Satira12 | 13.07.2014 17:27 | Ups. sry...
Addition Logfile Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:11-07-2014
Ran by ****** at 2014-07-12 17:28:12
Running from C:\Users\******.******s-PC\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Activeris AntiMalware (HKLM\...\94EAE98D-444B-4817-858C-13DB943DF4F1_Activeris_A~741EE3A2_is1) (Version: 1.0.0.1 - Activeris) <==== ATTENTION
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.02) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
ArcSoft TotalMedia TV (HKLM\...\{7CE13DFB-7320-4630-865F-DE98D8FE6791}) (Version: - ArcSoft)
Atheros Client Installation Program (HKLM\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
BatteryLifeExtender (HKLM\...\{74A579FB-EB06-497D-B194-01590D6FE51A}) (Version: 1.0.5 - Samsung)
Brother MFL-Pro Suite DCP-145C (HKLM\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4214 - CDBurnerXP)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink DVD Suite (Version: 6.0.2806 - CyberLink Corp.) Hidden
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink LabelPrint (Version: 2.5.1916 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3108a - CyberLink Corp.)
CyberLink Power2Go (Version: 6.0.3108a - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDirector (Version: 7.0.3213 - CyberLink Corp.) Hidden
CyberLink PowerDVD 11 (HKLM\...\InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.1620.51 - CyberLink Corp.)
CyberLink PowerDVD 11 (Version: 11.0.1620.51 - CyberLink Corp.) Hidden
CyberLink PowerDVD 8 (HKLM\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerDVD 8 (Version: 8.0.2815b - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink PowerProducer (Version: 5.0.1.1812 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3625 - CyberLink Corp.)
CyberLink YouCam (Version: 2.0.3625 - CyberLink Corp.) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
DMUninstaller (HKLM\...\DMUninstaller) (Version: - ) <==== ATTENTION
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{34B76DCB-BF7C-440F-B058-C84172C1E338}) (Version: 4.2.8 - Samsung)
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.3 - Samsung)
Fast RM to MP3 Converter 4.2 (HKLM\...\{483BB540-86C9-469C-9EC3-F769348084B5}_is1) (Version: - AML SOFT, Inc.)
Free YouTube to MP3 Converter version 3.12.41.623 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.41.623 - DVDVideoSoft Ltd.)
FreeOCR v4.2 (HKLM\...\freeocr_is1) (Version: - )
GMX Softwareaktualisierung (HKLM\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 2.0.1.8 - 1&1 Mail & Media GmbH)
HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Sync (HKLM\...\{3B345B4A-2E94-4346-A38F-17E1347A0DA7}) (Version: 3.0.5527 - HTC Corporation)
Iminent (Version: 6.25.21.0 - Iminent) Hidden <==== ATTENTION
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2302 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 6.6.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 6.6.0 - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MixiDJ chrome Toolbar (HKLM\...\MixiDJ chrome Toolbar) (Version: - MixiDJ) <==== ATTENTION
Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
PDF Architect (HKLM\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Price Metér (remove only) (HKCU\...\Price Metér) (Version: 1.1.2.7 - Price Meter) <==== ATTENTION
QuickShare (HKLM\...\{F1D49A81-DFD1-4580-B7B3-B5990F64C0EC}) (Version: 1.6.1.696 - Linkury Inc.) <==== ATTENTION
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
Rocket (HKCU\...\Rocket) (Version: 31.0.1650.23 - Rocket)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio USB Driver Installer (HKLM\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung Recovery Solution 4 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version: - )
SamsungConnectivityCableDriver (HKLM\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Should I Remove It (Version: 1.0.4 - Reason Software Company Inc.) Hidden
Skillstraining (HKLM\...\Skillstraining ) (Version: - )
Soda PDF 5 (HKLM\...\{7E6EF310-CEB1-49B8-9304-4842671D8A63}) (Version: 5.1.210.11318 - LULU Software Limited)
SpeedUpMyPC (HKLM\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 6.0.3.7 - Uniblue Systems Limited) <==== ATTENTION
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1032 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM\...\{76CE5B47-F5A4-4E5C-99A0-CEFF6146EA4A}) (Version: 4.4.22.0 - Husdawg, LLC)
TIPP10 Version 2.1.0 (HKLM\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions)
TuneUp Utilities 2013 (HKLM\...\TuneUp Utilities 2013) (Version: 13.0.4000.245 - TuneUp Software)
TuneUp Utilities 2013 (Version: 13.0.4000.245 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.4000.245 - TuneUp Software) Hidden
Update for Mipony Download Manager (HKCU\...\Digital Sites) (Version: - Update for Mipony Download Manager) <==== ATTENTION
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Web & TV Stick (HKLM\...\Web & TV Stick) (Version: 11.301.08.05.35 - Huawei Technologies Co.,Ltd)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.11 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WSE Rocket (HKCU\...\WSE Rocket) (Version: - WSE Rocket)
==================== Restore Points =========================
Could not list Restore Points. Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\windows\Tasks\Dealply.job => ?
Task: C:\windows\Tasks\Digital Sites.job => ?
Task: C:\windows\Tasks\Rocket Updater.job => C:\Users\******~1.FAU\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\windows\Tasks\SpeedUpMyPC Maintenance.job => ? <==== ATTENTION
Task: C:\windows\Tasks\SpeedUpMyPC Startup.job => ? <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2010-06-14 00:53 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2012-04-06 03:21 - 2012-02-17 20:55 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll
2011-03-08 16:23 - 2011-03-08 16:23 - 00585728 _____ () C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
2011-03-08 16:23 - 2011-03-08 16:23 - 00516599 _____ () C:\Program Files\HTC\HTC Sync 3.0\sqlite3.dll
2011-03-08 16:23 - 2011-03-08 16:23 - 00094208 _____ () C:\Program Files\HTC\HTC Sync 3.0\fdHttpd.dll
2011-03-08 16:23 - 2011-03-08 16:23 - 00352256 _____ () C:\Program Files\HTC\HTC Sync 3.0\HtcDetect.dll
2011-03-08 16:23 - 2011-03-08 16:23 - 00139264 _____ () C:\Program Files\HTC\HTC Sync 3.0\htcDisk.dll
2011-03-08 16:23 - 2011-03-08 16:23 - 00139264 _____ () C:\Program Files\HTC\HTC Sync 3.0\htcDetectLegend.dll
2013-08-24 21:06 - 2012-09-25 11:26 - 01163264 ____N () C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
2013-08-24 21:05 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2014-07-03 18:55 - 2014-06-06 06:38 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePPShortCut => "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/12/2014 04:45:38 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.
Error: (07/12/2014 04:35:42 PM) (Source: Application Virtualization Client) (EventID: 3037) (User: )
Description: {tid=E04}
Application Virtualization Client kann OfficeVirt 9014006604070000 nicht öffnen.
