Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   myPCBackup (https://www.trojaner-board.de/145326-mypcbackup.html)

JJCAM 29.11.2013 12:08
myPCBackup
 
Liste der Anhänge anzeigen (Anzahl: 1)
Hallo zusammen
ich bekomme ständig diese Nachricht... ich hab alles versucht ich brauche eure Hilfe was kann ich gegen diesen nervigen popup tun??

Ich habe gelesen es soll mypcbackup sein aber ich finde in meinem System einfach keine Datei um den Müll zu löschen ...

ich sitze jetzt schon seit Tagen dran und versuche alles und nichts hilft!!!!

bitte um Eure Hilfe DANKE!!!!!!!

M-K-D-B 29.11.2013 14:41
:hallo:


Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 4 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
    Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!
    Ich kann Dir niemals eine Garantie geben, dass auch ich alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.
    Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.








Schritt 1
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.






Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von ComboFix,
  • die Logdatei von AdwCleaner,
  • die Logdatei von JRT.

JJCAM 29.11.2013 16:23
erstmal vielen Dank ;-) also combofix hat das ausgespuckt soll ich erst warten bis du das nächste ok gibst oder die anderen Dinge auch gleich ausführen

Combofix Logfile:
Code:
ComboFix 13-11-27.01 - JJ 29.11.2013  15:10:15.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.8030.5006 [GMT 1:00]
ausgeführt von:: c:\users\JJ\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1385120315.3232.bin
c:\programdata\1385120315.3420.bin
c:\programdata\1385120315.5096.bin
c:\programdata\1385120315.5104.bin
c:\programdata\1385120315.5188.bin
c:\programdata\1385120315.5236.bin
c:\programdata\1385120315.5248.bin
c:\programdata\1385120315.5252.bin
c:\programdata\1385120315.6088.bin
c:\programdata\1385120315.6100.bin
c:\programdata\1385120468.1320.bin
c:\programdata\1385120468.1772.bin
c:\programdata\1385120468.2744.bin
c:\programdata\1385120468.4404.bin
c:\programdata\1385120468.5000.bin
c:\programdata\1385120468.5596.bin
c:\programdata\1385120468.5640.bin
c:\programdata\1385120468.5976.bin
c:\programdata\1385120468.5980.bin
c:\programdata\1385120468.5984.bin
c:\programdata\1385120468.5988.bin
c:\programdata\1385120767.bdinstall.bin
c:\programdata\1385120866.1092.bin
c:\programdata\1385120866.2024.bin
c:\programdata\1385120866.2464.bin
c:\programdata\1385120866.2480.bin
c:\programdata\1385120866.2484.bin
c:\programdata\1385120866.2620.bin
c:\programdata\1385120866.2808.bin
c:\programdata\1385120866.3272.bin
c:\programdata\1385120866.404.bin
c:\programdata\1385120866.4884.bin
c:\programdata\1385120866.5804.bin
c:\programdata\1385121443.1036.bin
c:\programdata\1385121443.1296.bin
c:\programdata\1385121443.3012.bin
c:\programdata\1385121443.3404.bin
c:\programdata\1385121443.3428.bin
c:\programdata\1385121443.3492.bin
c:\programdata\1385121443.4992.bin
c:\programdata\1385121443.5416.bin
c:\programdata\1385121443.5680.bin
c:\programdata\1385121443.5756.bin
c:\programdata\1385121443.5796.bin
c:\programdata\1385121641.bdinstall.bin
c:\programdata\1385122180.2492.bin
c:\programdata\1385122180.4884.bin
c:\programdata\1385122180.5332.bin
c:\programdata\1385122180.5336.bin
c:\programdata\1385122180.5344.bin
c:\programdata\1385122180.5348.bin
c:\programdata\1385122180.5500.bin
c:\programdata\1385122180.5528.bin
c:\programdata\1385122180.5812.bin
c:\programdata\1385122180.5832.bin
c:\programdata\1385122180.5836.bin
c:\programdata\1385123019.2828.bin
c:\programdata\1385123019.3128.bin
c:\programdata\1385123019.3264.bin
c:\programdata\1385123019.4256.bin
c:\programdata\1385123019.5088.bin
c:\programdata\1385123019.5216.bin
c:\programdata\1385123019.5648.bin
c:\programdata\1385123019.6204.bin
c:\programdata\1385123019.6772.bin
c:\programdata\1385123019.7040.bin
c:\programdata\1385123019.7128.bin
c:\programdata\1385123419.1400.bin
c:\programdata\1385123419.4304.bin
c:\programdata\1385123419.5076.bin
c:\programdata\1385123419.5168.bin
c:\programdata\1385123419.5396.bin
c:\programdata\1385123419.5812.bin
c:\programdata\1385123419.6044.bin
c:\programdata\1385123419.6192.bin
c:\programdata\1385123419.6236.bin
c:\programdata\1385123419.6572.bin
c:\programdata\1385123419.6932.bin
c:\users\JJ\Documents\~WRL0001.tmp
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-10-28 bis 2013-11-29  ))))))))))))))))))))))))))))))
.
.
2013-11-29 10:32 . 2013-11-18 00:28        10285968        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{27567D99-5D55-49E8-BDEB-52A694503B84}\mpengine.dll
2013-11-27 13:52 . 2013-11-27 13:52        --------        d-----w-        c:\users\JJ\AppData\Roaming\2K Sports
2013-11-27 13:47 . 2008-07-30 05:20        177672        ----a-w-        c:\windows\system32\xactengine3_2.dll
2013-11-27 13:46 . 2007-01-24 14:27        393576        ----a-w-        c:\windows\system32\xactengine2_6.dll
2013-11-27 13:45 . 2006-02-03 07:43        3830992        ----a-w-        c:\windows\system32\d3dx9_29.dll
2013-11-27 13:45 . 2005-12-05 17:09        3815120        ----a-w-        c:\windows\system32\d3dx9_28.dll
2013-11-27 13:45 . 2005-07-22 18:59        3807440        ----a-w-        c:\windows\system32\d3dx9_27.dll
2013-11-27 13:45 . 2005-05-26 14:34        3767504        ----a-w-        c:\windows\system32\d3dx9_26.dll
2013-11-27 13:45 . 2005-05-26 14:34        2297552        ----a-w-        c:\windows\SysWow64\d3dx9_26.dll
2013-11-27 13:45 . 2005-03-18 16:19        3823312        ----a-w-        c:\windows\system32\d3dx9_25.dll
2013-11-27 13:45 . 2005-02-05 18:45        3544272        ----a-w-        c:\windows\system32\d3dx9_24.dll
2013-11-27 13:34 . 2013-11-27 13:34        --------        d-----w-        c:\program files (x86)\2K Sports
2013-11-22 12:47 . 2013-05-06 08:13        110176        ----a-w-        c:\windows\system32\klfphc.dll
2013-11-22 12:46 . 2013-11-22 12:46        --------        d-----w-        c:\windows\ELAMBKUP
2013-11-22 12:46 . 2013-11-29 14:19        --------        d-----w-        c:\programdata\Kaspersky Lab
2013-11-22 12:46 . 2013-11-22 12:46        --------        d-----w-        c:\program files (x86)\Kaspersky Lab
2013-11-22 12:46 . 2013-11-22 12:55        623200        ----a-w-        c:\windows\system32\drivers\klif.sys
2013-11-22 12:46 . 2013-06-08 19:18        112224        ----a-w-        c:\windows\system32\drivers\klflt.sys
2013-11-22 12:30 . 2013-11-22 12:30        --------        d-----w-        c:\program files (x86)\Common Files\Bitdefender
2013-11-22 11:39 . 2013-11-22 11:39        --------        d-----w-        c:\programdata\Bitdefender
2013-11-22 11:39 . 2012-10-04 13:30        147232        ------w-        c:\windows\system32\drivers\gzflt.sys
2013-11-22 11:38 . 2013-11-22 11:38        --------        d-----w-        c:\program files\Bitdefender
2013-11-22 11:38 . 2013-05-28 11:12        382536        ----a-w-        c:\windows\system32\drivers\trufos.sys
2013-11-22 11:38 . 2013-11-22 11:40        107470        ----a-w-        c:\programdata\1385120315.1028.bin
2013-11-22 11:38 . 2013-11-22 11:38        --------        d-----w-        c:\users\JJ\AppData\Roaming\QuickScan
2013-11-22 11:38 . 2013-11-22 11:39        --------        d-----w-        c:\program files\Common Files\Bitdefender
2013-11-21 14:57 . 2013-11-21 14:57        51496        ----a-w-        c:\windows\system32\drivers\stflt.sys
2013-11-21 14:38 . 2013-11-21 14:47        --------        d-----w-        c:\programdata\HitmanPro
2013-11-21 14:35 . 2013-11-21 14:35        --------        d-----w-        c:\windows\ERUNT
2013-11-21 14:27 . 2013-11-21 14:49        --------        d-----w-        c:\program files (x86)\VS Revo Group
2013-11-17 15:28 . 2013-11-17 15:28        --------        d-----w-        c:\windows\SysWow64\wbem\Logs
2013-11-17 14:56 . 2013-11-17 14:56        --------        d-----w-        c:\users\JJ\AppData\Roaming\eCyber
2013-11-17 14:35 . 2013-11-17 14:35        --------        d-----w-        c:\windows\system32\log
2013-11-17 14:33 . 2013-11-17 14:33        --------        d-----w-        c:\users\JJ\AppData\Roaming\Malwarebytes
2013-11-17 14:29 . 2013-11-17 14:58        --------        d-----w-        c:\users\JJ\AppData\Roaming\iSafe
2013-11-16 12:25 . 2013-10-12 08:45        2241536        ----a-w-        c:\windows\system32\wininet.dll
2013-11-16 12:25 . 2013-10-12 08:43        53248        ----a-w-        c:\windows\system32\jsproxy.dll
2013-11-16 12:25 . 2013-10-12 07:03        1767936        ----a-w-        c:\windows\SysWow64\wininet.dll
2013-11-16 12:25 . 2013-10-12 08:43        19269632        ----a-w-        c:\windows\system32\mshtml.dll
2013-11-16 12:25 . 2013-10-12 08:43        15404544        ----a-w-        c:\windows\system32\ieframe.dll
2013-11-15 23:11 . 2013-10-12 02:30        830464        ----a-w-        c:\windows\system32\nshwfp.dll
2013-11-15 23:11 . 2013-10-12 02:29        324096        ----a-w-        c:\windows\system32\FWPUCLNT.DLL
2013-11-15 23:11 . 2013-10-12 02:03        656896        ----a-w-        c:\windows\SysWow64\nshwfp.dll
2013-11-15 23:11 . 2013-10-12 02:01        216576        ----a-w-        c:\windows\SysWow64\FWPUCLNT.DLL
2013-11-09 13:53 . 2013-11-09 13:32        1702248        ----a-w-        c:\programdata\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\ytd.exe
2013-11-09 13:50 . 2013-11-09 13:50        --------        d-----w-        c:\programdata\YTD Video Downloader
2013-11-09 13:28 . 2013-11-21 13:46        --------        d-----w-        c:\program files (x86)\GreenTree Applications
2013-11-05 17:52 . 2013-11-11 16:34        --------        d-----w-        c:\program files (x86)\ToshibaEdit
2013-11-05 16:05 . 2013-11-09 16:47        --------        d-----w-        c:\users\JJ\AppData\Roaming\SecretFolder
2013-11-05 16:05 . 2013-11-05 16:05        --------        d-----w-        c:\program files (x86)\SecretFolder
2013-11-05 16:01 . 2013-11-05 16:01        231376        ----a-w-        c:\windows\system32\drivers\truecrypt.sys
2013-11-01 10:57 . 2013-11-01 10:57        --------        d-----w-        c:\users\Default\AppData\Local\Microsoft Help
2013-10-31 13:29 . 2013-10-31 13:29        --------        d-----w-        c:\program files (x86)\Microsoft Visual Studio 8
2013-10-31 12:35 . 2013-10-31 12:35        --------        d-----w-        c:\programdata\Microsoft Toolkit
2013-10-31 12:16 . 2013-10-31 12:16        --------        d-----w-        c:\programdata\regid.1991-06.com.microsoft
2013-10-31 12:16 . 2013-10-31 12:17        --------        d-----w-        c:\program files (x86)\Microsoft SQL Server
2013-10-31 12:12 . 2013-10-31 12:12        --------        d-----r-        C:\MSOCache
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-22 12:55 . 2013-10-17 14:47        458336        ----a-w-        c:\windows\system32\drivers\kl1.sys
2013-11-16 12:19 . 2012-09-04 11:30        82896128        ----a-w-        c:\windows\system32\MRT.exe
2013-11-11 04:50 . 2010-11-21 03:27        267936        ------w-        c:\windows\system32\MpSigStub.exe
2013-10-23 12:23 . 2013-09-18 10:22        86        ----a-w-        c:\users\JJ\AppData\Roaming\die.bat
2013-10-23 10:13 . 2013-10-23 10:13        369168        ----a-w-        c:\windows\system32\wpcap.dll
2013-10-23 10:13 . 2013-10-23 10:13        35344        ----a-w-        c:\windows\system32\drivers\npf.sys
2013-10-23 10:13 . 2013-10-23 10:13        106000        ----a-w-        c:\windows\system32\packet.dll
2013-10-17 14:47 . 2013-10-17 14:47        29280        ----a-w-        c:\windows\system32\drivers\klmouflt.sys
2013-10-17 14:47 . 2013-10-17 14:47        29280        ----a-w-        c:\windows\system32\drivers\klkbdflt.sys
2013-10-17 14:47 . 2013-10-17 14:47        29792        ----a-w-        c:\windows\system32\drivers\klim6.sys
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-10-21 03:22        1725640        ----a-w-        c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-10-21 03:22        1725640        ----a-w-        c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-10-21 03:22        1725640        ----a-w-        c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-08-07 960440]
"NETGEARGenie"="c:\program files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" [2013-04-07 1044224]
"SecretFolder"="c:\program files (x86)\SecretFolder\SecretFolder.exe" [2013-10-22 4144640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-09-20 341360]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2012-01-05 296984]
"Dolby Home Theater v4"="c:\dolby pcee4\pcee4.exe" [2011-06-01 506712]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2012-03-02 1106512]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-27 291608]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2012-06-28 74752]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
JustCloud.lnk - c:\program files (x86)\GreenTree Applications\JustCloud\JustCloud.exe [2013-9-19 2135592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 massfilter_hs;USB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.5;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 klflt;klflt;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 CCDMonitorService;CCDMonitorService;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 GtDetectSc;GtDetectSc;c:\program files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe;c:\program files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe [x]
S2 hfFilter;hfFilter;c:\windows\system32\drivers\hfFilter.sys;c:\windows\SYSNATIVE\drivers\hfFilter.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:\program files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe;c:\program files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NWHelper;Novatel Wireless Device Helper ;c:\program files (x86)\Novatel Wireless\Drivers\NWHelper.exe;c:\program files (x86)\Novatel Wireless\Drivers\NWHelper.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;c:\program files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe;c:\program files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Atheros\Ath_WlanAgent.exe;c:\program files (x86)\Atheros\Ath_WlanAgent.exe [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 SmbDrv;SmbDrv;c:\windows\system32\DRIVERS\Smb_driver.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver.sys [x]
S3 swivsp;AC8xx Virtual Serial Port;c:\windows\system32\DRIVERS\swivspnt.sys;c:\windows\SYSNATIVE\DRIVERS\swivspnt.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - NPF
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-17 14:08        1210320        ----a-w-        c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-11-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-26 15:03]
.
2013-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-13 12:26]
.
2013-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-13 12:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-10-21 06:24        2328776        ----a-w-        c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-10-21 06:24        2328776        ----a-w-        c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-10-21 06:24        2328776        ----a-w-        c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-20 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-20 398616]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2012-02-07 1829768]
"ALU"="c:\program files\Acer\Acer Updater\ALU.exe" [2012-02-07 2337144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office15\ONBttnIE.dll/105
IE: Zu Anti-Banner hinzufügen - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SpywareTerminatorUpdater - c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-Run-SpywareTerminatorShield - c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\program files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-11-29  15:24:30 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-11-29 14:24
.
Vor Suchlauf: 14 Verzeichnis(se), 628.437.602.304 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 628.353.585.152 Bytes frei
.
- - End Of File - - 083448232DF4ED6854E910E7D8FCA8A8
--- --- ---


Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free anti-malware download

Datenbank Version: v2013.11.29.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16736
JJ :: JJ-PC [Administrator]

29.11.2013 15:44:45
mbam-log-2013-11-29 (15-44-45).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 261161
Laufzeit: 2 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)JRT Logfile:
JRT Logfile:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by JJ on 29.11.2013 at 15:48:58,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4293873659-272735440-3936074284-1002\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7C701FD-0B04-4D7F-92D0-43FAB77135CF}



~~~ Files

Successfully deleted: [File] C:\Windows\syswow64\sho14F6.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoCD8B.tmp



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\JJ\AppData\Roaming\isafe"
Successfully deleted: [Folder] "C:\Users\JJ\appdata\local\appshat mobile apps"
Successfully deleted: [Folder] "C:\Users\JJ\appdata\local\software"
Successfully deleted: [Folder] "C:\Users\JJ\appdata\local\webplayer"
Successfully deleted: [Folder] "C:\Users\JJ\appdata\locallow\softonic"
Successfully deleted: [Folder] "C:\Program Files (x86)\lemurleap"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.11.2013 at 15:55:25,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by JJ on 29.11.2013 at 15:48:58,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4293873659-272735440-3936074284-1002\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7C701FD-0B04-4D7F-92D0-43FAB77135CF}



~~~ Files

Successfully deleted: [File] C:\Windows\syswow64\sho14F6.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoCD8B.tmp



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\JJ\AppData\Roaming\isafe"
Successfully deleted: [Folder] "C:\Users\JJ\appdata\local\appshat mobile apps"
Successfully deleted: [Folder] "C:\Users\JJ\appdata\local\software"
Successfully deleted: [Folder] "C:\Users\JJ\appdata\local\webplayer"
Successfully deleted: [Folder] "C:\Users\JJ\appdata\locallow\softonic"
Successfully deleted: [Folder] "C:\Program Files (x86)\lemurleap"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.11.2013 at 15:55:25,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~[/CODE]
--- --- ---


so alles ausgeführt :-)

M-K-D-B 29.11.2013 19:50
Servus,



mir fehlt die Logdatei von AdwCleaner... hast du wohl nicht ausgeführt?

JJCAM 29.11.2013 21:40
AdwCleaner Logfile:
Code:
# AdwCleaner v3.013 - Bericht erstellt am 29/11/2013 um 21:37:15
# Updated 24/11/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : JJ - JJ-PC
# Gestartet von : C:\Users\JJ\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_f.dealply.com_0.localstorage
Datei Gelöscht : C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_f.dealply.com_0.localstorage-journal
Datei Gelöscht : C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_free-youtube-download.softonic.de_0.localstorage
Datei Gelöscht : C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_free-youtube-download.softonic.de_0.localstorage-journal
Datei Gelöscht : C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage
Datei Gelöscht : C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Classes\Applications\lollipop.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16736


-\\ Google Chrome v31.0.1650.57

[ Datei : C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [23128 octets] - [25/09/2013 14:17:07]
AdwCleaner[R1].txt - [14742 octets] - [26/09/2013 21:30:23]
AdwCleaner[R2].txt - [8943 octets] - [11/10/2013 19:59:16]
AdwCleaner[R3].txt - [2588 octets] - [29/11/2013 21:34:17]
AdwCleaner[S0].txt - [20575 octets] - [25/09/2013 14:17:37]
AdwCleaner[S1].txt - [13945 octets] - [26/09/2013 21:31:05]
AdwCleaner[S2].txt - [8821 octets] - [11/10/2013 20:00:04]
AdwCleaner[S3].txt - [2459 octets] - [29/11/2013 21:37:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2519 octets] ##########
--- --- ---

M-K-D-B 30.11.2013 12:46
Servus,



gut gemacht. :)


So geht es weiter:






Schritt 1
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 2
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/
  • Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen
  • Starte Zoek.exe mit einem Doppelklick.
  • Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.
  • Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
    Code:
    FFdefaults;
    CHRdefaults;
    iedefaults;
    emptyclsid;
    autoclean;
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchläuft.
  • Wenn das Tool fertig ist wird sich Notepad mit dem Logfile öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:
  • Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken)





Bitte poste mit deiner nächsten Antwort
  • die Logdatei von MBAM,
  • die Logdatei von Zoek.

JJCAM 30.11.2013 13:29
Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free anti-malware download

Datenbank Version: v2013.11.29.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16736
JJ :: JJ-PC [Administrator]

30.11.2013 13:10:58
mbam-log-2013-11-30 (13-10-58).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 261683
Laufzeit: 5 Minute(n), 24 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Zoek.exe Version 4.0.0.5 Updated 24-November-2013
Tool run by JJ on 30.11.2013 at 13:18:58,48.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\JJ\Desktop\zoek.exe [Script inserted]

==== System Restore Info ======================

30.11.2013 13:20:14 Zoek.exe System Restore Point Created Succesfully.

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://www.google.com"
"SearchAssistant"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0191A6B0-1154-4C22-9182-23A95BBE92D9} Google Url="hxxp://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== EOF on 30.11.2013 at 13:20:43,02 ======================

danke soweit mal für die Hilfe wollte ich mal loswerden an der Stelle :)

M-K-D-B 01.12.2013 10:29
Servus,


danke für die netten Worte. Ich helfe dir doch gerne. :)




Wir spüren die letzten Reste auf, damit wir sie später entfernen können:





Schritt 1
Kontrollscan mit FRST
Führe wie zuvor beschrieben einen Scan mit FRST aus.
Setze dazu eine Haken bei Addition.txt rechts unten und klicke auf Scan.
Es werden wieder zwei Logdateien erzeugt. Poste mir diese.





Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    :filefind
    *lollipop*
    *softonic*
    *dealply*
    *lemurleap*
    *ytd video downloader*

    :folderfind
    *lollipop*
    *softonic*
    *dealply*
    *lemurleap*
    *ytd video downloader*

    :regfind
    lollipop
    softonic
    dealply
    lemurleap
    ytd video downloader
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.








Gibt es noch Probleme mit Malware? Wenn ja, welche?
Wie läuft der Rechner derzeit?





Bitte poste mit deiner nächsten Antwort
  • die beiden Logdateien von FRST,
  • die Logdatei von SystemLook,
  • die Beantwortung der gestellten Fragen.

JJCAM 01.12.2013 15:21
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2013
Ran by JJ (administrator) on JJ-PC on 01-12-2013 15:04:58
Running from C:\Users\JJ\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(OptionNV) C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Novatel Wireless Inc.) C:\Program Files (x86)\Novatel Wireless\Drivers\NWHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Telefónica) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Atheros) C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
() C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
(oh!soft) C:\Program Files (x86)\SecretFolder\SecretFolder.exe
(JustCloud.com) C:\Program Files (x86)\GreenTree Applications\JustCloud\JustCloud.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2868496 2012-02-14] (Synaptics Incorporated)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [ALU] - C:\Program Files\Acer\Acer Updater\ALU.exe [2337144 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-21] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [960440 2012-08-07] (Samsung)
HKCU\...\Run: [NETGEARGenie] - C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [1044224 2013-04-07] ()
HKCU\...\Run: [SecretFolder] - C:\Program Files (x86)\SecretFolder\SecretFolder.exe [4144640 2013-10-22] (oh!soft)
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1106512 2012-03-02] (Dritek System Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] ()
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-10-24] (Acer Incorporated)
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] ()
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-10-24] (Acer Incorporated)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
Startup: C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JustCloud.lnk
ShortcutTarget: JustCloud.lnk -> C:\Program Files (x86)\GreenTree Applications\JustCloud\JustCloud.exe (JustCloud.com)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome:
=======
CHR HomePage: about:blank
CHR Extension: (Kaspersky URL Advisor) - C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\14.0.0.4651_0
CHR Extension: (Safe Money) - C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\14.0.0.4651_0
CHR Extension: (Dangerous Websites Blocker) - C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\14.0.0.4651_0
CHR Extension: (Virtual Keyboard) - C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\14.0.0.4794_0
CHR Extension: (Google Wallet) - C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Anti-Banner) - C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\14.0.0.4651_0
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-25] (Acer Incorporated)
R2 GtDetectSc; C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe [809984 2009-05-04] (OptionNV)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2013-04-07] (NETGEAR)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 NWHelper; C:\Program Files (x86)\Novatel Wireless\Drivers\NWHelper.exe [271360 2010-12-25] (Novatel Wireless Inc.)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201344 2012-01-10] (Telefónica)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [72864 2012-02-19] (Atheros)

