kommt gleich, hatte verstanden, alles nacheinander. MBAM hat jetzt schon reichlich gefunden und braucht noch `n Moment.
Schritt 3 und 4 in result ebenfalls anhängen?
Vielen Dank schon mal für die Arbeit! L.G.kawey
Hallo Mathias,
hoffentlich sind alle Anweisungen korrrekt durchgeführt?
Ich gehe davon aus, diese Prgs öfter mal azuwenden.
Vielen Dank nochmal für die gute Führung. :applaus:
Kawey
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014
Ran by Kawey (administrator) on KAWEY-PC on 04-05-2014 16:50:49
Running from C:\Users\Kawey\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-03-08] (Synaptics Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-09] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2568023682-207481756-3843068466-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-2568023682-207481756-3843068466-1000\...\MountPoints2: {e5ab1670-7892-11e3-a6cb-3c970eac15f9} - E:\AutoRun.exe
IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\bootstrap.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hpwucli.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\imfrmwrk.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\open energymanagement.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp:///
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://de.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id}
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{84A47CCA-2016-4EB2-9976-DDB4A782B000}: [NameServer]62.109.121.2 62.109.121.1
FireFox:
========
FF ProfilePath: C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\searchplugins\ixquick-https.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-06]
Chrome:
=======
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchProvider: Conduit Search
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-27]
CHR Extension: (Google Drive) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-27]
CHR Extension: (YouTube) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-27]
CHR Extension: (Google-Suche) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-27]
CHR Extension: (Google Wallet) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-27]
CHR Extension: (Google Mail) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-09]
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-09] (AVAST Software)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [47416 2014-02-05] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2138936 2014-03-20] (TuneUp Software)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-09] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-09] ()
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20568 2009-12-22] (Devguru Co., Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3532160 2011-10-11] (Sonix Technology Co., Ltd.)
S3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2013-08-21] (MCCI Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
S3 AmUStor; system32\drivers\AmUStor.SYS [X]
S0 LHDmgr; System32\DRIVERS\LhdX64.sys [X]
S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X]
U2 TMAgent;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-04 16:48 - 2014-05-04 16:48 - 00001027 _____ () C:\Users\Kawey\Desktop\JRT.txt
2014-05-04 16:37 - 2014-05-04 16:37 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT(1).exe
2014-05-04 14:11 - 2014-05-04 16:22 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-04 14:10 - 2014-05-04 14:10 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-04 14:10 - 2014-05-04 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-04 14:10 - 2014-05-04 14:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-04 14:10 - 2014-05-04 14:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-04 14:10 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-04 14:10 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-04 14:10 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-04 14:07 - 2014-05-04 14:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kawey\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-04 14:00 - 2014-05-04 14:27 - 00039302 _____ () C:\Windows\PFRO.log
2014-05-04 13:58 - 2014-05-04 13:59 - 00000000 ____D () C:\AdwCleaner
2014-05-04 13:58 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-04 13:57 - 2014-05-04 13:57 - 01310621 _____ () C:\Users\Kawey\Downloads\adwcleaner.exe
2014-05-04 12:44 - 2014-05-04 12:44 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT.exe
2014-05-04 12:44 - 2014-05-04 12:44 - 00000000 ____D () C:\Windows\ERUNT
2014-05-04 12:39 - 2014-05-04 16:50 - 00012607 _____ () C:\Users\Kawey\Downloads\FRST.txt
2014-05-04 12:39 - 2014-05-04 16:50 - 00000000 ____D () C:\FRST
2014-05-04 12:39 - 2014-05-04 13:41 - 00018746 _____ () C:\Users\Kawey\Downloads\Addition.txt
2014-05-04 12:38 - 2014-05-04 12:38 - 02062336 _____ (Farbar) C:\Users\Kawey\Downloads\FRST64.exe
2014-05-04 12:38 - 2014-05-04 12:38 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(2).exe
2014-05-04 12:36 - 2014-05-04 12:36 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(1).exe
