\Users\Kagan Bagci\Downloads\AdwCleaner_4.206.exe 2015-06-17 21:22 - 2015-06-17 21:22 - 00001060 _____ C:\Users\Kagan Bagci\Desktop\Revo Uninstaller.lnk 2015-06-17 21:22 - 2015-06-17 21:22 - 00000000 ____D C:\Program Files\VS Revo Group 2015-06-17 21:21 - 2015-06-17 21:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kagan Bagci\Downloads\revosetup95.exe 2015-06-17 12:22 - 2015-06-17 12:24 - 00068821 _____ C:\Users\Kagan Bagci\Downloads\Addition.txt 2015-06-17 12:21 - 2015-06-17 22:26 - 00025382 _____ C:\Users\Kagan Bagci\Downloads\FRST.txt 2015-06-17 12:21 - 2015-06-17 22:26 - 00000000 ____D C:\FRST 2015-06-17 12:20 - 2015-06-17 12:21 - 01148416 _____ (Farbar) C:\Users\Kagan Bagci\Downloads\FRST (1).exe 2015-06-17 12:19 - 2015-06-17 12:19 - 02109952 _____ (Farbar) C:\Users\Kagan Bagci\Downloads\FRST64 (1).exe 2015-06-16 22:32 - 2015-06-16 22:39 - 00981877 _____ C:\Users\Kagan Bagci\Downloads\FRST.exe 2015-06-15 14:27 - 2015-06-16 15:27 - 00000000 ____D C:\Program Files\Form Filler 2015-06-13 17:52 - 2015-06-13 17:52 - 00001543 _____ C:\Users\Public\Desktop\Unepic.lnk 2015-06-13 17:46 - 2015-06-13 17:50 - 212530976 _____ (GOG.com ) C:\Users\Kagan Bagci\Downloads\setup_unepic_2.8.0.13.exe 2015-06-12 23:20 - 2015-04-24 17:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-12 23:19 - 2015-05-21 16:22 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-12 23:19 - 2015-05-09 01:08 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-06-12 22:59 - 2015-05-05 00:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-06-12 22:59 - 2015-05-05 00:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-06-12 22:59 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-06-12 22:59 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-06-12 22:59 - 2015-05-04 23:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-06-10 23:15 - 2015-06-13 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2015-06-10 23:15 - 2015-06-10 23:15 - 00001797 _____ C:\Users\Public\Desktop\Battle Realms Complete (German).lnk 2015-06-10 23:14 - 2015-06-13 17:51 - 00000000 ____D C:\GOG Games 2015-06-10 23:00 - 2015-06-10 23:10 - 554494280 _____ (GOG.com ) C:\Users\Kagan Bagci\Downloads\setup_battle_realms_complete_german_2.0.0.9.exe 2015-06-10 16:35 - 2015-05-31 01:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-10 16:35 - 2015-05-31 01:53 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-10 16:35 - 2015-05-31 01:50 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-10 16:35 - 2015-05-31 01:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-10 16:35 - 2015-05-31 01:49 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-10 16:35 - 2015-05-31 01:49 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-10 16:35 - 2015-05-31 01:49 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-06-10 16:35 - 2015-05-31 01:48 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-06-10 16:35 - 2015-05-31 01:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-06-10 16:35 - 2015-05-31 01:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-10 16:35 - 2015-05-31 01:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-06-10 16:35 - 2015-05-31 01:47 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-06-10 16:34 - 2015-05-31 02:03 - 12385280 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-10 16:34 - 2015-05-31 01:55 - 01809920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-10 16:34 - 2015-05-31 01:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-10 16:26 - 2015-06-10 16:26 - 02197648 _____ (Irfan Skiljan) C:\Users\Kagan Bagci\Downloads\iview438g_setup.exe 2015-06-10 16:26 - 2015-06-10 16:26 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView 2015-06-10 16:26 - 2015-06-10 16:26 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\IrfanView 2015-06-10 16:26 - 2015-06-10 16:26 - 00000000 ____D C:\Program Files\IrfanView 2015-06-03 22:39 - 2015-06-03 22:39 - 35595593 _____ C:\Users\Kagan Bagci\Desktop\Clockwork.zip 2015-06-03 22:29 - 2015-06-03 22:29 - 00180095 _____ C:\Users\Kagan Bagci\Downloads\a4dven6_460sv (1).wmv 2015-06-03 17:37 - 2015-06-03 17:37 - 00638976 _____ C:\Users\Kagan Bagci\Downloads\Detection (1).msi 2015-06-01 15:24 - 2015-06-01 15:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Apocalypse - The Hunt Begins 2015-06-01 14:15 - 2015-06-01 15:05 - 1216383942 _____ (Ultimate Apocalypse Mod Team ) C:\Users\Kagan Bagci\Downloads\Ultimate_Apocalypse_-_The_Hunt_Begins.exe 2015-06-01 13:49 - 2015-06-01 13:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Apocalypse - THB Patch 2015-05-28 19:11 - 2015-05-28 19:11 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\openvr 2015-05-27 13:57 - 2015-06-10 16:06 - 00001966 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-05-27 13:57 - 2015-05-27 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-05-27 13:53 - 2015-05-27 13:53 - 00880208 _____ (Google Inc.) C:\Users\Kagan Bagci\Downloads\ChromeSetup.exe 2015-05-27 13:39 - 2015-05-27 15:13 - 00000000 ____D C:\Program Files\Second Home 2015-05-27 13:37 - 2015-06-15 14:27 - 00000000 ____D C:\ProgramData\12105833042991166924 2015-05-27 13:17 - 2015-06-17 21:17 - 00000024 _____ C:\Users\Kagan Bagci\AppData\Roaming\appdataFr25.bin 2015-05-27 11:36 - 2015-06-17 21:51 - 00005220 _____ C:\Windows\PFRO.log 2015-05-26 12:48 - 2015-05-26 12:48 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Samsung 2015-05-26 12:48 - 2015-05-26 12:48 - 00000000 ____D C:\Program Files\Common Files\Common Desktop Agent 2015-05-26 12:47 - 2015-05-26 12:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers 2015-05-26 12:45 - 2015-05-26 12:48 - 00000000 ____D C:\ProgramData\Samsung 2015-05-26 12:45 - 2015-05-26 12:45 - 00000000 ____D C:\Program Files\SamsungPrinterLiveUpdate 2015-05-26 12:44 - 2015-05-26 12:48 - 00000000 ____D C:\Program Files\Samsung 2015-05-26 12:44 - 2014-10-30 13:43 - 00686896 _____ (Samsung Electronics) C:\Windows\system32\eed_sl.exe 2015-05-26 12:44 - 2014-10-30 13:43 - 00025600 _____ () C:\Windows\system32\sst6clm.dll 2015-05-26 12:44 - 2014-10-30 13:42 - 02284032 _____ C:\Windows\system32\eed_ec.dll 2015-05-26 12:44 - 2014-09-19 00:10 - 00094208 ____N C:\Windows\system32\ssdevm.dll 2015-05-26 12:44 - 2014-03-05 15:59 - 00158040 _____ (SS) C:\Windows\system32\sst6cci.exe 2015-05-26 12:44 - 2014-03-05 15:58 - 00000273 _____ C:\Windows\system32\eed_sl.exe.config 2015-05-26 12:44 - 2013-04-03 16:32 - 00212600 _____ C:\Windows\system32\SBuySupplies.exe 2015-05-26 12:44 - 2012-08-02 13:07 - 04161048 ____N C:\Windows\sst6cA4.prn 2015-05-26 12:44 - 2012-08-02 13:07 - 03701631 ____N C:\Windows\sst6cLTR.prn 2015-05-26 12:44 - 2012-01-09 13:41 - 00000361 _____ C:\Windows\system32\sst6clm.smt 2015-05-26 12:44 - 2012-01-09 13:40 - 00065536 _____ (SS) C:\Windows\system32\sst6cci.dll 2015-05-26 12:41 - 2015-05-26 12:41 - 03439936 _____ C:\Users\Kagan Bagci\Downloads\SamsungPrinterInstaller.exe 2015-05-25 22:13 - 2015-05-25 22:13 - 00006594 _____ C:\Users\Public\Documents\s.t.a.l.k.e.r.ltx 2015-05-24 21:33 - 2015-05-24 21:33 - 00003294 _____ C:\Users\Kagan Bagci\Downloads\PPSSPP_Cheat_Lists.rar 2015-05-23 21:48 - 2015-05-23 21:48 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\AVG 2015-05-23 21:41 - 2015-05-23 21:41 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\Avg 2015-05-23 21:38 - 2015-05-23 21:49 - 00000000 ____D C:\ProgramData\AVG 2015-05-23 21:31 - 2015-05-23 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO 2015-05-23 21:31 - 2015-05-23 21:31 - 03067400 _____ C:\Users\Kagan Bagci\Downloads\Setup_MagicISO.exe 2015-05-21 21:29 - 2015-05-21 21:29 - 01384064 _____ (Skype Technologies S.A.) C:\Users\Kagan Bagci\Downloads\SkypeSetup.exe 2015-05-21 21:21 - 2015-05-21 21:21 - 00001236 _____ C:\Users\Kagan Bagci\AppData\Local\recently-used.xbel ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-17 22:16 - 2013-07-09 16:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-06-17 22:00 - 2012-11-14 23:45 - 00000352 _____ C:\Windows\Tasks\Recovery DVD Creator-Kagan Bagci.job 2015-06-17 22:00 - 2012-11-14 23:45 - 00000352 _____ C:\Windows\Tasks\Erweiterte Garantie-Kagan Bagci.job 2015-06-17 22:00 - 2012-11-14 22:42 - 01891302 _____ C:\Windows\WindowsUpdate.log 2015-06-17 21:56 - 2013-12-05 14:39 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Malwarebytes 2015-06-17 21:56 - 2013-12-05 14:38 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-06-17 21:56 - 2013-01-28 13:51 - 00000952 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job 2015-06-17 21:54 - 2015-05-07 20:27 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Steganos VPN 2015-06-17 21:53 - 2014-01-03 02:51 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\LogMeIn Hamachi 2015-06-17 21:52 - 2013-02-15 21:31 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job 2015-06-17 21:52 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-17 21:52 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-17 21:51 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-17 21:48 - 2006-11-02 15:01 - 00032634 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-06-17 21:45 - 2013-12-05 15:42 - 00000000 ____D C:\AdwCleaner 2015-06-17 21:45 - 2013-08-22 19:05 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-06-17 21:12 - 2012-11-15 20:24 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-06-17 13:52 - 2013-02-15 21:31 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job 2015-06-17 12:56 - 2013-01-28 13:51 - 00000930 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job 2015-06-13 23:28 - 2013-01-31 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2015-06-13 17:50 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache 2015-06-13 17:45 - 2014-10-04 21:07 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent 2015-06-12 23:40 - 2006-11-02 14:47 - 00326632 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-12 23:36 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE 2015-06-12 23:20 - 2008-11-06 13:48 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-06-12 23:19 - 2013-11-12 20:36 - 00000000 ____D C:\Windows\system32\MRT 2015-06-12 23:02 - 2006-11-02 12:24 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2015-06-12 22:57 - 2013-07-09 16:04 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-06-12 22:57 - 2013-07-09 16:04 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-06-10 17:11 - 2013-02-10 01:31 - 00000000 ____D C:\Users\Kagan Bagci\Tracing 2015-06-10 17:11 - 2012-11-15 20:08 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Skype 2015-06-10 16:09 - 2012-11-20 14:19 - 00000000 ____D C:\Program Files\Steam 2015-06-03 22:31 - 2015-05-07 19:26 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\ppsspp 2015-06-03 22:31 - 2012-12-25 15:09 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\Schulzeug 2015-06-03 22:31 - 2012-12-20 18:09 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\Musik 2015-06-03 22:30 - 2012-12-25 15:09 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\Bilder 2015-06-03 17:38 - 2012-12-02 19:17 - 00000000 ____D C:\Program Files\SystemRequirementsLab 2015-05-31 21:35 - 2006-11-02 12:33 - 01581308 _____ C:\Windows\system32\PerfStringBackup.INI 2015-05-28 20:55 - 2012-11-20 14:19 - 00000000 ____D C:\Program Files\Common Files\Steam 2015-05-28 16:54 - 2015-02-01 18:01 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\Battle.net 2015-05-28 16:15 - 2012-11-25 22:18 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\TS3Client 2015-05-28 16:10 - 2015-02-01 17:59 - 00000000 ____D C:\Program Files\Battle.net 2015-05-27 15:17 - 2012-12-02 00:23 - 00000000 ___RD C:\Users\Kagan Bagci\Desktop\Programme 2015-05-27 13:56 - 2008-11-06 13:37 - 00000000 ____D C:\Program Files\Google 2015-05-27 11:31 - 2013-03-25 21:34 - 00001356 _____ C:\Users\Kagan Bagci\AppData\Local\d3d9caps.dat 2015-05-26 12:45 - 2012-11-14 23:40 - 00000000 ____D C:\Users\Kagan Bagci 2015-05-21 21:31 - 2008-11-06 13:55 - 00000000 ____D C:\ProgramData\Skype 2015-05-21 21:21 - 2012-11-15 20:19 - 00000000 ___RD C:\Program Files\Skype 2015-05-21 17:51 - 2013-02-12 23:05 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\DAEMON Tools Lite 2015-05-21 17:40 - 2014-03-31 22:01 - 00000000 ____D C:\ProgramData\Origin 2015-05-21 17:39 - 2015-01-07 16:15 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\NexonLauncher 2015-05-21 17:39 - 2015-01-07 16:14 - 00000000 ____D C:\Program Files\Nexon 2015-05-21 17:39 - 2014-01-26 23:13 - 00000000 ____D C:\Program Files\MyHeritage 2015-05-21 17:38 - 2014-12-27 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2015-05-21 17:37 - 2008-11-06 13:12 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2015-05-21 17:33 - 2015-01-26 18:26 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin 2015-05-21 17:32 - 2015-01-26 18:37 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames 2015-05-21 17:32 - 2015-01-26 17:33 - 00000000 ____D C:\AeriaGames 2015-05-20 15:37 - 2012-11-14 23:49 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Adobe ==================== Files in the root of some directories ======= 2015-05-27 13:17 - 2015-06-17 21:17 - 0000024 _____ () C:\Users\Kagan Bagci\AppData\Roaming\appdataFr25.bin 2013-03-25 21:34 - 2015-05-27 11:31 - 0001356 _____ () C:\Users\Kagan Bagci\AppData\Local\d3d9caps.dat 2012-11-15 20:49 - 2013-01-27 00:30 - 0030720 _____ () C:\Users\Kagan Bagci\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-01-11 20:36 - 2014-01-11 20:36 - 0005567 _____ () C:\Users\Kagan Bagci\AppData\Local\HWVendorDetection.log 2015-05-21 21:21 - 2015-05-21 21:21 - 0001236 _____ () C:\Users\Kagan Bagci\AppData\Local\recently-used.xbel 2013-03-18 21:00 - 2013-03-18 21:00 - 1426411 _____ () C:\Users\Kagan Bagci\AppData\Local\Tempmusic.ogg 2013-02-10 21:23 - 2013-02-10 21:23 - 0509465 _____ () C:\ProgramData\1360516069.bdinstall.bin 2013-03-20 15:48 - 2013-03-20 15:48 - 0227776 _____ () C:\ProgramData\1363787221.bdinstall.bin 2013-07-15 14:56 - 2013-07-15 14:56 - 0000057 _____ () C:\ProgramData\Ament.ini Some files in TEMP: ==================== C:\Users\Kagan Bagci\AppData\Local\Temp\DseShExt-x86.dll C:\Users\Kagan Bagci\AppData\Local\Temp\Quarantine.exe C:\Users\Kagan Bagci\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\Kagan Bagci\AppData\Local\Temp\SkypeSetup.exe C:\Users\Kagan Bagci\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-17 22:00 ==================== End of log ============================ [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2015 Ran by Kagan Bagci at 2015-06-17 22:28:53 Running from C:\Users\Kagan Bagci\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-410520579-760464469-3575665083-500 - Administrator - Disabled) Gast (S-1-5-21-410520579-760464469-3575665083-501 - Limited - Disabled) Kagan Bagci (S-1-5-21-410520579-760464469-3575665083-1000 - Administrator - Enabled) => C:\Users\Kagan Bagci ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) ABBYY PDF Transformer 3.0 (HKLM\...\ABBYY PDF Transformer 3.0) (Version: 3.00.317.68010 - ABBYY) ABBYY PDF Transformer 3.0 (Version: 3.00.317.68010 - ABBYY) Hidden Activation Assistant for the 2007 Microsoft Office suites (Version: - Microsoft Corporation) Hidden Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Photoshop Elements 6 (HKLM\...\AdobePE6) (Version: - ) Adobe Reader 8 (HKLM\...\AdobeReader) (Version: - ) Advanced SystemCare 6 (HKLM\...\Advanced SystemCare 6_is1) (Version: 6.2 - IObit) AGEIA PhysX v8.01.18 (HKLM\...\{A5B5A16D-277A-476B-8F62-1029A2F23072}) (Version: 8.01.18 - AGEIA Technologies, Inc.) Akamai NetSession Interface (HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ATI Catalyst Install Manager (HKLM\...\{0BB178A9-D9F6-4D97-3D43-3CD5B3C9B67D}) (Version: 3.0.682.0 - ATI Technologies, Inc.) ATI VGA driver Ver V V 8.512 (Version: - ) Hidden avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2008 - Avast Software) Battle Realms Complete (German) (HKLM\...\GOGPACKBATTLEREALMS_is1) (Version: 2.0.0.9 - GOG.com) Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment) BioShock 2 (Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden BitTorrent (HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\BitTorrent) (Version: 7.9.2.38657 - BitTorrent Inc.) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Browser Address Error Redirector (Version: - ) Hidden Call Of Cthulhu DCoTE (HKLM\...\{E4406ED3-B04C-44F1-ABB4-08775B74934F}) (Version: 1.00.000 - ) Carbonite (HKLM\...\Carbonite) (Version: - ) ccc-core-static (Version: 2008.0703.2236.38526 - Ihr Firmenname) Hidden CCleaner (HKLM\...\CCleaner) (Version: 3.27 - Piriform) Common Desktop Agent (Version: 1.62.0 - OEM) Hidden Community Map packs 1-4 for soulstorm (HKLM\...\Community_0) (Version: - ) Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Cry of Fear (HKLM\...\Steam App 223710) (Version: - Team Psykskallar) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd) Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version: - FromSoftware) Dawn of War - Tyranid Mod v0.45SS (HKLM\...\Tyranid_Mod_v04SS) (Version: "0.45SS" - "Team Super Ninja") DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC) Dungeon Defenders (HKLM\...\Steam App 65800) (Version: - Trendy Entertainment) DVDVideoSoftTB DE Toolbar (HKLM\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE) Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Five Nights at Freddy's (HKLM\...