==================== Drivers (Whitelisted) ====================

R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [147232 2012-10-04] (BitDefender LLC)
R2 hfFilter; C:\Windows\System32\drivers\hfFilter.sys [30600 2013-10-22] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-22] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [623200 2013-11-22] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178784 2013-06-06] (Kaspersky Lab ZAO)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2010-10-15] (ZTE Incorporated)
R3 NPF; C:\Windows\System32\drivers\NPF.sys [35344 2013-10-23] (CACE Technologies, Inc.)
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [22800 2012-02-14] (Synaptics Incorporated)
R3 swivsp; C:\Windows\System32\DRIVERS\swivspnt.sys [23552 2007-03-26] (Sierra Wireless Inc.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2010-07-27] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-01 15:04 - 2013-12-01 15:05 - 00017919 _____ C:\Users\JJ\Downloads\FRST.txt
2013-12-01 15:04 - 2013-12-01 15:04 - 00000000 ____D C:\FRST
2013-12-01 15:02 - 2013-12-01 15:03 - 00165376 _____ C:\Users\JJ\Downloads\SystemLook_x64.exe
2013-12-01 15:02 - 2013-12-01 15:02 - 01959184 _____ (Farbar) C:\Users\JJ\Downloads\FRST64.exe
2013-11-30 16:05 - 2013-11-30 16:06 - 03934618 _____ C:\Users\JJ\Downloads\Von nix kommt nix_ Voll auf Erfolgskurs mit den Geissens (German Edition).rar
2013-11-30 15:40 - 2013-11-30 15:59 - 3181354434 _____ C:\Users\JJ\Downloads\bgb_jade_megan_kl102113_v2_1080p_12000.mp4
2013-11-30 13:19 - 2013-11-30 13:20 - 00002424 _____ C:\zoek-results.log
2013-11-30 13:18 - 2013-11-30 13:18 - 00000000 ____D C:\zoek_backup
2013-11-30 13:18 - 2013-11-25 23:53 - 01398596 _____ C:\Users\JJ\Desktop\zoek.scr
2013-11-30 13:18 - 2013-11-25 23:53 - 01398596 _____ C:\Users\JJ\Desktop\zoek.com
2013-11-30 13:18 - 2013-11-25 23:49 - 01272832 _____ C:\Users\JJ\Desktop\zoek.exe
2013-11-30 13:10 - 2013-11-30 13:10 - 00000000 ____D C:\Users\JJ\Desktop\Neuer Ordner
2013-11-30 13:09 - 2013-11-30 13:09 - 04186953 _____ C:\Users\JJ\Downloads\zoek.rar
2013-11-30 13:08 - 2013-11-30 13:09 - 04050563 _____ C:\Users\JJ\Downloads\zoek.zip
2013-11-29 21:33 - 2013-11-29 21:33 - 01091882 _____ C:\Users\JJ\Downloads\adwcleaner.exe
2013-11-29 21:33 - 2013-11-29 21:33 - 00680632 _____ C:\Users\JJ\Downloads\DownloadManagerSetup.exe
2013-11-29 15:30 - 2013-11-29 15:30 - 00001073 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-29 15:30 - 2013-11-29 15:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-29 15:30 - 2013-11-29 15:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-29 15:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-29 15:24 - 2013-11-29 15:24 - 00030759 _____ C:\ComboFix.txt
2013-11-29 15:08 - 2013-11-29 15:24 - 00000000 ____D C:\Qoobox
2013-11-29 15:08 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-29 15:08 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-29 15:08 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-29 15:08 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-29 15:08 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-29 15:08 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-29 15:08 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-29 15:08 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-29 15:07 - 2013-11-29 15:23 - 00000000 ____D C:\Windows\erdnt
2013-11-29 15:05 - 2013-11-29 15:06 - 05150163 _____ (Swearware) C:\Users\JJ\Downloads\ComboFix.exe
2013-11-29 12:44 - 2013-11-29 12:44 - 01034531 _____ (Thisisu) C:\Users\JJ\Downloads\JRT (1).exe
2013-11-29 12:42 - 2013-11-29 12:42 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\JJ\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-29 12:17 - 2013-11-29 12:17 - 00602112 _____ (OldTimer Tools) C:\Users\JJ\Downloads\OTL.exe
2013-11-29 11:54 - 2013-11-29 11:55 - 00000000 ____D C:\Users\JJ\Desktop\PC ZEUG
2013-11-29 11:39 - 2013-11-29 11:40 - 00000000 ____D C:\Users\JJ\Downloads\Trae Tha Truth - I Am King-2013-MIXFIEND
2013-11-29 11:29 - 2013-11-29 11:29 - 00030116 _____ C:\Users\JJ\Downloads\traeiamking.torrent
2013-11-28 13:42 - 2013-11-28 13:44 - 98122851 _____ C:\Users\JJ\Downloads\fulllength.wmv
2013-11-27 18:20 - 2013-11-27 18:20 - 00000000 ____D C:\Users\JJ\Downloads\My Dirty Hobby - Barbie Brilliant (Schuchterner Schnellspritzer) [1080p]
2013-11-27 18:09 - 2013-11-27 19:01 - 109014991 _____ C:\Users\JJ\Downloads\Shanie Love sextape.flv
2013-11-27 16:43 - 2013-11-27 16:43 - 00002063 _____ C:\Users\JJ\Downloads\Kaspersky Internet Security 2014.key
2013-11-27 14:52 - 2013-11-27 14:52 - 00000000 ____D C:\Users\JJ\AppData\Roaming\2K Sports
2013-11-27 14:48 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2013-11-27 14:48 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2013-11-27 14:48 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2013-11-27 14:48 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2013-11-27 14:48 - 2009-03-16 14:18 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2013-11-27 14:48 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2013-11-27 14:48 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2013-11-27 14:48 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2013-11-27 14:48 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2013-11-27 14:48 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2013-11-27 14:48 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2013-11-27 14:48 - 2008-10-15 07:03 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2013-11-27 14:48 - 2008-10-15 07:03 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2013-11-27 14:48 - 2008-10-15 07:03 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2013-11-27 14:48 - 2008-10-15 07:03 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2013-11-27 14:48 - 2008-10-15 07:03 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2013-11-27 14:48 - 2008-10-15 07:03 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-11-27 14:48 - 2008-10-15 07:03 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2013-11-27 14:48 - 2008-10-15 07:03 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-11-27 14:48 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2013-11-27 14:48 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-11-27 14:48 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2013-11-27 14:48 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-11-27 14:48 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2013-11-27 14:48 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2013-11-27 14:48 - 2008-07-30 06:20 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2013-11-27 14:48 - 2008-07-30 06:20 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2013-11-27 14:48 - 2008-07-30 06:20 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2013-11-27 14:48 - 2008-07-30 06:20 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-11-27 14:47 - 2008-07-30 06:20 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-11-27 14:47 - 2008-07-30 06:20 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2013-11-27 14:47 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-11-27 14:47 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2013-11-27 14:47 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-11-27 14:47 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2013-11-27 14:47 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-11-27 14:47 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2013-11-27 14:47 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2013-11-27 14:47 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2013-11-27 14:47 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2013-11-27 14:47 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2013-11-27 14:47 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2013-11-27 14:47 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2013-11-27 14:47 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2013-11-27 14:47 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2013-11-27 14:47 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2013-11-27 14:47 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2013-11-27 14:47 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2013-11-27 14:47 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2013-11-27 14:47 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2013-11-27 14:47 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2013-11-27 14:47 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2013-11-27 14:47 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2013-11-27 14:47 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2013-11-27 14:47 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2013-11-27 14:47 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2013-11-27 14:47 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2013-11-27 14:47 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2013-11-27 14:47 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2013-11-27 14:47 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2013-11-27 14:47 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2013-11-27 14:47 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2013-11-27 14:47 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2013-11-27 14:47 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2013-11-27 14:47 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2013-11-27 14:47 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2013-11-27 14:47 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2013-11-27 14:47 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2013-11-27 14:47 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2013-11-27 14:47 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2013-11-27 14:47 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2013-11-27 14:47 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2013-11-27 14:47 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2013-11-27 14:47 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2013-11-27 14:47 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2013-11-27 14:47 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2013-11-27 14:47 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2013-11-27 14:47 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2013-11-27 14:47 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2013-11-27 14:47 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2013-11-27 14:47 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2013-11-27 14:47 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2013-11-27 14:47 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2013-11-27 14:47 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2013-11-27 14:47 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2013-11-27 14:47 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2013-11-27 14:47 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2013-11-27 14:47 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2013-11-27 14:47 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2013-11-27 14:47 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2013-11-27 14:47 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2013-11-27 14:47 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2013-11-27 14:47 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2013-11-27 14:47 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2013-11-27 14:47 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2013-11-27 14:47 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2013-11-27 14:47 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2013-11-27 14:47 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2013-11-27 14:47 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2013-11-27 14:46 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2013-11-27 14:46 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2013-11-27 14:46 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2013-11-27 14:46 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2013-11-27 14:46 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2013-11-27 14:46 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2013-11-27 14:46 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2013-11-27 14:46 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2013-11-27 14:46 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2013-11-27 14:46 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-11-27 14:46 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2013-11-27 14:46 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2013-11-27 14:46 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2013-11-27 14:46 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2013-11-27 14:46 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2013-11-27 14:46 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2013-11-27 14:46 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2013-11-27 14:46 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2013-11-27 14:46 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2013-11-27 14:46 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2013-11-27 14:46 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2013-11-27 14:46 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2013-11-27 14:46 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2013-11-27 14:46 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2013-11-27 14:46 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2013-11-27 14:46 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2013-11-27 14:46 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2013-11-27 14:46 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2013-11-27 14:45 - 2013-11-27 14:47 - 00010079 _____ C:\Windows\DirectX.log