2014-05-04 12:35 - 2014-05-04 12:35 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST.exe
2014-05-03 21:55 - 2014-05-03 21:56 - 00008494 _____ () C:\Windows\DPINST.LOG
2014-05-03 21:54 - 2014-05-03 21:55 - 09020696 _____ (Hamrick Software) C:\Users\Kawey\Downloads\vuex6494(1).exe
2014-05-02 15:11 - 2014-05-02 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\Documents\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Local\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\TomTom
2014-05-02 15:10 - 2014-05-02 15:34 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2
2014-05-02 15:10 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2014-05-02 15:07 - 2014-05-02 15:07 - 00000000 ____D () C:\Program Files (x86)\TomTom DesktopSuite
2014-05-02 14:05 - 2014-05-04 14:29 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Nico Mak Computing
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-05-02 14:05 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-05-02 14:02 - 2014-05-02 14:02 - 04892480 _____ (WinZip International LLC ) C:\Users\Kawey\Downloads\wzmp_8.exe
2014-05-02 10:26 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-02 10:26 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-02 10:26 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-02 10:26 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-01 18:34 - 2014-05-01 19:10 - 00000000 ____D () C:\Users\Kawey\Documents\TCM
2014-04-30 21:50 - 2012-06-05 09:37 - 00256904 _____ (Trend Micro Inc.) C:\Windows\SysWOW64\Drivers\tmcomm.sys
2014-04-30 21:46 - 2014-04-30 21:46 - 02002944 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher.exe
2014-04-30 21:40 - 2014-05-01 12:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-30 19:10 - 2014-05-04 14:27 - 00001747 _____ () C:\Windows\setupact.log
2014-04-30 19:10 - 2014-04-30 19:10 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-30 12:33 - 2014-04-30 12:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 11:46 - 2014-04-30 11:46 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-30 11:45 - 2014-04-30 11:45 - 03671432 _____ (Piriform Ltd) C:\Users\Kawey\Downloads\ccsetup413_slim.exe
2014-04-30 11:00 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-30 11:00 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-29 17:04 - 2014-05-03 15:54 - 00000000 ____D () C:\Heilkunde
2014-04-28 10:13 - 2014-04-28 10:14 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE(1).exe
2014-04-28 09:32 - 2014-04-28 09:33 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE.exe
2014-04-27 11:22 - 2014-04-27 11:22 - 00000000 ____D () C:\ProgramData\IProt
2014-04-27 11:20 - 2014-04-27 11:20 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\ShenProfessional 3.1.lnk
2014-04-27 11:20 - 2014-04-27 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShenProfessional 3.1
2014-04-27 11:14 - 2014-04-27 11:20 - 00760333 _____ () C:\Program Files (x86)\ShenUnInstall.txt
2014-04-27 11:14 - 2014-04-27 11:20 - 00000000 ____D () C:\Program Files (x86)\ShenProfessional 3.1
2014-04-27 11:14 - 2014-03-12 17:39 - 00572448 _____ (Pantaray Research Ltd.) C:\Program Files (x86)\ShenUnInstall.exe
2014-04-27 11:14 - 2011-12-18 09:00 - 00012420 _____ () C:\Program Files (x86)\Deutsch.lng
2014-04-27 11:13 - 2014-04-27 11:20 - 00801542 _____ () C:\Program Files (x86)\Setup.log
2014-04-27 11:01 - 2014-04-27 11:08 - 197984521 _____ (shen.de) C:\Users\Kawey\Downloads\ShenProfessional-3-1.exe
2014-04-27 10:35 - 2014-04-27 10:35 - 00003088 _____ () C:\Windows\System32\Tasks\{6FFDF4FA-9810-4B47-9A34-C3807772493D}
2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\ProgramData\dvdfab
2014-04-25 14:30 - 2014-04-25 14:30 - 00001016 _____ () C:\Users\Kawey\Desktop\DVDFab 8 Qt.lnk
2014-04-25 14:28 - 2014-04-25 14:29 - 21323352 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab8230Qt.exe
2014-04-24 15:36 - 2014-04-24 15:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\Firefox - CHIP-Downloader.exe
2014-04-22 11:50 - 2014-04-22 11:50 - 00907018 _____ () C:\Users\Kawey\Downloads\adblockplus-2.5.1.zip
2014-04-22 11:50 - 2014-04-22 11:50 - 00000000 ____D () C:\Users\Kawey\Downloads\adblockplus-2.5.1
2014-04-22 11:48 - 2014-04-22 11:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\adblockplus-2.5.1 - CHIP-Downloader.exe
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\Documents\PcSetup
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 6
2014-04-21 18:48 - 2014-04-21 18:49 - 13312568 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab6218.exe
2014-04-21 18:08 - 2014-04-21 18:57 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab
2014-04-21 18:08 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab9
2014-04-21 17:47 - 2014-04-21 17:47 - 01672252 _____ () C:\Users\Kawey\Downloads\a-user-guide-of-dvdfab9.zip
2014-04-21 15:47 - 2014-04-21 15:47 - 00000000 _____ () C:\Users\Kawey\AppData\Roaming\CopyToGo.dat