\Steam App 319510) (Version: - Scott Cawthon) Five Nights at Freddy's 2 (HKLM\...\Steam App 332800) (Version: - Scott Cawthon) Gameforge Live 2.0.5 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge) Goat Simulator (HKLM\...\Steam App 265930) (Version: - Coffee Stain Studios) Google BAE (HKLM\...\GoogleBAE) (Version: - ) Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.) Google Desktop (Version: 5.7.0807.15159 - Google) Hidden Google Drive (HKLM\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.) Google Talk Plugin (HKLM\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google) Google Toolbar (HKLM\...\GoogleToolbar) (Version: - ) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden GoogleDesktop (HKLM\...\GoogleDesktop_XX) (Version: - ) Half-Life (HKLM\...\Steam App 70) (Version: - Valve) Half-Life 2 (HKLM\...\Steam App 220) (Version: - Valve) Half-Life: Opposing Force (HKLM\...\Steam App 50) (Version: - Gearbox) HDRegDE (HKLM\...\{D359B12F-9B1A-46FD-B70C-F507B5B11590}) (Version: 2.0.0 - Acxiom) Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment) HP Photosmart 5510 series - Grundlegende Software für das Gerät (HKLM\...\{9951F1F7-773D-45FE-B6AE-FDFC481655B1}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) Infocentre Rev. 2.0.0.1 (HKLM\...\Infocentre) (Version: - ) Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org) Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{26921B2E-3E62-47F9-A514-1FC4A83BD738}) (Version: 12.00.0004 - Intel(R) Corporation) IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan) iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.) Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle) Launch Manager V1.5.3 (HKLM\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.3 - Wistron Corp.) launch manager Ver 1.5.3 (Version: - ) Hidden LG United Mobile Drivers (HKLM\...\{C2944BE7-9BFF-4EF0-A362-CB3281B7C50D}) (Version: 3.6.0.0 - LG Electronics) LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.) LogMeIn Hamachi (Version: 2.2.0.328 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Metaboli (HKLM\...\METABOLI) (Version: - ) Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Games for Windows - LIVE (HKLM\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Works 9 (HKLM\...\works9) (Version: - ) Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Microsoft® Office 2007 (HKLM\...\OFF2k7_GE) (Version: - ) MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com) Mozilla Firefox 35.0 (x86 de) (HKLM\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 8 Essentials (HKLM\...\Nero8) (Version: - ) Norton Internet Security (HKLM\...\NIS2008_DE) (Version: - ) OkayFreedom (HKLM\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.5.2 - Steganos Software GmbH) OpenAL (HKLM\...\OpenAL) (Version: - ) OpenOffice.org 3.4.1 (HKLM\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation) ORION: Prelude (HKLM\...\Steam App 104900) (Version: - Spiral Game Studios) Packard Bell ImageWriter (HKLM\...\ImageWriter) (Version: - ) Packard Bell LCD Test (HKLM\...\LCDTest) (Version: - ) Packard Bell Updator (HKLM\...\Updator) (Version: - ) Razer Game Booster (HKLM\...\{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}) (Version: 3.5.6.0 - Razer USA Ltd.) Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000 - Realtek) Hidden Realtek cardreader driver Ver6.0.6000.10092 (Version: - ) Hidden Realtek High Definition Audio driver Ver6.0.1.5672 (Version: - ) Hidden Realtek LAN driver Ver6.206.502.2008 (Version: - ) Hidden Realtek USB 2.0 Card Reader (Version: - Realtek Semiconductor Corp.) Hidden Repetier-Host Version 0.95D (HKLM\...\{1143F758-929B-4EEB-8784-46CCB622F037}_is1) (Version: 0.95D - repetier) Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Samsung CLP-360 Series (HKLM\...\Samsung CLP-360 Series) (Version: 1.20 (16.12.2014) - Samsung Electronics Co., Ltd.) Samsung Drucker-Diagnose (HKLM\...\Samsung Printer Diagnostics) (Version: 1.0.1.16 - Samsung Electronics Co., Ltd.) Samsung Easy Printer Manager (HKLM\...\Samsung Easy Printer Manager) (Version: 1.05.79.00(26.03.2015) - Samsung Electronics Co., Ltd.) Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.1.3.2 - Seagate Technology) Second Home (HKLM\...\{E370F69F-ED3F-925F-31FC-14D1329A713B}) (Version: - "") SetUp My PC (HKLM\...\SETUPMYPC_DE) (Version: - ) Sichern Sie Ihre Daten (Version: - Carbonite Inc.) Hidden Skins (Version: 2008.0703.2236.38526 - ATI) Hidden Skype 3.6.2.248 (HKLM\...\SKYPE) (Version: - ) Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.) Skype™ 7.5 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.) Startfenster (HKLM\...\Startfenster) (Version: - Startfenster) Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Synaptics Pointing Device Driver (Version: 11.1.21.0 - Synaptics) Hidden Synaptics TouchPad driver Ver 11.1.21.0 (Version: - ) Hidden System Requirements Lab CYRI (HKLM\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC) System Requirements Lab Detection (HKLM\...\{2B204A6B-167C-4C37-B40E-56570C96491E}) (Version: 6.1.4.0 - Husdawg, LLC) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic) Torchlight II (HKLM\...\Steam App 200710) (Version: - Runic Games) UA Map Pack (HKLM\...\UA Map Pack) (Version: - ) Ultimate Apocalypse - THB Patch version 1.8.1 (HKLM\...\{2D2D99BC-4565-4A97-85E9-4BFCFE95965A}_is1) (Version: 1.8.1 - Ultimate Apocalypse Mod Team) Ultimate Apocalypse - The Hunt Begins version 1.8.0 (HKLM\...\{A21FAC0C-E2CD-4A79-A88F-4174EA62451A}_is1) (Version: 1.8.0 - Ultimate Apocalypse Mod Team) Ultimate Apocalypse mod 1.73 (HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Ultimate Apocalypse mod 1.73) (Version: - ) Unepic (HKLM\...\1207659227_is1) (Version: 2.8.0.13 - GOG.com) Unity Web Player (HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN) Volgarr the Viking v2.0.0.1 1.0 (HKLM\...\Volgarr the Viking v2.0.0.1 1.0) (Version: 1.0 - Cat-A-Cat) Warhammer 40,000: Dawn of War – Soulstorm (HKLM\...\Steam App 9450) (Version: - Relic Entertainment) Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI) Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI) Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation) Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) World of Warcraft (HKLM\...\World of Warcraft) (Version: - Blizzard Entertainment) Xvid 1.1.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi)) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{63D99C74-1867-B00A-B48A-F226B9837657}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.26.9\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File ==================== Restore Points ========================= 26-05-2015 12:44:37 Gerätetreiber-Paketinstallation: Samsung Drucker 29-05-2015 19:46:51 Windows Update 02-06-2015 19:31:11 Windows Update 03-06-2015 14:38:19 Geplanter Prüfpunkt 03-06-2015 17:37:56 Installed System Requirements Lab Detection 07-06-2015 20:55:50 Windows Update 10-06-2015 17:02:03 Windows Defender Checkpoint 12-06-2015 22:58:23 Windows Update 16-06-2015 15:39:47 Windows Update 17-06-2015 17:22:36 Geplanter Prüfpunkt 17-06-2015 21:19:45 Software Removal Tool 17-06-2015 21:24:29 Revo Uninstaller's restore point - ColoiuckkFeorSale 17-06-2015 21:26:13 Revo Uninstaller's restore point - ColoiuckkFeorSale 17-06-2015 21:27:17 Revo Uninstaller's restore point - IObit Apps Toolbar v8.3 17-06-2015 21:28:23 Removed IObit Apps Toolbar v8.3. 17-06-2015 21:29:53 Revo Uninstaller's restore point - ColoiuckkFeorSale 17-06-2015 21:31:03 Revo Uninstaller's restore point - PrInceCoupon 17-06-2015 21:32:14 Revo Uninstaller's restore point - QuickShare 17-06-2015 21:33:20 Removed QuickShare 17-06-2015 21:35:31 Revo Uninstaller's restore point - Settings Manager 17-06-2015 21:36:35 Revo Uninstaller's restore point - ShoppierMaaster 17-06-2015 21:37:41 Revo Uninstaller's restore point - SoftwareAlert 17-06-2015 21:38:42 Revo Uninstaller's restore point - WhiteSmoke New V6 Toolbar for IE ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {420237FD-AF49-42FB-96F7-C643BD150FF1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-02] (AVAST Software) Task: {4D79B07F-3ADC-475B-A278-7F3E7B10BA44} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {4DE81CF0-AEB5-48F0-984A-E9F1D115C877} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-28] (Facebook Inc.) Task: {61CC9DC8-EC5B-4AAA-936E-385737A03E73} - System32\Tasks\Erweiterte Garantie-Kagan Bagci => C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-02-04] (Packard Bell BV) Task: {67042091-C4B7-4D01-B99C-8113C89EFCC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-15] (Google Inc.) Task: {85C2DA55-956B-4054-A27D-58F5B75EBE56} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-12] (Adobe Systems Incorporated) Task: {8AD7C484-9944-4BE7-B42B-17858E021DBD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-01-23] (Piriform Ltd) Task: {988F56DC-F274-4C4C-8EA6-BF708CC24CB2} - System32\Tasks\Recovery DVD Creator-Kagan Bagci => C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe [2008-02-04] (Packard Bell BV) Task: {9B4352D2-DDA9-40A4-A1E0-583C162BD30B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-11] (Google Inc.) Task: {A59EDF3E-5B9C-47D4-82CD-05DDF035B9CA} - System32\Tasks\{7C7143E3-9922-433E-9333-D7D15C6C71C7} => pcalua.exe -a "C:\Users\Kagan Bagci\Desktop\libusb-win32-filter-bin-0.1.10.1.exe" -d "C:\Users\Kagan Bagci\Desktop" Task: {B9338F41-8D44-4BB5-8FB4-9FBD26643559} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-15] (Google Inc.) Task: {BFB85395-DCA3-418B-9699-F594136DF958} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-11] (Google Inc.) Task: {C6127032-F189-4535-A026-4462F91D8D4F} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {C731D6DA-B4AE-470C-8041-8E544CCC2F67} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe [2012-11-13] () Task: {D96479A1-D81E-48BE-9429-1157B7F2612B} - System32\Tasks\{692E16B8-5C7F-4ACC-A311-B180845E0984} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?page=tsProgressBar Task: {DC57B16D-CE35-499C-9913-257352FB9D6F} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe [2013-04-08] (IObit) Task: {DDDF64F1-7681-4AD4-B482-8A3E7FA07592} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-28] (Facebook Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Erweiterte Garantie-Kagan Bagci.job => C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Recovery DVD Creator-Kagan Bagci.job => C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe ==================== Loaded Modules (Whitelisted) ============== 2013-03-18 20:42 - 2013-01-15 18:47 - 00517440 _____ () C:\Program Files\IObit\Advanced SystemCare 6\sqlite3.dll 2013-12-05 20:38 - 2014-09-02 12:13 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2008-04-30 20:13 - 2008-04-30 20:13 - 00200704 _____ () C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL 2015-06-17 12:17 - 2015-06-17 12:17 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15061700\algo.dll 2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2008-08-20 04:25 - 2008-07-04 05:37 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll 2013-12-05 20:39 - 2014-09-02 12:13 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-09-08 13:30 - 2014-09-08 13:30 - 00351968 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe 2014-09-08 13:32 - 2014-09-08 13:32 - 00050688 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll 2013-03-18 20:42 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madExcept_.bpl 2013-03-18 20:42 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madBasic_.bpl 2013-03-18 20:42 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madDisAsm_.bpl 2008-11-06 13:17 - 2008-11-06 13:17 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll 2015-06-10 16:06 - 2015-06-05 20:22 - 15003464 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll 2014-04-26 22:52 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll 2014-04-26 22:52 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Kagan Bagci\Downloads\ce4955free.exe:BDU AlternateDataStreams: C:\Users\Kagan Bagci\Downloads\chromeinstall-7u17.exe:BDU AlternateDataStreams: C:\Users\Kagan Bagci\Downloads\setup (1).exe:BDU AlternateDataStreams: C:\Users\Kagan Bagci\Downloads\TERASetup.exe:BDU ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\aeriagames.com -> hxxps://aeriagames.com IE trusted site: HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\aeriagames.com -> hxxp://aeriagames.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kagan Bagci\Desktop\2397008-1531880985-RJTni.jpg DNS Servers: 192.168.0.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [{37A4B201-F203-4386-9C96-AE37072F31F1}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe FirewallRules: [{7EC03DDA-38D1-4DFA-9319-072098A30382}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe FirewallRules: [TCP Query User{07AB1E1E-1C02-4C46-A238-15F1996BF40E}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe FirewallRules: [UDP Query User{C5F6B9AE-AE9F-4220-BAA9-2E1F147A84C9}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe FirewallRules: [{A81D73E2-D551-418F-B51F-C3D0D94F4208}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{FB5D8F79-4BFD-4BA8-99C7-1BF0D29695DB}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{2DB6A7CC-EAD3-46D8-A62B-9B0559581F73}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{F46C548D-EC46-4D8B-B3C0-14D2A7FC7F9C}C:\program files\runes of magic\client.exe] => (Allow) C:\program files\runes of magic\client.exe FirewallRules: [UDP Query User{44948248-23E9-4B9B-AC02-B77B7F79D4C4}C:\program files\runes of magic\client.exe] => (Allow) C:\program files\runes of magic\client.exe FirewallRules: [{AE7327F5-7515-44D9-A5B4-0D59FBE418C0}] => (Allow) LPort=80 FirewallRules: [{F33838AA-7C2E-4F98-B27D-F63B407DA383}] => (Allow) LPort=80 FirewallRules: [{33C1E5CE-0512-4A20-8E78-9BC68A90A9D5}] => (Allow) LPort=80 FirewallRules: [{9DFDC90A-8370-4B7F-B736-D627255537E3}] => (Allow) C:\Program Files\Steam\Steam.exe FirewallRules: [{34873EEA-32E9-4998-BF27-EC9712AAE121}] => (Allow) C:\Program Files\Steam\Steam.exe FirewallRules: [{89D21C15-18EA-4C32-8B77-0CBAA8D415CF}] => (Allow) c:\BrickForce\BfLauncher.exe FirewallRules: [{BF735AE1-4D4D-4632-86C5-2FD949B3AC06}] => (Allow) c:\BrickForce\BrickForce.exe FirewallRules: [{B6DCF34B-543E-4F52-BF5F-08CAF773BA03}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{4464244B-B8DF-40F1-808B-C54DAE5717CD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{21804082-1DC9-499F-9CCD-0D5BBFA1F3BD}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\half-life\hl.exe FirewallRules: [{6C0C397B-5722-4861-84B0-E916AD2D5C72}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\half-life\hl.exe FirewallRules: [{4725C7CD-29CA-4EA3-8A02-914962762632}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe FirewallRules: [{1B5F7671-1BD4-4E32-A9A2-118D383D1413}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{821EF3BD-8C42-43B4-AF5B-607801098C7F}] => (Allow) svchost.exe FirewallRules: [{D3F1DC62-46EA-4186-B2DB-0066E868A5B9}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [TCP Query User{1CF6EBC4-753C-4C31-B7F3-97DBA99F9305}C:\users\kagan bagci\desktop\whitefinger1.0\darkplaces.exe] => (Allow) C:\users\kagan bagci\desktop\whitefinger1.0\darkplaces.exe FirewallRules: [UDP Query User{EC8DFABE-10CB-4C6E-BB3C-529B6D961F1E}C:\users\kagan bagci\desktop\whitefinger1.0\darkplaces.exe] => (Allow) C:\users\kagan bagci\desktop\whitefinger1.0\darkplaces.exe FirewallRules: [{945630B1-1C22-4F43-B52E-930786277A7B}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe FirewallRules: [{C458B229-3FB9-4BB5-B9D8-8301396AEEBC}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{1F203F08-3E9B-4EF3-A273-1EAD47C7D5FA}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe FirewallRules: [{5A908225-4AA4-4683-BC36-ED80CFC40C03}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{7F7602D7-57A3-4CF4-8F26-D50D13A128AD}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe FirewallRules: [{FFC4382B-43A2-4127-8A22-1C83C5C1C259}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{DF42ED22-AB76-46DC-9D54-81064AE2B93F}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe FirewallRules: [{785C404B-8205-49A6-946A-EB6E1B371B2E}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe FirewallRules: [{93C71602-24B6-4F39-BACE-8AC44F970DD2}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{A14D2050-4A44-477D-AB80-9E0E101CAD1B}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe FirewallRules: [{AB60DCF7-679C-406C-99B9-84ED97CE01DB}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{3DAE4C50-C814-499D-9DA5-17653931910D}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe FirewallRules: [{8365CDDC-FB96-4BAE-8FE9-1D613867096C}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{7F133585-2B74-4D48-A70C-7AC041F9210D}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe FirewallRules: [TCP Query User{4CDE0EC4-9674-4803-B28A-7A95145BFEF4}C:\users\kagan bagci\desktop\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe] => (Allow) C:\users\kagan bagci\desktop\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe FirewallRules: [UDP Query