Error: (07/12/2014 04:35:38 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.
Error: (07/12/2014 04:35:38 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}
Error: (07/12/2014 04:35:38 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Error: Product {90140011-0066-0407-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...
Error: (07/12/2014 04:35:38 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}
Error: (07/12/2014 04:35:38 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Error: Product {90140011-0066-0407-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...
Error: (07/12/2014 04:35:38 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}
Error: (07/12/2014 04:35:38 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Error: Product {90140011-0066-0407-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...
Error: (07/11/2014 11:29:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TuneUpUtilitiesService32.exe, Version: 13.0.4000.245, Zeitstempel: 0x52e76b9e
Name des fehlerhaften Moduls: IMM32.DLL, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b845
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001468
ID des fehlerhaften Prozesses: 0x82c
Startzeit der fehlerhaften Anwendung: 0xTuneUpUtilitiesService32.exe0
Pfad der fehlerhaften Anwendung: TuneUpUtilitiesService32.exe1
Pfad des fehlerhaften Moduls: TuneUpUtilitiesService32.exe2
Berichtskennung: TuneUpUtilitiesService32.exe3
System errors:
=============
Error: (07/12/2014 04:35:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
netfilter2
Error: (07/12/2014 04:35:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Service Component of VO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/12/2014 04:35:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Util ConstaSurf" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/12/2014 04:35:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Optimizer Pro Crash Monitor erreicht.
Error: (07/12/2014 04:34:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Automatische WLAN-Konfiguration" wurde mit folgendem Fehler beendet:
%%999
Error: (07/11/2014 10:14:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
netfilter2
Error: (07/11/2014 10:14:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Service Component of VO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/11/2014 10:14:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Util ConstaSurf" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/11/2014 10:13:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Optimizer Pro Crash Monitor erreicht.
Error: (07/11/2014 10:13:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Automatische WLAN-Konfiguration" wurde mit folgendem Fehler beendet:
%%999
Microsoft Office Sessions:
=========================
Error: (07/12/2014 04:45:38 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.
Error: (07/12/2014 04:35:42 PM) (Source: Application Virtualization Client) (EventID: 3037) (User: )
Description: {tid=E04}
OfficeVirt 9014006604070000
Error: (07/12/2014 04:35:38 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.
Error: (07/12/2014 04:35:38 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}
Error: (07/12/2014 04:35:38 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: Product {90140011-0066-0407-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...
Error: (07/12/2014 04:35:38 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}
Error: (07/12/2014 04:35:38 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: Product {90140011-0066-0407-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...
Error: (07/12/2014 04:35:38 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}
Error: (07/12/2014 04:35:38 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: Product {90140011-0066-0407-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...
Error: (07/11/2014 11:29:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TuneUpUtilitiesService32.exe13.0.4000.24552e76b9eIMM32.DLL6.1.7601.175144ce7b845c00000050000146882c01cf9d44ab6c94e6C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exeC:\windows\system32\IMM32.DLL6b7f5de3-0942-11e4-a27c-002454e109a3
==================== Memory info ===========================
Percentage of memory in use: 39%
Total physical RAM: 3004.61 MB
Available physical RAM: 1805.25 MB
Total Pagefile: 6005.45 MB
Available Pagefile: 4532.98 MB
Total Virtual: 2047.88 MB
Available Virtual: 1880.19 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:138.99 GB) (Free:95.52 GB) NTFS
Drive d: () (Fixed) (Total:139 GB) (Free:123.07 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-07-2014
Ran by ****** (ATTENTION: The logged in user is not administrator) on ******S-PC on 12-07-2014 17:27:33
Running from C:\Users\******.******s-PC\Downloads
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
() C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
() C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [HTC Sync Loader] => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [585728 2011-03-08] ()
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" [54072 2014-05-12] (Malwarebytes Corporation)
HKLM\...\Runonce: [Del2531131] - cmd.exe /Q /D /c del "C:\Users\Admin\AppData\Local\Temp\0.del"
HKLM\...\Runonce: [Del2951304] - cmd.exe /Q /D /c del "C:\Users\******~1.FAU\AppData\Local\Temp\0.del"
HKLM\...\Runonce: [Del3101050] - cmd.exe /Q /D /c del "C:\Users\******~1.FAU\AppData\Local\Temp\0.del"
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\windows\System32\SPReview\SPReview.exe [280576 2011-09-27] (Microsoft Corporation)
HKU\S-1-5-21-3219418776-4157282183-555089908-1001\...\MountPoints2: {5c297375-dcf9-11df-8410-806e6f6e6963} - E:\install.EXE id= ver=1.0.0.0
HKU\S-1-5-21-3219418776-4157282183-555089908-1002\...\RunOnce: [Del2951304] - cmd.exe /Q /D /c del "C:\Users\******~1.FAU\AppData\Local\Temp\0.del"
HKU\S-1-5-21-3219418776-4157282183-555089908-1002\...\RunOnce: [Del3101050] - cmd.exe /Q /D /c del "C:\Users\******~1.FAU\AppData\Local\Temp\0.del"
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
ProxyServer: http=127.0.0.1:58414;https=127.0.0.1:58414