2014-04-21 15:29 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-04-21 15:29 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-04-21 15:29 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-04-21 15:29 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-04-21 15:29 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-04-21 15:29 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-04-21 15:29 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-04-21 15:29 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-04-21 15:29 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-04-21 15:29 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-04-21 15:29 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-04-21 15:29 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-04-21 15:29 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-04-21 15:29 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-04-21 15:11 - 2014-04-21 15:23 - 322746776 _____ (Corel) C:\Users\Kawey\Downloads\KEYDC6PLMLPC.exe
2014-04-21 13:48 - 2014-04-21 13:57 - 00000125 ___SH () C:\ProgramData\.zreglib
2014-04-21 13:45 - 2014-04-21 14:47 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-04-21 13:45 - 2014-04-21 14:46 - 00000000 ____D () C:\ProgramData\SlySoft
2014-04-21 13:45 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-04-21 13:43 - 2014-04-21 13:44 - 10873088 _____ () C:\Users\Kawey\Downloads\SetupAnyDVD7460.exe
2014-04-21 13:43 - 2014-04-21 13:44 - 05185720 _____ () C:\Users\Kawey\Downloads\SetupCloneDVD2930Slysoft.exe
2014-04-21 12:30 - 2014-04-21 14:48 - 00000000 ____D () C:\ProgramData\Freemake
2014-04-21 12:30 - 2014-04-21 14:48 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-04-21 12:27 - 2014-04-21 12:27 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Kawey\Downloads\FreemakeVideoConverterSetup.exe
2014-04-21 11:30 - 2014-04-21 11:30 - 13833720 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab7070.exe
2014-04-20 20:01 - 2014-04-20 20:01 - 00000000 ____D () C:\Users\Kawey\AppData\Local\com
2014-04-20 19:54 - 2014-04-20 19:54 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\30183
2014-04-20 19:42 - 2014-04-20 19:42 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\DVDFab
2014-04-20 19:07 - 2014-04-25 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt
2014-04-20 19:07 - 2014-04-25 14:30 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 Qt
2014-04-20 19:02 - 2014-04-20 19:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\EuroTrade A.L. Ltd
2014-04-20 16:03 - 2014-04-20 16:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(7).exe
2014-04-20 00:37 - 2014-04-20 00:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\137
2014-04-19 23:53 - 2014-04-19 23:53 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(6).exe
2014-04-19 20:36 - 2014-04-19 20:36 - 00033947 _____ () C:\Users\Kawey\Downloads\anleitung.htm
2014-04-19 14:06 - 2014-04-19 14:06 - 13888037 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_i686-Win_GUI.exe
2014-04-18 19:16 - 2014-05-02 15:39 - 00000066 _____ () C:\Users\Kawey\AppData\default.pls
2014-04-18 18:43 - 2014-04-18 18:43 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\9130
2014-04-18 18:02 - 2014-04-19 21:46 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\HandBrake
2014-04-18 18:01 - 2014-04-18 18:01 - 14298467 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe
2014-04-18 17:16 - 2014-04-18 17:19 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140(1).exe
2014-04-18 12:57 - 2014-04-20 17:35 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8
2014-04-17 23:52 - 2014-04-21 18:52 - 00000034 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.log
2014-04-17 23:51 - 2014-04-21 18:52 - 00099384 _____ () C:\Users\Kawey\AppData\Roaming\inst.exe
2014-04-17 23:51 - 2014-04-21 18:52 - 00082816 _____ (VSO Software) C:\Users\Kawey\AppData\Roaming\pcouffin.sys
2014-04-17 23:51 - 2014-04-21 18:52 - 00007859 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.cat
2014-04-17 23:51 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Vso
2014-04-17 23:51 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys
2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieUserList
2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieSiteList
2014-04-17 21:37 - 2014-04-17 21:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\23260
2014-04-17 21:15 - 2014-04-17 21:15 - 02170880 _____ () C:\Users\Kawey\Downloads\ffmpeg15.exe
2014-04-17 21:15 - 2014-04-17 21:15 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\NCH Software
2014-04-17 20:57 - 2014-04-17 21:04 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-04-17 20:57 - 2014-04-17 20:57 - 00817696 _____ (NCH Software) C:\Users\Kawey\Downloads\burnsetup.exe
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\NCH Software
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-04-17 20:20 - 2014-04-17 20:20 - 00000000 ____D () C:\ProgramData\vsosdk
2014-04-17 19:52 - 2014-04-21 18:08 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9