User{351F4EE0-4CCD-454E-8C3A-C7C7A9ED340D}C:\users\kagan bagci\desktop\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe] => (Allow) C:\users\kagan bagci\desktop\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe FirewallRules: [TCP Query User{8BACB417-AF23-4D82-9051-DA81D6DDAC20}C:\users\kagan bagci\desktop\ghoulsforest3dbeta1.3.0\ghouls forest 3d.exe] => (Allow) C:\users\kagan bagci\desktop\ghoulsforest3dbeta1.3.0\ghouls forest 3d.exe FirewallRules: [UDP Query User{CB459407-E6DB-4E97-BE4D-380343F062E6}C:\users\kagan bagci\desktop\ghoulsforest3dbeta1.3.0\ghouls forest 3d.exe] => (Allow) C:\users\kagan bagci\desktop\ghoulsforest3dbeta1.3.0\ghouls forest 3d.exe FirewallRules: [{C50026E4-3104-4285-8042-40A831D43BDE}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\garrysmod\hl2.exe FirewallRules: [{8D003BEA-C3AF-43CF-88B3-E528C62A7A79}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\garrysmod\hl2.exe FirewallRules: [TCP Query User{98425062-8699-42E3-8500-C10E149BE7BD}C:\udk\forget me not annie\binaries\win32\udk.exe] => (Allow) C:\udk\forget me not annie\binaries\win32\udk.exe FirewallRules: [UDP Query User{DBC9E44C-37AF-4172-B723-D9E5D62322FB}C:\udk\forget me not annie\binaries\win32\udk.exe] => (Allow) C:\udk\forget me not annie\binaries\win32\udk.exe FirewallRules: [{9A8E3F26-1B46-449C-B8D6-BEF38EB281E9}] => (Allow) C:\Program Files\Dragon's Prophet\dp_x86.exe FirewallRules: [{28C771E9-E619-4D09-BC5C-E5B5A95F166A}] => (Allow) C:\Program Files\Dragon's Prophet\dp_x86.exe FirewallRules: [{66C50E31-5BCC-496D-A2AE-FD5DAB6519F0}] => (Allow) C:\Program Files\Dragon's Prophet\dp_x64.exe FirewallRules: [{FEEA5A36-6549-44FE-A244-BB42E4DC875B}] => (Allow) C:\Program Files\Dragon's Prophet\launcher.exe FirewallRules: [{BA5057B0-A777-40E0-A595-6A256BEE57E8}] => (Allow) C:\Program Files\Dragon's Prophet\dp_x64.exe FirewallRules: [{8B7F8917-3F26-44A8-9629-12A7705E66DD}] => (Allow) C:\Program Files\Dragon's Prophet\launcher.exe FirewallRules: [TCP Query User{BAFC5699-B6F0-42BD-AA1D-5A30812A0FFD}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{792D8630-F7DE-4178-8CC8-9AAA7BFF4CF9}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{4677CB95-3B03-49E0-B513-111C974DF195}C:\users\kagan bagci\desktop\world_of_tanks\worldoftanks.exe] => (Allow) C:\users\kagan bagci\desktop\world_of_tanks\worldoftanks.exe FirewallRules: [UDP Query User{D48BC7FA-6BA9-4767-B817-30E64667B2A6}C:\users\kagan bagci\desktop\world_of_tanks\worldoftanks.exe] => (Allow) C:\users\kagan bagci\desktop\world_of_tanks\worldoftanks.exe FirewallRules: [TCP Query User{AED913D2-F398-4ADA-9CC2-B95757F2177A}C:\users\kagan bagci\desktop\world_of_tanks\wotlauncher.exe] => (Allow) C:\users\kagan bagci\desktop\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{31F42C98-8B59-4148-B29F-BDD8CB9B93A6}C:\users\kagan bagci\desktop\world_of_tanks\wotlauncher.exe] => (Allow) C:\users\kagan bagci\desktop\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{B0082B91-71C4-4F40-B70F-DDF1AC85FB54}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe FirewallRules: [UDP Query User{08CD6DC4-FE23-4AE5-9F65-34B6FEFF4890}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe FirewallRules: [{562A6746-9B46-423F-A265-C45962080E11}] => (Allow) C:\Program Files\Gameforge4D\Elsword_DE\data\x2.exe FirewallRules: [{00C043A5-5188-4532-A75E-1BA457F4C6E0}] => (Allow) C:\Program Files\Gameforge4D\Elsword_DE\data\x2.exe FirewallRules: [TCP Query User{ECCC19B2-9149-443A-A9D0-C1B6EE51AE9C}C:\program files\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe] => (Allow) C:\program files\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe FirewallRules: [UDP Query User{9F304512-C240-40C8-A379-7D15895AAC13}C:\program files\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe] => (Allow) C:\program files\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe FirewallRules: [TCP Query User{C4DAFC5C-B25A-4244-A32C-9538792CBB78}C:\program files\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files\steam\steamapps\common\cry of fear\cof.exe FirewallRules: [UDP Query User{E373DD06-A489-4292-9442-AD786F71647D}C:\program files\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files\steam\steamapps\common\cry of fear\cof.exe FirewallRules: [TCP Query User{A1616B0A-9ED1-4DF0-825E-0D570FA37EB8}C:\program files\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files\steam\steamapps\common\cry of fear\cof.exe FirewallRules: [UDP Query User{14E2296D-79E4-401B-8AFB-55477C355CD0}C:\program files\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files\steam\steamapps\common\cry of fear\cof.exe FirewallRules: [{0820525C-3B0F-4A1F-B6E5-C3C9D2980061}] => (Allow) C:\Program Files\Steam\SteamApps\common\Torchlight II\ModLauncher.exe FirewallRules: [{DFD2223B-E451-49BB-943A-45DC24EFF775}] => (Allow) C:\Program Files\Steam\SteamApps\common\Torchlight II\ModLauncher.exe FirewallRules: [{7DAF3C1D-D459-4851-A1D8-0652395A640B}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe FirewallRules: [{4E5CE63B-660D-46DA-A3A8-40FE329D096E}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{614795C3-D1BB-4FC4-9071-F1C7688E9150}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [TCP Query User{521840FE-61EF-4A82-911A-FBE75D89A57A}C:\program files\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) C:\program files\steam\steamapps\common\torchlight ii\torchlight2.exe FirewallRules: [UDP Query User{B543D5CB-65EA-442A-993A-0D8C82993DD2}C:\program files\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) C:\program files\steam\steamapps\common\torchlight ii\torchlight2.exe FirewallRules: [{3243D382-AA5E-42EA-8872-DFAA7F27FE52}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe FirewallRules: [{F59C80A8-2AED-474A-AD0B-58ED6D78687F}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe FirewallRules: [TCP Query User{B04414EC-ADA4-4343-94CC-CB6F9F940F49}C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe FirewallRules: [UDP Query User{F238EED5-DEA4-4007-AFFA-46574F74EBC0}C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe FirewallRules: [{D5F7FF9A-6644-493B-93B3-59859057A510}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\opposing force\hl.exe FirewallRules: [{27E0AFD6-736F-4133-9205-8C98642D8DC9}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\opposing force\hl.exe FirewallRules: [{4F3B7EE7-9EB9-461B-B74D-C2279D513E70}] => (Allow) C:\Program Files\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe FirewallRules: [{42990F9A-E5D9-4C1A-A1B6-B937D97F7010}] => (Allow) C:\Program Files\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe FirewallRules: [{8A676AE9-BDC5-4760-A1BC-C4B817B547CD}] => (Allow) C:\Program Files\Steam\SteamApps\common\Half-Life 2\hl2.exe FirewallRules: [{AA74E6F5-2AF4-4458-A4E9-AE6B99096DA3}] => (Allow) C:\Program Files\Steam\SteamApps\common\Half-Life 2\hl2.exe FirewallRules: [{FA6B2022-4726-423B-B1C4-36896A269FA3}] => (Allow) C:\Program Files\Steam\SteamApps\common\Terraria\Terraria.exe FirewallRules: [{CE4DB209-9A01-4B25-8886-B4706D0369E3}] => (Allow) C:\Program Files\Steam\SteamApps\common\Terraria\Terraria.exe FirewallRules: [TCP Query User{3FF9028B-6306-4E7F-B448-09A8115A8DB4}C:\program files\steam\steamapps\common\terraria\terrariaserver.exe] => (Block) C:\program files\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [UDP Query User{21AF891A-7361-4D41-980C-E565DBF5A652}C:\program files\steam\steamapps\common\terraria\terrariaserver.exe] => (Block) C:\program files\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [TCP Query User{00C479E1-C818-4FF1-BDDD-5E400843DE1E}C:\program files\steam\steam.exe] => (Allow) C:\program files\steam\steam.exe FirewallRules: [UDP Query User{9168C763-C30B-471C-9657-DA4DBDDC3D82}C:\program files\steam\steam.exe] => (Allow) C:\program files\steam\steam.exe FirewallRules: [TCP Query User{7E157346-1CD9-4714-96A0-18D425DCEAC6}C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe FirewallRules: [UDP Query User{6D9F6EC6-FE29-48CD-A87D-DB2426FAA6B3}C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe FirewallRules: [TCP Query User{9932CFAC-A916-455B-A075-5DE7E9DB12C2}C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe FirewallRules: [UDP Query User{0F905FC1-8163-4487-A7E6-7B8B526A7AD4}C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe FirewallRules: [{F46E1BC2-4F69-46D5-9ABE-B83DF194136A}] => (Allow) C:\Program Files\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe FirewallRules: [{EB1A1E9B-8ECD-439E-8CC7-445CAFB97636}] => (Allow) C:\Program Files\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe FirewallRules: [TCP Query User{90DB0671-B6D4-478B-B1D7-5BDDAF0E8AA3}C:\users\kagan bagci\desktop\spiele und etc\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\spiele und etc\brutal doom mit neuen waffen\zandronum.exe FirewallRules: [UDP Query User{52380365-8A93-48E4-93F2-27C0B7D063E2}C:\users\kagan bagci\desktop\spiele und etc\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\spiele und etc\brutal doom mit neuen waffen\zandronum.exe FirewallRules: [{7BDDA3C1-82FE-442D-A50B-50FD4F2CE9D0}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{C0B3B7E8-4801-4491-AB45-1E9F8926DEC9}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe FirewallRules: [{0509B901-42E5-4357-9009-F89D827147DE}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe FirewallRules: [{831359BB-DD03-430A-BF68-99480FBA3FBE}] => (Allow) C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{15727555-DCDF-4109-91A0-A3CF0B314B08}] => (Allow) C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{FA84AFB7-C756-482F-BD24-15C3D9D08AC2}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{8F51A668-FA7E-4F40-B1CC-271404E73F34}] => (Allow) C:\Program Files\GameforgeLive\Games\DEU_deu\Elsword\data\x2.exe FirewallRules: [{03FF5574-AB3B-48C9-A6B3-14A82A6DBB0E}] => (Allow) C:\Program Files\GameforgeLive\Games\DEU_deu\Elsword\data\x2.exe FirewallRules: [{8F41CEE4-5CB8-4878-BD03-5823F87FF28E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{8D0ED363-69DD-4F02-9324-A3AEE1DAF6A7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{765E88A6-4948-4FB2-937A-4DDB0FF83AEE}C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{5444F18C-06B6-4998-BAB1-F08259B27C71}C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe FirewallRules: [{2D09BD47-94BC-41AA-BD32-DC5AE596D44E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{6C91CF7A-873A-4EE4-8FC5-8E6A6D9F9FB5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{AADDB1B7-C36B-4F0C-9C94-EE373FE9C08A}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe FirewallRules: [{41B3A67F-56AF-4A55-A3B1-05BBB6EE0CD9}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe FirewallRules: [{7C7B35BB-225C-4847-B751-13F2703E12A1}] => (Allow) C:\Program Files\Steam\SteamApps\common\Five Nights at Freddy's\FiveNightsatFreddys.exe FirewallRules: [{E02A3374-A816-4BB9-BC22-89FD458B04C8}] => (Allow) C:\Program Files\Steam\SteamApps\common\Five Nights at Freddy's\FiveNightsatFreddys.exe FirewallRules: [{03AAFD9B-3E6E-4F20-9729-5ED93D950717}] => (Allow) C:\Program Files\Steam\SteamApps\common\Five Nights at Freddy's 2\FiveNightsatFreddys2.exe FirewallRules: [{6CE98861-02B1-4B29-9B8D-EC6640C0ADC1}] => (Allow) C:\Program Files\Steam\SteamApps\common\Five Nights at Freddy's 2\FiveNightsatFreddys2.exe FirewallRules: [TCP Query User{016DBACF-289F-458E-A531-2B85769FC8D9}C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{03F4C02D-DC1D-4BD6-BE9B-3CAA4CC5DCBC}C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe FirewallRules: [{2A53BC7C-6BD7-4F50-AC4F-E1F5BCD7A532}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe FirewallRules: [{2B4A3B52-344D-4634-954F-D7A98F7C8B6B}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe FirewallRules: [{49ED5F59-678B-4831-9444-4FBEC937BF85}] => (Allow) C:\Users\Kagan Bagci\AppData\Roaming\Steganos\OkayFreedom\Proxy\node.exe FirewallRules: [{EAECAEA3-FCFD-4708-A2DD-9CE00AE15804}] => (Allow) C:\Program Files\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe FirewallRules: [{E061B626-9DA7-4606-B079-4AA966E4A8D3}] => (Allow) C:\Program Files\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe FirewallRules: [{D87C2A32-C994-4A07-842E-AB971008DE9F}] => (Allow) C:\Users\KAGANB~1\AppData\Local\Temp\2cc498d0\WebInstallAgent\SPNTInst.exe FirewallRules: [{6282A914-DD0F-43A4-9B5A-D3FF3C6855CA}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe FirewallRules: [{0BFF20FD-F0DB-4D69-B2F1-ECD5A56DA45E}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe FirewallRules: [{BFD4CFA3-569E-4993-BCD6-3A19FD8B0B42}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe FirewallRules: [{05FEC9DE-A7E6-42F9-8C41-DF9535294F73}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\uninstall.exe FirewallRules: [{F7BB2E41-E0F2-4B1C-B8E4-EA695293C3AB}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe FirewallRules: [{A4858C07-7A45-4076-B29D-51174BD23FB4}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe FirewallRules: [{B5704504-CFA1-4612-A4CC-25E28326EA5F}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe FirewallRules: [{A6DDA808-E474-4C92-9C2F-99D1906FBE49}] => (Allow) C:\Program Files\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe FirewallRules: [{BF04E4FE-A929-41E0-AE45-F59728E3289A}] => (Allow) C:\Program Files\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe FirewallRules: [{F40D6676-FEBE-4D47-81EA-E2ED9B6B6DF4}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe FirewallRules: [{B1B553AE-3E19-4B13-AA69-C023568729B6}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe FirewallRules: [{866E40A1-A328-4B96-86C4-4395EEB6F0F6}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe FirewallRules: [{354441E4-36E5-4D32-A705-D704A0A88EC9}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe FirewallRules: [{64BBC013-F4D0-4FEB-B201-5DA8D5478B4A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{AAFBFD6E-2CA7-4619-ACCC-F57A1102E4C4}C:\gog games\battle realms complete (german)\battle_realms_f.exe] => (Allow) C:\gog games\battle realms complete (german)\battle_realms_f.exe FirewallRules: [UDP Query User{63A5DA41-AFD2-438D-BA2C-7067731A2793}C:\gog games\battle realms complete (german)\battle_realms_f.exe] => (Allow) C:\gog games\battle realms complete (german)\battle_realms_f.exe FirewallRules: [TCP Query User{197D79CC-177C-46A7-A5C7-E2B3718570EE}C:\gog games\unepic\unepic.exe] => (Allow) C:\gog games\unepic\unepic.exe FirewallRules: [UDP Query User{E06CEDB6-B292-446A-9B35-A4139C0B55FD}C:\gog games\unepic\unepic.exe] => (Allow) C:\gog games\unepic\unepic.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/17/2015 09:52:13 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/17/2015 09:38:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddCoreCsiFiles : BeginFileEnumeration() failed. System Error: Zugriff verweigert Error: (06/17/2015 09:38:41 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005. Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {859b7351-c638-496d-9c00-ca98da7e490e} Error: (06/17/2015 09:37:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddCoreCsiFiles : BeginFileEnumeration() failed. System Error: Zugriff verweigert Error: (06/17/2015 09:37:41 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005. Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {859b7351-c638-496d-9c00-ca98da7e490e} Error: (06/17/2015 09:36:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddCoreCsiFiles : BeginFileEnumeration() failed. System Error: Zugriff verweigert Error: (06/17/2015 09:36:35 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005. Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {859b7351-c638-496d-9c00-ca98da7e490e} Error: (06/17/2015 09:35:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddCoreCsiFiles : BeginFileEnumeration() failed. System Error: Zugriff verweigert Error: (06/17/2015 09:35:31 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005. Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {859b7351-c638-496d-9c00-ca98da7e490e} Error: (06/17/2015 09:33:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddCoreCsiFiles : BeginFileEnumeration() failed. System Error: Zugriff verweigert System errors: ============= Error: (06/17/2015 09:52:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: SYMTDI Error: (06/17/2015 09:52:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (06/17/2015 09:52:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: aswFsBlk%%2 Error: (06/17/2015 09:48:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: C:\Windows\System32\IWMSSvc.dll Error: (06/17/2015 09:48:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: C:\Windows\System32\IWMSSvc.dll Error: (06/17/2015 09:48:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: C:\Windows\System32\IWMSSvc.dll Error: (06/17/2015 09:45:33 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: 1Neustart des DienstsWindows Search%%1056 Error: (06/17/2015 09:45:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Windows Live ID Sign-in Assistant2100001Neustart des Diensts Error: (06/17/2015 09:45:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Windows Search2300001Neustart des Diensts Error: (06/17/2015 09:45:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: OkayFreedom VPN Starter Service101Neustart des Diensts Microsoft Office: ========================= Error: (04/09/2013 03:15:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10 seconds with 0 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2015-06-17 22:28:33.750 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-06-17 22:28:33.117 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-06-17 22:28:32.470 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-06-17 22:28:31.689 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-06-17 22:28:30.891 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-06-17 22:28:30.141 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-06-17 22:28:29.516 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-06-17 22:28:29.084 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-06-17 22:27:16.379 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-06-17 22:27:15.958 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz Percentage of memory in use: 66% Total physical RAM: 3065.95 MB Available physical RAM: 1029.36 MB Total Pagefile: 8974.2 MB Available Pagefile: 6767.56 MB Total Virtual: 2047.88 MB Available Virtual: 1902.88 MB ==================== Drives ================================ Drive c: (HDD) (Fixed) (Total:286.09 GB) (Free:9.87 GB) NTFS ==>[Drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 40FB6491) Partition 1: (Not Active) - (Size=12 GB) - (Type=27) Partition 2: (Active) - (Size=286.1 GB) - (Type=07 NTFS) ==================== End of log ============================ |