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://rocket-find.com/?f=1&a=rckt_dsites05_14_28_ff&cd=2XzuyEtN2Y1L1QzuyE0C0E0D0D0EtByE0FyByDzzzzzyzy0BtN0D0Tzu0SzytByEtN1L2XzutBtFtBtCtFtCyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0C0DtDyE0E0AyDtG0CtA0AyCtGtCyE0A0CtGtB0B0AtDtGyByCtD0B0Fzz0C0ByEzy0DtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0EyB0FyBzytCyCtGtA0FyEtCtG0CtBzzyDtG0Ezy0FyDtGtA0Fzy0DzyyEtA0CtDzz0C0E2Q&cr=1813621935&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8580603AD093CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_28_ff&cd=2XzuyEtN2Y1L1QzuyE0C0E0D0D0EtByE0FyByDzzzzzyzy0BtN0D0Tzu0SzytByEtN1L2XzutBtFtBtCtFtCyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0C0DtDyE0E0AyDtG0CtA0AyCtGtCyE0A0CtGtB0B0AtDtGyByCtD0B0Fzz0C0ByEzy0DtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0EyB0FyBzytCyCtGtA0FyEtCtG0CtBzzyDtG0Ezy0FyDtGtA0Fzy0DzyyEtA0CtDzz0C0E2Q&cr=1813621935&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://search.certified-toolbar.com?si=80415&st=bs&tid=23890&ver=6.3&ts=1401384313694&tguid=80415-23890-1401384313694-B6276A181F4D9C7FAE422144C0435339&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_28_ff&cd=2XzuyEtN2Y1L1QzuyE0C0E0D0D0EtByE0FyByDzzzzzyzy0BtN0D0Tzu0SzytByEtN1L2XzutBtFtBtCtFtCyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0C0DtDyE0E0AyDtG0CtA0AyCtGtCyE0A0CtGtB0B0AtDtGyByCtD0B0Fzz0C0ByEzy0DtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0EyB0FyBzytCyCtGtA0FyEtCtG0CtBzzyDtG0Ezy0FyDtGtA0Fzy0DzyyEtA0CtDzz0C0E2Q&cr=1813621935&ir=
SearchScopes: HKCU - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Soda PDF 5 IE Helper - {C737F472-1193-4281-BF53-A00B67AB3E19} - C:\Program Files\Soda PDF 5\PDFIEHelper.dll (LULU Software Limited)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - toolplugin - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - toolplugin\toolbar.dll No File
Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM - Soda PDF 5 IE Toolbar - {F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - C:\Program Files\Soda PDF 5\PDFIEPlugin.dll (LULU Software Limited)
Toolbar: HKLM - No Name - {92aa6038-35c9-4666-893f-84716dec281c} - No File
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\******.******s-PC\AppData\Roaming\Mozilla\Firefox\Profiles\mswnb83c.default
FF DefaultSearchEngine: WSE Rocket
FF SelectedSearchEngine: WSE Rocket
FF Homepage: hxxp://rocket-find.com/?f=1&a=rckt_dsites05_14_28_ff&cd=2XzuyEtN2Y1L1QzuyE0C0E0D0D0EtByE0FyByDzzzzzyzy0BtN0D0Tzu0SzytByEtN1L2XzutBtFtBtCtFtCyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0C0DtDyE0E0AyDtG0CtA0AyCtGtCyE0A0CtGtB0B0AtDtGyByCtD0B0Fzz0C0ByEzy0DtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0EyB0FyBzytCyCtGtA0FyEtCtG0CtBzzyDtG0Ezy0FyDtGtA0Fzy0DzyyEtA0CtDzz0C0E2Q&cr=1813621935&ir=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\******.******s-PC\AppData\Roaming\Mozilla\Firefox\Profiles\mswnb83c.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\******.******s-PC\AppData\Roaming\Mozilla\Firefox\Profiles\mswnb83c.default\searchplugins\WSE Rocket.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Rocket New Tab - C:\Users\******.******s-PC\AppData\Roaming\Mozilla\Firefox\Profiles\mswnb83c.default\Extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b} [2014-07-12]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-10-06]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-08-24]
FF HKLM\...\Firefox\Extensions: [FFSodaPDF5Converter@sodapdf.com] - C:\Program Files\Soda PDF 5\FFSoda5Ext
FF Extension: Soda PDF 5 Converter For Firefox - C:\Program Files\Soda PDF 5\FFSoda5Ext [2013-11-18]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\******.******s-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-28]
CHR Extension: (Google Drive) - C:\Users\******.******s-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-28]
CHR Extension: (YouTube) - C:\Users\******.******s-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-28]
CHR Extension: (Google-Suche) - C:\Users\******.******s-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-28]
CHR Extension: (Plus-HD-3.7) - C:\Users\******.******s-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdgpogmpcjffpmdkoedclegjohlepii [2014-06-28]
CHR Extension: (Google Wallet) - C:\Users\******.******s-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-28]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\******.******s-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-06-28]
CHR Extension: (Google Mail) - C:\Users\******.******s-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-28]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\...\Chrome\Extension: [ojcdnngpmbenohhjlickdajclhbcaada] - C:\Program Files\TubeSaver\128.crx [2011-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [119056 2013-05-23] (SUPERAntiSpyware.com)
S4 CLHNServiceForPowerDVD; C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-04-20] ()
S4 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [70952 2011-03-31] (CyberLink)
S4 CyberLink PowerDVD 11.0 Service; C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [312616 2011-03-31] (CyberLink)
R2 FsUsbExService; C:\windows\system32\FsUsbExService.Exe [233472 2009-03-31] (Teruten) [File not signed]
R2 lmhosts; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NlaSvc; C:\windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
R2 Soda PDF 5 Helper Service; C:\Program Files\Soda PDF 5\HelperService.exe [1098056 2013-07-17] (LULU Software Limited)
R2 Soda PDF 5 Service; C:\Program Files\Soda PDF 5\ConversionService.exe [794440 2013-07-17] (LULU Software Limited)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1731896 2014-01-28] (TuneUp Software)
S2 ca82e1a5; "C:\windows\system32\rundll32.exe" "c:\progra~1\optimi~1\OptProCrashSvc.dll",ServiceMain
S2 Util ConstaSurf; "C:\Program Files\ConstaSurf\bin\utilConstaSurf.exe" [X]
S2 VOsrv; C:\Users\Admin\AppData\Roaming\VOPackage\VOsrv.exe [X]
==================== Drivers (Whitelisted) ====================
R2 atksgt; C:\windows\System32\DRIVERS\atksgt.sys [281760 2011-03-25] ()
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [239168 2011-11-15] (DT Soft Ltd)
R3 FsUsbExDisk; C:\windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed]
S3 Huawei; C:\windows\System32\DRIVERS\ewdcsc.sys [23424 2007-08-09] (Huawei Tech. Co., Ltd.)
R2 lirsgt; C:\windows\System32\DRIVERS\lirsgt.sys [25888 2011-03-25] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
S3 mod7700; C:\windows\System32\DRIVERS\mod7700.sys [621056 2008-04-14] (DiBcom SA)
R1 netfilter; C:\windows\System32\drivers\netfilter.sys [31744 2014-07-08] (NetFilterSDK.com) [File not signed]
R2 ntk_PowerDVD; C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [71664 2011-04-20] (Cyberlink Corp.)
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2010-10-21] (Windows (R) 2003 DDK 3790 provider)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ss_bbus; C:\windows\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI)
S3 ss_bmdfl; C:\windows\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation)
S3 ss_bmdm; C:\windows\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-09-19] (TuneUp Software)
S3 USB28xxBGA; C:\windows\System32\DRIVERS\emBDA.sys [540288 2008-09-12] (eMPIA Technology, Inc.) [File not signed]
S3 USB28xxOEM; C:\windows\System32\DRIVERS\emOEM.sys [443520 2008-09-12] (eMPIA Technology, Inc.) [File not signed]
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [77296 2011-04-12] (CyberLink Corp.)