2013-11-27 14:45 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2013-11-27 14:45 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2013-11-27 14:45 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2013-11-27 14:45 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2013-11-27 14:45 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2013-11-27 14:45 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-11-27 14:45 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2013-11-27 14:45 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2013-11-27 14:45 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2013-11-27 14:45 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2013-11-27 14:45 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2013-11-27 14:45 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2013-11-27 14:34 - 2013-11-27 14:34 - 00000000 ____D C:\Program Files (x86)\2K Sports
2013-11-27 12:25 - 2013-11-27 12:25 - 00144367 _____ C:\Users\JJ\Downloads\[kickass.to]nba.2k14.reloaded.torrent
2013-11-27 12:25 - 2013-11-27 12:25 - 00000000 ____D C:\Users\JJ\Downloads\NBA.2K14-RELOADED
2013-11-25 17:12 - 2013-11-25 17:12 - 00002294 _____ C:\Users\Jule Babe\Desktop\Sicherer Zahlungsverkehr.lnk
2013-11-22 13:53 - 2013-11-22 13:53 - 00002366 _____ C:\Users\JJ\Downloads\[kickass.to]kaspersky.internet.security.2013.13.0.0.3370.2014.14.0.0.4651.keys.torrent
2013-11-22 13:47 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2013-11-22 13:46 - 2013-12-01 14:55 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-11-22 13:46 - 2013-11-22 13:55 - 00623200 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-11-22 13:46 - 2013-11-22 13:46 - 00000000 ____D C:\Windows\ELAMBKUP
2013-11-22 13:46 - 2013-11-22 13:46 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-11-22 13:46 - 2013-06-08 20:18 - 00112224 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2013-11-22 13:38 - 2013-11-22 13:41 - 246598160 _____ C:\Users\JJ\Downloads\kis14.0.0.4651de-de.exe
2013-11-22 13:29 - 2013-11-22 13:29 - 05701712 _____ C:\Users\JJ\Downloads\bitdefender_14isecurity.exe
2013-11-22 13:29 - 2013-11-22 13:29 - 05701712 _____ C:\Users\JJ\Downloads\bitdefender_14isecurity (1).exe
2013-11-22 13:01 - 2013-11-22 13:01 - 00000684 ____H C:\bdr-cf01
2013-11-22 13:00 - 2013-11-22 13:01 - 00253404 ____H C:\bdr-ld01
2013-11-22 13:00 - 2013-11-22 13:01 - 00009216 ____H C:\bdr-ld01.mbr
2013-11-22 13:00 - 2013-06-25 18:20 - 38518480 ____H C:\bdr-im01.gz
2013-11-22 13:00 - 2012-08-15 15:28 - 02510608 ____H C:\bdr-bz01
2013-11-22 12:44 - 2013-11-22 12:56 - 00000000 ____D C:\Users\JJ\Downloads\Bitdefender Antivirus Plus 2014 17.15.0.682
2013-11-22 12:43 - 2013-11-22 12:43 - 00015797 _____ C:\Users\JJ\Downloads\[kickass.to]bitdefender.antivirus.plus.2014.17.15.0.682.torrent
2013-11-22 12:39 - 2013-11-22 12:39 - 00000000 ____D C:\ProgramData\Bitdefender
2013-11-22 12:39 - 2012-10-04 14:30 - 00147232 ____N (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2013-11-22 12:38 - 2013-11-22 12:40 - 00107470 _____ C:\ProgramData\1385120315.1028.bin
2013-11-22 12:38 - 2013-11-22 12:39 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-11-22 12:38 - 2013-11-22 12:38 - 00000000 ____D C:\Users\JJ\AppData\Roaming\QuickScan
2013-11-22 12:38 - 2013-11-22 12:38 - 00000000 ____D C:\Program Files\Bitdefender
2013-11-22 12:38 - 2013-05-28 12:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2013-11-22 12:19 - 2013-11-22 12:25 - 00000000 ____D C:\Users\JJ\Downloads\Bitdefender Total Security 2014 x32 & x64
2013-11-22 12:18 - 2013-11-22 12:18 - 00066792 _____ C:\Users\JJ\Downloads\[kickass.to]bitdefender.total.security.2014.x32.x64.reset.tool.rv1.torrent
2013-11-21 16:47 - 2013-11-21 16:47 - 00648201 _____ C:\Users\JJ\Downloads\ADW Cleaner.exe
2013-11-21 16:46 - 2013-11-21 16:46 - 00009513 _____ C:\Users\JJ\Downloads\[kickass.to]pc.cleaner.pro.2013.12.0.13.11.15.key.torrent
2013-11-21 16:46 - 2013-11-21 16:46 - 00001317 _____ C:\Users\JJ\Downloads\[kickass.to]adw.cleaner.torrent
2013-11-21 15:57 - 2013-11-21 15:57 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-11-21 15:55 - 2013-11-21 15:55 - 00012254 _____ C:\Users\JJ\Downloads\[kickass.to]spyware.terminator.premium.2012.3.0.0.82.crack.torrent
2013-11-21 15:42 - 2013-11-21 15:42 - 00000000 ____D C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)
2013-11-21 15:41 - 2013-11-21 15:41 - 00013083 _____ C:\Users\JJ\Downloads\[kickass.to]hitmanpro.3.7.7.build.202.final.x86.x64.retail.scenedl.pimprg.torrent
2013-11-21 15:39 - 2013-11-21 15:39 - 10264904 _____ (SurfRight B.V.) C:\Users\JJ\Downloads\HitmanPro_x64.exe
2013-11-21 15:38 - 2013-11-21 15:47 - 00000000 ____D C:\ProgramData\HitmanPro
2013-11-21 15:38 - 2013-11-21 15:38 - 09452704 _____ (SurfRight B.V.) C:\Users\JJ\Downloads\HitmanPro.exe
2013-11-21 15:35 - 2013-11-21 15:35 - 00000000 ____D C:\Windows\ERUNT
2013-11-21 15:34 - 2013-11-21 15:35 - 09452704 _____ (SurfRight B.V.) C:\Users\JJ\Downloads\HitmanPro3.7.8.208.exe
2013-11-21 15:31 - 2013-11-21 15:31 - 01034531 _____ (Thisisu) C:\Users\JJ\Downloads\JRT_6.0.8.exe
2013-11-21 15:30 - 2013-11-21 15:30 - 01034531 _____ (Thisisu) C:\Users\JJ\Downloads\JRT.exe
2013-11-21 15:27 - 2013-11-21 15:49 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-11-21 15:26 - 2013-11-21 15:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\JJ\Downloads\revosetup95.exe
2013-11-20 13:21 - 2013-11-20 13:27 - 00000000 ____D C:\Users\JJ\Downloads\Irrational Security
2013-11-20 13:20 - 2013-11-20 13:20 - 00035731 _____ C:\Users\JJ\Downloads\Irrational_Security_(Angelina_Black__Victoria_Rae_Black__Nicole_.8926383.TPB.torrent
2013-11-19 16:16 - 2013-11-19 16:16 - 00063835 _____ C:\Users\Jule Babe\Desktop\geb urkunde.htm
2013-11-19 16:16 - 2013-11-19 16:16 - 00000000 ____D C:\Users\Jule Babe\Desktop\geb urkunde_files
2013-11-19 00:40 - 2013-12-01 14:54 - 00001960 _____ C:\Windows\setupact.log
2013-11-19 00:40 - 2013-12-01 14:53 - 00015392 _____ C:\Windows\PFRO.log
2013-11-19 00:40 - 2013-11-19 00:40 - 00000000 _____ C:\Windows\setuperr.log
2013-11-17 15:58 - 2013-11-17 15:58 - 00000000 ____D C:\Windows\pss
2013-11-17 15:56 - 2013-11-17 15:56 - 00000000 ____D C:\Users\JJ\AppData\Roaming\eCyber
2013-11-17 15:35 - 2013-11-17 15:35 - 00000000 ____D C:\Windows\system32\log
2013-11-17 15:33 - 2013-11-17 15:33 - 00000000 ____D C:\Users\JJ\AppData\Roaming\Malwarebytes
2013-11-17 15:29 - 2013-11-17 15:29 - 00618912 _____ C:\Users\JJ\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-11-17 15:23 - 2013-11-17 15:23 - 00903832 _____ C:\Users\JJ\Downloads\yet_another_cleaner.exe
2013-11-17 15:19 - 2013-11-17 15:19 - 05049344 _____ (Crawler.com                                                ) C:\Users\JJ\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2013-11-16 13:26 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-16 13:26 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-16 13:26 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-16 13:26 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-16 13:26 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-16 13:26 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-16 13:26 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-16 13:26 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-16 13:26 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-16 13:26 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-16 13:26 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-16 13:26 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-16 13:26 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-16 13:26 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-16 13:26 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-16 13:26 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-16 13:26 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-16 13:26 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-16 13:26 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-16 13:26 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-16 13:26 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-16 13:26 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-16 13:26 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-16 13:25 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-16 13:25 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-16 13:25 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-16 13:25 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-16 13:25 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-16 13:25 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-16 13:25 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-16 13:25 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-16 00:16 - 2013-11-16 00:17 - 00000000 ____D C:\Users\Jule Babe\AppData\Local\{52B26491-ED3F-43A2-B6CC-789885EC07E4}
2013-11-16 00:15 - 2013-11-16 00:15 - 00000000 ____D C:\Users\Jule Babe\Documents\HP Photosmart Projects
2013-11-16 00:12 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-16 00:12 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-16 00:12 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-16 00:12 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-16 00:12 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-16 00:12 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-16 00:12 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-16 00:12 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-16 00:12 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-16 00:12 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-16 00:12 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-16 00:12 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-16 00:12 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-16 00:12 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-16 00:12 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-16 00:12 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-16 00:12 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-16 00:12 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-16 00:12 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-16 00:12 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-16 00:11 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-16 00:11 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-16 00:11 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-16 00:11 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-16 00:04 - 2013-11-16 01:43 - 00000000 ____D C:\Users\Jule Babe\Desktop\Bilder
2013-11-11 17:14 - 2013-11-11 17:14 - 02001247 _____ C:\Users\JJ\Downloads\ToshibaEdit_installation (1).exe
2013-11-11 17:14 - 2013-11-11 17:14 - 00000000 ____D C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ToshibaEdit
2013-11-09 14:55 - 2013-11-09 14:56 - 00015360 ___SH C:\Users\JJ\Downloads\Thumbs.db
2013-11-09 14:32 - 2013-11-09 14:32 - 00017107 _____ C:\Users\JJ\Downloads\[kickass.to]youtube.downloader.pro.ytd.4.7.0.2.incl.crack (1).torrent
2013-11-09 14:32 - 2013-11-09 14:32 - 00000000 ____D C:\Users\JJ\Downloads\YouTube Downloader PRO v4.7.0.2 + Crack
2013-11-09 14:31 - 2013-11-09 14:31 - 00017107 _____ C:\Users\JJ\Downloads\[kickass.to]youtube.downloader.pro.ytd.4.7.0.2.incl.crack.torrent
2013-11-09 14:29 - 2013-11-09 14:29 - 00008707 _____ C:\Users\JJ\Downloads\[kickass.to]youtube.downloader.pro.ytd.v3.9.including.crack.h33t.iahq76.torrent
2013-11-09 14:28 - 2013-11-21 14:46 - 00000000 ____D C:\Program Files (x86)\GreenTree Applications
2013-11-09 14:28 - 2013-11-09 14:28 - 00000000 ____D C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JustCloud
2013-11-06 11:41 - 2013-11-06 11:42 - 00000000 ____D C:\Users\JJ\Downloads\Omarion - Care Package 2
2013-11-06 11:40 - 2013-11-06 12:04 - 00000000 ____D C:\Users\JJ\Downloads\Tinie Tempah - Demonstration [2013] 320
2013-11-06 11:40 - 2013-11-06 11:40 - 00019825 _____ C:\Users\JJ\Downloads\[kickass.to]omarion.care.package.2.2013mixtape.desspratt.torrent
2013-11-06 11:39 - 2013-11-06 11:39 - 00013775 _____ C:\Users\JJ\Downloads\[kickass.to]tinie.tempah.demonstration.2013.320.torrent
2013-11-05 18:52 - 2013-11-11 17:34 - 00000000 ____D C:\Program Files (x86)\ToshibaEdit
2013-11-05 18:52 - 2013-11-11 17:14 - 00001897 _____ C:\Users\UpdatusUser\Desktop\ToshibaEdit.lnk
2013-11-05 18:52 - 2013-11-11 17:14 - 00001897 _____ C:\Users\Jule Babe\Desktop\ToshibaEdit.lnk
2013-11-05 18:51 - 2013-11-05 18:51 - 02001247 _____ C:\Users\JJ\Downloads\ToshibaEdit_installation.exe
2013-11-05 17:06 - 2013-11-05 17:08 - 00000128 _____ C:\Windows\HFIT.hff
2013-11-05 17:05 - 2013-11-09 17:47 - 00000000 ____D C:\Users\JJ\AppData\Roaming\SecretFolder
2013-11-05 17:05 - 2013-11-05 17:05 - 03629608 _____ (Oh!Soft(ohsoft.net) - Best Software Developer                                          ) C:\Users\JJ\Downloads\SecretFolder_v2.5.0.0.exe
2013-11-05 17:05 - 2013-11-05 17:05 - 00000000 ____D C:\Program Files (x86)\SecretFolder
2013-11-05 17:05 - 2013-10-22 15:43 - 00030600 _____ C:\Windows\system32\Drivers\hfFilter.sys
2013-11-05 17:01 - 2013-11-05 17:01 - 00231376 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys
2013-11-05 17:00 - 2013-11-05 17:00 - 03466248 _____ (TrueCrypt Foundation) C:\Users\JJ\Downloads\TrueCrypt_Setup_7.1a.exe
2013-11-05 17:00 - 2013-11-05 17:00 - 03466248 _____ (TrueCrypt Foundation) C:\Users\JJ\Downloads\TrueCrypt_Setup_7.1a (1).exe
2013-11-01 11:57 - 2013-11-01 11:57 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-11-01 11:57 - 2013-11-01 11:57 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help

==================== One Month Modified Files and Folders =======

2013-12-01 15:05 - 2013-12-01 15:04 - 00017919 _____ C:\Users\JJ\Downloads\FRST.txt
2013-12-01 15:04 - 2013-12-01 15:04 - 00000000 ____D C:\FRST
2013-12-01 15:03 - 2013-12-01 15:02 - 00165376 _____ C:\Users\JJ\Downloads\SystemLook_x64.exe
2013-12-01 15:02 - 2013-12-01 15:02 - 01959184 _____ (Farbar) C:\Users\JJ\Downloads\FRST64.exe
2013-12-01 15:02 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-01 15:02 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-01 14:59 - 2012-04-26 06:39 - 01248851 _____ C:\Windows\WindowsUpdate.log
2013-12-01 14:55 - 2013-11-22 13:46 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-01 14:55 - 2013-07-13 13:26 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-01 14:54 - 2013-11-19 00:40 - 00001960 _____ C:\Windows\setupact.log
2013-12-01 14:54 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-01 14:53 - 2013-11-19 00:40 - 00015392 _____ C:\Windows\PFRO.log
2013-11-30 16:21 - 2012-03-26 08:06 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-30 16:06 - 2013-11-30 16:05 - 03934618 _____ C:\Users\JJ\Downloads\Von nix kommt nix_ Voll auf Erfolgskurs mit den Geissens (German Edition).rar
2013-11-30 15:59 - 2013-11-30 15:40 - 3181354434 _____ C:\Users\JJ\Downloads\bgb_jade_megan_kl102113_v2_1080p_12000.mp4
2013-11-30 15:46 - 2013-07-13 13:26 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-30 13:20 - 2013-11-30 13:19 - 00002424 _____ C:\zoek-results.log
2013-11-30 13:18 - 2013-11-30 13:18 - 00000000 ____D C:\zoek_backup
2013-11-30 13:10 - 2013-11-30 13:10 - 00000000 ____D C:\Users\JJ\Desktop\Neuer Ordner
2013-11-30 13:09 - 2013-11-30 13:09 - 04186953 _____ C:\Users\JJ\Downloads\zoek.rar
2013-11-30 13:09 - 2013-11-30 13:08 - 04050563 _____ C:\Users\JJ\Downloads\zoek.zip
2013-11-29 21:37 - 2013-09-25 14:17 - 00000000 ____D C:\AdwCleaner
2013-11-29 21:33 - 2013-11-29 21:33 - 01091882 _____ C:\Users\JJ\Downloads\adwcleaner.exe
2013-11-29 21:33 - 2013-11-29 21:33 - 00680632 _____ C:\Users\JJ\Downloads\DownloadManagerSetup.exe
2013-11-29 15:30 - 2013-11-29 15:30 - 00001073 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-29 15:30 - 2013-11-29 15:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-29 15:30 - 2013-11-29 15:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-29 15:24 - 2013-11-29 15:24 - 00030759 _____ C:\ComboFix.txt
2013-11-29 15:24 - 2013-11-29 15:08 - 00000000 ____D C:\Qoobox
2013-11-29 15:24 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2013-11-29 15:23 - 2013-11-29 15:07 - 00000000 ____D C:\Windows\erdnt
2013-11-29 15:19 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-11-29 15:18 - 2009-07-14 03:34 - 83099648 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-11-29 15:18 - 2009-07-14 03:34 - 22806528 _____ C:\Windows\system32\config\SYSTEM.bak
2013-11-29 15:18 - 2009-07-14 03:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2013-11-29 15:18 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-11-29 15:18 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2013-11-29 15:06 - 2013-11-29 15:05 - 05150163 _____ (Swearware) C:\Users\JJ\Downloads\ComboFix.exe
2013-11-29 12:44 - 2013-11-29 12:44 - 01034531 _____ (Thisisu) C:\Users\JJ\Downloads\JRT (1).exe
2013-11-29 12:42 - 2013-11-29 12:42 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\JJ\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-29 12:17 - 2013-11-29 12:17 - 00602112 _____ (OldTimer Tools) C:\Users\JJ\Downloads\OTL.exe
2013-11-29 11:55 - 2013-11-29 11:54 - 00000000 ____D C:\Users\JJ\Desktop\PC ZEUG
2013-11-29 11:55 - 2012-06-29 17:34 - 00000000 ____D C:\Users\JJ\AppData\Roaming\uTorrent
2013-11-29 11:40 - 2013-11-29 11:39 - 00000000 ____D C:\Users\JJ\Downloads\Trae Tha Truth - I Am King-2013-MIXFIEND
2013-11-29 11:31 - 2012-04-26 16:32 - 00697534 _____ C:\Windows\system32\perfh007.dat
2013-11-29 11:31 - 2012-04-26 16:32 - 00148540 _____ C:\Windows\system32\perfc007.dat
2013-11-29 11:31 - 2009-07-14 06:13 - 01614956 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-29 11:29 - 2013-11-29 11:29 - 00030116 _____ C:\Users\JJ\Downloads\traeiamking.torrent
2013-11-28 13:44 - 2013-11-28 13:42 - 98122851 _____ C:\Users\JJ\Downloads\fulllength.wmv
2013-11-27 19:01 - 2013-11-27 18:09 - 109014991 _____ C:\Users\JJ\Downloads\Shanie Love sextape.flv
2013-11-27 18:30 - 2012-07-16 13:43 - 00000000 ____D C:\Users\JJ\AppData\Roaming\vlc
2013-11-27 18:29 - 2013-10-31 14:51 - 00000000 ____D C:\Users\JJ\Documents\Outlook-Dateien
2013-11-27 18:29 - 2013-10-31 14:05 - 00000000 ____D C:\Users\JJ\Documents\Outlook Files
2013-11-27 18:20 - 2013-11-27 18:20 - 00000000 ____D C:\Users\JJ\Downloads\My Dirty Hobby - Barbie Brilliant (Schuchterner Schnellspritzer) [1080p]
2013-11-27 16:43 - 2013-11-27 16:43 - 00002063 _____ C:\Users\JJ\Downloads\Kaspersky Internet Security 2014.key
2013-11-27 14:52 - 2013-11-27 14:52 - 00000000 ____D C:\Users\JJ\AppData\Roaming\2K Sports
2013-11-27 14:47 - 2013-11-27 14:45 - 00010079 _____ C:\Windows\DirectX.log
2013-11-27 14:34 - 2013-11-27 14:34 - 00000000 ____D C:\Program Files (x86)\2K Sports
2013-11-27 12:25 - 2013-11-27 12:25 - 00144367 _____ C:\Users\JJ\Downloads\[kickass.to]nba.2k14.reloaded.torrent
2013-11-27 12:25 - 2013-11-27 12:25 - 00000000 ____D C:\Users\JJ\Downloads\NBA.2K14-RELOADED
2013-11-26 12:04 - 2012-08-17 15:12 - 00000000 ____D C:\Users\JJ\AppData\Local\CrashDumps
2013-11-25 23:53 - 2013-11-30 13:18 - 01398596 _____ C:\Users\JJ\Desktop\zoek.scr
2013-11-25 23:53 - 2013-11-30 13:18 - 01398596 _____ C:\Users\JJ\Desktop\zoek.com
2013-11-25 23:49 - 2013-11-30 13:18 - 01272832 _____ C:\Users\JJ\Desktop\zoek.exe
2013-11-25 18:32 - 2013-09-17 17:05 - 00000000 ____D C:\Users\Jule Babe\AppData\Local\VirtualStore
2013-11-25 17:12 - 2013-11-25 17:12 - 00002294 _____ C:\Users\Jule Babe\Desktop\Sicherer Zahlungsverkehr.lnk
2013-11-22 13:55 - 2013-11-22 13:46 - 00623200 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-11-22 13:55 - 2013-10-17 15:47 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2013-11-22 13:53 - 2013-11-22 13:53 - 00002366 _____ C:\Users\JJ\Downloads\[kickass.to]kaspersky.internet.security.2013.13.0.0.3370.2014.14.0.0.4651.keys.torrent
2013-11-22 13:46 - 2013-11-22 13:46 - 00000000 ____D C:\Windows\ELAMBKUP
2013-11-22 13:46 - 2013-11-22 13:46 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-11-22 13:41 - 2013-11-22 13:38 - 246598160 _____ C:\Users\JJ\Downloads\kis14.0.0.4651de-de.exe
2013-11-22 13:29 - 2013-11-22 13:29 - 05701712 _____ C:\Users\JJ\Downloads\bitdefender_14isecurity.exe
2013-11-22 13:29 - 2013-11-22 13:29 - 05701712 _____ C:\Users\JJ\Downloads\bitdefender_14isecurity (1).exe
2013-11-22 13:01 - 2013-11-22 13:01 - 00000684 ____H C:\bdr-cf01
2013-11-22 13:01 - 2013-11-22 13:00 - 00253404 ____H C:\bdr-ld01
2013-11-22 13:01 - 2013-11-22 13:00 - 00009216 ____H C:\bdr-ld01.mbr
2013-11-22 12:56 - 2013-11-22 12:44 - 00000000 ____D C:\Users\JJ\Downloads\Bitdefender Antivirus Plus 2014 17.15.0.682
2013-11-22 12:43 - 2013-11-22 12:43 - 00015797 _____ C:\Users\JJ\Downloads\[kickass.to]bitdefender.antivirus.plus.2014.17.15.0.682.torrent
2013-11-22 12:40 - 2013-11-22 12:38 - 00107470 _____ C:\ProgramData\1385120315.1028.bin
2013-11-22 12:39 - 2013-11-22 12:39 - 00000000 ____D C:\ProgramData\Bitdefender
2013-11-22 12:39 - 2013-11-22 12:38 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-11-22 12:38 - 2013-11-22 12:38 - 00000000 ____D C:\Users\JJ\AppData\Roaming\QuickScan
2013-11-22 12:38 - 2013-11-22 12:38 - 00000000 ____D C:\Program Files\Bitdefender
2013-11-22 12:33 - 2013-10-05 19:56 - 00000000 ____D C:\ProgramData\AVG2014
2013-11-22 12:32 - 2013-10-05 19:48 - 00000000 ____D C:\ProgramData\MFAData
2013-11-22 12:25 - 2013-11-22 12:19 - 00000000 ____D C:\Users\JJ\Downloads\Bitdefender Total Security 2014 x32 & x64
2013-11-22 12:18 - 2013-11-22 12:18 - 00066792 _____ C:\Users\JJ\Downloads\[kickass.to]bitdefender.total.security.2014.x32.x64.reset.tool.rv1.torrent
2013-11-21 16:47 - 2013-11-21 16:47 - 00648201 _____ C:\Users\JJ\Downloads\ADW Cleaner.exe
2013-11-21 16:46 - 2013-11-21 16:46 - 00009513 _____ C:\Users\JJ\Downloads\[kickass.to]pc.cleaner.pro.2013.12.0.13.11.15.key.torrent
2013-11-21 16:46 - 2013-11-21 16:46 - 00001317 _____ C:\Users\JJ\Downloads\[kickass.to]adw.cleaner.torrent
2013-11-21 15:57 - 2013-11-21 15:57 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-11-21 15:55 - 2013-11-21 15:55 - 00012254 _____ C:\Users\JJ\Downloads\[kickass.to]spyware.terminator.premium.2012.3.0.0.82.crack.torrent
2013-11-21 15:49 - 2013-11-21 15:27 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-11-21 15:47 - 2013-11-21 15:38 - 00000000 ____D C:\ProgramData\HitmanPro
2013-11-21 15:42 - 2013-11-21 15:42 - 00000000 ____D C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)
2013-11-21 15:41 - 2013-11-21 15:41 - 00013083 _____ C:\Users\JJ\Downloads\[kickass.to]hitmanpro.3.7.7.build.202.final.x86.x64.retail.scenedl.pimprg.torrent
2013-11-21 15:39 - 2013-11-21 15:39 - 10264904 _____ (SurfRight B.V.) C:\Users\JJ\Downloads\HitmanPro_x64.exe
2013-11-21 15:38 - 2013-11-21 15:38 - 09452704 _____ (SurfRight B.V.) C:\Users\JJ\Downloads\HitmanPro.exe
2013-11-21 15:35 - 2013-11-21 15:35 - 00000000 ____D C:\Windows\ERUNT
2013-11-21 15:35 - 2013-11-21 15:34 - 09452704 _____ (SurfRight B.V.) C:\Users\JJ\Downloads\HitmanPro3.7.8.208.exe
2013-11-21 15:31 - 2013-11-21 15:31 - 01034531 _____ (Thisisu) C:\Users\JJ\Downloads\JRT_6.0.8.exe
2013-11-21 15:30 - 2013-11-21 15:30 - 01034531 _____ (Thisisu) C:\Users\JJ\Downloads\JRT.exe
2013-11-21 15:26 - 2013-11-21 15:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\JJ\Downloads\revosetup95.exe
2013-11-21 15:18 - 2012-07-02 13:42 - 00000000 ____D C:\Users\JJ\AppData\Roaming\SoftGrid Client
2013-11-21 14:46 - 2013-11-09 14:28 - 00000000 ____D C:\Program Files (x86)\GreenTree Applications
2013-11-21 14:44 - 2013-10-31 18:21 - 00115200 ___SH C:\Users\JJ\Desktop\Thumbs.db
2013-11-20 13:27 - 2013-11-20 13:21 - 00000000 ____D C:\Users\JJ\Downloads\Irrational Security
2013-11-20 13:20 - 2013-11-20 13:20 - 00035731 _____ C:\Users\JJ\Downloads\Irrational_Security_(Angelina_Black__Victoria_Rae_Black__Nicole_.8926383.TPB.torrent
2013-11-19 21:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-19 16:16 - 2013-11-19 16:16 - 00063835 _____ C:\Users\Jule Babe\Desktop\geb urkunde.htm
2013-11-19 16:16 - 2013-11-19 16:16 - 00000000 ____D C:\Users\Jule Babe\Desktop\geb urkunde_files
2013-11-19 00:40 - 2013-11-19 00:40 - 00000000 _____ C:\Windows\setuperr.log
2013-11-17 15:58 - 2013-11-17 15:58 - 00000000 ____D C:\Windows\pss
2013-11-17 15:56 - 2013-11-17 15:56 - 00000000 ____D C:\Users\JJ\AppData\Roaming\eCyber
2013-11-17 15:36 - 2013-09-26 18:30 - 00002530 _____ C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-11-17 15:36 - 2013-09-17 17:05 - 00002527 _____ C:\Users\Jule Babe\Desktop\Google Chrome.lnk
2013-11-17 15:36 - 2013-09-17 17:05 - 00001661 _____ C:\Users\Jule Babe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-17 15:35 - 2013-11-17 15:35 - 00000000 ____D C:\Windows\system32\log
2013-11-17 15:33 - 2013-11-17 15:33 - 00000000 ____D C:\Users\JJ\AppData\Roaming\Malwarebytes
2013-11-17 15:29 - 2013-11-17 15:29 - 00618912 _____ C:\Users\JJ\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-11-17 15:23 - 2013-11-17 15:23 - 00903832 _____ C:\Users\JJ\Downloads\yet_another_cleaner.exe
2013-11-17 15:19 - 2013-11-17 15:19 - 05049344 _____ (Crawler.com                                                ) C:\Users\JJ\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2013-11-16 13:39 - 2013-09-26 18:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 13:39 - 2012-09-22 13:39 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-16 13:25 - 2009-07-14 03:34 - 00000545 _____ C:\Windows\win.ini
2013-11-16 13:23 - 2013-08-16 23:46 - 00000000 ____D C:\Windows\system32\MRT
2013-11-16 13:19 - 2012-09-04 12:30 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-16 01:43 - 2013-11-16 00:04 - 00000000 ____D C:\Users\Jule Babe\Desktop\Bilder
2013-11-16 00:17 - 2013-11-16 00:16 - 00000000 ____D C:\Users\Jule Babe\AppData\Local\{52B26491-ED3F-43A2-B6CC-789885EC07E4}
2013-11-16 00:15 - 2013-11-16 00:15 - 00000000 ____D C:\Users\Jule Babe\Documents\HP Photosmart Projects
2013-11-11 17:34 - 2013-11-05 18:52 - 00000000 ____D C:\Program Files (x86)\ToshibaEdit
2013-11-11 17:14 - 2013-11-11 17:14 - 02001247 _____ C:\Users\JJ\Downloads\ToshibaEdit_installation (1).exe
2013-11-11 17:14 - 2013-11-11 17:14 - 00000000 ____D C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ToshibaEdit
2013-11-11 17:14 - 2013-11-05 18:52 - 00001897 _____ C:\Users\UpdatusUser\Desktop\ToshibaEdit.lnk
2013-11-11 17:14 - 2013-11-05 18:52 - 00001897 _____ C:\Users\Jule Babe\Desktop\ToshibaEdit.lnk
2013-11-11 05:50 - 2010-11-21 04:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-09 17:47 - 2013-11-05 17:05 - 00000000 ____D C:\Users\JJ\AppData\Roaming\SecretFolder
2013-11-09 17:47 - 2013-09-17 17:09 - 00000000 ____D C:\Users\Jule Babe\AppData\Roaming\SoftGrid Client
2013-11-09 14:56 - 2013-11-09 14:55 - 00015360 ___SH C:\Users\JJ\Downloads\Thumbs.db
2013-11-09 14:32 - 2013-11-09 14:32 - 00017107 _____ C:\Users\JJ\Downloads\[kickass.to]youtube.downloader.pro.ytd.4.7.0.2.incl.crack (1).torrent
2013-11-09 14:32 - 2013-11-09 14:32 - 00000000 ____D C:\Users\JJ\Downloads\YouTube Downloader PRO v4.7.0.2 + Crack
2013-11-09 14:31 - 2013-11-09 14:31 - 00017107 _____ C:\Users\JJ\Downloads\[kickass.to]youtube.downloader.pro.ytd.4.7.0.2.incl.crack.torrent
2013-11-09 14:29 - 2013-11-09 14:29 - 00008707 _____ C:\Users\JJ\Downloads\[kickass.to]youtube.downloader.pro.ytd.v3.9.including.crack.h33t.iahq76.torrent
2013-11-09 14:28 - 2013-11-09 14:28 - 00000000 ____D C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JustCloud
2013-11-09 14:28 - 2012-06-29 13:43 - 00000000 ___RD C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-06 12:04 - 2013-11-06 11:40 - 00000000 ____D C:\Users\JJ\Downloads\Tinie Tempah - Demonstration [2013] 320
2013-11-06 11:42 - 2013-11-06 11:41 - 00000000 ____D C:\Users\JJ\Downloads\Omarion - Care Package 2
2013-11-06 11:40 - 2013-11-06 11:40 - 00019825 _____ C:\Users\JJ\Downloads\[kickass.to]omarion.care.package.2.2013mixtape.desspratt.torrent
2013-11-06 11:39 - 2013-11-06 11:39 - 00013775 _____ C:\Users\JJ\Downloads\[kickass.to]tinie.tempah.demonstration.2013.320.torrent
2013-11-05 18:51 - 2013-11-05 18:51 - 02001247 _____ C:\Users\JJ\Downloads\ToshibaEdit_installation.exe
2013-11-05 17:08 - 2013-11-05 17:06 - 00000128 _____ C:\Windows\HFIT.hff
2013-11-05 17:05 - 2013-11-05 17:05 - 03629608 _____ (Oh!Soft(ohsoft.net) - Best Software Developer                                          ) C:\Users\JJ\Downloads\SecretFolder_v2.5.0.0.exe
2013-11-05 17:05 - 2013-11-05 17:05 - 00000000 ____D C:\Program Files (x86)\SecretFolder
2013-11-05 17:01 - 2013-11-05 17:01 - 00231376 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys
2013-11-05 17:00 - 2013-11-05 17:00 - 03466248 _____ (TrueCrypt Foundation) C:\Users\JJ\Downloads\TrueCrypt_Setup_7.1a.exe
2013-11-05 17:00 - 2013-11-05 17:00 - 03466248 _____ (TrueCrypt Foundation) C:\Users\JJ\Downloads\TrueCrypt_Setup_7.1a (1).exe
2013-11-04 12:06 - 2013-09-17 17:06 - 00120336 _____ C:\Users\Jule Babe\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-02 16:19 - 2009-07-14 05:45 - 00476048 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-02 16:18 - 2012-04-26 07:04 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-11-02 16:18 - 2012-04-26 07:04 - 00000000 ____D C:\Windows\system32\NV
2013-11-02 16:18 - 2012-04-26 06:45 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-01 12:10 - 2012-04-26 06:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-11-01 11:57 - 2013-11-01 11:57 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-11-01 11:57 - 2013-11-01 11:57 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help

Some content of TEMP:
====================
C:\Users\JJ\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-30 00:39

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-12-2013
Ran by JJ at 2013-12-01 15:06:01
Running from C:\Users\JJ\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

 clear.fi SDK - Video 2 (x32 Version: 2.1.2128)
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2112)
µTorrent (x32 Version: 3.1.3)
64 Bit HP CIO Components Installer (Version: 6.2.1)
Acer Backup Manager (x32 Version: 3.0.0.100)
Acer Crystal Eye Webcam (x32 Version: 1.5.2108.00)
Acer ePower Management (x32 Version: 6.00.3010)
Acer eRecovery Management (x32 Version: 5.00.3507)
Acer Instant Update Service (Version: 1.00.3001)
Acer Registration (x32 Version: 1.04.3506)
Acer ScreenSaver (x32 Version: 20.11.1107.1418)
Acer Updater (x32 Version: 1.02.3501)
AcerCloud (x32 Version: 2.01.3125)
Adobe AIR (x32 Version: 2.6.0.19120)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.202)
Adobe Reader X (10.1.7) MUI (x32 Version: 10.1.7)
AIO_CDA_ProductContext (x32 Version: 130.0.365.000)
AIO_CDA_Software (x32 Version: 130.0.365.000)
AIO_Scan (x32 Version: 130.0.365.000)
Atheros Bluetooth Suite (64) (Version: 7.4.0.122)
Backup Manager V3 (x32 Version: 3.0.0.100)
Broadcom Card Reader Driver Installer (Version: 15.0.7.2)
Broadcom NetLink Controller (Version: 15.0.7.1)
BufferChm (x32 Version: 130.0.331.000)
C3100 (x32 Version: 130.0.365.000)
c3100_Help (x32 Version: 82.0.256.000)
CDBurnerXP (x32 Version: 4.4.1.3243)
clear.fi Media (x32 Version: 2.01.3112)
clear.fi Photo (x32 Version: 2.01.3111)
Copy (x32 Version: 130.0.428.000)
CyberLink MediaEspresso (x32 Version: 6.5.1720_38230)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (x32)
Destinations (x32 Version: 130.0.0.0)
DeviceDiscovery (x32 Version: 130.0.465.000)
DocProc (x32 Version: 13.0.0.0)
Dolby Home Theater v4 (x32 Version: 7.2.7000.7)
DVD Shrink 3.2 deutsch (DeCSS-frei) (x32)
eBay Worldwide (x32 Version: 2.2.0409)
Evernote v. 4.5.2 (x32 Version: 4.5.2.5866)
Fax (x32 Version: 130.0.418.000)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Freemake Video Converter Version 4.0.2 (x32 Version: 4.0.2)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
Google Chrome (x32 Version: 64.240.49198)
Google Update Helper (x32 Version: 1.3.21.165)
GPBaseService2 (x32 Version: 130.0.371.000)
Grewe Scanner-Interface 7 (x32 Version: 7)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (x32 Version: 4.000.011.006)
HPPhotoGadget (x32 Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000)
HPPhotosmartEssential (x32 Version: 2.04.0000)
HPProductAssistant (x32 Version: 130.0.371.000)
HPSSupply (x32 Version: 130.0.371.000)
HUAWEI DataCard Driver 4.22.19.00 (x32 Version: 4.22.19.00)
Identity Card (x32 Version: 1.00.3501)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 8.0.2.1410)
Intel(R) OpenCL CPU Runtime (x32)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2653)
Intel(R) Rapid Storage Technology (x32 Version: 11.1.0.1006)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
IsoBuster 3.2 (x32 Version: 3.2)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
JustCloud  (Version: )
Kaspersky Internet Security (x32 Version: 14.0.0.4651)
Launch Manager (x32 Version: 5.1.13)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MarketResearch (x32 Version: 130.0.374.000)
MEDION GoPal Assistant (x32 Version: 6.0.6.11666)
Medion GoPal Assistant 4.00.0044 (x32 Version: 4.0.44.0)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Access MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Access Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft DCF MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Excel MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Groove MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft InfoPath MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Lync MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017)
Microsoft Office Language Pack 2013  - German/Deutsch (x32 Version: 15.0.4420.1017)
Microsoft Office O MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office OSM MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Español (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4420.1017)
Microsoft Office Shared 64-bit MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.5139.5005)
Microsoft Office Word Viewer 2003 (x32 Version: 11.0.8173.0)
Microsoft OneNote MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Outlook MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Publisher MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft SharePoint Designer MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft Word MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft X MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Mobile Broadband Generic Drivers (x32 Version: 2.03.34.002.25)
Mobile Connection Manager (x32 Version: 8.8.7.892)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MyWinLocker (Version: 4.0.14.27)
MyWinLocker 4 (x32 Version: 4.0.14.27)
MyWinLocker Suite (x32 Version: 4.0.14.19)
Nero Burning ROM 10 (x32 Version: 10.2.11000.12.100)
Nero Burning ROM 10 (x32 Version: 10.5.10300)
Nero BurningROM 10 Help (CHM) (x32 Version: 10.5.10100)
Nero BurnRights 10 (x32 Version: 4.2.10300.0.102)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Control Center 10 (x32 Version: 10.2.10600.0.6)
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Core Components 10 (x32 Version: 2.0.17400.8.2)
Nero Update (x32 Version: 1.0.0018)
NETGEAR Genie (x32 Version: 2.2.28.24.exe )
Network64 (Version: 130.0.572.000)
newsXpresso (x32 Version: 1.0.0.40)
NTI Media Maker 9 (x32 Version: 9.0.2.9006)
NVIDIA Grafiktreiber 306.97 (Version: 306.97)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA Optimus 1.10.8 (Version: 1.10.8)
NVIDIA PhysX (x32 Version: 9.11.1111)
NVIDIA Systemsteuerung 306.97 (Version: 306.97)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
OpenOffice 4.0.1 (x32 Version: 4.01.9714)
Option WWAN Driver 5.0.32.0 Installer  (Version: 3.5.0.1158)
Option WWAN Driver 5.0.32.0 Installer (Version: 3.5.0.1158)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 3.1)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6543)
Samsung Kies (x32 Version: 2.3.2.12074_13)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.6.0)
Scan (x32 Version: 13.0.0.0)
SecretFolder version 2.5.0.0 (x32 Version: 2.5.0.0)
Shop for HP Supplies (Version: 13.0)
Shredder (Version: 2.0.8.9)
Shredder (x32 Version: 2.0.8.9)
Sierra Wireless Drivers (x32 Version: 1.0.2468.01)
Skype™ 5.10 (x32 Version: 5.10.116)
SmartWebPrinting (x32 Version: 130.0.457.000)
Snap.Do (x32 Version: 1.72.1.11549)
Snap.Do Engine (HKCU Version: 1.72.1.11549)
SolutionCenter (x32 Version: 130.0.373.000)
Spotify (HKCU Version: 0.8.5.1333.g822e0de8)
Status (x32 Version: 130.0.469.000)
Synaptics Pointing Device Driver (Version: 15.3.41.5)
Toolbox (x32 Version: 130.0.648.000)
ToshibaEdit (remove only) (x32)
TrayApp (x32 Version: 130.0.422.000)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.5 (Version: 2.5.1.0)
UltraISO Premium V9.53 (x32)
UnloadSupport (x32 Version: 11.0.0)
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition (x32)
Update for Microsoft InfoPath 2013 (KB2752078) 32-Bit Edition (x32)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (x32)
Update for Microsoft Lync 2013 (KB2825630) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760257) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817309) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817311) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817640) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2837643) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2837649) 32-Bit Edition (x32)
Update for Microsoft OneNote 2013 (KB2837642) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2013 (KB2726947) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2013 (KB2817625) 32-Bit Edition (x32)
Update for Microsoft Project 2013 (KB2767859) 32-Bit Edition (x32)
Update for Microsoft Publisher 2013 (KB2752097) 32-Bit Edition (x32)
Update for Microsoft SkyDrive Pro (KB2837652) 32-Bit Edition (x32)
Update for Microsoft Visio 2013 (KB2752018) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition (x32)
Update for Microsoft Word 2013 (KB2817631) 32-Bit Edition (x32)
Update for Microsoft Word 2013 (KB2837630) 32-Bit Edition (x32)
VirtualCloneDrive (x32 Version: 5.4.7.0)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1)
VLC media player 2.0.6 (x32 Version: 2.0.6)
VueScan (x32)
WebReg (x32 Version: 130.0.132.017)
Welcome Center (x32 Version: 1.02.3507)
Winamp (x32 Version: 5.63 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)
Windows Mobile Device Center Driver Update (Version: 6.1.6965.0)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
WinRAR 4.20 (32-Bit) (x32 Version: 4.20.0)
Yahoo! Toolbar (x32)
YTD Video Downloader 4.7 (x32 Version: 4.7)
ZTE USB Driver (Version: 1.0.1.31_TME)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Почта Windows Live (x32 Version: 15.4.3502.0922)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
بريد Windows Live (x32 Version: 15.4.3502.0922)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)

==================== Restore Points  =========================

23-11-2013 12:26:02 Windows Update
26-11-2013 16:32:27 Windows Update
27-11-2013 13:34:22 Installed NBA 2K14
27-11-2013 13:41:14 DirectX wurde installiert
29-11-2013 14:08:23 ComboFix created restore point
30-11-2013 12:19:55 zoek.exe restore point

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-11-29 15:19 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0211340A-8241-4FCD-AEF8-ADAEFA72739C} - \EPUpdater No Task File
Task: {0A4B0F39-AE30-4977-B287-E5F22491517B} - \DealPlyLiveUpdateTaskMachineCore No Task File
Task: {0D53C9C5-3156-42B8-8650-35B592A11CD1} - \DealPlyUpdate No Task File
Task: {12A63EB1-C1F3-494F-B2E1-DAB1B0A04C9A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {23B472A2-80E6-46B5-83AB-23C61321C271} - \DealPlyLiveUpdateTaskMachineUA No Task File
Task: {47307E45-087D-4EEA-95D7-8E06F89D2C30} - \BitGuard No Task File
Task: {515CBC5B-7CD4-4262-AB7A-8E8AB32EA4ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {78A9C810-9E1C-4DBE-BF37-1C5CC9B856D2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {8FCCD5FC-865A-49C0-8A55-FF5E70DD5FA1} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PmmUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {AB61133F-D7B5-4CC2-A715-70342F2380C6} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {C22D605F-D547-4DF0-A0B7-15E1F622C68D} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-05-20] (CyberLink)
Task: {CB1CE8FE-244E-40F5-B73B-E035BD2CE864} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {D0C67C86-2E3D-4666-BB12-D9C07AE46467} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {DC486354-47CF-4052-AE80-6927A3A7FB79} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-02-07] (Acer Incorporated)
Task: {E13C4190-F347-4DF3-AC65-7A2079384A03} - \AmiUpdXp No Task File
Task: {EE323B6A-75A7-4736-A5E6-BE620E10637E} - \Express FilesUpdate No Task File
Task: {F1CF41AC-B867-40CB-9994-D8844AF977C5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-09] (Adobe Systems Incorporated)
Task: {F5D7DF43-2923-4D67-A718-F7797614A223} - \Dealply No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-19 23:37 - 2013-09-19 23:37 - 00012288 _____ () C:\Program Files (x86)\GreenTree Applications\JustCloud\GetText.dll
2013-09-19 23:32 - 2013-09-19 23:32 - 01102336 _____ () C:\Program Files (x86)\GreenTree Applications\JustCloud\x64\System.Data.SQLite.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 00465344 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 01081368 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 00125464 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-07-30 16:09 - 2012-07-30 16:09 - 00034816 _____ () C:\Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll
2012-07-31 07:21 - 2012-07-31 07:21 - 14278144 _____ () C:\Program Files (x86)\Samsung\Kies\Theme\Kies.Theme.dll
2012-07-31 07:21 - 2012-07-31 07:21 - 00551424 _____ () C:\Program Files (x86)\Samsung\Kies\Common\Kies.UI.dll
2012-07-30 16:08 - 2012-07-30 16:08 - 00023040 _____ () C:\Program Files (x86)\Samsung\Kies\MVVM\Kies.MVVM.dll
2012-07-30 13:17 - 2012-07-30 13:17 - 00057856 _____ () C:\Program Files (x86)\Samsung\Kies\Common\ASF_cSharpAPI.dll
2013-02-19 07:46 - 2013-02-19 07:46 - 00011362 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\mingwm10.dll
2013-02-19 07:46 - 2013-02-19 07:46 - 00043008 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2013-02-19 07:46 - 2013-02-19 07:46 - 02537472 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtCore4.dll
2013-02-19 07:46 - 2013-02-19 07:46 - 09814016 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtGui4.dll
2013-06-05 02:22 - 2013-06-05 02:22 - 00481280 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll
2013-03-27 09:42 - 2013-03-27 09:42 - 01553920 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll
2013-02-19 07:46 - 2013-02-19 07:46 - 01140224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtNetwork4.dll
2013-02-19 07:46 - 2013-02-19 07:46 - 00399360 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtXml4.dll
2013-05-10 04:12 - 2013-05-10 04:12 - 00229888 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2013-03-27 09:43 - 2013-03-27 09:43 - 01067520 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2013-05-28 07:21 - 2013-05-28 07:21 - 04334592 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll
2013-03-27 09:52 - 2013-03-27 09:52 - 00500736 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2013-03-27 09:50 - 2013-03-27 09:50 - 00186368 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll
2013-03-27 09:51 - 2013-03-27 09:51 - 01198080 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2013-05-15 03:56 - 2013-05-15 03:56 - 08432128 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2013-04-28 07:25 - 2013-04-28 07:25 - 01205760 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2013-03-27 09:42 - 2013-03-27 09:42 - 00088064 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll
2013-03-27 09:51 - 2013-03-27 09:51 - 00641536 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2013-05-14 06:18 - 2013-05-14 06:18 - 00931840 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2013-03-27 09:49 - 2013-03-27 09:49 - 00438272 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2013-02-19 07:46 - 2013-02-19 07:46 - 00083456 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif4.dll
2013-02-19 07:46 - 2013-02-19 07:46 - 00083456 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico4.dll
2013-02-19 07:46 - 2013-02-19 07:46 - 00287232 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg4.dll
2013-03-27 09:42 - 2013-03-27 09:42 - 00137728 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll
2013-03-27 03:58 - 2013-03-27 03:58 - 00139264 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll
2013-03-27 03:58 - 2013-03-27 03:58 - 00072192 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.DLL
2013-03-27 03:58 - 2013-03-27 03:58 - 00074752 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll
2013-03-27 03:58 - 2013-03-27 03:58 - 00136704 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll
2013-03-27 09:51 - 2013-03-27 09:51 - 00714240 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll
2013-03-27 09:49 - 2013-03-27 09:49 - 00485376 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2013-03-27 09:49 - 2013-03-27 09:49 - 00116224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll
2013-03-27 03:58 - 2013-03-27 03:58 - 00066560 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll
2013-11-05 17:05 - 2012-11-17 14:30 - 00071168 _____ () C:\Program Files (x86)\SecretFolder\SystemInfoLib.dll
2013-11-17 15:19 - 2013-11-14 12:28 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
2013-11-17 15:19 - 2013-11-14 12:28 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libegl.dll
2013-11-17 15:19 - 2013-11-14 12:29 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-17 15:19 - 2013-11-14 12:29 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-17 15:19 - 2013-11-14 12:28 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
2013-08-20 11:01 - 2013-08-20 11:01 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\67f2d87ba056e1075fce76a8c50bb57e\IsdiInterop.ni.dll
2012-03-26 07:37 - 2012-02-02 00:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-04-26 06:51 - 2012-02-08 02:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/01/2013 02:55:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2013 01:06:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2013 11:52:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2013 09:38:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2013 09:31:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/01/2013 02:55:12 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/30/2013 03:59:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/30/2013 03:40:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/30/2013 03:39:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/30/2013 03:38:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/30/2013 03:20:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/30/2013 02:28:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/30/2013 01:06:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/30/2013 00:39:14 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/29/2013 11:52:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058


Microsoft Office Sessions:
=========================
Error: (12/01/2013 02:55:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2013 01:06:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2013 11:52:27 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2013 09:38:56 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2013 09:31:43 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-11-29 15:16:54.154
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-29 15:16:54.101
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-29 15:09:27.980
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-29 15:09:27.978
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-29 14:33:45.853
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-29 14:33:45.851
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-29 14:33:45.849
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-29 14:33:45.836
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-29 14:33:45.834
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-29 14:33:45.831
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 27%
Total physical RAM: 8030.36 MB
Available physical RAM: 5805.45 MB
Total Pagefile: 16058.89 MB
Available Pagefile: 13449.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:681.54 GB) (Free:583.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: C087B655)
Partition 1: (Not Active) - (Size=17 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=682 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---


SystemLook 30.07.11 by jpshortstuff
Log created at 15:10 on 01/12/2013 by JJ
Administrator - Elevation successful

========== filefind ==========

Searching for "*lollipop*"
C:\AdwCleaner\Quarantine\C\Users\JJ\AppData\Local\lollipop\lollipop.bat.vir --a---- 320 bytes [10:23 18/09/2013] [13:04 25/09/2013] 03BC358768C0D8B98D5BCA7DA591BC2E
C:\AdwCleaner\Quarantine\C\Users\JJ\AppData\Local\lollipop\Lollipop.exe.vir --a---- 893960 bytes [10:23 18/09/2013] [10:23 18/09/2013] 46CCF227BE9AA950B918159178DC531F
C:\AdwCleaner\Quarantine\C\Users\JJ\AppData\Local\lollipop\lollipop.lpd.vir --a---- 3981 bytes [10:23 18/09/2013] [13:17 25/09/2013] 4A09CACE55306F7E8F979BA38C6B7B3D
C:\AdwCleaner\Quarantine\C\Users\JJ\AppData\Local\lollipop\lollipop_cfg.lpd.vir --a---- 203519 bytes [10:23 18/09/2013] [10:23 18/09/2013] 11C53C6E16EF1BF65FDD7D19E2D7A013
C:\AdwCleaner\Quarantine\C\Users\JJ\AppData\Local\lollipop\lollipop_ps.lpd.vir --a---- 2817 bytes [10:23 18/09/2013] [13:17 25/09/2013] 95F45B833EE8AA4FE70F38363508158A
C:\AdwCleaner\Quarantine\C\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\lollipop.lnk.vir --a---- 1948 bytes [10:23 18/09/2013] [13:16 25/09/2013] 70E703BED3089A28FEB47D5E918AD3FB
C:\AdwCleaner\Quarantine\C\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lollipop.lnk.vir --a---- 1078 bytes [10:23 18/09/2013] [13:16 25/09/2013] 9630D6CCBA3C3FB51F5BF49FDFA74EF8

Searching for " *softonic*"
No files found.

Searching for " *dealply* "
No files found.

Searching for "*lemurleap* "
No files found.

Searching for "*ytd video downloader* "
C:\Users\JJ\Desktop\PC ZEUG\YTD Video Downloader.lnk --a---- 1253 bytes [13:50 09/11/2013] [13:50 09/11/2013] 4A770D087BAA7115AF30CF1DC2993774

Searching for " :folderfind "
No files found.

Searching for "*lollipop* "
C:\AdwCleaner\Quarantine\C\Users\JJ\AppData\Local\lollipop\lollipop.bat.vir --a---- 320 bytes [10:23 18/09/2013] [13:04 25/09/2013] 03BC358768C0D8B98D5BCA7DA591BC2E
C:\AdwCleaner\Quarantine\C\Users\JJ\AppData\Local\lollipop\Lollipop.exe.vir --a---- 893960 bytes [10:23 18/09/2013] [10:23 18/09/2013] 46CCF227BE9AA950B918159178DC531F
C:\AdwCleaner\Quarantine\C\Users\JJ\AppData\Local\lollipop\lollipop.lpd.vir --a---- 3981 bytes [10:23 18/09/2013] [13:17 25/09/2013] 4A09CACE55306F7E8F979BA38C6B7B3D
C:\AdwCleaner\Quarantine\C\Users\JJ\AppData\Local\lollipop\lollipop_cfg.lpd.vir --a---- 203519 bytes [10:23 18/09/2013] [10:23 18/09/2013] 11C53C6E16EF1BF65FDD7D19E2D7A013
C:\AdwCleaner\Quarantine\C\Users\JJ\AppData\Local\lollipop\lollipop_ps.lpd.vir --a---- 2817 bytes [10:23 18/09/2013] [13:17 25/09/2013] 95F45B833EE8AA4FE70F38363508158A
C:\AdwCleaner\Quarantine\C\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\lollipop.lnk.vir --a---- 1948 bytes [10:23 18/09/2013] [13:16 25/09/2013] 70E703BED3089A28FEB47D5E918AD3FB
C:\AdwCleaner\Quarantine\C\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lollipop.lnk.vir --a---- 1078 bytes [10:23 18/09/2013] [13:16 25/09/2013] 9630D6CCBA3C3FB51F5BF49FDFA74EF8

Searching for "*softonic*"
C:\AdwCleaner\Quarantine\C\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_free-youtube-download.softonic.de_0.localstorage-journal.vir --a---- 512 bytes [17:32 25/12/2012] [17:32 25/12/2012] BF619EAC0CDF3F68D496EA9344137E8B
C:\AdwCleaner\Quarantine\C\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_free-youtube-download.softonic.de_0.localstorage.vir --a---- 3072 bytes [17:32 25/12/2012] [17:32 25/12/2012] F353360D74D4532256CFF2BC1D810699
C:\AdwCleaner\Quarantine\C\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.softonic.de_0.localstorage-journal.vir --a---- 512 bytes [20:54 19/11/2013] [20:54 19/11/2013] BF619EAC0CDF3F68D496EA9344137E8B
C:\AdwCleaner\Quarantine\C\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.softonic.de_0.localstorage.vir --a---- 3072 bytes [20:54 19/11/2013] [20:54 19/11/2013] F353360D74D4532256CFF2BC1D810699
C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage --a---- 3072 bytes [11:44 24/10/2013] [12:45 31/10/2013] 8B2E360DDD66E2894511A4A93C6BA498
C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage-journal --a---- 3608 bytes [11:44 24/10/2013] [12:45 31/10/2013] F0EF1D4756F2B58FDB7D9415CD0C0EDB
C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gimp.softonic.de_0.localstorage --a---- 3072 bytes [20:54 19/11/2013] [20:54 19/11/2013] F353360D74D4532256CFF2BC1D810699
C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gimp.softonic.de_0.localstorage-journal --a---- 512 bytes [20:54 19/11/2013] [20:54 19/11/2013] BF619EAC0CDF3F68D496EA9344137E8B

Searching for " *dealply* "
No files found.

Searching for "*lemurleap* "
No files found.

Searching for "*ytd video downloader* "
C:\Users\JJ\Desktop\PC ZEUG\YTD Video Downloader.lnk --a---- 1253 bytes [13:50 09/11/2013] [13:50 09/11/2013] 4A770D087BAA7115AF30CF1DC2993774

========== regfind ==========

Searching for "lollipop"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\980f9b3e_0]
@="{0.0.0.00000000}.{fbd5c20b-7bf1-4bf4-978c-d8611768185b}|\Device\HarddiskVolume3\Users\JJ\AppData\Local\Lollipop\Lollipop.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4293873659-272735440-3936074284-1002\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\980f9b3e_0]
@="{0.0.0.00000000}.{fbd5c20b-7bf1-4bf4-978c-d8611768185b}|\Device\HarddiskVolume3\Users\JJ\AppData\Local\Lollipop\Lollipop.exe%b{00000000-0000-0000-0000-000000000000}"

Searching for " softonic"
No data found.

Searching for " dealply"
No data found.

Searching for " lemurleap"
No data found.

Searching for " ytd video downloader"
No data found.

-= EOF =-

bis jetzt habe ich diese Meldung immernoch gerade als ich geantwortet habe kam es wieder :( aber ich denke schon dass wir das schaffen....
hier die Meldung hxxp://img5.fotos-hochladen.net/uploads/unbenanntk74qp2yhz5.jpg

M-K-D-B 01.12.2013 21:08
Servus,



Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern. Bitte berichte mir, ob du nach den Schritten immer noch Probleme mit myPCBackup hast.
Im Anschluss daran räumen wir auf und ich gebe dir noch ein paar Tipps mit auf den Weg.



  • Folge folgendem Pfad: Start -> Systemsteuerung -> Software / Programme deinstallieren
  • Suche in der Liste Software mit dem folgenden Namen
    • JustCloud
    und deinstalliere das Programm.
  • Solltest du am Ende der Deinstallation zu einem Neustart aufgefordert werden, so führe diesen durch.
  • Sollte es Probleme mit der Deinstallation geben, so lass es mich bitte wissen.




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
Startup: C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JustCloud.lnk
ShortcutTarget: JustCloud.lnk -> C:\Program Files (x86)\GreenTree Applications\JustCloud\JustCloud.exe (JustCloud.com)
C:\Program Files (x86)\GreenTree Applications\JustCloud
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
Task: {0211340A-8241-4FCD-AEF8-ADAEFA72739C} - \EPUpdater No Task File
Task: {0A4B0F39-AE30-4977-B287-E5F22491517B} - \DealPlyLiveUpdateTaskMachineCore No Task File
Task: {0D53C9C5-3156-42B8-8650-35B592A11CD1} - \DealPlyUpdate No Task File
Task: {23B472A2-80E6-46B5-83AB-23C61321C271} - \DealPlyLiveUpdateTaskMachineUA No Task File
Task: {47307E45-087D-4EEA-95D7-8E06F89D2C30} - \BitGuard No Task File
Task: {E13C4190-F347-4DF3-AC65-7A2079384A03} - \AmiUpdXp No Task File
Task: {EE323B6A-75A7-4736-A5E6-BE620E10637E} - \Express FilesUpdate No Task File
Task: {F5D7DF43-2923-4D67-A718-F7797614A223} - \Dealply No Task File
C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage
C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage-journal
C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gimp.softonic.de_0.localstorage
C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gimp.softonic.de_0.localstorage-journal
C:\Users\JJ\Desktop\PC ZEUG\YTD Video Downloader.lnk
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 






Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset






Schritt 4
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von FRST,
  • die Logdatei von HitmanPro,
  • die Logdatei von ESET,
  • die Logdatei von SecurityCheck.

JJCAM 01.12.2013 21:31
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-12-2013
Ran by JJ at 2013-12-01 21:30:47 Run:1
Running from C:\Users\JJ\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start Startup: C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JustCloud.lnk ShortcutTarget: JustCloud.lnk -> C:\Program Files (x86)\GreenTree Applications\JustCloud\JustCloud.exe (JustCloud.com) C:\Program Files (x86)\GreenTree Applications\JustCloud HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank Task: {0211340A-8241-4FCD-AEF8-ADAEFA72739C} - \EPUpdater No Task File Task: {0A4B0F39-AE30-4977-B287-E5F22491517B} - \DealPlyLiveUpdateTaskMachineCore No Task File Task: {0D53C9C5-3156-42B8-8650-35B592A11CD1} - \DealPlyUpdate No Task File Task: {23B472A2-80E6-46B5-83AB-23C61321C271} - \DealPlyLiveUpdateTaskMachineUA No Task File Task: {47307E45-087D-4EEA-95D7-8E06F89D2C30} - \BitGuard No Task File Task: {E13C4190-F347-4DF3-AC65-7A2079384A03} - \AmiUpdXp No Task File Task: {EE323B6A-75A7-4736-A5E6-BE620E10637E} - \Express FilesUpdate No Task File Task: {F5D7DF43-2923-4D67-A718-F7797614A223} - \Dealply No Task File C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage-journal C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gimp.softonic.de_0.localstorage C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gimp.softonic.de_0.localstorage-journal C:\Users\JJ\Desktop\PC ZEUG\YTD Video Downloader.lnk end
*****************

start Startup: C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JustCloud.lnk C:\Program Files (x86)\GreenTree Applications\JustCloud\JustCloud.exe\GreenTree Applications\JustCloud HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank Task: {0211340A-8241-4FCD-AEF8-ADAEFA72739C} - \EPUpdater No Task File Task: {0A4B0F39-AE30-4977-B287-E5F22491517B} - \DealPlyLiveUpdateTaskMachineCore No Task File Task: {0D53C9C5-3156-42B8-8650-35B592A11CD1} - \DealPlyUpdate No Task File Task: {23B472A2-80E6-46B5-83AB-23C61321C271} - \DealPlyLiveUpdateTaskMachineUA No Task File Task: {47307E45-087D-4EEA-95D7-8E06F89D2C30} - \BitGuard No Task File Task: {E13C4190-F347-4DF3-AC65-7A2079384A03} - \AmiUpdXp No Task File Task: {EE323B6A-75A7-4736-A5E6-BE620E10637E} - \Express FilesUpdate No Task File Task: {F5D7DF43-2923-4D67-A718-F7797614A223} - \Dealply No Task File C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage-journal C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gimp.softonic.de_0.localstorage C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gimp.softonic.de_0.localstorage-journal C:\Users\JJ\Desktop\PC ZEUG\YTD Video Downloader.lnk end not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\start Startup: C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JustCloud.lnk ShortcutTarget: JustCloud.lnk -> C:\Program Files (x86)\GreenTree Applications\JustCloud\JustCloud.exe (JustCloud.com) C:\Program Files (x86)\GreenTree Applications\JustCloud HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank {0211340A-8241-4FCD-AEF8-ADAEFA72739C} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Treestart Startup: C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JustCloud.lnk ShortcutTarget: JustCloud.lnk -> C:\Program Files (x86)\GreenTree Applications\JustCloud\JustCloud.exe (JustCloud.com) C:\Program Files (x86)\GreenTree Applications\JustCloud HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank \EPUpdater No Task File Task: {0A4B0F39-AE30-4977-B287-E5F22491517B} - \DealPlyLiveUpdateTaskMachineCore No Task File Task: {0D53C9C5-3156-42B8-8650-35B592A11CD1} - \DealPlyUpdate No Task File Task: {23B472A2-80E6-46B5-83AB-23C61321C271} - \DealPlyLiveUpdateTaskMachineUA No Task File Task: {47307E45-087D-4EEA-95D7-8E06F89D2C30} - \BitGuard No Task File Task: {E13C4190-F347-4DF3-AC65-7A2079384A03} - \AmiUpdXp No Task File Task: {EE323B6A-75A7-4736-A5E6-BE620E10637E} - \Express FilesUpdate No Task File Task: {F5D7DF43-2923-4D67-A718-F7797614A223} - \Dealply => Key not found.

==== End of Fixlog ====

M-K-D-B 01.12.2013 21:35
Servus,


FRST-Fix nochmal ausführen, das hat nicht funktioniert.


Jede Zeile in der Code-Box muss auch bei dir in Notepad in einer extra Zeile sein!

JJCAM 01.12.2013 21:49
so hier nochmal Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-12-2013
Ran by JJ at 2013-12-01 21:47:03 Run:2
Running from C:\Users\JJ\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
Startup: C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JustCloud.lnk
ShortcutTarget: JustCloud.lnk -> C:\Program Files (x86)\GreenTree Applications\JustCloud\JustCloud.exe (JustCloud.com)
C:\Program Files (x86)\GreenTree Applications\JustCloud
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
Task: {0211340A-8241-4FCD-AEF8-ADAEFA72739C} - \EPUpdater No Task File
Task: {0A4B0F39-AE30-4977-B287-E5F22491517B} - \DealPlyLiveUpdateTaskMachineCore No Task File
Task: {0D53C9C5-3156-42B8-8650-35B592A11CD1} - \DealPlyUpdate No Task File
Task: {23B472A2-80E6-46B5-83AB-23C61321C271} - \DealPlyLiveUpdateTaskMachineUA No Task File
Task: {47307E45-087D-4EEA-95D7-8E06F89D2C30} - \BitGuard No Task File
Task: {E13C4190-F347-4DF3-AC65-7A2079384A03} - \AmiUpdXp No Task File
Task: {EE323B6A-75A7-4736-A5E6-BE620E10637E} - \Express FilesUpdate No Task File
Task: {F5D7DF43-2923-4D67-A718-F7797614A223} - \Dealply No Task File
C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage
C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage-journal
C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gimp.softonic.de_0.localstorage
C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gimp.softonic.de_0.localstorage-journal
C:\Users\JJ\Desktop\PC ZEUG\YTD Video Downloader.lnk
*****************

C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JustCloud.lnk not found.
C:\Program Files (x86)\GreenTree Applications\JustCloud\JustCloud.exe => Moved successfully.

"C:\Program Files (x86)\GreenTree Applications\JustCloud" directory move:

C:\Program Files (x86)\GreenTree Applications\JustCloud\aff.conf => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\AlphaVSS.51.x86.dll => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\AlphaVSS.52.x64.dll => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\AlphaVSS.52.x86.dll => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\AlphaVSS.60.x64.dll => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\AlphaVSS.60.x86.dll => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\AlphaVSS.Common.dll => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\AWSSDK.dll => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\BackupStack.exe => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Configuration Updater.exe => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Crypto32.dll => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Crypto64.dll => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\de_DE.mo => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\diffstack.dll => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\es_ES.mo => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\fr_FR.mo => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\GetText.dll => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\it_IT.mo => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\justcloud.ico => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\LogicNP.EZShellExtensions.dll => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\MPCBClient.dll => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\MPCBContextMenu.dll => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\MPCBIconOverlays.dll => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\pt_PT.mo => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\RegisterExtensionDotNet20_x64.exe => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\RegisterExtensionDotNet20_x86.exe => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\RestartExplorer.exe => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Service Start.exe => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Shared Stack.dll => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Signup Wizard.exe => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\syncicon.ico => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\syncing.ico => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\tick.ico => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\uninst.exe => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\UnRegisterExtensions.exe => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Updater.exe => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\x86\System.Data.SQLite.dll => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\x64\System.Data.SQLite.dll => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Resources\keycache\_2831c801-2804-4c54-841e-31a537916e74_backupKeyCache.block => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Resources\keycache\_2831c801-2804-4c54-841e-31a537916e74_backupKeyCache.tree => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Resources\keycache\_a7b7794d-7b1e-4ca4-95d8-c871ed41fe75_backupKeyCache.block => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Resources\keycache\_a7b7794d-7b1e-4ca4-95d8-c871ed41fe75_backupKeyCache.tree => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Resources\keycache\_b58378d6-a996-4348-86b2-5aaac6adc6d5_backupKeyCache.block => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Resources\keycache\_b58378d6-a996-4348-86b2-5aaac6adc6d5_backupKeyCache.tree => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Resources\keycache\_b9a7edc3-dc8c-4fbd-9e67-4f8e5d79b1db_backupKeyCache.block => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Resources\keycache\_b9a7edc3-dc8c-4fbd-9e67-4f8e5d79b1db_backupKeyCache.tree => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\log\AUTH.log => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\log\BACKUP.log => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\log\CLIENT.log => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\log\LICENCE.log => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\log\REMOTING.log => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\log\REQUEST.log => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\log\SERVICE.log => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\log\UPDATER.log => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\log\UTC_MIGRATION.log => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Database\mpcb_backup_conf.db => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Database\mpcb_file_cache.db => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Database\mpcb_queues.db => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Database\mpcb_settings.db => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Database\mpcb_sig_cache.db => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Database\mpcb_version_queue.db => Moved successfully.
C:\Program Files (x86)\GreenTree Applications\JustCloud\Config\api.ts2 => Moved successfully.
Could not move "C:\Program Files (x86)\GreenTree Applications\JustCloud" directory. => Scheduled to move on reboot.

HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0211340A-8241-4FCD-AEF8-ADAEFA72739C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0211340A-8241-4FCD-AEF8-ADAEFA72739C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0A4B0F39-AE30-4977-B287-E5F22491517B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A4B0F39-AE30-4977-B287-E5F22491517B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyLiveUpdateTaskMachineCore => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D53C9C5-3156-42B8-8650-35B592A11CD1} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D53C9C5-3156-42B8-8650-35B592A11CD1} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23B472A2-80E6-46B5-83AB-23C61321C271} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23B472A2-80E6-46B5-83AB-23C61321C271} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyLiveUpdateTaskMachineUA => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47307E45-087D-4EEA-95D7-8E06F89D2C30} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47307E45-087D-4EEA-95D7-8E06F89D2C30} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BitGuard => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E13C4190-F347-4DF3-AC65-7A2079384A03} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E13C4190-F347-4DF3-AC65-7A2079384A03} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EE323B6A-75A7-4736-A5E6-BE620E10637E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE323B6A-75A7-4736-A5E6-BE620E10637E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Express FilesUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F5D7DF43-2923-4D67-A718-F7797614A223} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5D7DF43-2923-4D67-A718-F7797614A223} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply => Key deleted successfully.
C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage => Moved successfully.
C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage-journal => Moved successfully.
C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gimp.softonic.de_0.localstorage => Moved successfully.
C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gimp.softonic.de_0.localstorage-journal => Moved successfully.
C:\Users\JJ\Desktop\PC ZEUG\YTD Video Downloader.lnk => Moved successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2013-12-01 21:48:34)<=

C:\Program Files (x86)\GreenTree Applications\JustCloud => Is moved successfully.

==== End of Fixlog ====

M-K-D-B 01.12.2013 21:52
Servus,


ok, nun bitte weiter. :)

JJCAM 01.12.2013 21:56
Code:
HitmanPro 3.7.8.208
www.hitmanpro.com

  Computer name . . . . : JJ-PC
  Windows . . . . . . . : 6.1.1.7601.X64/4
  User name . . . . . . : JJ-PC\JJ
  UAC . . . . . . . . . : Enabled
  License . . . . . . . : Free

  Scan date . . . . . . : 2013-12-01 21:33:59
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 4m 49s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : No

  Threats . . . . . . . : 0
  Traces  . . . . . . . : 183

  Objects scanned . . . : 1.797.978
  Files scanned . . . . : 47.667
  Remnants scanned  . . : 488.163 files / 1.262.148 keys

Suspicious files ____________________________________________________________

  C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\x64\HitmanPro_x64.exe
      Size . . . . . . . : 9.819.944 bytes
      Age  . . . . . . . : 10.2 days (2013-11-21 15:42:19)
      Entropy  . . . . . : 7.1
      SHA-256  . . . . . : 225FBB53EE5667F66D370B3D20609C90BF1F96FA296F3A07A738145080632D42
      Product  . . . . . : HitmanPro
      Publisher  . . . . : SurfRight B.V.
      Description  . . . : HitmanPro 3.7
      Version  . . . . . : 3.7.7.202
      Copyright  . . . . : © 2013 SurfRight B.V.
      RSA Key Size . . . : 2048
      Authenticode . . . : Invalid
      Fuzzy  . . . . . . : 23.0
        Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Time indicates that the file appeared recently on this computer.
      Forensic Cluster
        -0.0s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\
        -0.0s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\
        -0.0s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\
          0.0s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\x64\
          0.0s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\x64\HitmanPro_x64.exe
        11.4s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\x86\
        11.4s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\x86\HitmanPro.exe
        15.8s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\Follow Me.txt
        15.8s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\HitmanPro.png
        17.9s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\SceneDL.png

  C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\x86\HitmanPro.exe
      Size . . . . . . . : 9.158.600 bytes
      Age  . . . . . . . : 10.2 days (2013-11-21 15:42:30)
      Entropy  . . . . . : 7.3
      SHA-256  . . . . . : B876FB4A96CD8835001957BAAA0D3763B9FE548FD7642E8C75443FD061D7B643
      Product  . . . . . : HitmanPro
      Publisher  . . . . : SurfRight B.V.
      Description  . . . : HitmanPro 3.7
      Version  . . . . . : 3.7.7.202
      Copyright  . . . . : © 2013 SurfRight B.V.
      RSA Key Size . . . : 2048
      Authenticode . . . : Invalid
      Fuzzy  . . . . . . : 23.0
        Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Time indicates that the file appeared recently on this computer.
      Forensic Cluster
        -11.4s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\
        -11.4s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\
        -11.4s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\
        -11.4s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\x64\
        -11.4s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\x64\HitmanPro_x64.exe
        -0.0s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\x86\
          0.0s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\x86\HitmanPro.exe
          4.4s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\Follow Me.txt
          4.5s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\HitmanPro.png
          6.5s C:\Users\JJ\Downloads\HitmanPro 3.7.7 Build 202 Final (x86-x64) Retail - SceneDL  (PimpRG)\SceneDL.png


Potential Unwanted Programs _________________________________________________

  HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}\ (FLV Player)
  HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}\ (FLV Player)
  HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}\ (FLV Player)
  HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}\ (FLV Player)
  HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1\ (Babylon)
  HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager\ (Babylon)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4\ (FLV Player)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964\ (FLV Player)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467\ (FLV Player)
  HKU\S-1-5-21-4293873659-272735440-3936074284-1000\Software\Conduit\ (Conduit)
  HKU\S-1-5-21-4293873659-272735440-3936074284-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ (FLV Player)
  HKU\S-1-5-21-4293873659-272735440-3936074284-1002\Software\Microsoft\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4\ (FLV Player)
  HKU\S-1-5-21-4293873659-272735440-3936074284-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro)
  HKU\S-1-5-21-4293873659-272735440-3936074284-1002\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\SnapDo.exe (FLV Player)

Cookies _____________________________________________________________________

  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:247realmedia.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad-emea.doubleclick.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.123-template.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.ad-srv.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.adc-serv.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.adnet.de
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.auditude.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.doubleclick.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.dyntracker.de
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.movad.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.propellerads.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.reklamport.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:adinterax.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adk2.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adtiger.de
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.anyoption.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.audience2media.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.bc.vc
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.crakmedia.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.escinteractive.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.p161.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pornerbros.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.smartstream.tv
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.trafficjunky.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.tunein.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.undertone.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserverplus.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserving.unibet.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:adultfriendfinder.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:aka-cdn-ns.adtech.de
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ar.atwola.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdhe.xxx
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:atwola.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:c1.atdmt.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:chitika.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:clickbank.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:content.yieldmanager.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:cpxinteractive.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:de.sitestat.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:eas.apm.emediate.eu
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:eas4.emediate.eu
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:emjcd.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:engine.pgmediaserve.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:engine.phn.doublepimp.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:engine.streamate.doublepimp.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ero-advertising.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:eurosexparties.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:exoclick.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:fr.sitestat.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:googleads.g.doubleclick.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:hornybirds.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:in.getclicky.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:interclick.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:libri.112.2o7.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:livejasmin.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:members.fuckbookhacker.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:microsoftwindows.112.2o7.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:mm.chitika.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:motherfuckingwebsite.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:myhammer.122.2o7.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:partypoker.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:paypal.112.2o7.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:pool-eu-ie.creative-serving.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:pornburger.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:pornerbros.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:pornhub.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:pornrush.org
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:porntube.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:premiumtv.122.2o7.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:rabbitporno.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:realitykings.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:rk.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:sexad.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:specificclick.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:stats.complex.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:tacoda.at.atwola.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:teensexreality.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.effiliation.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.tnm.de
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:tradedoubler.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:uk.at.atwola.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:warnerbros.112.2o7.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:ww251.smartadserver.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.etracker.de
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.pornhub.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.porntube.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.rk.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.yepporn.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.youporn.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:www4.smartadserver.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:xiti.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:xxxtube.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:yadro.ru
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:yieldmanager.net
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:youporn.com
  C:\Users\JJ\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:3276817.fls.doubleclick.net
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad-emea.doubleclick.net
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.ad-srv.net
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.dyntracker.de
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.movad.net
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.reklamport.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adk2.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.escinteractive.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:eas.apm.emediate.eu
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:exoclick.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:premiumtv.122.2o7.net
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.effiliation.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.zalando.de
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:tradedoubler.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:uk.at.atwola.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:ww251.smartadserver.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.burstnet.com
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.etracker.de
  C:\Users\Jule Babe\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:30 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131