18.06.2015, 08:29 | #7 |
/// TB-Ausbilder /// Anleitungs-Guru | Kaum mache ich Google Chrome an sagt Avast ich hätte Virenseiten am start OK. Bitte Chrome auch mit dem RevoUninstaller deinstallieren (Lesezeichen etc. bei Bedarf vorher sichern) und anschließend neu installieren. Download Schritt 1 ESET Online Scanner
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
18.06.2015, 17:10 | #8 |
| Kaum mache ich Google Chrome an sagt Avast ich hätte Virenseiten am start Mist ich hab ausversehen auf "Deinstallieren sobald das programm geschlossen wird" gedrückt ist das schlimm? muss ich wahrscheinlich nochmal machen |
18.06.2015, 17:50 | #9 |
/// TB-Ausbilder /// Anleitungs-Guru | Kaum mache ich Google Chrome an sagt Avast ich hätte Virenseiten am start Ich benötige ein ESET-Scan-Log um Deinen PC mit abschließenden Schritten als "clean" zu deklarieren. Wenn Du keines hast, dies aber möchtest, musst Du den Scan wiederholen.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
20.06.2015, 19:54 | #10 |
| Kaum mache ich Google Chrome an sagt Avast ich hätte Virenseiten am start Hat zwar ein wenig gedauert aber jetzt hab ichs Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=6c0e55cc920e6048bc7a72d474c067f0 # end=init # utc_time=2015-06-18 04:08:54 # local_time=2015-06-18 06:08:54 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.0.6002 NT Service Pack 2 Update Init Update Download Update Finalize Updated modules version: 24392 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=6c0e55cc920e6048bc7a72d474c067f0 # end=updated # utc_time=2015-06-18 04:13:32 # local_time=2015-06-18 06:13:32 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.0.6002 NT Service Pack 2 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=6c0e55cc920e6048bc7a72d474c067f0 # engine=24392 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-06-18 04:14:15 # local_time=2015-06-18 06:14:15 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode_1='avast! Antivirus' # compatibility_mode=783 16777213 100 97 16748 48378930 0 0 # compatibility_mode_1='' # compatibility_mode=5892 16776573 100 100 6476 272176783 0 0 # scanned=1594 # found=110 # cleaned=0 # scan_time=42 sh=261D3F62AD77A3ADCBEACA46AB4168062ADDD3C8 ft=1 fh=42cb818e4edce42d vn="Win32/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Application Updater\ApplicationUpdater.exe.vir" sh=D1108CCEB7877B93A8A2ADEE47844C87B40C9D14 ft=1 fh=7ad0cc9270c1f31b vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe.vir" sh=6DC277BCBC8ED53CB4FF49C1A3BE9A6597A10EBB ft=1 fh=4b12bff76bf30a90 vn="Variante von Win64/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\SearchSettings64.exe.vir" sh=6D7091E72FE35711C31FE0794C598B3AC8479E9C ft=1 fh=ad1557459b8a0630 vn="Win32/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\wth173.dll.vir" sh=0DE94FDDDBBF711E22120FCAAB2E9AD7D6A171BA ft=1 fh=4210be0b31e324c5 vn="Win64/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\wthx173.dll.vir" sh=8F5D982D276220C266963B746185CAA91419E31C ft=1 fh=6728511dc7b9809c vn="Variante von Win32/Toolbar.Widgi.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\WidgiHelper.exe.vir" sh=5D5A6E64337E00C433AA77FD7A4EC2D7D3D19E39 ft=1 fh=e60bc69521bb6059 vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE.dll.vir" sh=391C67F5886ACA3B1E99E81123BEE5EB36627AF7 ft=1 fh=7da17f23609c54a9 vn="Variante von Win64/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE64.dll.vir" sh=5ADD8591D40CA5C10494928BE56EC7D2B9A58BAD ft=1 fh=c71c0011a5e75752 vn="Variante von Win32/Adware.MultiPlug.IY Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\mozilla firefox\dbghelp.dll.vir" sh=EF7B587B1B3B8E44A2CD26F1949A9D208A97E962 ft=1 fh=c71c00113d556818 vn="Variante von Win32/Adware.MultiPlug.KM Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\RoyaalCioaupon\XJuMb9DIwwa9pZ.dll.vir" sh=A956F41A0EBBF2E79A550BDC2B887191664CD934 ft=1 fh=c71c001137c536f2 vn="Variante von Win32/Adware.MultiPlug.KM Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\RuoyaalCouPPon\LlkoH7WHvNbupX.dll.vir" sh=42D1387CA070A110C07E056948621CDC4045DF2E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Montiera.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\softonic.crx.vir" sh=CF9209557CC4828F1A8536F5AF66358A81393A75 ft=1 fh=b354853738a44732 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicApp.dll.vir" sh=277966AAC8DD994109B77162DB82849EF1FC8D62 ft=1 fh=f7e7b232febc88cd vn="Variante von Win32/Toolbar.Montiera.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicEng.dll.vir" sh=431CA401E93A36C4FB726D12B16B4CC058A2C770 ft=1 fh=7cd1c9f2502352b3 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\Softonicsrv.exe.vir" sh=09AD2A1BCD218E1EA91FC53F55CB6A61770E1144 ft=1 fh=0234086e10d7e544 vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll.vir" sh=54002848ADA82AC181EAC551104FA02E8CBE4585 ft=1 fh=bfddd9982b578fa9 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\uninstall.exe.vir" sh=54CBEECF2F4AB81622D6708E8A849E3663853F4D ft=1 fh=a481e6d08e557a48 vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\bh\Softonic.dll.vir" sh=6B875940FA7CAB25BF815290AEB31D3D4C093936 ft=1 fh=fb908d0cf4a7ef13 vn="Variante von Win32/Adware.SpeedingUpMyPC.AE Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\System Optimizer\SysOptReminder.exe.vir" sh=C4ECD569EC63E6741D5A0BDA7C02AC4B3302C7B9 ft=1 fh=b3ce349f22d4038f vn="Variante von Win32/Adware.Yontoo.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooIEClient.dll.vir" sh=A17242612886E2DD1A44007D28414A9AA113D54D ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooLayers.crx.vir" sh=1AFB621BEBA8272ACD2BAC21B50D8885C9D579D1 ft=1 fh=d7a99a71f47706e7 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Conduit\IE\CT3311268\UninstallerUI.exe.vir" sh=5CA319EBA10412E2FF4A47FD20624385C11A0C2A ft=1 fh=8ad6e907be4811df vn="Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir" sh=163547419613D9664CBB4044BCAF4C97AE786B92 ft=1 fh=b06d5f9324f48fc5 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\GoogleChromeRemotePlugin.dll.vir" sh=E214737549AC8E5F5AEA4C9EBB68843D7B78A639 ft=1 fh=c71c00115e31d3cb vn="Win32/Toolbar.Montiera.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_1\CrmAdpt.dll.vir" sh=57279257E733B05B254033CFED9DF0A9239A0680 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\back.js.vir" sh=FE84CBB2C8E1A64DBD7AA169A54B6BD98B90B197 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\yl.js.vir" sh=1602AAF908ABC99CBD837086B899E501407678E3 ft=1 fh=bb8a7004878da8ef vn="Win32/bProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_1\spext.dll.vir" sh=138306365B84358D195D609A075BFC39B9B1428B ft=1 fh=f761c0ea7db27d0a vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\BrowserHelper.exe.vir" sh=1A6101B1D3B91EF9BB81A36B0DDCA8D372DEC8B0 ft=1 fh=75b5b383b76a996d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll.vir" sh=B77D928178242A3A684498A3EFDD201575628821 ft=1 fh=0456242d348f53bd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\MACTrackBarLib.dll.vir" sh=499F6757DABA08EA2D1D1AC4C1BB2D31C43FDA3D ft=1 fh=0d0f0f29a87c026a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\NDde.dll.vir" sh=479F5C5C525E131014B0AF382E22FC337F244BFE ft=1 fh=895896cab8bb7f5c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Newtonsoft.Json.dll.vir" sh=B2C5215194D0A3B74DED9DA5B40E200152B08308 ft=1 fh=da110da08e660bd7 vn="Variante von Win32/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\QuickShare.exe.vir" sh=49454893B4DF8B41F97CDBBE26B280B5BB48A6FA ft=1 fh=03484c18a35c034e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sgml.dll.vir" sh=9BB408F581067BAC176320D97D9208A23541DF9E ft=1 fh=4a30aef221430c8d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sidb.dll.vir" sh=B4EA0C3F51D3632520C8B084915521E1441D19A5 ft=1 fh=6707333c5dc47937 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\siem.dll.vir" sh=8C4CF4CC51DAD09019A33083EEC36DFE7461642E ft=1 fh=aef43140c8afe34b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sipb.dll.vir" sh=0A40E25D9C221AD04E14D991F6953DB5A7E0F285 ft=1 fh=dec3a839d69df31c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sismlp.dll.vir" sh=C1C473B79A777951E84E2D34FC5D3AEC995EA430 ft=1 fh=d46732a1c355133e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll.vir" sh=E6A188BB6452AAB999F387EC8EA2E58EBFF8EC7F ft=1 fh=bb435a05affd48f6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll.vir" sh=2283B0C5188BC4F5847E015799A793F64DE3A85C ft=1 fh=2fc3592be36e193b vn="Variante von Win32/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll.vir" sh=426F3315896304227F522DB04D0FC23EF2D965D1 ft=1 fh=1fb37d5852ace8c1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll.vir" sh=1A1018B0D7C5EDAAB4AE2B50D46E14C669515ADE ft=1 fh=1acb2541904cd6d1 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll.vir" sh=83DDB41864711EF47DAA7291345AE086144A7C49 ft=1 fh=d4351245a6e0effe vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll.vir" sh=E57596F0796389AD80B64285DFB35391C1BDA168 ft=1 fh=5e307d025767861f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll.vir" sh=7694F2ACDA1D439945E79B83AF8ABD41753E61E9 ft=1 fh=39c3a1a46b95af38 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll.vir" sh=823D1FE62D5706F4FA381D4C9F3DD90164E544F9 ft=1 fh=579c88745b455954 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll.vir" sh=C53BE84ECADD184DBCFACFD49D0E819E3AFDDCA6 ft=1 fh=27e41bdf6a6eaf00 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll.vir" sh=5D6ADED85FFBDDE17C8642C0A2FF3AFD1AE85C7C ft=1 fh=0770bde3605fd87d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir" sh=EB16BF2E5897D0E6A5782EBE57FAD804ABD3DFCD ft=1 fh=d422a8c885091f98 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll.vir" sh=BC90DA19B591D551CBA16771BA188A56CC7894CE ft=1 fh=d9446c7b8978f151 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll.vir" sh=DC186138C06A56B823E340378C838A5F24263904 ft=1 fh=dc267aca4558bbdb vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll.vir" sh=FC16FAB71211DA4E2089B9CB2AAB04388C0B590D ft=1 fh=b7f14b5be05108db vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.Translations.dll.vir" sh=7F27169F8C36CD8679D7507A7D422B0E3678CB8D ft=1 fh=bd125a31e7f66b1b vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir" sh=7F27169F8C36CD8679D7507A7D422B0E3678CB8D ft=1 fh=bd125a31e7f66b1b vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir" sh=6BCA1BDFE8C4DACEBE4C1894E1BD61FBFCF38456 ft=1 fh=0e651ba86f27b197 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir" sh=6BCA1BDFE8C4DACEBE4C1894E1BD61FBFCF38456 ft=1 fh=0e651ba86f27b197 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir" sh=8C0D6FE28B5E0DD7D5E804B3D4FBBAC8F03F773D ft=1 fh=e94602b08f92056b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spbe.dll.vir" sh=D712288BE2524F8EA6091017AB07B303B5DDB098 ft=1 fh=993ab4d0f35aac4d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spbl.dll.vir" sh=7BBFF3FD15D0CC2F7A75802FC52C574741E722FC ft=1 fh=0cc32f0cdad0569d vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sppsm.dll.vir" sh=4C5473ED67C670FCCC1C178203157FD52F342510 ft=1 fh=2787ddd5aaf1729c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spsm.dll.vir" sh=85A1AA6ADEF607AC0B29237B7C4ADF7E3ADE9A2C ft=1 fh=c11b715d5eb5a515 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spusm.dll.vir" sh=F128E221F673E14E30E58BAD00DD252348B99F91 ft=1 fh=e0b53d4b84d8c502 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srau.dll.vir" sh=65EA239D7F0A966798C2F96FAB9A9BB84E8BDE39 ft=1 fh=f338bd82611e2656 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srbhu.dll.vir" sh=EBF9A657DF00ADE146A72871EAB72A2D9F8A859E ft=1 fh=f467b19db94d54e4 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srbs.dll.vir" sh=91D8C63B6F560FFA3C186D654289946EB9F6F8BB ft=1 fh=af687a91fbfd1e1e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srgu.dll.vir" sh=469801D746EA24387C8E599FEA5D577B8ECFFD69 ft=1 fh=730b716e88b0d4b2 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srns.dll.vir" sh=A5176F76A19DAB29DBFA74E04D0F78BC9D67F77A ft=1 fh=abaf12d621116edc vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srpdm.dll.vir" sh=E159AD7566CBC88C5EBEF188C434D0967CF0DAE9 ft=1 fh=92be2fe97ad2cfc8 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srprl.dll.vir" sh=4F8DC5C191CE4F97743EB7FED66BACBC578BEF14 ft=1 fh=74fd4d0571fbf308 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srpu.dll.vir" sh=999A9BD5342B476150BC07B5E13D5C4499EAB4AF ft=1 fh=d4fa9272351611a1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srsbs.dll.vir" sh=C999742A026254D41CEED5F481E1426A171AFEF4 ft=1 fh=c5fbc822d2273f5c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srsbsau.dll.vir" sh=5E411E598212A56FC5DA22EFF2C8330B9867E7B2 ft=1 fh=fd365c7fbfce8a9f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srsl.dll.vir" sh=039C143CF6FEE46A4259B6F06A0B96650CF319CE ft=1 fh=caf851110c3232ba vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sruhs.dll.vir" sh=5EC908B0DD66BC1A541E6613B8509687C90B1583 ft=1 fh=5cb414d6e98eca28 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srus.dll.vir" sh=9AD658B9BD50A65028164D5E754ED3A45DDD4CB7 ft=1 fh=7f200cca02df23f1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srut.dll.vir" sh=163547419613D9664CBB4044BCAF4C97AE786B92 ft=1 fh=b06d5f9324f48fc5 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir" sh=C22E6A34201E094AF7203B1380A45047CD2290F4 ft=1 fh=1a823e13833f8d40 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=D8261F22F2013BD19FE1FBBB034C3D968C284561 ft=1 fh=df535ed8c70238de vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=068AB52DA9AAF173AF1EE29B330E0E8FA1EC0E4A ft=1 fh=ca69214df645faab vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=A9B0596015405113EFBBE432ED591A86E66C3054 ft=1 fh=7869b2d0dbc36a89 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=78B95BC91157F14581B0F235BCB86C96AA01326E ft=1 fh=dd06b644de3d6584 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=C7E054C7BA58AE2D703DB29C52346A3ED84FEF57 ft=1 fh=53532950b9749a4f vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_20.dll.vir" sh=C546BA3CA78F93EB65DCCEA191BC40B9F940E2EA ft=1 fh=6fd80785d353cf5d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_21.dll.vir" sh=7C15DA5A80F24F0383C992CFB03CF68E95A464B1 ft=1 fh=be427aaf403ae2ff vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_22.dll.vir" sh=95544372D9D68E8AFAE5E9DA8B07C14CE5406ABB ft=1 fh=dd489ec711c15129 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_23.dll.vir" sh=BA8871127FB23B24A8963B6A5992DED58259E590 ft=1 fh=65df87dcc97c6ea8 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_24.dll.vir" sh=C88DAF3FB5D3FEC090233FF251F7F0CFC73EF4CD ft=1 fh=b74c7f4df627386b vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll.vir" sh=79835663893CEF71393A321A1336DD497552A91A ft=1 fh=adf25d5bf7ec94b4 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=2612D76E70D48D3F85B33D91319FBD8173832068 ft=1 fh=07e612b3cf135c40 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=9C50BB623DC4D6D79ACB6B096D14800F70758CB2 ft=1 fh=8df231744dc93c2c vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=FDC37C1FBC4AE240CA0AFF686462A34762ABF10E ft=1 fh=9d31b7f982979712 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=00DB8B6BB29BD38EF5C44BA8C12C524B21324E4A ft=1 fh=73b6d0fe6da6b329 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=B3B8FCB0F1D58947C691960B4E44D0A121F1D788 ft=1 fh=7e3bdcf0f3151b4b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll.vir" sh=844F8720231881148C97F4A81EB6319D5933B087 ft=1 fh=cde1db732574e8a8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll.vir" sh=8DDFCB6C997478408238A2038CCB4BCA347738A8 ft=1 fh=3f7edfe547952741 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.NotepadPlugin.dll.vir" sh=B037ABC47F49765C6079E265CB74BE1B624FE095 ft=1 fh=7b256b9c849590e5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.ScreenCapturePlugin.dll.vir" sh=9D574069A4613DE0BDA40CAC4755D1EAA11E9732 ft=1 fh=e16c98e66f1f5d96 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll.vir" sh=0CD9D3DC96A2164F6E586BFE49AC83C86118B947 ft=1 fh=b412ebb954962174 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll.vir" sh=2A4C571A314016F107BF3BA533DE0BF325A0EDB1 ft=1 fh=a1f5d2c68585e2b7 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\spup.dll.vir" sh=C2C7BD3BD6C75D5DBCCA298C785C208AB6C73CF0 ft=1 fh=154117e7567d41ef vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\ldrtbDVD0.dll.vir" sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\ldrtbDVDV.dll.vir" sh=5C684D51F07A183EEA13D66F5C7E9630C48D93B5 ft=1 fh=53be76e80c29ad73 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\tbDVD0.dll.vir" sh=41CDE566540E31CF556FFC948255F45D4A94EAF8 ft=1 fh=3fb8233a96c1e513 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\tbDVD1.dll.vir" sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\tbDVDV.dll.vir" sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll.vir" sh=671E3E4E9E4C9A039D9AD1479A0C91E670AF18E3 ft=1 fh=d643e79c9fb8f862 vn="Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\BabSolution\Shared\BUSolution.dll.vir" sh=27FBB2161B29148FBC20EBBCF5A07FDCA991026C ft=1 fh=0456e4230d5bc364 vn="Variante von Win32/Toolbar.Babylon.