S3 ALSysIO; \??\C:\Users\Admin\AppData\Local\Temp\ALSysIO.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 netfilter2; system32\drivers\netfilter2.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-12 17:27 - 2014-07-12 17:27 - 01075200 _____ (Farbar) C:\Users\******.******s-PC\Downloads\FRST.exe
2014-07-12 17:27 - 2014-07-12 17:27 - 00019493 _____ () C:\Users\******.******s-PC\Downloads\FRST.txt
2014-07-12 17:27 - 2014-07-12 17:27 - 00000000 ____D () C:\FRST
2014-07-12 17:24 - 2014-07-12 17:24 - 00002247 _____ () C:\Users\******.******s-PC\Desktop\Rocket.lnk
2014-07-12 17:24 - 2014-07-12 17:24 - 00000308 _____ () C:\windows\Tasks\Rocket Updater.job
2014-07-12 17:24 - 2014-07-12 17:24 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\RocketUpdater
2014-07-12 17:24 - 2014-07-12 17:24 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocket
2014-07-12 17:24 - 2014-07-12 17:24 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Local\WSE Rocket
2014-07-12 17:24 - 2014-07-12 17:24 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Local\Rocket
2014-07-12 17:23 - 2014-07-12 17:24 - 00000472 _____ () C:\Users\******.******s-PC\Downloads\defogger_disable.log
2014-07-12 17:22 - 2014-07-12 17:22 - 00050477 _____ () C:\Users\******.******s-PC\Downloads\Defogger.exe
2014-07-12 17:21 - 2014-07-12 17:21 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\DigitalSites
2014-07-12 17:14 - 2014-07-12 17:14 - 00000292 _____ () C:\windows\Tasks\Digital Sites.job
2014-07-12 17:13 - 2014-07-12 17:13 - 00682272 _____ ( ) C:\Users\******.******s-PC\Downloads\DownloadManagerSetup.exe
2014-07-11 23:09 - 2014-07-11 23:09 - 01057176 _____ (Adobe) C:\Users\******.******s-PC\Downloads\install_flashplayer14x32_mssa_aaa_aih.exe
2014-07-09 20:05 - 2014-07-09 20:05 - 00001640 _____ () C:\Users\******.******s-PC\Desktop\ShouldIRemoveIt - Verknüpfung.lnk
2014-07-09 19:47 - 2014-07-09 19:58 - 00000000 __SHD () C:\windows\system32\AI_RecycleBin
2014-07-09 19:47 - 2014-07-09 19:47 - 00000000 ____D () C:\Program Files\Reason
2014-07-09 19:46 - 2014-07-09 19:46 - 02175496 _____ (Reason Software Company Inc.) C:\Users\******.******s-PC\Downloads\ShouldIRemoveIt_Setup.exe
2014-07-09 18:51 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-09 18:51 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-09 18:51 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-09 18:51 - 2014-06-19 01:56 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-07-09 18:51 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-07-09 18:51 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-09 18:51 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-07-09 18:51 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-07-09 18:51 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-09 18:51 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-09 18:51 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-09 18:51 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-07-09 18:51 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-07-09 18:51 - 2014-06-19 01:23 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-07-09 18:51 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-07-09 18:51 - 2014-06-19 01:16 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-07-09 18:51 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-09 18:51 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 18:51 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-09 18:51 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-09 18:51 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-09 18:51 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-09 18:51 - 2014-06-19 00:52 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-09 18:51 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-09 18:51 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-07-09 18:51 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-09 18:51 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-09 18:51 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-09 18:51 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-09 18:51 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-07-09 18:50 - 2014-06-30 03:40 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-07-09 18:50 - 2014-06-30 03:36 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-07-09 18:50 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-07-09 18:50 - 2014-06-18 02:52 - 02350080 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-07-09 18:50 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-07-09 18:50 - 2014-06-05 16:26 - 01059840 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-07-09 18:50 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-07-09 18:50 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-07-09 18:50 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-07-09 18:50 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-07-09 18:50 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-07-09 18:50 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-07-09 18:50 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-07-09 18:50 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-07-08 20:34 - 2014-07-08 20:34 - 00031744 _____ (NetFilterSDK.com) C:\windows\system32\Drivers\netfilter.sys
2014-07-04 20:43 - 2014-07-04 20:43 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\WinRAR
2014-07-04 17:20 - 2014-07-04 17:20 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Local\Adobe
2014-07-03 19:44 - 2014-07-03 21:17 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\TIPP10
2014-07-03 19:30 - 2014-07-03 19:30 - 02347384 _____ (ESET) C:\Users\******.******s-PC\Downloads\esetsmartinstaller_deu(1).exe
2014-07-03 19:08 - 2014-07-03 19:08 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Local\Macromedia
2014-07-03 18:55 - 2014-07-03 18:55 - 29677544 _____ (Mozilla) C:\Users\******.******s-PC\Downloads\Firefox Setup 30.0.exe
2014-07-03 18:55 - 2014-07-03 18:55 - 00001065 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-03 18:55 - 2014-07-03 18:55 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\Mozilla
2014-07-03 18:55 - 2014-07-03 18:55 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Local\Mozilla
2014-07-03 18:55 - 2014-07-03 18:55 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-03 18:52 - 2014-07-03 18:52 - 00284288 _____ (Mozilla) C:\Users\******.******s-PC\Downloads\Firefox Setup Stub 30.0 (2).exe
2014-07-03 18:51 - 2014-07-03 18:51 - 00284288 _____ (Mozilla) C:\Users\******.******s-PC\Downloads\Firefox Setup Stub 30.0 (1).exe