2014-04-17 19:39 - 2014-04-17 19:41 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140.exe
2014-04-16 18:32 - 2014-04-16 18:32 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup(1).exe
2014-04-16 18:27 - 2014-04-16 18:27 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup.exe
2014-04-10 00:23 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-10 00:23 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-10 00:22 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-10 00:22 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-10 00:22 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-10 00:22 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-10 00:22 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-10 00:22 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-10 00:22 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-10 00:22 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-10 00:22 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-10 00:22 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-10 00:22 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-10 00:22 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-10 00:22 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-10 00:22 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-10 00:22 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-10 00:22 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-10 00:22 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-10 00:22 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-10 00:22 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-10 00:22 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-10 00:22 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-10 00:22 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-10 00:22 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-10 00:22 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-10 00:22 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-10 00:22 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-10 00:22 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-10 00:22 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-10 00:22 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-10 00:22 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-10 00:22 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-10 00:22 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-10 00:22 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-10 00:22 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-10 00:22 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-10 00:22 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-10 00:22 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-10 00:22 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-10 00:22 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-10 00:22 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-10 00:22 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-10 00:22 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 11:13 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 11:13 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 11:13 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 11:13 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 11:13 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 11:13 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 11:13 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 11:13 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 11:13 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 11:13 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 11:13 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 11:13 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 11:13 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 11:13 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 11:13 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 11:13 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 11:13 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 11:09 - 2014-04-09 11:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
==================== One Month Modified Files and Folders =======
2014-05-04 16:50 - 2014-05-04 12:39 - 00012607 _____ () C:\Users\Kawey\Downloads\FRST.txt
2014-05-04 16:50 - 2014-05-04 12:39 - 00000000 ____D () C:\FRST
2014-05-04 16:49 - 2013-10-15 22:37 - 00000000 ____D () C:\PC
2014-05-04 16:48 - 2014-05-04 16:48 - 00001027 _____ () C:\Users\Kawey\Desktop\JRT.txt
2014-05-04 16:37 - 2014-05-04 16:37 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT(1).exe
2014-05-04 16:22 - 2014-05-04 14:11 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-04 16:04 - 2013-10-14 18:16 - 01268546 _____ () C:\Windows\WindowsUpdate.log
2014-05-04 15:58 - 2014-02-02 21:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-04 14:35 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-04 14:35 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-04 14:29 - 2014-05-02 14:05 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-05-04 14:27 - 2014-05-04 14:00 - 00039302 _____ () C:\Windows\PFRO.log
2014-05-04 14:27 - 2014-04-30 19:10 - 00001747 _____ () C:\Windows\setupact.log
2014-05-04 14:27 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-05-04 14:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-04 14:26 - 2014-04-03 23:14 - 00000000 ____D () C:\ProgramData\WPM
2014-05-04 14:10 - 2014-05-04 14:10 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-04 14:10 - 2014-05-04 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-04 14:10 - 2014-05-04 14:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-04 14:10 - 2014-05-04 14:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-04 14:07 - 2014-05-04 14:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kawey\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-04 13:59 - 2014-05-04 13:58 - 00000000 ____D () C:\AdwCleaner
2014-05-04 13:59 - 2014-04-03 23:13 - 00000977 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-04 13:57 - 2014-05-04 13:57 - 01310621 _____ () C:\Users\Kawey\Downloads\adwcleaner.exe
2014-05-04 13:41 - 2014-05-04 12:39 - 00018746 _____ () C:\Users\Kawey\Downloads\Addition.txt
2014-05-04 12:44 - 2014-05-04 12:44 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT.exe
2014-05-04 12:44 - 2014-05-04 12:44 - 00000000 ____D () C:\Windows\ERUNT
2014-05-04 12:38 - 2014-05-04 12:38 - 02062336 _____ (Farbar) C:\Users\Kawey\Downloads\FRST64.exe
2014-05-04 12:38 - 2014-05-04 12:38 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(2).exe
2014-05-04 12:36 - 2014-05-04 12:36 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(1).exe
2014-05-04 12:35 - 2014-05-04 12:35 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST.exe
2014-05-03 23:08 - 2014-02-06 20:14 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Deployment
2014-05-03 21:56 - 2014-05-03 21:55 - 00008494 _____ () C:\Windows\DPINST.LOG
2014-05-03 21:55 - 2014-05-03 21:54 - 09020696 _____ (Hamrick Software) C:\Users\Kawey\Downloads\vuex6494(1).exe
2014-05-03 21:55 - 2014-03-05 19:34 - 00000977 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
2014-05-03 21:09 - 2013-10-16 23:53 - 00000000 ____D () C:\ARBEIT & BEWERBUNGEN
2014-05-03 15:54 - 2014-04-29 17:04 - 00000000 ____D () C:\Heilkunde
2014-05-03 15:54 - 2014-01-14 09:26 - 00000000 ____D () C:\Gesundheit
2014-05-02 15:39 - 2014-04-18 19:16 - 00000066 _____ () C:\Users\Kawey\AppData\default.pls
2014-05-02 15:34 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-05-02 15:34 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2
2014-05-02 15:30 - 2013-10-25 19:28 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Downloaded Installations
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\Documents\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Local\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\TomTom
2014-05-02 15:10 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2014-05-02 15:07 - 2014-05-02 15:07 - 00000000 ____D () C:\Program Files (x86)\TomTom DesktopSuite
2014-05-02 15:01 - 2013-10-15 04:09 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-05-02 15:01 - 2013-10-15 04:09 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-05-02 15:01 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Nico Mak Computing
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-05-02 14:02 - 2014-05-02 14:02 - 04892480 _____ (WinZip International LLC ) C:\Users\Kawey\Downloads\wzmp_8.exe
2014-05-01 19:10 - 2014-05-01 18:34 - 00000000 ____D () C:\Users\Kawey\Documents\TCM
2014-05-01 18:17 - 2013-10-14 20:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-01 12:39 - 2014-04-30 21:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-30 22:16 - 2014-02-02 00:47 - 00102725 _____ () C:\Users\Kawey\AppData\Local\ars.cache
2014-04-30 21:46 - 2014-04-30 21:46 - 02002944 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher.exe
2014-04-30 19:10 - 2014-04-30 19:10 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-30 12:33 - 2014-04-30 12:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 12:06 - 2013-11-04 00:19 - 00000000 ____D () C:\SpaKa
2014-04-30 11:47 - 2013-11-05 12:59 - 00000000 ____D () C:\Windows\Minidump
2014-04-30 11:47 - 2013-10-15 04:12 - 00000000 ____D () C:\Windows\Panther
2014-04-30 11:46 - 2014-04-30 11:46 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-30 11:45 - 2014-04-30 11:45 - 03671432 _____ (Piriform Ltd) C:\Users\Kawey\Downloads\ccsetup413_slim.exe
2014-04-29 18:58 - 2014-02-02 21:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 18:58 - 2013-10-15 23:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 18:58 - 2013-10-15 23:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 17:11 - 2013-10-14 18:31 - 00000000 ____D () C:\Users\Kawey\AppData\Local\VirtualStore
2014-04-29 16:01 - 2014-05-02 10:26 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 15:40 - 2014-05-02 10:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 15:14 - 2014-02-06 00:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-29 14:48 - 2014-05-02 10:26 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-02 10:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-28 10:14 - 2014-04-28 10:13 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE(1).exe
2014-04-28 09:33 - 2014-04-28 09:32 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE.exe
2014-04-27 11:22 - 2014-04-27 11:22 - 00000000 ____D () C:\ProgramData\IProt
2014-04-27 11:20 - 2014-04-27 11:20 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\ShenProfessional 3.1.lnk
2014-04-27 11:20 - 2014-04-27 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShenProfessional 3.1
2014-04-27 11:20 - 2014-04-27 11:14 - 00760333 _____ () C:\Program Files (x86)\ShenUnInstall.txt
2014-04-27 11:20 - 2014-04-27 11:14 - 00000000 ____D () C:\Program Files (x86)\ShenProfessional 3.1
2014-04-27 11:20 - 2014-04-27 11:13 - 00801542 _____ () C:\Program Files (x86)\Setup.log
2014-04-27 11:08 - 2014-04-27 11:01 - 197984521 _____ (shen.de) C:\Users\Kawey\Downloads\ShenProfessional-3-1.exe
2014-04-27 10:35 - 2014-04-27 10:35 - 00003088 _____ () C:\Windows\System32\Tasks\{6FFDF4FA-9810-4B47-9A34-C3807772493D}
2014-04-26 17:54 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\ProgramData\dvdfab
2014-04-25 14:30 - 2014-04-25 14:30 - 00001016 _____ () C:\Users\Kawey\Desktop\DVDFab 8 Qt.lnk
2014-04-25 14:30 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt
2014-04-25 14:30 - 2014-04-20 19:07 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 Qt
2014-04-25 14:29 - 2014-04-25 14:28 - 21323352 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab8230Qt.exe
2014-04-24 16:15 - 2014-03-29 17:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-24 16:15 - 2014-03-14 14:47 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-24 15:36 - 2014-04-24 15:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\Firefox - CHIP-Downloader.exe
2014-04-22 11:50 - 2014-04-22 11:50 - 00907018 _____ () C:\Users\Kawey\Downloads\adblockplus-2.5.1.zip
2014-04-22 11:50 - 2014-04-22 11:50 - 00000000 ____D () C:\Users\Kawey\Downloads\adblockplus-2.5.1
2014-04-22 11:48 - 2014-04-22 11:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\adblockplus-2.5.1 - CHIP-Downloader.exe
2014-04-21 18:57 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\Documents\PcSetup
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 6
2014-04-21 18:52 - 2014-04-17 23:52 - 00000034 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.log
2014-04-21 18:52 - 2014-04-17 23:51 - 00099384 _____ () C:\Users\Kawey\AppData\Roaming\inst.exe
2014-04-21 18:52 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Users\Kawey\AppData\Roaming\pcouffin.sys
2014-04-21 18:52 - 2014-04-17 23:51 - 00007859 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.cat
2014-04-21 18:52 - 2014-04-17 23:51 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Vso
2014-04-21 18:49 - 2014-04-21 18:48 - 13312568 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab6218.exe
2014-04-21 18:08 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab9
2014-04-21 18:08 - 2014-04-17 19:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9
2014-04-21 17:47 - 2014-04-21 17:47 - 01672252 _____ () C:\Users\Kawey\Downloads\a-user-guide-of-dvdfab9.zip
2014-04-21 15:55 - 2013-10-14 19:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-21 15:47 - 2014-04-21 15:47 - 00000000 _____ () C:\Users\Kawey\AppData\Roaming\CopyToGo.dat
2014-04-21 15:23 - 2014-04-21 15:11 - 322746776 _____ (Corel) C:\Users\Kawey\Downloads\KEYDC6PLMLPC.exe
2014-04-21 14:48 - 2014-04-21 12:30 - 00000000 ____D () C:\ProgramData\Freemake
2014-04-21 14:48 - 2014-04-21 12:30 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-04-21 14:47 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-04-21 14:46 - 2014-04-21 13:45 - 00000000 ____D () C:\ProgramData\SlySoft
2014-04-21 13:57 - 2014-04-21 13:48 - 00000125 ___SH () C:\ProgramData\.zreglib
2014-04-21 13:45 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-04-21 13:44 - 2014-04-21 13:43 - 10873088 _____ () C:\Users\Kawey\Downloads\SetupAnyDVD7460.exe
2014-04-21 13:44 - 2014-04-21 13:43 - 05185720 _____ () C:\Users\Kawey\Downloads\SetupCloneDVD2930Slysoft.exe
2014-04-21 12:27 - 2014-04-21 12:27 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Kawey\Downloads\FreemakeVideoConverterSetup.exe
2014-04-21 12:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-21 11:30 - 2014-04-21 11:30 - 13833720 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab7070.exe
2014-04-20 20:01 - 2014-04-20 20:01 - 00000000 ____D () C:\Users\Kawey\AppData\Local\com
2014-04-20 19:54 - 2014-04-20 19:54 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\30183
2014-04-20 19:42 - 2014-04-20 19:42 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\DVDFab
2014-04-20 19:02 - 2014-04-20 19:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\EuroTrade A.L. Ltd
2014-04-20 17:35 - 2014-04-18 12:57 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8
2014-04-20 16:22 - 2014-02-02 00:47 - 00294540 _____ () C:\Users\Kawey\AppData\Local\census.cache
2014-04-20 16:03 - 2014-04-20 16:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(7).exe
2014-04-20 00:37 - 2014-04-20 00:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\137
2014-04-19 23:53 - 2014-04-19 23:53 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(6).exe
2014-04-19 21:46 - 2014-04-18 18:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\HandBrake
2014-04-19 20:36 - 2014-04-19 20:36 - 00033947 _____ () C:\Users\Kawey\Downloads\anleitung.htm
2014-04-19 14:06 - 2014-04-19 14:06 - 13888037 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_i686-Win_GUI.exe
2014-04-18 18:43 - 2014-04-18 18:43 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\9130
2014-04-18 18:01 - 2014-04-18 18:01 - 14298467 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe
2014-04-18 17:19 - 2014-04-18 17:16 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140(1).exe
2014-04-18 00:00 - 2013-10-14 20:26 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-04-17 23:51 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys
2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieUserList
2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieSiteList
2014-04-17 21:37 - 2014-04-17 21:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\23260
2014-04-17 21:15 - 2014-04-17 21:15 - 02170880 _____ () C:\Users\Kawey\Downloads\ffmpeg15.exe
2014-04-17 21:15 - 2014-04-17 21:15 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\NCH Software
2014-04-17 21:04 - 2014-04-17 20:57 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-04-17 20:57 - 2014-04-17 20:57 - 00817696 _____ (NCH Software) C:\Users\Kawey\Downloads\burnsetup.exe
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\NCH Software
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-04-17 20:20 - 2014-04-17 20:20 - 00000000 ____D () C:\ProgramData\vsosdk
2014-04-17 19:41 - 2014-04-17 19:39 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140.exe
2014-04-16 18:32 - 2014-04-16 18:32 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup(1).exe
2014-04-16 18:31 - 2013-10-15 21:52 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Adobe
2014-04-16 18:27 - 2014-04-16 18:27 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup.exe
2014-04-15 16:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-14 04:24 - 2014-04-30 11:00 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-04-30 11:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-10 13:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-10 00:22 - 2013-10-22 19:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 00:20 - 2013-10-22 19:13 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 23:41 - 2013-12-27 20:39 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-09 11:09 - 2014-04-09 11:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-09 11:09 - 2014-02-06 00:16 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-09 11:09 - 2014-02-06 00:16 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-04 11:15 - 2013-10-15 21:55 - 00000000 ____D () C:\Program Files (x86)\Adobe
Some content of TEMP:
====================
C:\Users\Kawey\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-22 15:23
==================== End Of Log ============================
--- --- ---
--- --- ---
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2014
Ran by Kawey at 2014-05-04 16:51:24
Running from C:\Users\Kawey\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
DVDFab 6.2.1.8 (31/12/2009) (HKLM-x32\...\DVDFab 6_is1) (Version: - Fengtao Software Inc.)
DVDFab 8.2.3.0 (21/12/2013) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version: - Fengtao Software Inc.)
HP Deskjet 1000 J110 series - Grundlegende Software für das Gerät (HKLM\...\{CED47C99-8892-4956-BCA7-CC3123531371}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
Intel PROSet Wireless (Version: - ) Hidden
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
ShenProfessional 3.1 (HKLM-x32\...\ShenProfessional 3.1) (Version: 3.1 - ShenProfessional)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.3.0 - Synaptics Incorporated)
TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
VueScan x64 (HKLM\...\VueScan x64) (Version: - )
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.10798 - WinZip International LLC)
Zattoo Live TV (HKCU\...\6d7aa3e3bf931c56) (Version: 1.0.0.33 - Zattoo Europa AG)
==================== Restore Points =========================
19-04-2014 22:07:05 Windows Update
20-04-2014 17:58:52 Uniblue SpeedUpMyPC installation
21-04-2014 13:29:11 DirectX wurde installiert
21-04-2014 13:30:39 Installiert DVD Copy
21-04-2014 13:50:01 Konfiguriert DVD Copy
23-04-2014 09:09:39 Windows Update
29-04-2014 11:11:50 Windows Update
30-04-2014 10:33:17 Windows Update
02-05-2014 08:26:19 Windows Update
02-05-2014 13:34:05 Installed TomTom HOME.
03-05-2014 19:55:53 Gerätetreiber-Paketinstallation: Hamrick Software Bildverarbeitungsgeräte
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {064CD96A-E037-4F69-9002-2A33D2D0D4BF} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Task: {15140370-AF7C-457A-97C3-ACB5DAEA7741} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28] (Hewlett-Packard)
Task: {2713F8E2-8311-487D-95EC-E4FCBB37EA29} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-09] (AVAST Software)
Task: {4C7F1864-B354-4ADC-B52F-640D174023B9} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-03-20] (TuneUp Software)
Task: {525F893F-C78A-4CAA-82F9-8CF218586A52} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2013-07-15] (Nico Mak Computing)
Task: {5A619D2B-62EB-48B4-8D47-524DD44DAE59} - \b8e2dbf6-f651-4529-84b2-6113f5365cc5-2 No Task File <==== ATTENTION
Task: {5C454E41-A1AD-458A-9457-82221CA45541} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {6BCCE080-ACD7-44FB-9A1C-4D20B1BEFE05} - \Advanced System Protector No Task File <==== ATTENTION
Task: {8BD63277-C514-4E5E-8D92-891CED161CC6} - \b8e2dbf6-f651-4529-84b2-6113f5365cc5-3 No Task File <==== ATTENTION
Task: {90F53596-3544-4868-9410-A2DAEEDAE1E4} - \MySearchDial No Task File <==== ATTENTION
Task: {B23CA7B7-CDBE-4463-8F5B-C935EBFEB070} - \b8e2dbf6-f651-4529-84b2-6113f5365cc5-4 No Task File <==== ATTENTION
Task: {C216408D-9926-4951-B17C-675E25B1BDA9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {C8797928-0C3A-4480-9CB8-40ED80E39856} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {D547AED2-0141-4A70-A155-720283360C5A} - \b8e2dbf6-f651-4529-84b2-6113f5365cc5-5 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-03-20 15:44 - 2014-03-20 15:44 - 00675640 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2013-12-13 13:20 - 2013-12-13 13:20 - 03359600 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-05-04 11:16 - 2014-05-04 11:16 - 02252800 _____ () C:\Program Files\AVAST Software\Avast\defs\14050400\algo.dll
2014-05-02 14:05 - 2013-02-28 16:53 - 00886272 _____ () C:\Program Files (x86)\WinZip Malware Protector\System.Data.SQLite.dll
2014-05-02 14:05 - 2013-07-15 16:53 - 01717936 _____ () C:\Program Files (x86)\WinZip Malware Protector\aspsys.dll
2014-02-06 00:15 - 2014-02-06 00:15 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-30 21:40 - 2014-04-30 21:40 - 03019888 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-04-30 21:40 - 2014-04-30 21:40 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-04-30 21:40 - 2014-04-30 21:40 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-03-29 17:53 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 46%
Total physical RAM: 3941.41 MB
Available physical RAM: 2094.66 MB
Total Pagefile: 7881.01 MB
Available Pagefile: 5890.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:298.09 GB) (Free:243.12 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: C3FFC3FF)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)
==================== End Of Log ============================Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software
Scan Date: 04.05.2014
Scan Time: 16:27:30
Logfile: mbam.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.05.04.05
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Kawey
Scan Type: Hyper Scan
Result: Completed
Objects Scanned: 202342
Time Elapsed: 5 min, 1 sec
Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Kawey on 04.05.2014 at 16:38:18,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411411162}
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Kawey\AppData\Roaming\mozilla\firefox\profiles\73f0idua.default-1398406683013\minidumps [8 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.05.2014 at 16:48:46,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[/CODE]
So funktioniert es:
FRST 32-Bit | FRST 64-Bit
AdwCleaner auf deinen Desktop.
Malwarebytes Anti-Malware 