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\BabSolution\Shared\enhancedNT.dll.vir" sh=E9C2205B9080833744AFB005AD8B135DF6797683 ft=1 fh=4432f897b3140eb0 vn="Variante von Win32/Speedchecker.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\OpenCandy\B9A3DED63D8048079E5EE2DB8350D76E\PCSU_SL_3.1.2.exe.vir" ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=6c0e55cc920e6048bc7a72d474c067f0 # end=init # utc_time=2015-06-18 07:25:43 # local_time=2015-06-18 09:25:43 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.0.6002 NT Service Pack 2 Update Init Update Download Update Finalize Updated modules version: 24395 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=6c0e55cc920e6048bc7a72d474c067f0 # end=updated # utc_time=2015-06-18 07:26:15 # local_time=2015-06-18 09:26:15 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.0.6002 NT Service Pack 2 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=6c0e55cc920e6048bc7a72d474c067f0 # engine=24395 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-06-18 09:11:28 # local_time=2015-06-18 11:11:28 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode_1='avast! Antivirus' # compatibility_mode=783 16777213 100 97 6930 48396763 0 0 # compatibility_mode_1='' # compatibility_mode=5892 16776573 100 100 24309 272194616 0 0 # scanned=124272 # found=116 # cleaned=0 # scan_time=6313 sh=261D3F62AD77A3ADCBEACA46AB4168062ADDD3C8 ft=1 fh=42cb818e4edce42d vn="Win32/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Application Updater\ApplicationUpdater.exe.vir" sh=D1108CCEB7877B93A8A2ADEE47844C87B40C9D14 ft=1 fh=7ad0cc9270c1f31b vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe.vir" sh=6DC277BCBC8ED53CB4FF49C1A3BE9A6597A10EBB ft=1 fh=4b12bff76bf30a90 vn="Variante von Win64/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\SearchSettings64.exe.vir" sh=6D7091E72FE35711C31FE0794C598B3AC8479E9C ft=1 fh=ad1557459b8a0630 vn="Win32/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\wth173.dll.vir" sh=0DE94FDDDBBF711E22120FCAAB2E9AD7D6A171BA ft=1 fh=4210be0b31e324c5 vn="Win64/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\wthx173.dll.vir" sh=8F5D982D276220C266963B746185CAA91419E31C ft=1 fh=6728511dc7b9809c vn="Variante von Win32/Toolbar.Widgi.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\WidgiHelper.exe.vir" sh=5D5A6E64337E00C433AA77FD7A4EC2D7D3D19E39 ft=1 fh=e60bc69521bb6059 vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE.dll.vir" sh=391C67F5886ACA3B1E99E81123BEE5EB36627AF7 ft=1 fh=7da17f23609c54a9 vn="Variante von Win64/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE64.dll.vir" sh=5ADD8591D40CA5C10494928BE56EC7D2B9A58BAD ft=1 fh=c71c0011a5e75752 vn="Variante von Win32/Adware.MultiPlug.IY Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\mozilla firefox\dbghelp.dll.vir" sh=EF7B587B1B3B8E44A2CD26F1949A9D208A97E962 ft=1 fh=c71c00113d556818 vn="Variante von Win32/Adware.MultiPlug.KM Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\RoyaalCioaupon\XJuMb9DIwwa9pZ.dll.vir" sh=A956F41A0EBBF2E79A550BDC2B887191664CD934 ft=1 fh=c71c001137c536f2 vn="Variante von Win32/Adware.MultiPlug.KM Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\RuoyaalCouPPon\LlkoH7WHvNbupX.dll.vir" sh=42D1387CA070A110C07E056948621CDC4045DF2E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Montiera.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\softonic.crx.vir" sh=CF9209557CC4828F1A8536F5AF66358A81393A75 ft=1 fh=b354853738a44732 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicApp.dll.vir" sh=277966AAC8DD994109B77162DB82849EF1FC8D62 ft=1 fh=f7e7b232febc88cd vn="Variante von Win32/Toolbar.Montiera.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicEng.dll.vir" sh=431CA401E93A36C4FB726D12B16B4CC058A2C770 ft=1 fh=7cd1c9f2502352b3 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\Softonicsrv.exe.vir" sh=09AD2A1BCD218E1EA91FC53F55CB6A61770E1144 ft=1 fh=0234086e10d7e544 vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll.vir" sh=54002848ADA82AC181EAC551104FA02E8CBE4585 ft=1 fh=bfddd9982b578fa9 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\uninstall.exe.vir" sh=54CBEECF2F4AB81622D6708E8A849E3663853F4D ft=1 fh=a481e6d08e557a48 vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\bh\Softonic.dll.vir" sh=6B875940FA7CAB25BF815290AEB31D3D4C093936 ft=1 fh=fb908d0cf4a7ef13 vn="Variante von Win32/Adware.SpeedingUpMyPC.AE Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\System Optimizer\SysOptReminder.exe.vir" sh=C4ECD569EC63E6741D5A0BDA7C02AC4B3302C7B9 ft=1 fh=b3ce349f22d4038f vn="Variante von Win32/Adware.Yontoo.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooIEClient.dll.vir" sh=A17242612886E2DD1A44007D28414A9AA113D54D ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooLayers.crx.vir" sh=1AFB621BEBA8272ACD2BAC21B50D8885C9D579D1 ft=1 fh=d7a99a71f47706e7 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Conduit\IE\CT3311268\UninstallerUI.exe.vir" sh=5CA319EBA10412E2FF4A47FD20624385C11A0C2A ft=1 fh=8ad6e907be4811df vn="Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir" sh=163547419613D9664CBB4044BCAF4C97AE786B92 ft=1 fh=b06d5f9324f48fc5 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\GoogleChromeRemotePlugin.dll.vir" sh=E214737549AC8E5F5AEA4C9EBB68843D7B78A639 ft=1 fh=c71c00115e31d3cb vn="Win32/Toolbar.Montiera.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_1\CrmAdpt.dll.vir" sh=57279257E733B05B254033CFED9DF0A9239A0680 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\back.js.vir" sh=FE84CBB2C8E1A64DBD7AA169A54B6BD98B90B197 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\yl.js.vir" sh=1602AAF908ABC99CBD837086B899E501407678E3 ft=1 fh=bb8a7004878da8ef vn="Win32/bProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_1\spext.dll.vir" sh=138306365B84358D195D609A075BFC39B9B1428B ft=1 fh=f761c0ea7db27d0a vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\BrowserHelper.exe.vir" sh=1A6101B1D3B91EF9BB81A36B0DDCA8D372DEC8B0 ft=1 fh=75b5b383b76a996d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll.vir" sh=B77D928178242A3A684498A3EFDD201575628821 ft=1 fh=0456242d348f53bd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\MACTrackBarLib.dll.vir" sh=499F6757DABA08EA2D1D1AC4C1BB2D31C43FDA3D ft=1 fh=0d0f0f29a87c026a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\NDde.dll.vir" sh=479F5C5C525E131014B0AF382E22FC337F244BFE ft=1 fh=895896cab8bb7f5c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Newtonsoft.Json.dll.vir" sh=B2C5215194D0A3B74DED9DA5B40E200152B08308 ft=1 fh=da110da08e660bd7 vn="Variante von Win32/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\QuickShare.exe.vir" sh=49454893B4DF8B41F97CDBBE26B280B5BB48A6FA ft=1 fh=03484c18a35c034e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sgml.dll.vir" sh=9BB408F581067BAC176320D97D9208A23541DF9E ft=1 fh=4a30aef221430c8d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sidb.dll.vir" sh=B4EA0C3F51D3632520C8B084915521E1441D19A5 ft=1 fh=6707333c5dc47937 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\siem.dll.vir" sh=8C4CF4CC51DAD09019A33083EEC36DFE7461642E ft=1 fh=aef43140c8afe34b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sipb.dll.vir" sh=0A40E25D9C221AD04E14D991F6953DB5A7E0F285 ft=1 fh=dec3a839d69df31c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sismlp.dll.vir" sh=C1C473B79A777951E84E2D34FC5D3AEC995EA430 ft=1 fh=d46732a1c355133e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll.vir" sh=E6A188BB6452AAB999F387EC8EA2E58EBFF8EC7F ft=1 fh=bb435a05affd48f6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll.vir" sh=2283B0C5188BC4F5847E015799A793F64DE3A85C ft=1 fh=2fc3592be36e193b vn="Variante von Win32/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll.vir" sh=426F3315896304227F522DB04D0FC23EF2D965D1 ft=1 fh=1fb37d5852ace8c1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll.vir" sh=1A1018B0D7C5EDAAB4AE2B50D46E14C669515ADE ft=1 fh=1acb2541904cd6d1 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll.vir" sh=83DDB41864711EF47DAA7291345AE086144A7C49 ft=1 fh=d4351245a6e0effe vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll.vir" sh=E57596F0796389AD80B64285DFB35391C1BDA168 ft=1 fh=5e307d025767861f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll.vir" sh=7694F2ACDA1D439945E79B83AF8ABD41753E61E9 ft=1 fh=39c3a1a46b95af38 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll.vir" sh=823D1FE62D5706F4FA381D4C9F3DD90164E544F9 ft=1 fh=579c88745b455954 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll.vir" sh=C53BE84ECADD184DBCFACFD49D0E819E3AFDDCA6 ft=1 fh=27e41bdf6a6eaf00 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll.vir" sh=5D6ADED85FFBDDE17C8642C0A2FF3AFD1AE85C7C ft=1 fh=0770bde3605fd87d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir" sh=EB16BF2E5897D0E6A5782EBE57FAD804ABD3DFCD ft=1 fh=d422a8c885091f98 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll.vir" sh=BC90DA19B591D551CBA16771BA188A56CC7894CE ft=1 fh=d9446c7b8978f151 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll.vir" sh=DC186138C06A56B823E340378C838A5F24263904 ft=1 fh=dc267aca4558bbdb vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll.vir" sh=FC16FAB71211DA4E2089B9CB2AAB04388C0B590D ft=1 fh=b7f14b5be05108db vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.Translations.dll.vir" sh=7F27169F8C36CD8679D7507A7D422B0E3678CB8D ft=1 fh=bd125a31e7f66b1b vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir" sh=7F27169F8C36CD8679D7507A7D422B0E3678CB8D ft=1 fh=bd125a31e7f66b1b vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir" sh=6BCA1BDFE8C4DACEBE4C1894E1BD61FBFCF38456 ft=1 fh=0e651ba86f27b197 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir" sh=6BCA1BDFE8C4DACEBE4C1894E1BD61FBFCF38456 ft=1 fh=0e651ba86f27b197 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir" sh=8C0D6FE28B5E0DD7D5E804B3D4FBBAC8F03F773D ft=1 fh=e94602b08f92056b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spbe.dll.vir" sh=D712288BE2524F8EA6091017AB07B303B5DDB098 ft=1 fh=993ab4d0f35aac4d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spbl.dll.vir" sh=7BBFF3FD15D0CC2F7A75802FC52C574741E722FC ft=1 fh=0cc32f0cdad0569d vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sppsm.dll.vir" sh=4C5473ED67C670FCCC1C178203157FD52F342510 ft=1 fh=2787ddd5aaf1729c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spsm.dll.vir" sh=85A1AA6ADEF607AC0B29237B7C4ADF7E3ADE9A2C ft=1 fh=c11b715d5eb5a515 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spusm.dll.vir" sh=F128E221F673E14E30E58BAD00DD252348B99F91 ft=1 fh=e0b53d4b84d8c502 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srau.dll.vir" sh=65EA239D7F0A966798C2F96FAB9A9BB84E8BDE39 ft=1 fh=f338bd82611e2656 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srbhu.dll.vir" sh=EBF9A657DF00ADE146A72871EAB72A2D9F8A859E ft=1 fh=f467b19db94d54e4 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srbs.dll.vir" sh=91D8C63B6F560FFA3C186D654289946EB9F6F8BB ft=1 fh=af687a91fbfd1e1e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srgu.dll.vir" sh=469801D746EA24387C8E599FEA5D577B8ECFFD69 ft=1 fh=730b716e88b0d4b2 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srns.dll.vir" sh=A5176F76A19DAB29DBFA74E04D0F78BC9D67F77A ft=1 fh=abaf12d621116edc vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srpdm.dll.vir" sh=E159AD7566CBC88C5EBEF188C434D0967CF0DAE9 ft=1 fh=92be2fe97ad2cfc8 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srprl.dll.vir" sh=4F8DC5C191CE4F97743EB7FED66BACBC578BEF14 ft=1 fh=74fd4d0571fbf308 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srpu.dll.vir" sh=999A9BD5342B476150BC07B5E13D5C4499EAB4AF ft=1 fh=d4fa9272351611a1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srsbs.dll.vir" sh=C999742A026254D41CEED5F481E1426A171AFEF4 ft=1 fh=c5fbc822d2273f5c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srsbsau.dll.vir" sh=5E411E598212A56FC5DA22EFF2C8330B9867E7B2 ft=1 fh=fd365c7fbfce8a9f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srsl.dll.vir" sh=039C143CF6FEE46A4259B6F06A0B96650CF319CE ft=1 fh=caf851110c3232ba vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sruhs.dll.vir" sh=5EC908B0DD66BC1A541E6613B8509687C90B1583 ft=1 fh=5cb414d6e98eca28 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srus.dll.vir" sh=9AD658B9BD50A65028164D5E754ED3A45DDD4CB7 ft=1 fh=7f200cca02df23f1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srut.dll.vir" sh=163547419613D9664CBB4044BCAF4C97AE786B92 ft=1 fh=b06d5f9324f48fc5 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir" sh=C22E6A34201E094AF7203B1380A45047CD2290F4 ft=1 fh=1a823e13833f8d40 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=D8261F22F2013BD19FE1FBBB034C3D968C284561 ft=1 fh=df535ed8c70238de vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=068AB52DA9AAF173AF1EE29B330E0E8FA1EC0E4A ft=1 fh=ca69214df645faab vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=A9B0596015405113EFBBE432ED591A86E66C3054 ft=1 fh=7869b2d0dbc36a89 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=78B95BC91157F14581B0F235BCB86C96AA01326E ft=1 fh=dd06b644de3d6584 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=C7E054C7BA58AE2D703DB29C52346A3ED84FEF57 ft=1 fh=53532950b9749a4f vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_20.dll.vir" sh=C546BA3CA78F93EB65DCCEA191BC40B9F940E2EA ft=1 fh=6fd80785d353cf5d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_21.dll.vir" sh=7C15DA5A80F24F0383C992CFB03CF68E95A464B1 ft=1 fh=be427aaf403ae2ff vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_22.dll.vir" sh=95544372D9D68E8AFAE5E9DA8B07C14CE5406ABB ft=1 fh=dd489ec711c15129 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_23.dll.vir" sh=BA8871127FB23B24A8963B6A5992DED58259E590 ft=1 fh=65df87dcc97c6ea8 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_24.dll.vir" sh=C88DAF3FB5D3FEC090233FF251F7F0CFC73EF4CD ft=1 fh=b74c7f4df627386b vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll.vir" sh=79835663893CEF71393A321A1336DD497552A91A ft=1 fh=adf25d5bf7ec94b4 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=2612D76E70D48D3F85B33D91319FBD8173832068 ft=1 fh=07e612b3cf135c40 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=9C50BB623DC4D6D79ACB6B096D14800F70758CB2 ft=1 fh=8df231744dc93c2c vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=FDC37C1FBC4AE240CA0AFF686462A34762ABF10E ft=1 fh=9d31b7f982979712 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=00DB8B6BB29BD38EF5C44BA8C12C524B21324E4A ft=1 fh=73b6d0fe6da6b329 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=B3B8FCB0F1D58947C691960B4E44D0A121F1D788 ft=1 fh=7e3bdcf0f3151b4b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll.vir" sh=844F8720231881148C97F4A81EB6319D5933B087 ft=1 fh=cde1db732574e8a8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll.vir" sh=8DDFCB6C997478408238A2038CCB4BCA347738A8 ft=1 fh=3f7edfe547952741 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.NotepadPlugin.dll.vir" sh=B037ABC47F49765C6079E265CB74BE1B624FE095 ft=1 fh=7b256b9c849590e5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.ScreenCapturePlugin.dll.vir" sh=9D574069A4613DE0BDA40CAC4755D1EAA11E9732 ft=1 fh=e16c98e66f1f5d96 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll.vir" sh=0CD9D3DC96A2164F6E586BFE49AC83C86118B947 ft=1 fh=b412ebb954962174 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll.vir" sh=2A4C571A314016F107BF3BA533DE0BF325A0EDB1 ft=1 fh=a1f5d2c68585e2b7 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\spup.dll.vir" sh=C2C7BD3BD6C75D5DBCCA298C785C208AB6C73CF0 ft=1 fh=154117e7567d41ef vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\ldrtbDVD0.dll.vir" sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\ldrtbDVDV.dll.vir" sh=5C684D51F07A183EEA13D66F5C7E9630C48D93B5 ft=1 fh=53be76e80c29ad73 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\tbDVD0.dll.vir" sh=41CDE566540E31CF556FFC948255F45D4A94EAF8 ft=1 fh=3fb8233a96c1e513 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\tbDVD1.dll.vir" sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\tbDVDV.dll.vir" sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll.vir" sh=671E3E4E9E4C9A039D9AD1479A0C91E670AF18E3 ft=1 fh=d643e79c9fb8f862 vn="Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\BabSolution\Shared\BUSolution.dll.vir" sh=27FBB2161B29148FBC20EBBCF5A07FDCA991026C ft=1 fh=0456e4230d5bc364 vn="Variante von Win32/Toolbar.Babylon.