2014-07-03 17:58 - 2014-07-03 17:58 - 00110296 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-03 17:58 - 2014-07-03 17:58 - 00001020 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-03 17:58 - 2014-07-03 17:58 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-03 17:58 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-03 17:58 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-03 17:58 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-07-03 17:57 - 2014-07-03 17:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\******.******s-PC\Downloads\mbam-setup-consumer-2.0.2.1012.exe
2014-07-03 17:50 - 2014-07-03 17:50 - 00315392 _____ (Malwarebytes Corporation) C:\Users\******.******s-PC\Downloads\mbam-clean-2.0.2.0.exe
2014-07-03 17:48 - 2014-07-03 17:48 - 00000952 _____ () C:\Users\******.******s-PC\Documents\Malwarebytes.txt
2014-07-03 17:40 - 2014-07-03 17:40 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\******.******s-PC\Downloads\mbam_premium (2).exe
2014-07-03 17:40 - 2014-07-03 17:40 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\******.******s-PC\Downloads\mbam_premium (1).exe
2014-07-03 17:39 - 2014-07-03 17:39 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\******.******s-PC\Downloads\mbam_premium.exe
2014-06-30 16:41 - 2014-07-07 10:41 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Local\CrashDumps
2014-06-30 16:41 - 2014-06-30 16:42 - 00284224 _____ (Mozilla) C:\Users\******.******s-PC\Downloads\Firefox Setup Stub 30.0.exe
2014-06-30 13:55 - 2014-06-30 13:55 - 02347384 _____ (ESET) C:\Users\******.******s-PC\Downloads\esetsmartinstaller_deu (1).exe
2014-06-30 13:52 - 2014-06-30 13:52 - 02347384 _____ (ESET) C:\Users\******.******s-PC\Downloads\esetsmartinstaller_deu.exe
2014-06-30 13:52 - 2014-06-30 13:52 - 00000000 ____D () C:\Program Files\ESET
2014-06-30 13:42 - 2014-06-30 13:42 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\Media Player Classic
2014-06-30 13:42 - 2014-06-30 13:42 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\DivX
2014-06-29 21:28 - 2014-06-29 21:28 - 00000000 __SHD () C:\Users\******.******s-PC\AppData\Local\EmieUserList
2014-06-29 21:28 - 2014-06-29 21:28 - 00000000 __SHD () C:\Users\******.******s-PC\AppData\Local\EmieSiteList
2014-06-29 01:50 - 2014-06-29 01:51 - 01080528 _____ (Unity Technologies ApS) C:\Users\******.******s-PC\Downloads\UnityWebPlayer.exe
2014-06-29 00:14 - 2014-06-30 13:42 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\vlc
2014-06-28 23:20 - 2014-06-28 23:20 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\DVDVideoSoft
2014-06-28 23:19 - 2014-06-29 02:08 - 00000000 ____D () C:\Users\******.******s-PC\Documents\DVDVideoSoft
2014-06-28 23:16 - 2014-06-28 23:16 - 34488000 _____ (DVDVideoSoft Ltd. ) C:\Users\******.******s-PC\Downloads\FreeYouTubeToMP3Converter-3.12.41.623.exe
2014-06-28 23:16 - 2014-06-28 23:16 - 34488000 _____ (DVDVideoSoft Ltd. ) C:\Users\******.******s-PC\Downloads\FreeYouTubeToMP3Converter-3.12.41.623 (1).exe
2014-06-28 02:35 - 2014-06-28 02:36 - 00000000 ____D () C:\Program Files\Avira
2014-06-28 02:24 - 2014-06-28 02:26 - 141865920 _____ () C:\Users\******.******s-PC\Downloads\avira_free_antivirus45_de (1).exe
2014-06-28 02:24 - 2014-06-28 02:25 - 141865920 _____ () C:\Users\******.******s-PC\Downloads\avira_free_antivirus45_de.exe
2014-06-28 02:22 - 2014-06-28 02:22 - 01342659 _____ () C:\Users\******.******s-PC\Downloads\adwcleaner_3.213.exe
2014-06-28 02:22 - 2014-06-28 02:22 - 01342659 _____ () C:\Users\******.******s-PC\Downloads\adwcleaner_3.213 (1).exe
2014-06-28 02:00 - 2014-06-28 02:00 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\TuneUp Software
2014-06-28 01:52 - 2014-06-28 01:52 - 15134710 _____ () C:\Users\******.******s-PC\Downloads\PanoramasNYC2ChadWeisser (1).deskthemepack
2014-06-28 01:50 - 2014-06-28 01:50 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\File Type Helper
2014-06-28 01:48 - 2014-06-28 01:49 - 19946468 _____ () C:\Users\******.******s-PC\Downloads\CommunityShowcaseRuralLandscapes2.themepack
2014-06-28 01:48 - 2014-06-28 01:49 - 19265782 _____ () C:\Users\******.******s-PC\Downloads\CommunityShowcaseEverydayArt2.themepack
2014-06-28 01:48 - 2014-06-28 01:49 - 15134710 _____ () C:\Users\******.******s-PC\Downloads\PanoramasNYC2ChadWeisser.deskthemepack
2014-06-28 01:48 - 2014-06-28 01:49 - 15076832 _____ () C:\Users\******.******s-PC\Downloads\UbisoftChildOfLight.themepack
2014-06-28 01:48 - 2014-06-28 01:49 - 11283014 _____ () C:\Users\******.******s-PC\Downloads\SightsOfMontereySumanDas.themepack
2014-06-28 01:48 - 2014-06-28 01:48 - 20109092 _____ () C:\Users\******.******s-PC\Downloads\CommunityShowcaseFlora2.themepack
2014-06-28 01:48 - 2014-06-28 01:48 - 19145885 _____ () C:\Users\******.******s-PC\Downloads\CommunityShowcaseDramaticSkies2.themepack
2014-06-28 01:43 - 2014-06-28 21:58 - 00000000 ____D () C:\SUPERDelete
2014-06-28 01:42 - 2014-06-28 01:42 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\SUPERAntiSpyware.com
2014-06-28 01:41 - 2014-06-28 01:41 - 00093336 _____ () C:\Users\******.******s-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-28 01:40 - 2014-07-04 17:20 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\Adobe
2014-06-28 01:40 - 2014-06-30 09:31 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Local\VirtualStore
2014-06-28 01:40 - 2014-06-28 01:41 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\HTC
2014-06-28 01:40 - 2014-06-28 01:40 - 00001381 _____ () C:\Users\******.******s-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-28 01:40 - 2014-06-28 01:40 - 00001075 _____ () C:\Users\******.******s-PC\Desktop\CyberLink YouCam.lnk
2014-06-28 01:40 - 2014-06-28 01:40 - 00000020 ___SH () C:\Users\******.******s-PC\ntuser.ini
2014-06-28 01:40 - 2014-06-28 01:40 - 00000000 _SHDL () C:\Users\******.******s-PC\Startmenü
2014-06-28 01:40 - 2014-06-28 01:40 - 00000000 _SHDL () C:\Users\******.******s-PC\Netzwerkumgebung
2014-06-28 01:40 - 2014-06-28 01:40 - 00000000 _SHDL () C:\Users\******.******s-PC\Druckumgebung
2014-06-28 01:40 - 2014-06-28 01:40 - 00000000 _SHDL () C:\Users\******.******s-PC\Documents\Eigene Musik
2014-06-28 01:40 - 2014-06-28 01:40 - 00000000 _SHDL () C:\Users\******.******s-PC\Documents\Eigene Bilder
2014-06-28 01:40 - 2014-06-28 01:40 - 00000000 _SHDL () C:\Users\******.******s-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-28 01:40 - 2014-06-28 01:40 - 00000000 _SHDL () C:\Users\******.******s-PC\AppData\Local\Verlauf
2014-06-28 01:40 - 2014-06-28 01:40 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Local\Google
2014-06-28 01:40 - 2014-06-28 01:40 - 00000000 ____D () C:\Users\******.******s-PC
2014-06-28 01:40 - 2012-01-14 11:46 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\Macromedia
2014-06-28 01:40 - 2010-12-09 16:28 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-06-28 01:40 - 2010-06-14 00:51 - 00001148 _____ () C:\Users\******.******s-PC\Desktop\CyberLink DVD Suite.lnk
2014-06-28 01:40 - 2010-06-14 00:51 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-06-28 01:40 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\******.******s-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-28 01:40 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\******.******s-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-28 01:34 - 2014-07-03 18:47 - 00088522 _____ () C:\windows\wininit.ini
2014-06-28 00:34 - 2014-07-03 19:01 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-06-27 23:31 - 2014-06-27 23:31 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-27 23:30 - 2014-07-09 20:07 - 00000000 ____D () C:\windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-06-27 22:32 - 2014-07-10 18:03 - 00000000 ____D () C:\Program Files\65CF66DC-5268-40F3-A63A-3DA446B5FAAA
2014-06-20 23:51 - 2014-06-20 23:52 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-06-20 23:51 - 2014-06-20 23:51 - 00001921 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-06-20 23:37 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-20 23:37 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-06-20 23:37 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-20 23:37 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-06-20 23:37 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-06-20 23:36 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-06-14 00:49 - 2014-06-14 00:49 - 00000984 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-14 00:28 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
==================== One Month Modified Files and Folders =======
2014-07-12 17:27 - 2014-07-12 17:27 - 01075200 _____ (Farbar) C:\Users\******.******s-PC\Downloads\FRST.exe
2014-07-12 17:27 - 2014-07-12 17:27 - 00019493 _____ () C:\Users\******.******s-PC\Downloads\FRST.txt
2014-07-12 17:27 - 2014-07-12 17:27 - 00000000 ____D () C:\FRST
2014-07-12 17:25 - 2014-05-29 19:25 - 00000266 _____ () C:\windows\Tasks\SpeedUpMyPC Maintenance.job
2014-07-12 17:24 - 2014-07-12 17:24 - 00002247 _____ () C:\Users\******.******s-PC\Desktop\Rocket.lnk
2014-07-12 17:24 - 2014-07-12 17:24 - 00000308 _____ () C:\windows\Tasks\Rocket Updater.job
2014-07-12 17:24 - 2014-07-12 17:24 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\RocketUpdater
2014-07-12 17:24 - 2014-07-12 17:24 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocket
2014-07-12 17:24 - 2014-07-12 17:24 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Local\WSE Rocket
2014-07-12 17:24 - 2014-07-12 17:24 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Local\Rocket
2014-07-12 17:24 - 2014-07-12 17:23 - 00000472 _____ () C:\Users\******.******s-PC\Downloads\defogger_disable.log
2014-07-12 17:23 - 2010-12-31 12:02 - 00000000 ____D () C:\Users\Admin
2014-07-12 17:22 - 2014-07-12 17:22 - 00050477 _____ () C:\Users\******.******s-PC\Downloads\Defogger.exe
2014-07-12 17:21 - 2014-07-12 17:21 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\DigitalSites
2014-07-12 17:14 - 2014-07-12 17:14 - 00000292 _____ () C:\windows\Tasks\Digital Sites.job
2014-07-12 17:13 - 2014-07-12 17:13 - 00682272 _____ ( ) C:\Users\******.******s-PC\Downloads\DownloadManagerSetup.exe
2014-07-12 17:09 - 2010-06-14 00:44 - 01283015 _____ () C:\windows\WindowsUpdate.log
2014-07-12 17:03 - 2013-01-23 07:38 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-12 16:56 - 2013-12-04 12:56 - 00000290 _____ () C:\windows\Tasks\Dealply.job
2014-07-12 16:42 - 2009-07-14 06:34 - 00014512 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-12 16:42 - 2009-07-14 06:34 - 00014512 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-12 16:35 - 2014-05-29 19:25 - 00000260 _____ () C:\windows\Tasks\SpeedUpMyPC Startup.job
2014-07-12 16:34 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-12 16:32 - 2012-10-15 23:43 - 00033594 _____ () C:\windows\setupact.log
2014-07-11 23:09 - 2014-07-11 23:09 - 01057176 _____ (Adobe) C:\Users\******.******s-PC\Downloads\install_flashplayer14x32_mssa_aaa_aih.exe
2014-07-10 18:07 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\rescache
2014-07-10 18:03 - 2014-06-27 22:32 - 00000000 ____D () C:\Program Files\65CF66DC-5268-40F3-A63A-3DA446B5FAAA
2014-07-10 15:19 - 2014-05-29 19:24 - 00000000 ____D () C:\Program Files\003
2014-07-10 15:19 - 2014-03-08 01:17 - 00000000 ____D () C:\Program Files\V-bates
2014-07-10 15:09 - 2012-10-18 17:05 - 00630034 _____ () C:\windows\PFRO.log
2014-07-09 20:07 - 2014-06-27 23:30 - 00000000 ____D () C:\windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-07-09 20:05 - 2014-07-09 20:05 - 00001640 _____ () C:\Users\******.******s-PC\Desktop\ShouldIRemoveIt - Verknüpfung.lnk
2014-07-09 20:03 - 2013-01-23 07:38 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-07-09 20:03 - 2012-11-04 00:31 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-09 19:58 - 2014-07-09 19:47 - 00000000 __SHD () C:\windows\system32\AI_RecycleBin
2014-07-09 19:47 - 2014-07-09 19:47 - 00000000 ____D () C:\Program Files\Reason
2014-07-09 19:46 - 2014-07-09 19:46 - 02175496 _____ (Reason Software Company Inc.) C:\Users\******.******s-PC\Downloads\ShouldIRemoveIt_Setup.exe
2014-07-09 19:38 - 2009-07-14 06:33 - 00370216 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-09 19:33 - 2014-05-12 02:23 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-07-09 19:33 - 2010-06-13 03:35 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 19:33 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\de-DE
2014-07-09 19:31 - 2013-07-17 00:04 - 00000000 ____D () C:\windows\system32\MRT
2014-07-09 19:30 - 2011-03-28 13:50 - 93585272 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-07-08 20:34 - 2014-07-08 20:34 - 00031744 _____ (NetFilterSDK.com) C:\windows\system32\Drivers\netfilter.sys
2014-07-07 10:41 - 2014-06-30 16:41 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Local\CrashDumps
2014-07-04 20:43 - 2014-07-04 20:43 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\WinRAR
2014-07-04 17:20 - 2014-07-04 17:20 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Local\Adobe
2014-07-04 17:20 - 2014-06-28 01:40 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\Adobe
2014-07-03 21:17 - 2014-07-03 19:44 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\TIPP10
2014-07-03 19:30 - 2014-07-03 19:30 - 02347384 _____ (ESET) C:\Users\******.******s-PC\Downloads\esetsmartinstaller_deu(1).exe
2014-07-03 19:08 - 2014-07-03 19:08 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Local\Macromedia
2014-07-03 19:05 - 2010-06-14 01:10 - 00000000 ____D () C:\Program Files\Google
2014-07-03 19:01 - 2014-06-28 00:34 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-07-03 18:55 - 2014-07-03 18:55 - 29677544 _____ (Mozilla) C:\Users\******.******s-PC\Downloads\Firefox Setup 30.0.exe
2014-07-03 18:55 - 2014-07-03 18:55 - 00001065 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-03 18:55 - 2014-07-03 18:55 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\Mozilla
2014-07-03 18:55 - 2014-07-03 18:55 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Local\Mozilla
2014-07-03 18:55 - 2014-07-03 18:55 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-03 18:55 - 2014-04-14 16:45 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-03 18:52 - 2014-07-03 18:52 - 00284288 _____ (Mozilla) C:\Users\******.******s-PC\Downloads\Firefox Setup Stub 30.0 (2).exe
2014-07-03 18:51 - 2014-07-03 18:51 - 00284288 _____ (Mozilla) C:\Users\******.******s-PC\Downloads\Firefox Setup Stub 30.0 (1).exe
2014-07-03 18:47 - 2014-06-28 01:34 - 00088522 _____ () C:\windows\wininit.ini
2014-07-03 18:16 - 2013-06-23 22:14 - 00000000 ____D () C:\Program Files\Common Files\Umbrella
2014-07-03 17:58 - 2014-07-03 17:58 - 00110296 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-03 17:58 - 2014-07-03 17:58 - 00001020 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-03 17:58 - 2014-07-03 17:58 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-03 17:58 - 2014-07-03 17:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\******.******s-PC\Downloads\mbam-setup-consumer-2.0.2.1012.exe
2014-07-03 17:50 - 2014-07-03 17:50 - 00315392 _____ (Malwarebytes Corporation) C:\Users\******.******s-PC\Downloads\mbam-clean-2.0.2.0.exe
2014-07-03 17:48 - 2014-07-03 17:48 - 00000952 _____ () C:\Users\******.******s-PC\Documents\Malwarebytes.txt
2014-07-03 17:40 - 2014-07-03 17:40 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\******.******s-PC\Downloads\mbam_premium (2).exe
2014-07-03 17:40 - 2014-07-03 17:40 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\******.******s-PC\Downloads\mbam_premium (1).exe
2014-07-03 17:39 - 2014-07-03 17:39 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\******.******s-PC\Downloads\mbam_premium.exe
2014-06-30 16:42 - 2014-06-30 16:41 - 00284224 _____ (Mozilla) C:\Users\******.******s-PC\Downloads\Firefox Setup Stub 30.0.exe
2014-06-30 13:55 - 2014-06-30 13:55 - 02347384 _____ (ESET) C:\Users\******.******s-PC\Downloads\esetsmartinstaller_deu (1).exe
2014-06-30 13:52 - 2014-06-30 13:52 - 02347384 _____ (ESET) C:\Users\******.******s-PC\Downloads\esetsmartinstaller_deu.exe
2014-06-30 13:52 - 2014-06-30 13:52 - 00000000 ____D () C:\Program Files\ESET
2014-06-30 13:42 - 2014-06-30 13:42 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\Media Player Classic
2014-06-30 13:42 - 2014-06-30 13:42 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\DivX
2014-06-30 13:42 - 2014-06-29 00:14 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\vlc
2014-06-30 09:31 - 2014-06-28 01:40 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Local\VirtualStore
2014-06-30 03:40 - 2014-07-09 18:50 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-30 03:36 - 2014-07-09 18:50 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-29 21:51 - 2010-12-13 18:15 - 00000400 _____ () C:\windows\ODBC.INI
2014-06-29 21:28 - 2014-06-29 21:28 - 00000000 __SHD () C:\Users\******.******s-PC\AppData\Local\EmieUserList
2014-06-29 21:28 - 2014-06-29 21:28 - 00000000 __SHD () C:\Users\******.******s-PC\AppData\Local\EmieSiteList
2014-06-29 02:19 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-29 02:08 - 2014-06-28 23:19 - 00000000 ____D () C:\Users\******.******s-PC\Documents\DVDVideoSoft
2014-06-29 01:51 - 2014-06-29 01:50 - 01080528 _____ (Unity Technologies ApS) C:\Users\******.******s-PC\Downloads\UnityWebPlayer.exe
2014-06-28 23:20 - 2014-06-28 23:20 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\DVDVideoSoft
2014-06-28 23:19 - 2014-06-04 07:18 - 00002232 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-06-28 23:19 - 2014-06-04 07:17 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-06-28 23:19 - 2014-06-04 07:17 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-06-28 23:16 - 2014-06-28 23:16 - 34488000 _____ (DVDVideoSoft Ltd. ) C:\Users\******.******s-PC\Downloads\FreeYouTubeToMP3Converter-3.12.41.623.exe
2014-06-28 23:16 - 2014-06-28 23:16 - 34488000 _____ (DVDVideoSoft Ltd. ) C:\Users\******.******s-PC\Downloads\FreeYouTubeToMP3Converter-3.12.41.623 (1).exe
2014-06-28 21:58 - 2014-06-28 01:43 - 00000000 ____D () C:\SUPERDelete
2014-06-28 02:36 - 2014-06-28 02:35 - 00000000 ____D () C:\Program Files\Avira
2014-06-28 02:26 - 2014-06-28 02:24 - 141865920 _____ () C:\Users\******.******s-PC\Downloads\avira_free_antivirus45_de (1).exe
2014-06-28 02:25 - 2014-06-28 02:24 - 141865920 _____ () C:\Users\******.******s-PC\Downloads\avira_free_antivirus45_de.exe
2014-06-28 02:22 - 2014-06-28 02:22 - 01342659 _____ () C:\Users\******.******s-PC\Downloads\adwcleaner_3.213.exe
2014-06-28 02:22 - 2014-06-28 02:22 - 01342659 _____ () C:\Users\******.******s-PC\Downloads\adwcleaner_3.213 (1).exe
2014-06-28 02:00 - 2014-06-28 02:00 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\TuneUp Software
2014-06-28 01:52 - 2014-06-28 01:52 - 15134710 _____ () C:\Users\******.******s-PC\Downloads\PanoramasNYC2ChadWeisser (1).deskthemepack
2014-06-28 01:50 - 2014-06-28 01:50 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\File Type Helper
2014-06-28 01:49 - 2014-06-28 01:48 - 19946468 _____ () C:\Users\******.******s-PC\Downloads\CommunityShowcaseRuralLandscapes2.themepack
2014-06-28 01:49 - 2014-06-28 01:48 - 19265782 _____ () C:\Users\******.******s-PC\Downloads\CommunityShowcaseEverydayArt2.themepack
2014-06-28 01:49 - 2014-06-28 01:48 - 15134710 _____ () C:\Users\******.******s-PC\Downloads\PanoramasNYC2ChadWeisser.deskthemepack
2014-06-28 01:49 - 2014-06-28 01:48 - 15076832 _____ () C:\Users\******.******s-PC\Downloads\UbisoftChildOfLight.themepack
2014-06-28 01:49 - 2014-06-28 01:48 - 11283014 _____ () C:\Users\******.******s-PC\Downloads\SightsOfMontereySumanDas.themepack
2014-06-28 01:48 - 2014-06-28 01:48 - 20109092 _____ () C:\Users\******.******s-PC\Downloads\CommunityShowcaseFlora2.themepack
2014-06-28 01:48 - 2014-06-28 01:48 - 19145885 _____ () C:\Users\******.******s-PC\Downloads\CommunityShowcaseDramaticSkies2.themepack
2014-06-28 01:42 - 2014-06-28 01:42 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\SUPERAntiSpyware.com
2014-06-28 01:41 - 2014-06-28 01:41 - 00093336 _____ () C:\Users\******.******s-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-28 01:41 - 2014-06-28 01:40 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Roaming\HTC
2014-06-28 01:40 - 2014-06-28 01:40 - 00001381 _____ () C:\Users\******.******s-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-28 01:40 - 2014-06-28 01:40 - 00001075 _____ () C:\Users\******.******s-PC\Desktop\CyberLink YouCam.lnk
2014-06-28 01:40 - 2014-06-28 01:40 - 00000020 ___SH () C:\Users\******.******s-PC\ntuser.ini
2014-06-28 01:40 - 2014-06-28 01:40 - 00000000 _SHDL () C:\Users\******.******s-PC\Startmenü
2014-06-28 01:40 - 2014-06-28 01:40 - 00000000 _SHDL () C:\Users\******.******s-PC\Netzwerkumgebung
2014-06-28 01:40 - 2014-06-28 01:40 - 00000000 _SHDL () C:\Users\******.******s-PC\Druckumgebung
2014-06-28 01:40 - 2014-06-28 01:40 - 00000000 _SHDL () C:\Users\******.******s-PC\Documents\Eigene Musik
2014-06-28 01:40 - 2014-06-28 01:40 - 00000000 _SHDL () C:\Users\******.******s-PC\Documents\Eigene Bilder
2014-06-28 01:40 - 2014-06-28 01:40 - 00000000 _SHDL () C:\Users\******.******s-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-28 01:40 - 2014-06-28 01:40 - 00000000 _SHDL () C:\Users\******.******s-PC\AppData\Local\Verlauf
2014-06-28 01:40 - 2014-06-28 01:40 - 00000000 ____D () C:\Users\******.******s-PC\AppData\Local\Google
2014-06-28 01:40 - 2014-06-28 01:40 - 00000000 ____D () C:\Users\******.******s-PC
2014-06-28 01:35 - 2013-08-24 22:16 - 00000000 ____D () C:\Program Files\Amazon
2014-06-28 01:34 - 2014-03-08 01:18 - 00000000 ____D () C:\Program Files\Bench
2014-06-27 23:31 - 2014-06-27 23:31 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-27 23:30 - 2012-08-27 21:03 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-06-27 22:59 - 2010-12-12 20:03 - 00000000 ____D () C:\Users\******\AppData\Local\Google
2014-06-27 22:59 - 2010-12-09 16:16 - 00000000 ____D () C:\Users\******
2014-06-21 00:30 - 2009-07-14 04:04 - 00000643 _____ () C:\windows\win.ini
2014-06-20 23:52 - 2014-06-20 23:51 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-06-20 23:51 - 2014-06-20 23:51 - 00001921 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-06-20 23:24 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\wfp
2014-06-20 23:23 - 2014-04-19 20:27 - 00000000 ____D () C:\Program Files\Activeris AntiMalware
2014-06-20 23:22 - 2014-05-29 19:25 - 00000000 ____D () C:\Program Files\Uniblue
2014-06-20 23:22 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\registration
2014-06-20 23:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-20 23:21 - 2010-12-09 16:17 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-20 21:39 - 2014-07-09 18:51 - 00240824 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-06-19 02:16 - 2014-07-09 18:51 - 17276416 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-19 01:56 - 2014-07-09 18:51 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-19 01:56 - 2014-07-09 18:51 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-06-19 01:38 - 2014-07-09 18:51 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-06-19 01:37 - 2014-07-09 18:51 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-19 01:36 - 2014-07-09 18:51 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-09 18:51 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-06-19 01:32 - 2014-07-09 18:51 - 02179072 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-19 01:28 - 2014-07-09 18:51 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-19 01:28 - 2014-07-09 18:51 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-19 01:25 - 2014-07-09 18:51 - 00442368 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-06-19 01:23 - 2014-07-09 18:51 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-06-19 01:23 - 2014-07-09 18:51 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-06-19 01:22 - 2014-07-09 18:51 - 00592896 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-06-19 01:16 - 2014-07-09 18:51 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-19 01:12 - 2014-07-09 18:51 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-19 01:06 - 2014-07-09 18:51 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-09 18:51 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-19 00:59 - 2014-07-09 18:51 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 18:51 - 00239616 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-19 00:52 - 2014-07-09 18:51 - 04254720 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-19 00:52 - 2014-07-09 18:51 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-19 00:49 - 2014-07-09 18:51 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-19 00:46 - 2014-07-09 18:51 - 01068032 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-09 18:51 - 01964544 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 18:51 - 11742208 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-19 00:13 - 2014-07-09 18:51 - 01791488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-19 00:09 - 2014-07-09 18:51 - 01139200 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-19 00:07 - 2014-07-09 18:51 - 00704512 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-06-18 03:51 - 2014-07-09 18:50 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-06-18 02:52 - 2014-07-09 18:50 - 02350080 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-06-14 00:49 - 2014-06-14 00:49 - 00000984 _____ () C:\Users\Public\Desktop\VLC media player.lnk
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3936.dll
==================== Bamital & volsnap Check =================
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================ --- --- ---
Defogger Disable Logfile Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:24 on 12/07/2014 (Admin)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
GMER Logfile: Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-12 18:48:55
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.GJ00 298,09GB
Running: Gmer-19357.exe; Driver: C:\Users\Admin\AppData\Local\Temp\pwtiyfoc.sys
---- Kernel code sections - GMER 2.1 ----
.text ntoskrnl.exe!ZwRollbackEnlistment + 1409 834899A5 1 Byte [06]
.text ntoskrnl.exe!KiDispatchInterrupt + 5A2 834A9512 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text C:\windows\system32\DRIVERS\atksgt.sys section is writeable [0x8C36D300, 0x3B6D8, 0xE8000020]
.text C:\windows\system32\DRIVERS\lirsgt.sys section is writeable [0x9681C300, 0x1BEE, 0xE8000020]
.text C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl section is writeable [0xBA125000, 0x2BE8, 0xE8000020]
.vmp2 C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl entry point in ".vmp2" section [0xBA147666]
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xE2 0x63 0x26 0xF1 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x6A 0x9C 0xD6 0x61 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0xFF 0x7C 0x85 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x3E 0x1E 0x9E 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xF5 0x1D 0x4D 0x73 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xB0 0x18 0xED 0xA7 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x83 0x6C 0x56 0x8B ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0x51 0xFA 0x6E 0x91 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0x3D 0xCE 0xEA 0x26 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0x2A 0xB7 0xCC 0xB5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ...
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ---- --- --- --- |