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\BabSolution\Shared\enhancedNT.dll.vir" sh=E9C2205B9080833744AFB005AD8B135DF6797683 ft=1 fh=4432f897b3140eb0 vn="Variante von Win32/Speedchecker.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\OpenCandy\B9A3DED63D8048079E5EE2DB8350D76E\PCSU_SL_3.1.2.exe.vir" sh=97C98A20388FD894B92FD8325545966CA945BCFB ft=1 fh=6121d07ea56d1649 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\OpenCandy\C34109193459454882F8C44BDE1F54A2\Setupsft_chr_p1v7.exe.vir" sh=6340BF53AC5CA243E6FEB7B5DD2139E8A000E5E1 ft=1 fh=fc968932fc69ca56 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\OpenCandy\F0AE23D2DC4C4761A863CAB5B3ECB5D1\speedupmypcDE.exe.vir" sh=0FC9DEFEA7028D05F98160C998D700B0CA97DF8A ft=1 fh=6f3e0ceb3150aae5 vn="Variante von Win32/Toolbar.Widgi.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\Update Manager\UM.exe.vir" sh=5789A7E8DF0F046AD787D20E60937C26DE2823B5 ft=1 fh=e0b21b139133d8fa vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\IObit\Advanced SystemCare 5\asc6_setup_v5tov6-0306.exe" sh=66AD38356276A82B243291DA69C13821D297E5E0 ft=1 fh=834d59cc4b3df5fa vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\IObit\Advanced SystemCare 6\Toolbar\iobitappsToolbar-stub-1.exe" sh=9958550255192FCC3D111CCA213A8507F3A43CE3 ft=0 fh=0000000000000000 vn="JS/Adware.Steganos.A Anwendung" ac=I fn="C:\Program Files\OkayFreedom\okayfreedom_ff.xpi" ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=6c0e55cc920e6048bc7a72d474c067f0 # end=init # utc_time=2015-06-20 07:23:52 # local_time=2015-06-20 09:23:52 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.0.6002 NT Service Pack 2 Update Init Update Download Update Finalize Updated modules version: 24416 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=6c0e55cc920e6048bc7a72d474c067f0 # end=updated # utc_time=2015-06-20 07:26:09 # local_time=2015-06-20 09:26:09 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.0.6002 NT Service Pack 2 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=6c0e55cc920e6048bc7a72d474c067f0 # engine=24416 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-06-20 06:17:27 # local_time=2015-06-20 08:17:27 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode_1='avast! Antivirus' # compatibility_mode=783 16777213 100 97 169289 48559122 0 0 # compatibility_mode_1='' # compatibility_mode=5892 16776573 100 100 186668 272356975 0 0 # scanned=359844 # found=132 # cleaned=0 # scan_time=39078 sh=261D3F62AD77A3ADCBEACA46AB4168062ADDD3C8 ft=1 fh=42cb818e4edce42d vn="Win32/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Application Updater\ApplicationUpdater.exe.vir" sh=D1108CCEB7877B93A8A2ADEE47844C87B40C9D14 ft=1 fh=7ad0cc9270c1f31b vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe.vir" sh=6DC277BCBC8ED53CB4FF49C1A3BE9A6597A10EBB ft=1 fh=4b12bff76bf30a90 vn="Variante von Win64/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\SearchSettings64.exe.vir" sh=6D7091E72FE35711C31FE0794C598B3AC8479E9C ft=1 fh=ad1557459b8a0630 vn="Win32/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\wth173.dll.vir" sh=0DE94FDDDBBF711E22120FCAAB2E9AD7D6A171BA ft=1 fh=4210be0b31e324c5 vn="Win64/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\wthx173.dll.vir" sh=8F5D982D276220C266963B746185CAA91419E31C ft=1 fh=6728511dc7b9809c vn="Variante von Win32/Toolbar.Widgi.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\WidgiHelper.exe.vir" sh=5D5A6E64337E00C433AA77FD7A4EC2D7D3D19E39 ft=1 fh=e60bc69521bb6059 vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE.dll.vir" sh=391C67F5886ACA3B1E99E81123BEE5EB36627AF7 ft=1 fh=7da17f23609c54a9 vn="Variante von Win64/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE64.dll.vir" sh=5ADD8591D40CA5C10494928BE56EC7D2B9A58BAD ft=1 fh=c71c0011a5e75752 vn="Variante von Win32/Adware.MultiPlug.IY Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\mozilla firefox\dbghelp.dll.vir" sh=EF7B587B1B3B8E44A2CD26F1949A9D208A97E962 ft=1 fh=c71c00113d556818 vn="Variante von Win32/Adware.MultiPlug.KM Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\RoyaalCioaupon\XJuMb9DIwwa9pZ.dll.vir" sh=A956F41A0EBBF2E79A550BDC2B887191664CD934 ft=1 fh=c71c001137c536f2 vn="Variante von Win32/Adware.MultiPlug.KM Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\RuoyaalCouPPon\LlkoH7WHvNbupX.dll.vir" sh=42D1387CA070A110C07E056948621CDC4045DF2E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Montiera.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\softonic.crx.vir" sh=CF9209557CC4828F1A8536F5AF66358A81393A75 ft=1 fh=b354853738a44732 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicApp.dll.vir" sh=277966AAC8DD994109B77162DB82849EF1FC8D62 ft=1 fh=f7e7b232febc88cd vn="Variante von Win32/Toolbar.Montiera.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicEng.dll.vir" sh=431CA401E93A36C4FB726D12B16B4CC058A2C770 ft=1 fh=7cd1c9f2502352b3 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\Softonicsrv.exe.vir" sh=09AD2A1BCD218E1EA91FC53F55CB6A61770E1144 ft=1 fh=0234086e10d7e544 vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll.vir" sh=54002848ADA82AC181EAC551104FA02E8CBE4585 ft=1 fh=bfddd9982b578fa9 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\uninstall.exe.vir" sh=54CBEECF2F4AB81622D6708E8A849E3663853F4D ft=1 fh=a481e6d08e557a48 vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\bh\Softonic.dll.vir" sh=6B875940FA7CAB25BF815290AEB31D3D4C093936 ft=1 fh=fb908d0cf4a7ef13 vn="Variante von Win32/Adware.SpeedingUpMyPC.AE Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\System Optimizer\SysOptReminder.exe.vir" sh=C4ECD569EC63E6741D5A0BDA7C02AC4B3302C7B9 ft=1 fh=b3ce349f22d4038f vn="Variante von Win32/Adware.Yontoo.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooIEClient.dll.vir" sh=A17242612886E2DD1A44007D28414A9AA113D54D ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooLayers.crx.vir" sh=1AFB621BEBA8272ACD2BAC21B50D8885C9D579D1 ft=1 fh=d7a99a71f47706e7 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Conduit\IE\CT3311268\UninstallerUI.exe.vir" sh=5CA319EBA10412E2FF4A47FD20624385C11A0C2A ft=1 fh=8ad6e907be4811df vn="Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir" sh=163547419613D9664CBB4044BCAF4C97AE786B92 ft=1 fh=b06d5f9324f48fc5 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\GoogleChromeRemotePlugin.dll.vir" sh=E214737549AC8E5F5AEA4C9EBB68843D7B78A639 ft=1 fh=c71c00115e31d3cb vn="Win32/Toolbar.Montiera.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_1\CrmAdpt.dll.vir" sh=57279257E733B05B254033CFED9DF0A9239A0680 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\back.js.vir" sh=FE84CBB2C8E1A64DBD7AA169A54B6BD98B90B197 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\yl.js.vir" sh=1602AAF908ABC99CBD837086B899E501407678E3 ft=1 fh=bb8a7004878da8ef vn="Win32/bProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_1\spext.dll.vir" sh=138306365B84358D195D609A075BFC39B9B1428B ft=1 fh=f761c0ea7db27d0a vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\BrowserHelper.exe.vir" sh=1A6101B1D3B91EF9BB81A36B0DDCA8D372DEC8B0 ft=1 fh=75b5b383b76a996d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll.vir" sh=B77D928178242A3A684498A3EFDD201575628821 ft=1 fh=0456242d348f53bd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\MACTrackBarLib.dll.vir" sh=499F6757DABA08EA2D1D1AC4C1BB2D31C43FDA3D ft=1 fh=0d0f0f29a87c026a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\NDde.dll.vir" sh=479F5C5C525E131014B0AF382E22FC337F244BFE ft=1 fh=895896cab8bb7f5c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Newtonsoft.Json.dll.vir" sh=B2C5215194D0A3B74DED9DA5B40E200152B08308 ft=1 fh=da110da08e660bd7 vn="Variante von Win32/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\QuickShare.exe.vir" sh=49454893B4DF8B41F97CDBBE26B280B5BB48A6FA ft=1 fh=03484c18a35c034e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sgml.dll.vir" sh=9BB408F581067BAC176320D97D9208A23541DF9E ft=1 fh=4a30aef221430c8d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sidb.dll.vir" sh=B4EA0C3F51D3632520C8B084915521E1441D19A5 ft=1 fh=6707333c5dc47937 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\siem.dll.vir" sh=8C4CF4CC51DAD09019A33083EEC36DFE7461642E ft=1 fh=aef43140c8afe34b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sipb.dll.vir" sh=0A40E25D9C221AD04E14D991F6953DB5A7E0F285 ft=1 fh=dec3a839d69df31c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sismlp.dll.vir" sh=C1C473B79A777951E84E2D34FC5D3AEC995EA430 ft=1 fh=d46732a1c355133e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll.vir" sh=E6A188BB6452AAB999F387EC8EA2E58EBFF8EC7F ft=1 fh=bb435a05affd48f6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll.vir" sh=2283B0C5188BC4F5847E015799A793F64DE3A85C ft=1 fh=2fc3592be36e193b vn="Variante von Win32/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll.vir" sh=426F3315896304227F522DB04D0FC23EF2D965D1 ft=1 fh=1fb37d5852ace8c1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll.vir" sh=1A1018B0D7C5EDAAB4AE2B50D46E14C669515ADE ft=1 fh=1acb2541904cd6d1 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll.vir" sh=83DDB41864711EF47DAA7291345AE086144A7C49 ft=1 fh=d4351245a6e0effe vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll.vir" sh=E57596F0796389AD80B64285DFB35391C1BDA168 ft=1 fh=5e307d025767861f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll.vir" sh=7694F2ACDA1D439945E79B83AF8ABD41753E61E9 ft=1 fh=39c3a1a46b95af38 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll.vir" sh=823D1FE62D5706F4FA381D4C9F3DD90164E544F9 ft=1 fh=579c88745b455954 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll.vir" sh=C53BE84ECADD184DBCFACFD49D0E819E3AFDDCA6 ft=1 fh=27e41bdf6a6eaf00 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll.vir" sh=5D6ADED85FFBDDE17C8642C0A2FF3AFD1AE85C7C ft=1 fh=0770bde3605fd87d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir" sh=EB16BF2E5897D0E6A5782EBE57FAD804ABD3DFCD ft=1 fh=d422a8c885091f98 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll.vir" sh=BC90DA19B591D551CBA16771BA188A56CC7894CE ft=1 fh=d9446c7b8978f151 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll.vir" sh=DC186138C06A56B823E340378C838A5F24263904 ft=1 fh=dc267aca4558bbdb vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll.vir" sh=FC16FAB71211DA4E2089B9CB2AAB04388C0B590D ft=1 fh=b7f14b5be05108db vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.Translations.dll.vir" sh=7F27169F8C36CD8679D7507A7D422B0E3678CB8D ft=1 fh=bd125a31e7f66b1b vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir" sh=7F27169F8C36CD8679D7507A7D422B0E3678CB8D ft=1 fh=bd125a31e7f66b1b vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir" sh=6BCA1BDFE8C4DACEBE4C1894E1BD61FBFCF38456 ft=1 fh=0e651ba86f27b197 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir" sh=6BCA1BDFE8C4DACEBE4C1894E1BD61FBFCF38456 ft=1 fh=0e651ba86f27b197 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir" sh=8C0D6FE28B5E0DD7D5E804B3D4FBBAC8F03F773D ft=1 fh=e94602b08f92056b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spbe.dll.vir" sh=D712288BE2524F8EA6091017AB07B303B5DDB098 ft=1 fh=993ab4d0f35aac4d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spbl.dll.vir" sh=7BBFF3FD15D0CC2F7A75802FC52C574741E722FC ft=1 fh=0cc32f0cdad0569d vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sppsm.dll.vir" sh=4C5473ED67C670FCCC1C178203157FD52F342510 ft=1 fh=2787ddd5aaf1729c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spsm.dll.vir" sh=85A1AA6ADEF607AC0B29237B7C4ADF7E3ADE9A2C ft=1 fh=c11b715d5eb5a515 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spusm.dll.vir" sh=F128E221F673E14E30E58BAD00DD252348B99F91 ft=1 fh=e0b53d4b84d8c502 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srau.dll.vir" sh=65EA239D7F0A966798C2F96FAB9A9BB84E8BDE39 ft=1 fh=f338bd82611e2656 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srbhu.dll.vir" sh=EBF9A657DF00ADE146A72871EAB72A2D9F8A859E ft=1 fh=f467b19db94d54e4 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srbs.dll.vir" sh=91D8C63B6F560FFA3C186D654289946EB9F6F8BB ft=1 fh=af687a91fbfd1e1e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srgu.dll.vir" sh=469801D746EA24387C8E599FEA5D577B8ECFFD69 ft=1 fh=730b716e88b0d4b2 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srns.dll.vir" sh=A5176F76A19DAB29DBFA74E04D0F78BC9D67F77A ft=1 fh=abaf12d621116edc vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srpdm.dll.vir" sh=E159AD7566CBC88C5EBEF188C434D0967CF0DAE9 ft=1 fh=92be2fe97ad2cfc8 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srprl.dll.vir" sh=4F8DC5C191CE4F97743EB7FED66BACBC578BEF14 ft=1 fh=74fd4d0571fbf308 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srpu.dll.vir" sh=999A9BD5342B476150BC07B5E13D5C4499EAB4AF ft=1 fh=d4fa9272351611a1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srsbs.dll.vir" sh=C999742A026254D41CEED5F481E1426A171AFEF4 ft=1 fh=c5fbc822d2273f5c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srsbsau.dll.vir" sh=5E411E598212A56FC5DA22EFF2C8330B9867E7B2 ft=1 fh=fd365c7fbfce8a9f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srsl.dll.vir" sh=039C143CF6FEE46A4259B6F06A0B96650CF319CE ft=1 fh=caf851110c3232ba vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sruhs.dll.vir" sh=5EC908B0DD66BC1A541E6613B8509687C90B1583 ft=1 fh=5cb414d6e98eca28 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srus.dll.vir" sh=9AD658B9BD50A65028164D5E754ED3A45DDD4CB7 ft=1 fh=7f200cca02df23f1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srut.dll.vir" sh=163547419613D9664CBB4044BCAF4C97AE786B92 ft=1 fh=b06d5f9324f48fc5 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir" sh=C22E6A34201E094AF7203B1380A45047CD2290F4 ft=1 fh=1a823e13833f8d40 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=D8261F22F2013BD19FE1FBBB034C3D968C284561 ft=1 fh=df535ed8c70238de vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=068AB52DA9AAF173AF1EE29B330E0E8FA1EC0E4A ft=1 fh=ca69214df645faab vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=A9B0596015405113EFBBE432ED591A86E66C3054 ft=1 fh=7869b2d0dbc36a89 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=78B95BC91157F14581B0F235BCB86C96AA01326E ft=1 fh=dd06b644de3d6584 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=C7E054C7BA58AE2D703DB29C52346A3ED84FEF57 ft=1 fh=53532950b9749a4f vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_20.dll.vir" sh=C546BA3CA78F93EB65DCCEA191BC40B9F940E2EA ft=1 fh=6fd80785d353cf5d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_21.dll.vir" sh=7C15DA5A80F24F0383C992CFB03CF68E95A464B1 ft=1 fh=be427aaf403ae2ff vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_22.dll.vir" sh=95544372D9D68E8AFAE5E9DA8B07C14CE5406ABB ft=1 fh=dd489ec711c15129 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_23.dll.vir" sh=BA8871127FB23B24A8963B6A5992DED58259E590 ft=1 fh=65df87dcc97c6ea8 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_24.dll.vir" sh=C88DAF3FB5D3FEC090233FF251F7F0CFC73EF4CD ft=1 fh=b74c7f4df627386b vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll.vir" sh=79835663893CEF71393A321A1336DD497552A91A ft=1 fh=adf25d5bf7ec94b4 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=2612D76E70D48D3F85B33D91319FBD8173832068 ft=1 fh=07e612b3cf135c40 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=9C50BB623DC4D6D79ACB6B096D14800F70758CB2 ft=1 fh=8df231744dc93c2c vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=FDC37C1FBC4AE240CA0AFF686462A34762ABF10E ft=1 fh=9d31b7f982979712 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=00DB8B6BB29BD38EF5C44BA8C12C524B21324E4A ft=1 fh=73b6d0fe6da6b329 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll.vir" sh=B3B8FCB0F1D58947C691960B4E44D0A121F1D788 ft=1 fh=7e3bdcf0f3151b4b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll.vir" sh=844F8720231881148C97F4A81EB6319D5933B087 ft=1 fh=cde1db732574e8a8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll.vir" sh=8DDFCB6C997478408238A2038CCB4BCA347738A8 ft=1 fh=3f7edfe547952741 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.NotepadPlugin.dll.vir" sh=B037ABC47F49765C6079E265CB74BE1B624FE095 ft=1 fh=7b256b9c849590e5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.ScreenCapturePlugin.dll.vir" sh=9D574069A4613DE0BDA40CAC4755D1EAA11E9732 ft=1 fh=e16c98e66f1f5d96 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll.vir" sh=0CD9D3DC96A2164F6E586BFE49AC83C86118B947 ft=1 fh=b412ebb954962174 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll.vir" sh=2A4C571A314016F107BF3BA533DE0BF325A0EDB1 ft=1 fh=a1f5d2c68585e2b7 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\spup.dll.vir" sh=C2C7BD3BD6C75D5DBCCA298C785C208AB6C73CF0 ft=1 fh=154117e7567d41ef vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\ldrtbDVD0.dll.vir" sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\ldrtbDVDV.dll.vir" sh=5C684D51F07A183EEA13D66F5C7E9630C48D93B5 ft=1 fh=53be76e80c29ad73 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\tbDVD0.dll.vir" sh=41CDE566540E31CF556FFC948255F45D4A94EAF8 ft=1 fh=3fb8233a96c1e513 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\tbDVD1.dll.vir" sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\tbDVDV.dll.vir" sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll.vir" sh=671E3E4E9E4C9A039D9AD1479A0C91E670AF18E3 ft=1 fh=d643e79c9fb8f862 vn="Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\BabSolution\Shared\BUSolution.dll.vir" sh=27FBB2161B29148FBC20EBBCF5A07FDCA991026C ft=1 fh=0456e4230d5bc364 vn="Variante von Win32/Toolbar.Babylon.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\BabSolution\Shared\enhancedNT.dll.vir" sh=E9C2205B9080833744AFB005AD8B135DF6797683 ft=1 fh=4432f897b3140eb0 vn="Variante von Win32/Speedchecker.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\OpenCandy\B9A3DED63D8048079E5EE2DB8350D76E\PCSU_SL_3.1.2.exe.vir" sh=97C98A20388FD894B92FD8325545966CA945BCFB ft=1 fh=6121d07ea56d1649 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\OpenCandy\C34109193459454882F8C44BDE1F54A2\Setupsft_chr_p1v7.exe.vir" sh=6340BF53AC5CA243E6FEB7B5DD2139E8A000E5E1 ft=1 fh=fc968932fc69ca56 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\OpenCandy\F0AE23D2DC4C4761A863CAB5B3ECB5D1\speedupmypcDE.exe.vir" sh=0FC9DEFEA7028D05F98160C998D700B0CA97DF8A ft=1 fh=6f3e0ceb3150aae5 vn="Variante von Win32/Toolbar.Widgi.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\Update Manager\UM.exe.vir" sh=5789A7E8DF0F046AD787D20E60937C26DE2823B5 ft=1 fh=e0b21b139133d8fa vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\IObit\Advanced SystemCare 5\asc6_setup_v5tov6-0306.exe" sh=66AD38356276A82B243291DA69C13821D297E5E0 ft=1 fh=834d59cc4b3df5fa vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\IObit\Advanced SystemCare 6\Toolbar\iobitappsToolbar-stub-1.exe" sh=9958550255192FCC3D111CCA213A8507F3A43CE3 ft=0 fh=0000000000000000 vn="JS/Adware.Steganos.A Anwendung" ac=I fn="C:\Program Files\OkayFreedom\okayfreedom_ff.xpi" sh=B1C446D661E804591AE2095447F1FBDEEBFF8EBD ft=0 fh=0000000000000000 vn="JS/Adware.Steganos.A Anwendung" ac=I fn="C:\Users\Kagan Bagci\AppData\Local\Temp\avastBCLTMP\firefox\{db981cca-088e-4731-a4a2-2fe218703c0e}\chrome\okayfreedom_ff.jar" sh=CEF8BAE91D4D3EC24FD95E5D614F12E61CD10245 ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\user.js" sh=4BB28A5E8D129F015959CE88E99F3917A663C18F ft=1 fh=d62a0000a626a5b5 vn="JS/Adware.Steganos.A Anwendung" ac=I fn="C:\Users\Kagan Bagci\AppData\Roaming\Steganos Updates\okayfreedom.exe" sh=774E0EB1B55AB1CE858D486BBB67AF0670AC458C ft=1 fh=bb69c23d0ef354e9 vn="möglicherweise unbekannter Virus NewHeur_PE Virus" ac=I fn="C:\Users\Kagan Bagci\Desktop\Spiele und etc\S.T.A.L.K.E.R. - Call Of Pripyat\soProject\soLauncher.exe" sh=C7EC31B13CC7D2A5D281B15BDE36B0EB4027CA87 ft=1 fh=7594684219292c68 vn="möglicherweise unbekannter Virus NewHeur_PE Virus" ac=I fn="C:\Users\Kagan Bagci\Desktop\Spiele und etc\S.T.A.L.K.E.R. - Call Of Pripyat\soProject\steam-launcher.exe" sh=BDB9ADCC6484A7C83FC1BA9C12F8501E1B469F87 ft=1 fh=61b8c62aa949cace vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\cbsidlm-cbsi109-Advanced_SystemCare-BP-10407614.exe" sh=91A7C4411CFDB4F1AC97F0FAF786027AE27BB84A ft=1 fh=6ff2e91813dee848 vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\dffsetup-zlibwapi.exe" sh=E78755956D9F693B3CEFA0E02EB7EE8A2DDD6581 ft=1 fh=a4b26a75aa740adc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\FreeVideoToAndroidConverter.exe" sh=81DBC505DB55ED6075F39B0A27DAEA4126A7AEE5 ft=1 fh=69aea8ae059890d8 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\FreeVideoToDVDConverter.exe" sh=6A6173915D0A489F5F9458B82D3CAB266C79F818 ft=1 fh=b426ceb2a6a4a874 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\FreeVideoToMP3Converter.exe" sh=82CB0474E2587422BB78F7FCDE642C502D2A784C ft=1 fh=4c0fd17e59ba3d4a vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\FreeYouTubeToDVDConverter.exe" sh=E8CD33623287C08C7CC3662A042E45522654BB30 ft=1 fh=7cd3b160b0dbd4bd vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\FreeYouTubeToMP3Converter (1).exe" sh=A6D4FFD859A883F630DDC41C026A7C48D7C1324D ft=1 fh=23060b6acf7e60a7 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\FreeYouTubeToMP3Converter.exe" sh=FB436942BE890C679B272EDD4270E78C9D0BBB75 ft=1 fh=fbfa24367d477364 vn="Variante von Win32/ELEX.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\HDfilm (1).exe" sh=FB436942BE890C679B272EDD4270E78C9D0BBB75 ft=1 fh=fbfa24367d477364 vn="Variante von Win32/ELEX.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\HDfilm.exe" sh=C263D6F30536106B0BB6022A5A3E287A17C8CAD1 ft=1 fh=28a79725d8987cf4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\MotioninJoy - CHIP-Installer.exe" |
21.06.2015, 09:40 | #11 |
/// the machine /// TB-Ausbilder | Kaum mache ich Google Chrome an sagt Avast ich hätte Virenseiten am start Hi, deeprybka ist im Urlaub, deswegen übernehme ich ab hier Bitte noch ein frisches FRST log. Gibt es aktuell noch irgendwelche Probleme mit dem System?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
21.06.2015, 12:06 | #12 |
| Kaum mache ich Google Chrome an sagt Avast ich hätte Virenseiten am start Ah ok danke fürs weiterhelfen Hier der FRST Logtxt Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-06-2015 01 Ran by Kagan Bagci (administrator) on KAGANBAGCI-PC on 21-06-2015 13:03:29 Running from C:\Users\Kagan Bagci\Downloads Loaded Profiles: Kagan Bagci & (Available Profiles: Kagan Bagci) Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 9 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe (ABBYY) C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (Steganos Software GmbH) C:\Program Files\OkayFreedom\OkayFreedomService.exe (Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe (Akamai Technologies, Inc.) C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Akamai Technologies, Inc.) C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe (Microsoft Corporation) C:\Windows\System32\conime.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (www.motioninjoy.com) C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Carbonite, Inc.) C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [192512 2008-08-22] (Wistron) HKLM\...\Run: [LMgrOSD] => C:\Program Files\Launch Manager\OSD.exe [430080 2008-05-16] (Wistron Corp.) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1328424 2008-07-03] (Synaptics, Inc.) HKLM\...\Run: [CarboniteSetupLite] => C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe [306112 2008-04-07] (Carbonite, Inc.) HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [24064 2008-11-06] (Google) HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [28672 2007-02-20] ( ) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-20] (Avast Software s.r.o.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.) HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [351968 2014-09-08] () HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Facebook Update] => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-28] (Facebook Inc.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Google Update] => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-11] (Google Inc.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Advanced SystemCare 6] => C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-04-18] (IObit) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Overwolf] => C:\Program Files\Overwolf\Overwolf.exe -silent HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [BitTorrent] => C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent\BitTorrent.exe [1696104 2015-06-18] (BitTorrent Inc.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Battle.net] => C:\Program Files\Battle.net\Battle.net Launcher.exe [2860080 2015-06-20] (Blizzard Entertainment) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [UM] => C:\Users\Kagan Bagci\AppData\Roaming\Update Manager\UM.EXE HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files\OkayFreedom\OkayFreedomClient.exe [6591912 2015-04-22] (Steganos Software GmbH) HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [OKAYFREEDOM_Update] => C:\Program Files\OkayFreedom\Updater.exe [3864488 2015-04-22] (Steganos Software GmbH) HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Facebook Update] => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-28] (Facebook Inc.) HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation) HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd) HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-11] (Google Inc.) HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Advanced SystemCare 6] => C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-04-18] (IObit) HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Overwolf] => C:\Program Files\Overwolf\Overwolf.exe -silent HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BitTorrent] => C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent\BitTorrent.exe [1696104 2015-06-18] (BitTorrent Inc.) HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.) HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Akamai NetSession Interface] => C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.) HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Battle.net] => C:\Program Files\Battle.net\Battle.net Launcher.exe [2860080 2015-06-20] (Blizzard Entertainment) HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [UM] => C:\Users\Kagan Bagci\AppData\Roaming\Update Manager\UM.EXE HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files\OkayFreedom\OkayFreedomClient.exe [6591912 2015-04-22] (Steganos Software GmbH) HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OKAYFREEDOM_Update] => C:\Program Files\OkayFreedom\Updater.exe [3864488 2015-04-22] (Steganos Software GmbH) HKU\S-1-5-18\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe Startup: C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2013-02-09] () Startup: C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk [2013-07-15] ShortcutTarget: Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk -> C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-06-20] (Avast Software s.r.o.) ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) AutoConfigURL: [S-1-5-21-410520579-760464469-3575665083-1000] => hxxp://127.0.0.1:8445/okf.pac AutoConfigURL: [S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => hxxp://127.0.0.1:8445/okf.pac HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-410520579-760464469-3575665083-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank URLSearchHook: HKLM - (No Name) - {da7f5ae1-3be3-43c0-8098-c1d183616e97} - No File SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\.DEFAULT -> {5AB1FAB0-D468-46DF-94F7-109F64BDC9B4} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=FFFEB447-F2F8-4077-85EB-796D5026A171&apn_sauid=E029870B-C567-4E27-8172-ADB38D7B7123 SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-20] (Avast Software s.r.o.) Toolbar: HKU\.DEFAULT -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.) Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-12] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] () FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC) FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @talk.google.com/O1DPlugin -> C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kagan Bagci\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-01] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/GoogleTalkPlugin -> C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/O1DPlugin -> C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kagan Bagci\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-01] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Users\Kagan Bagci\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Kagan Bagci\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google) FF SearchPlugin: C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\searchplugins\suchmaschine.xml [2015-03-20] FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-03-18] FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2015-01-21] FF Extension: Movie2kDownloader - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-11-20] FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-12-19] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-05] FF HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff FF HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff Chrome: ======= CHR Profile: C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-15] CHR Extension: (Google Search) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-15] CHR Extension: (Avast Online Security) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-20] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-27] CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2015-06-17] CHR Extension: (Google Wallet) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-12-20] CHR Extension: (Adblock Pro) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-05-27] CHR Extension: (Adblock Pro) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\odoejnlfacfofgbahnomeeojkkgcglan [2015-05-27] CHR Extension: (Gmail) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-15] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-20] CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx [2013-03-18] CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2010-02-01] (ABBYY) S3 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] () R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-20] (Avast Software s.r.o.) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-06-20] (Avast Software s.r.o.) R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [815104 2008-04-30] (Intel(R) Corporation) [File not signed] S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2008-11-06] (Macrovision Europe Ltd.) [File not signed] S3 GoogleDesktopManager-071508-051939; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [24064 2008-11-06] (Google) [File not signed] R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1848168 2015-03-30] (LogMeIn Inc.) R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-03-30] (LogMeIn, Inc.) R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 OkayFreedom VPN Starter Service; C:\Program Files\OkayFreedom\OkayFreedomService.exe [330168 2015-04-22] (Steganos Software GmbH) R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed] R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-04-30] (Intel(R) Corporation) [File not signed] R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation) R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118784 2008-01-15] (Wistron Corp.) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-06-20] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26096 2015-06-20] (Avast Software s.r.o.) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-06-20] (Avast Software s.r.o.) R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2015-06-20] (ALWIL Software) R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [253600 2015-06-20] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-06-20] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-06-20] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-06-20] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-06-20] (Avast Software s.r.o.) R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-06-20] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-06-20] () S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2013-02-07] (Phoenix Technologies) [File not signed] R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-02-12] (DT Soft Ltd) S3 eapihdrv; C:\Users\Kagan Bagci\AppData\Local\Temp\ehdrv.sys [135760 2015-06-20] (ESET) S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [65896 2013-07-12] (FTDI Ltd.) R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) S3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] () [File not signed] R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-06-20] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation) S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy) [File not signed] R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2014-05-07] (Samsung Electronics) [File not signed] S3 WinRing0_1_2_0; C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [14416 2012-11-13] (OpenLibSys.org) S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S3 RTHDMIAzAudService; system32\drivers\RtHDMIV.sys [X] S1 SYMTDI; \SystemRoot\System32\Drivers\SYMTDI.SYS [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-21 13:03 - 2015-06-21 13:03 - 00000000 ____D C:\Users\Kagan Bagci\Downloads\FRST-OlderVersion 2015-06-20 21:16 - 2015-06-20 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-06-20 21:14 - 2015-06-20 21:14 - 00024144 _____ C:\Windows\system32\Drivers\aswHwid.sys 2015-06-20 21:14 - 2015-06-20 21:13 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe 2015-06-20 21:14 - 2015-06-20 21:13 - 00026096 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys 2015-06-20 21:13 - 2015-06-20 21:13 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr 2015-06-20 21:12 - 2015-06-20 21:12 - 00012112 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys 2015-06-18 22:34 - 2015-06-18 22:34 - 00001966 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-06-18 22:34 - 2015-06-18 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-06-18 22:31 - 2015-06-18 22:31 - 00931408 _____ (Google Inc.) C:\Users\Kagan Bagci\Downloads\ChromeSetup(1).exe 2015-06-18 22:20 - 2015-06-18 22:20 - 00000849 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-06-18 13:35 - 2015-06-18 13:36 - 02870984 _____ (ESET) C:\Users\Kagan Bagci\Downloads\esetsmartinstaller_deu.exe 2015-06-17 22:23 - 2015-06-17 22:23 - 00001227 _____ C:\Users\Kagan Bagci\Desktop\Malwarebytes.txt 2015-06-17 21:56 - 2015-06-20 23:03 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-06-17 21:55 - 2015-06-17 21:55 - 00000902 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-06-17 21:55 - 2015-06-17 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-06-17 21:55 - 2015-06-17 21:55 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 2015-06-17 21:55 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-06-17 21:55 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-06-17 21:54 - 2015-06-17 21:55 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Kagan Bagci\Downloads\mbam-setup-2.1.6.1022.exe 2015-06-17 21:40 - 2015-06-17 21:40 - 02231296 _____ C:\Users\Kagan Bagci\Downloads\AdwCleaner_4.206.exe 2015-06-17 21:22 - 2015-06-17 21:22 - 00001060 _____ C:\Users\Kagan Bagci\Desktop\Revo Uninstaller.lnk 2015-06-17 21:22 - 2015-06-17 21:22 - 00000000 ____D C:\Program Files\VS Revo Group 2015-06-17 21:21 - 2015-06-17 21:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kagan Bagci\Downloads\revosetup95.exe 2015-06-17 12:22 - 2015-06-17 22:40 - 00066707 _____ C:\Users\Kagan Bagci\Downloads\Addition.txt 2015-06-17 12:21 - 2015-06-21 13:03 - 00030861 _____ C:\Users\Kagan Bagci\Downloads\FRST.txt 2015-06-17 12:21 - 2015-06-21 13:03 - 00000000 ____D C:\FRST 2015-06-16 22:32 - 2015-06-21 13:03 - 01148928 _____ (Farbar) C:\Users\Kagan Bagci\Downloads\FRST.exe 2015-06-15 14:27 - 2015-06-16 15:27 - 00000000 ____D C:\Program Files\Form Filler 2015-06-13 17:52 - 2015-06-13 17:52 - 00001543 _____ C:\Users\Public\Desktop\Unepic.lnk 2015-06-13 17:46 - 2015-06-13 17:50 - 212530976 _____ (GOG.com ) C:\Users\Kagan Bagci\Downloads\setup_unepic_2.8.0.13.exe 2015-06-12 23:20 - 2015-04-24 17:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-12 23:19 - 2015-05-21 16:22 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-12 23:19 - 2015-05-09 01:08 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-06-12 22:59 - 2015-05-05 00:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-06-12 22:59 - 2015-05-05 00:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-06-12 22:59 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-06-12 22:59 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-06-12 22:59 - 2015-05-04 23:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-06-10 23:15 - 2015-06-13 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2015-06-10 23:15 - 2015-06-10 23:15 - 00001797 _____ C:\Users\Public\Desktop\Battle Realms Complete (German).lnk 2015-06-10 23:14 - 2015-06-13 17:51 - 00000000 ____D C:\GOG Games 2015-06-10 23:00 - 2015-06-10 23:10 - 554494280 _____ (GOG.com ) C:\Users\Kagan Bagci\Downloads\setup_battle_realms_complete_german_2.0.0.9.exe 2015-06-10 16:35 - 2015-05-31 01:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-10 16:35 - 2015-05-31 01:53 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-10 16:35 - 2015-05-31 01:50 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-10 16:35 - 2015-05-31 01:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-10 16:35 - 2015-05-31 01:49 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-10 16:35 - 2015-05-31 01:49 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-10 16:35 - 2015-05-31 01:49 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-06-10 16:35 - 2015-05-31 01:48 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-06-10 16:35 - 2015-05-31 01:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-06-10 16:35 - 2015-05-31 01:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-06-10 16:35 - 2015-05-31 01:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-10 16:35 - 2015-05-31 01:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-06-10 16:35 - 2015-05-31 01:47 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-06-10 16:34 - 2015-05-31 02:03 - 12385280 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-10 16:34 - 2015-05-31 01:55 - 01809920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-10 16:34 - 2015-05-31 01:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-10 16:26 - 2015-06-10 16:26 - 02197648 _____ (Irfan Skiljan) C:\Users\Kagan Bagci\Downloads\iview438g_setup.exe 2015-06-10 16:26 - 2015-06-10 16:26 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView 2015-06-10 16:26 - 2015-06-10 16:26 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\IrfanView 2015-06-10 16:26 - 2015-06-10 16:26 - 00000000 ____D C:\Program Files\IrfanView 2015-06-03 22:29 - 2015-06-03 22:29 - 00180095 _____ C:\Users\Kagan Bagci\Downloads\a4dven6_460sv (1).wmv 2015-06-03 17:37 - 2015-06-03 17:37 - 00638976 _____ C:\Users\Kagan Bagci\Downloads\Detection (1).msi 2015-06-01 15:24 - 2015-06-01 15:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Apocalypse - The Hunt Begins 2015-06-01 14:15 - 2015-06-01 15:05 - 1216383942 _____ (Ultimate Apocalypse Mod Team ) C:\Users\Kagan Bagci\Downloads\Ultimate_Apocalypse_-_The_Hunt_Begins.exe 2015-06-01 13:49 - 2015-06-01 13:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Apocalypse - THB Patch 2015-05-28 19:11 - 2015-05-28 19:11 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\openvr 2015-05-27 13:53 - 2015-05-27 13:53 - 00880208 _____ (Google Inc.) C:\Users\Kagan Bagci\Downloads\ChromeSetup.exe 2015-05-27 13:39 - 2015-05-27 15:13 - 00000000 ____D C:\Program Files\Second Home 2015-05-27 13:37 - 2015-06-15 14:27 - 00000000 ____D C:\ProgramData\12105833042991166924 2015-05-27 13:17 - 2015-06-17 21:17 - 00000024 _____ C:\Users\Kagan Bagci\AppData\Roaming\appdataFr25.bin 2015-05-27 11:36 - 2015-06-20 22:10 - 00015208 _____ C:\Windows\PFRO.log 2015-05-26 12:48 - 2015-05-26 12:48 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Samsung 2015-05-26 12:48 - 2015-05-26 12:48 - 00000000 ____D C:\Program Files\Common Files\Common Desktop Agent 2015-05-26 12:47 - 2015-05-26 12:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers 2015-05-26 12:45 - 2015-05-26 12:48 - 00000000 ____D C:\ProgramData\Samsung 2015-05-26 12:45 - 2015-05-26 12:45 - 00000000 ____D C:\Program Files\SamsungPrinterLiveUpdate 2015-05-26 12:44 - 2015-05-26 12:48 - 00000000 ____D C:\Program Files\Samsung 2015-05-26 12:44 - 2014-10-30 13:43 - 00686896 _____ (Samsung Electronics) C:\Windows\system32\eed_sl.exe 2015-05-26 12:44 - 2014-10-30 13:43 - 00025600 _____ () C:\Windows\system32\sst6clm.dll 2015-05-26 12:44 - 2014-10-30 13:42 - 02284032 _____ C:\Windows\system32\eed_ec.dll 2015-05-26 12:44 - 2014-09-19 00:10 - 00094208 ____N C:\Windows\system32\ssdevm.dll 2015-05-26 12:44 - 2014-03-05 15:59 - 00158040 _____ (SS) C:\Windows\system32\sst6cci.exe 2015-05-26 12:44 - 2014-03-05 15:58 - 00000273 _____ C:\Windows\system32\eed_sl.exe.config 2015-05-26 12:44 - 2013-04-03 16:32 - 00212600 _____ C:\Windows\system32\SBuySupplies.exe 2015-05-26 12:44 - 2012-08-02 13:07 - 04161048 ____N C:\Windows\sst6cA4.prn 2015-05-26 12:44 - 2012-08-02 13:07 - 03701631 ____N C:\Windows\sst6cLTR.prn 2015-05-26 12:44 - 2012-01-09 13:41 - 00000361 _____ C:\Windows\system32\sst6clm.smt 2015-05-26 12:44 - 2012-01-09 13:40 - 00065536 _____ (SS) C:\Windows\system32\sst6cci.dll 2015-05-26 12:41 - 2015-05-26 12:41 - 03439936 _____ C:\Users\Kagan Bagci\Downloads\SamsungPrinterInstaller.exe 2015-05-25 22:13 - 2015-05-25 22:13 - 00006594 _____ C:\Users\Public\Documents\s.t.a.l.k.e.r.ltx 2015-05-24 21:33 - 2015-05-24 21:33 - 00003294 _____ C:\Users\Kagan Bagci\Downloads\PPSSPP_Cheat_Lists.rar 2015-05-23 21:48 - 2015-05-23 21:48 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\AVG 2015-05-23 21:41 - 2015-05-23 21:41 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\Avg 2015-05-23 21:38 - 2015-05-23 21:49 - 00000000 ____D C:\ProgramData\AVG 2015-05-23 21:31 - 2015-05-23 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO 2015-05-23 21:31 - 2015-05-23 21:31 - 03067400 _____ C:\Users\Kagan Bagci\Downloads\Setup_MagicISO.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-21 13:00 - 2012-11-14 23:45 - 00000352 _____ C:\Windows\Tasks\Recovery DVD Creator-Kagan Bagci.job 2015-06-21 13:00 - 2012-11-14 23:45 - 00000352 _____ C:\Windows\Tasks\Erweiterte Garantie-Kagan Bagci.job 2015-06-21 12:56 - 2013-01-28 13:51 - 00000952 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job 2015-06-21 12:56 - 2013-01-28 13:51 - 00000930 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job 2015-06-21 12:56 - 2012-11-14 22:42 - 01996940 _____ C:\Windows\WindowsUpdate.log 2015-06-21 12:55 - 2013-02-15 21:31 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job 2015-06-21 12:55 - 2012-11-15 20:24 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-06-21 12:54 - 2013-07-09 16:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-06-21 12:53 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-21 12:53 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-20 22:42 - 2012-12-20 18:09 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\Musik 2015-06-20 22:41 - 2014-10-04 21:07 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent 2015-06-20 22:41 - 2014-01-03 02:51 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\LogMeIn Hamachi 2015-06-20 22:41 - 2012-11-15 20:08 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Skype 2015-06-20 22:38 - 2015-02-01 18:01 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\Battle.net 2015-06-20 22:19 - 2015-02-01 17:59 - 00000000 ____D C:\Program Files\Battle.net 2015-06-20 22:16 - 2015-05-07 20:27 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Steganos VPN 2015-06-20 22:15 - 2013-02-10 01:31 - 00000000 ____D C:\Users\Kagan Bagci\Tracing 2015-06-20 22:11 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-20 22:08 - 2006-11-02 15:01 - 00032634 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-06-20 21:14 - 2013-12-05 20:39 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys 2015-06-20 21:14 - 2013-12-05 20:39 - 00209048 _____ C:\Windows\system32\Drivers\aswVmm.sys 2015-06-20 21:14 - 2013-12-05 20:39 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-06-20 21:14 - 2013-12-05 20:39 - 00057888 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswTdi.sys 2015-06-20 21:14 - 2013-12-05 20:39 - 00055200 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr.sys 2015-06-20 21:14 - 2013-12-05 20:39 - 00049904 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2015-06-20 21:13 - 2013-12-05 20:39 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys 2015-06-20 21:12 - 2013-12-05 21:32 - 00253600 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdis2.sys 2015-06-20 16:45 - 2013-02-15 21:31 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job 2015-06-18 22:33 - 2008-11-06 13:37 - 00000000 ____D C:\Program Files\Google 2015-06-18 22:32 - 2012-12-25 15:09 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\Bilder 2015-06-17 22:48 - 2008-11-06 21:44 - 00000000 ____D C:\Windows\de-DE 2015-06-17 21:56 - 2013-12-05 14:39 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Malwarebytes 2015-06-17 21:56 - 2013-12-05 14:38 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-06-17 21:45 - 2013-12-05 15:42 - 00000000 ____D C:\AdwCleaner 2015-06-17 21:45 - 2013-08-22 19:05 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-06-13 23:28 - 2013-01-31 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2015-06-13 17:50 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache 2015-06-12 23:40 - 2006-11-02 14:47 - 00326632 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-12 23:36 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE 2015-06-12 23:20 - 2008-11-06 13:48 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-06-12 23:19 - 2013-11-12 20:36 - 00000000 ____D C:\Windows\system32\MRT 2015-06-12 23:02 - 2006-11-02 12:24 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2015-06-12 22:57 - 2013-07-09 16:04 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-06-12 22:57 - 2013-07-09 16:04 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-06-10 16:09 - 2012-11-20 14:19 - 00000000 ____D C:\Program Files\Steam 2015-06-03 22:31 - 2015-05-07 19:26 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\ppsspp 2015-06-03 22:31 - 2012-12-25 15:09 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\Schulzeug 2015-06-03 17:38 - 2012-12-02 19:17 - 00000000 ____D C:\Program Files\SystemRequirementsLab 2015-05-31 21:35 - 2006-11-02 12:33 - 01581308 _____ C:\Windows\system32\PerfStringBackup.INI 2015-05-28 20:55 - 2012-11-20 14:19 - 00000000 ____D C:\Program Files\Common Files\Steam 2015-05-28 16:15 - 2012-11-25 22:18 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\TS3Client 2015-05-27 15:17 - 2012-12-02 00:23 - 00000000 ___RD C:\Users\Kagan Bagci\Desktop\Programme 2015-05-27 11:31 - 2013-03-25 21:34 - 00001356 _____ C:\Users\Kagan Bagci\AppData\Local\d3d9caps.dat 2015-05-26 12:45 - 2012-11-14 23:40 - 00000000 ____D C:\Users\Kagan Bagci ==================== Files in the root of some directories ======= 2015-05-27 13:17 - 2015-06-17 21:17 - 0000024 _____ () C:\Users\Kagan Bagci\AppData\Roaming\appdataFr25.bin 2013-03-25 21:34 - 2015-05-27 11:31 - 0001356 _____ () C:\Users\Kagan Bagci\AppData\Local\d3d9caps.dat 2012-11-15 20:49 - 2013-01-27 00:30 - 0030720 _____ () C:\Users\Kagan Bagci\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-01-11 20:36 - 2014-01-11 20:36 - 0005567 _____ () C:\Users\Kagan Bagci\AppData\Local\HWVendorDetection.log 2015-05-21 21:21 - 2015-05-21 21:21 - 0001236 _____ () C:\Users\Kagan Bagci\AppData\Local\recently-used.xbel 2013-03-18 21:00 - 2013-03-18 21:00 - 1426411 _____ () C:\Users\Kagan Bagci\AppData\Local\Tempmusic.ogg 2013-02-10 21:23 - 2013-02-10 21:23 - 0509465 _____ () C:\ProgramData\1360516069.bdinstall.bin 2013-03-20 15:48 - 2013-03-20 15:48 - 0227776 _____ () C:\ProgramData\1363787221.bdinstall.bin 2013-07-15 14:56 - 2013-07-15 14:56 - 0000057 _____ () C:\ProgramData\Ament.ini Some files in TEMP: ==================== C:\Users\Kagan Bagci\AppData\Local\Temp\DseShExt-x86.dll C:\Users\Kagan Bagci\AppData\Local\Temp\Quarantine.exe C:\Users\Kagan Bagci\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\Kagan Bagci\AppData\Local\Temp\SkypeSetup.exe C:\Users\Kagan Bagci\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-20 22:19 ==================== End of log ============================ |
22.06.2015, 06:32 | #13 |
/// the machine /// TB-Ausbilder | Kaum mache ich Google Chrome an sagt Avast ich hätte Virenseiten am start meine Frage?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
22.06.2015, 12:42 | #14 |
| Kaum mache ich Google Chrome an sagt Avast ich hätte Virenseiten am start Achso ja sry ^^` Ja also Wenn ich Programme starte dann taucht erst unten in der Leiste das fensterchen auf und dann erst später das ganze aufm Desktop. Wenn ich schreibe dann kommen manche Buchstaben verzögert.(ist mir grad aufgefallen) Wenn ich auf Youtube ein Video gucken will verschwindet einige male einfach der Ton aber das Video läuft weiter, oder das video stoppt und der ton läuft weiter .-. Sind das anzeichen für andere Viren? |
23.06.2015, 05:51 | #15 |
/// the machine /// TB-Ausbilder | Kaum mache ich Google Chrome an sagt Avast ich hätte Virenseiten am start Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Program Files\IObit\Advanced SystemCare 5\asc6_setup_v5tov6-0306.exe C:\Program Files\IObit\Advanced SystemCare 6\Toolbar\iobitappsToolbar-stub-1.exe C:\Program Files\OkayFreedom\okayfreedom_ff.xpi C:\Users\Kagan Bagci\AppData\Local\Temp\avastBCLTMP\firefox\{db981cca-088e-4731-a4a2-2fe218703c0e}\chrome\okayfreedom_ff.jar C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\user.js C:\Users\Kagan Bagci\AppData\Roaming\Steganos Updates\okayfreedom.exe C:\Users\Kagan Bagci\Desktop\Spiele und etc\S.T.A.L.K.E.R. - Call Of Pripyat\soProject\soLauncher.exe C:\Users\Kagan Bagci\Desktop\Spiele und etc\S.T.A.L.K.E.R. - Call Of Pripyat\soProject\steam-launcher.exe C:\Users\Kagan Bagci\Downloads\cbsidlm-cbsi109-Advanced_SystemCare-BP-10407614.exe C:\Users\Kagan Bagci\Downloads\dffsetup-zlibwapi.exe C:\Users\Kagan Bagci\Downloads\FreeVideoToAndroidConverter.exe C:\Users\Kagan Bagci\Downloads\FreeVideoToDVDConverter.exe C:\Users\Kagan Bagci\Downloads\FreeVideoToMP3Converter.exe C:\Users\Kagan Bagci\Downloads\FreeYouTubeToDVDConverter.exe C:\Users\Kagan Bagci\Downloads\FreeYouTubeToMP3Converter (1).exe C:\Users\Kagan Bagci\Downloads\FreeYouTubeToMP3Converter.exe C:\Users\Kagan Bagci\Downloads\HDfilm (1).exe C:\Users\Kagan Bagci\Downloads\HDfilm.exe C:\Users\Kagan Bagci\Downloads\MotioninJoy - CHIP-Installer.exe RemoveProxy: Emptytemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |