Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Kaum mache ich Google Chrome an sagt Avast ich hätte Virenseiten am start (https://www.trojaner-board.de/167994-kaum-mache-google-chrome-sagt-avast-haette-virenseiten-start.html)

Decypher 16.06.2015 20:35
Kaum mache ich Google Chrome an sagt Avast ich hätte Virenseiten am start
 
Heho bin neu hier und hab ein problem. Wenn ich google chrome öffne dann sagt mir mein Avast Sicherheitssystem alle paar minuten das ich auf irgendwelchen schädlichen Websites gegangen bin und blockt diese. Manchmal sind es sogar 2-3 stück hintereinander und ich weiß nicht weiter .-.
Hab 2 mal durchlauf gestartet und der sagt das alles in ordnung sei aber es läuft immer weiter. Weiß vielleicht wer was das sein könnte wenn ja wäre ich sehr dankbar :heulen:

deeprybka 16.06.2015 21:13
:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean :daumenhoc bekommst.



Los geht's:

Schritt 1
http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://deeprybka.trojaner-board.de/tdss/codetags.gif

Decypher 17.06.2015 11:23
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015
Ran by Kagan Bagci (administrator) on KAGANBAGCI-PC on 17-06-2015 12:21:24
Running from C:\Users\Kagan Bagci\Downloads
Loaded Profiles: Kagan Bagci (Available Profiles: Kagan Bagci)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ABBYY) C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Steganos Software GmbH) C:\Program Files\OkayFreedom\OkayFreedomService.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Carbonite, Inc.) C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Akamai Technologies, Inc.) C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe
() C:\Users\Kagan Bagci\AppData\Roaming\Settings Manager\SettingsManager.exe
() C:\Users\Kagan Bagci\AppData\Roaming\Update Manager\UM.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Steganos Software GmbH) C:\Program Files\OkayFreedom\Updater.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Akamai Technologies, Inc.) C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Steganos Software GmbH) C:\Program Files\OkayFreedom\OkayFreedomClient.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(www.motioninjoy.com) C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
(Joyent, Inc) C:\Users\Kagan Bagci\AppData\Roaming\Steganos\OkayFreedom\Proxy\node.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Kagan Bagci\Downloads\FRST (1).exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [192512 2008-08-22] (Wistron)
HKLM\...\Run: [LMgrOSD] => C:\Program Files\Launch Manager\OSD.exe [430080 2008-05-16] (Wistron Corp.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1328424 2008-07-03] (Synaptics, Inc.)
HKLM\...\Run: [CarboniteSetupLite] => C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe [306112 2008-04-07] (Carbonite, Inc.)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [24064 2008-11-06] (Google)
HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [28672 2007-02-20] ( )
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-09-02] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [351968 2014-09-08] ()
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Facebook Update] => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-28] (Facebook Inc.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Google Update] => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-11] (Google Inc.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Advanced SystemCare 6] => C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-04-18] (IObit)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Overwolf] => C:\Program Files\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [BitTorrent] => C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent\BitTorrent.exe [1442904 2015-02-14] (BitTorrent Inc.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Battle.net] => C:\Program Files\Battle.net\Battle.net Launcher.exe [2861104 2015-05-28] (Blizzard Entertainment)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Settings Manager] => C:\Users\Kagan Bagci\AppData\Roaming\Settings Manager\SettingsManager.EXE [897520 2015-05-22] ()
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [UM] => C:\Users\Kagan Bagci\AppData\Roaming\Update Manager\UM.EXE [776880 2015-06-12] ()
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files\OkayFreedom\OkayFreedomClient.exe [6591912 2015-04-22] (Steganos Software GmbH)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [OKAYFREEDOM_Update] => C:\Program Files\OkayFreedom\Updater.exe [3864488 2015-04-22] (Steganos Software GmbH)
HKU\S-1-5-18\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe
Startup: C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2013-02-09] ()
Startup: C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk [2013-07-15]
ShortcutTarget: Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk -> C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2014-09-02] (AVAST Software)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-410520579-760464469-3575665083-1000] => hxxp://127.0.0.1:8445/okf.pac
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.mystartsearch.com/?type=hp&ts=1431023221&z=01b37b3de1539111e9b146bg7zcc6gde6o1c8e6t0q&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808R0150201502
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1431023221&z=01b37b3de1539111e9b146bg7zcc6gde6o1c8e6t0q&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808R0150201502&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1431023221&z=01b37b3de1539111e9b146bg7zcc6gde6o1c8e6t0q&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808R0150201502
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1431023221&z=01b37b3de1539111e9b146bg7zcc6gde6o1c8e6t0q&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808R0150201502&q={searchTerms}
HKU\S-1-5-21-410520579-760464469-3575665083-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1431023221&z=01b37b3de1539111e9b146bg7zcc6gde6o1c8e6t0q&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808R0150201502&q={searchTerms}
HKU\S-1-5-21-410520579-760464469-3575665083-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
HKU\S-1-5-21-410520579-760464469-3575665083-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1431023221&z=01b37b3de1539111e9b146bg7zcc6gde6o1c8e6t0q&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808R0150201502&q={searchTerms}
URLSearchHook: HKLM - (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} -  No File
URLSearchHook: HKLM - (No Name) - {da7f5ae1-3be3-43c0-8098-c1d183616e97} -  No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1431023221&z=01b37b3de1539111e9b146bg7zcc6gde6o1c8e6t0q&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808R0150201502&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1431023221&z=01b37b3de1539111e9b146bg7zcc6gde6o1c8e6t0q&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808R0150201502&q={searchTerms}
SearchScopes: HKLM -> {F09E38FE-BD31-4213-94EE-511AB559B58D} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {5AB1FAB0-D468-46DF-94F7-109F64BDC9B4} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=FFFEB447-F2F8-4077-85EB-796D5026A171&apn_sauid=E029870B-C567-4E27-8172-ADB38D7B7123
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\.DEFAULT -> {5AB1FAB0-D468-46DF-94F7-109F64BDC9B4} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=FFFEB447-F2F8-4077-85EB-796D5026A171&apn_sauid=E029870B-C567-4E27-8172-ADB38D7B7123
SearchScopes: HKU\S-1-5-21-410520579-760464469-3575665083-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-410520579-760464469-3575665083-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-410520579-760464469-3575665083-1000 -> {8D8842C9-F69B-4590-AD17-7C3F251E88A4} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=614363&p={searchTerms}
SearchScopes: HKU\S-1-5-21-410520579-760464469-3575665083-1000 -> {F09E38FE-BD31-4213-94EE-511AB559B58D} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: RoyaalCioaupon -> {A18CD12D-C55F-45AF-871F-F25AD339D36F} -> C:\Program Files\RoyaalCioaupon\XJuMb9DIwwa9pZ.dll [2015-06-15] ()
Toolbar: HKU\.DEFAULT -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-410520579-760464469-3575665083-1000 -> No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default
FF DefaultSearchEngine: mystartsearch
FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=614363&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-12] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @talk.google.com/O1DPlugin -> C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kagan Bagci\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-01] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\user.js [2015-05-21]
FF Plugin ProgramFiles/Appdata: C:\Users\Kagan Bagci\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Kagan Bagci\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\searchplugins\mystartsearch.xml [2015-05-16]
FF SearchPlugin: C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\searchplugins\suchmaschine.xml [2015-03-20]
FF SearchPlugin: C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\searchplugins\yahoo_ff.xml [2015-03-20]
FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-03-18]
FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2015-01-21]
FF Extension: Movie2kDownloader - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-11-20]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-12-19]
FF HKLM\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\extensions\sweetsearch@gmail.com
FF HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [not found]
FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\extensions\ascsurfingprotection@iobit.com [not found]
FF Extension: No Name - C:\Program Files\IObit Apps Toolbar\FF [not found]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-15]
CHR Extension: (Form Filler) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjjngeaknajbdcgpfkgnonkmififhfo [2015-06-15]
CHR Extension: (Google Search) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-27]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2013-03-18]
CHR Extension: (Google Wallet) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-12-20]
CHR Extension: (Adblock Pro) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-05-27]
CHR Extension: (Adblock Pro) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\odoejnlfacfofgbahnomeeojkkgcglan [2015-05-27]
CHR Extension: (Gmail) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-15]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-02]
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx [2013-03-18]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKU\S-1-5-21-410520579-760464469-3575665083-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [Not Found]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 5589d471; c:\Program Files\SoftwareAlert\SoftwareAlert.dll [2291712 2015-05-27] () [File not signed]
R2 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2010-02-01] (ABBYY)
S3 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-02] (AVAST Software)
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [815104 2008-04-30] (Intel(R) Corporation) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2008-11-06] (Macrovision Europe Ltd.) [File not signed]
S3 GoogleDesktopManager-071508-051939; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [24064 2008-11-06] (Google) [File not signed]
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1848168 2015-03-30] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-03-30] (LogMeIn, Inc.)
R2 OkayFreedom VPN Starter Service; C:\Program Files\OkayFreedom\OkayFreedomService.exe [330168 2015-04-22] (Steganos Software GmbH)
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-04-30] (Intel(R) Corporation) [File not signed]
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118784 2008-01-15] (Wistron Corp.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2013-12-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2013-12-05] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-12-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774392 2013-12-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [403440 2013-12-05] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2013-12-05] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [178304 2013-12-05] ()
S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2013-02-07] (Phoenix Technologies) [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-02-12] (DT Soft Ltd)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [65896 2013-07-12] (FTDI Ltd.)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy) [File not signed]
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2014-05-07] (Samsung Electronics) [File not signed]
S3 WinRing0_1_2_0; C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [14416 2012-11-13] (OpenLibSys.org)
S2 aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RTHDMIAzAudService; system32\drivers\RtHDMIV.sys [X]
S1 SYMTDI; \SystemRoot\System32\Drivers\SYMTDI.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-17 12:21 - 2015-06-17 12:21 - 00029088 _____ C:\Users\Kagan Bagci\Downloads\FRST.txt
2015-06-17 12:21 - 2015-06-17 12:21 - 00000000 ____D C:\FRST
2015-06-17 12:20 - 2015-06-17 12:21 - 01148416 _____ (Farbar) C:\Users\Kagan Bagci\Downloads\FRST (1).exe
2015-06-17 12:19 - 2015-06-17 12:19 - 02109952 _____ (Farbar) C:\Users\Kagan Bagci\Downloads\FRST64 (1).exe
2015-06-16 22:32 - 2015-06-16 22:39 - 00981877 _____ C:\Users\Kagan Bagci\Downloads\FRST.exe
2015-06-15 14:27 - 2015-06-16 15:27 - 00000000 ____D C:\Program Files\RoyaalCioaupon
2015-06-15 14:27 - 2015-06-16 15:27 - 00000000 ____D C:\Program Files\Form Filler
2015-06-15 14:26 - 2015-06-16 15:27 - 00000000 ____D C:\Program Files\RuoyaalCouPPon
2015-06-15 14:26 - 2015-06-16 15:27 - 00000000 ____D C:\Program Files\RRoyalCOupon
2015-06-13 17:52 - 2015-06-13 17:52 - 00001543 _____ C:\Users\Public\Desktop\Unepic.lnk
2015-06-13 17:46 - 2015-06-13 17:50 - 212530976 _____ (GOG.com ) C:\Users\Kagan Bagci\Downloads\setup_unepic_2.8.0.13.exe
2015-06-12 23:20 - 2015-04-24 17:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-12 23:19 - 2015-05-21 16:22 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-12 23:19 - 2015-05-09 01:08 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-12 22:59 - 2015-05-05 00:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-12 22:59 - 2015-05-05 00:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-12 22:59 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-12 22:59 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-12 22:59 - 2015-05-04 23:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 23:15 - 2015-06-13 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-06-10 23:15 - 2015-06-10 23:15 - 00001797 _____ C:\Users\Public\Desktop\Battle Realms Complete (German).lnk
2015-06-10 23:14 - 2015-06-13 17:51 - 00000000 ____D C:\GOG Games
2015-06-10 23:00 - 2015-06-10 23:10 - 554494280 _____ (GOG.com ) C:\Users\Kagan Bagci\Downloads\setup_battle_realms_complete_german_2.0.0.9.exe
2015-06-10 16:35 - 2015-05-31 01:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 16:35 - 2015-05-31 01:53 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 16:35 - 2015-05-31 01:50 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 16:35 - 2015-05-31 01:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 16:35 - 2015-05-31 01:49 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 16:35 - 2015-05-31 01:49 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 16:35 - 2015-05-31 01:49 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 16:35 - 2015-05-31 01:48 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-06-10 16:35 - 2015-05-31 01:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 16:35 - 2015-05-31 01:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 16:35 - 2015-05-31 01:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-06-10 16:35 - 2015-05-31 01:47 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-06-10 16:34 - 2015-05-31 02:03 - 12385280 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 16:34 - 2015-05-31 01:55 - 01809920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 16:34 - 2015-05-31 01:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 16:26 - 2015-06-10 16:26 - 02197648 _____ (Irfan Skiljan) C:\Users\Kagan Bagci\Downloads\iview438g_setup.exe
2015-06-10 16:26 - 2015-06-10 16:26 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2015-06-10 16:26 - 2015-06-10 16:26 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\IrfanView
2015-06-10 16:26 - 2015-06-10 16:26 - 00000000 ____D C:\Program Files\IrfanView
2015-06-03 22:39 - 2015-06-03 22:39 - 35595593 _____ C:\Users\Kagan Bagci\Desktop\Clockwork.zip
2015-06-03 22:29 - 2015-06-03 22:29 - 00180095 _____ C:\Users\Kagan Bagci\Downloads\a4dven6_460sv (1).wmv
2015-06-03 17:37 - 2015-06-03 17:37 - 00638976 _____ C:\Users\Kagan Bagci\Downloads\Detection (1).msi
2015-06-01 15:24 - 2015-06-01 15:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Apocalypse - The Hunt Begins
2015-06-01 14:15 - 2015-06-01 15:05 - 1216383942 _____ (Ultimate Apocalypse Mod Team ) C:\Users\Kagan Bagci\Downloads\Ultimate_Apocalypse_-_The_Hunt_Begins.exe
2015-06-01 13:49 - 2015-06-01 13:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Apocalypse - THB Patch
2015-06-01 13:48 - 2015-06-01 13:48 - 00758745 _____ (Ultimate Apocalypse Mod Team ) C:\Users\Kagan Bagci\Downloads\Ultimate Apocalypse - THB Patch v1.8.1.exe
2015-05-28 19:11 - 2015-05-28 19:11 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\openvr
2015-05-27 20:14 - 2015-05-27 20:14 - 00000000 ____D C:\Program Files\SoftwareAlert
2015-05-27 14:01 - 2015-05-27 20:14 - 00000000 ____D C:\ProgramData\431b2240000043bd
2015-05-27 13:57 - 2015-06-10 16:06 - 00001966 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-27 13:57 - 2015-05-27 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-27 13:53 - 2015-05-27 13:53 - 00880208 _____ (Google Inc.) C:\Users\Kagan Bagci\Downloads\ChromeSetup.exe
2015-05-27 13:39 - 2015-05-27 15:13 - 00000000 ____D C:\Program Files\Second Home
2015-05-27 13:37 - 2015-06-15 14:27 - 00000000 ____D C:\ProgramData\12105833042991166924
2015-05-27 13:37 - 2015-06-15 14:26 - 00000000 ____D C:\Program Files\PrInceCoupon
2015-05-27 13:37 - 2015-06-10 17:06 - 00000000 ____D C:\Program Files\ShoppierMaaster
2015-05-27 13:37 - 2015-05-27 15:13 - 00000000 ____D C:\Program Files\ColoiuckkFeorSale
2015-05-27 13:17 - 2015-06-15 14:53 - 00000024 _____ C:\Users\Kagan Bagci\AppData\Roaming\appdataFr25.bin
2015-05-27 12:57 - 2015-06-16 15:45 - 00000079 _____ C:\Program Files\prefs.js
2015-05-27 11:36 - 2015-06-16 21:02 - 00004428 _____ C:\Windows\PFRO.log
2015-05-26 12:48 - 2015-05-26 12:48 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Samsung
2015-05-26 12:48 - 2015-05-26 12:48 - 00000000 ____D C:\Program Files\Common Files\Common Desktop Agent
2015-05-26 12:47 - 2015-05-26 12:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2015-05-26 12:45 - 2015-05-26 12:48 - 00000000 ____D C:\ProgramData\Samsung
2015-05-26 12:45 - 2015-05-26 12:45 - 00000000 ____D C:\Program Files\SamsungPrinterLiveUpdate
2015-05-26 12:44 - 2015-05-26 12:48 - 00000000 ____D C:\Program Files\Samsung
2015-05-26 12:44 - 2014-10-30 13:43 - 00686896 _____ (Samsung Electronics) C:\Windows\system32\eed_sl.exe
2015-05-26 12:44 - 2014-10-30 13:43 - 00025600 _____ () C:\Windows\system32\sst6clm.dll
2015-05-26 12:44 - 2014-10-30 13:42 - 02284032 _____ C:\Windows\system32\eed_ec.dll
2015-05-26 12:44 - 2014-09-19 00:10 - 00094208 ____N C:\Windows\system32\ssdevm.dll
2015-05-26 12:44 - 2014-03-05 15:59 - 00158040 _____ (SS) C:\Windows\system32\sst6cci.exe
2015-05-26 12:44 - 2014-03-05 15:58 - 00000273 _____ C:\Windows\system32\eed_sl.exe.config
2015-05-26 12:44 - 2013-04-03 16:32 - 00212600 _____ C:\Windows\system32\SBuySupplies.exe
2015-05-26 12:44 - 2012-08-02 13:07 - 04161048 ____N C:\Windows\sst6cA4.prn
2015-05-26 12:44 - 2012-08-02 13:07 - 03701631 ____N C:\Windows\sst6cLTR.prn
2015-05-26 12:44 - 2012-01-09 13:41 - 00000361 _____ C:\Windows\system32\sst6clm.smt
2015-05-26 12:44 - 2012-01-09 13:40 - 00065536 _____ (SS) C:\Windows\system32\sst6cci.dll
2015-05-26 12:41 - 2015-05-26 12:41 - 03439936 _____ C:\Users\Kagan Bagci\Downloads\SamsungPrinterInstaller.exe
2015-05-25 22:13 - 2015-05-25 22:13 - 00006594 _____ C:\Users\Public\Documents\s.t.a.l.k.e.r.ltx
2015-05-24 21:33 - 2015-05-24 21:33 - 00003294 _____ C:\Users\Kagan Bagci\Downloads\PPSSPP_Cheat_Lists.rar
2015-05-23 21:48 - 2015-05-23 21:48 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\AVG
2015-05-23 21:41 - 2015-05-23 21:41 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\Avg
2015-05-23 21:38 - 2015-05-23 21:49 - 00000000 ____D C:\ProgramData\AVG
2015-05-23 21:31 - 2015-05-23 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
2015-05-23 21:31 - 2015-05-23 21:31 - 03067400 _____ C:\Users\Kagan Bagci\Downloads\Setup_MagicISO.exe
2015-05-21 21:29 - 2015-05-21 21:29 - 01384064 _____ (Skype Technologies S.A.) C:\Users\Kagan Bagci\Downloads\SkypeSetup.exe
2015-05-21 21:21 - 2015-05-21 21:21 - 00001236 _____ C:\Users\Kagan Bagci\AppData\Local\recently-used.xbel

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-17 12:17 - 2013-02-15 21:31 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job
2015-06-17 12:16 - 2013-07-09 16:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-17 12:16 - 2013-01-28 13:51 - 00000952 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job
2015-06-17 12:16 - 2012-11-15 20:24 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-17 12:16 - 2012-11-14 23:45 - 00000352 _____ C:\Windows\Tasks\Recovery DVD Creator-Kagan Bagci.job
2015-06-17 12:16 - 2012-11-14 23:45 - 00000352 _____ C:\Windows\Tasks\Erweiterte Garantie-Kagan Bagci.job
2015-06-17 12:16 - 2012-11-14 22:42 - 01865072 _____ C:\Windows\WindowsUpdate.log
2015-06-17 12:16 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-17 12:16 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-16 21:09 - 2015-05-07 20:27 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Steganos VPN
2015-06-16 21:04 - 2014-01-03 02:51 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\LogMeIn Hamachi
2015-06-16 21:03 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-16 15:40 - 2013-01-28 13:51 - 00000930 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job
2015-06-16 15:35 - 2013-02-15 21:31 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job
2015-06-15 14:27 - 2013-08-22 19:05 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-13 23:28 - 2013-01-31 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-13 17:50 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-06-13 17:45 - 2015-05-07 13:25 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Update Manager
2015-06-13 17:45 - 2014-10-04 21:07 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent
2015-06-12 23:40 - 2006-11-02 14:47 - 00326632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-12 23:37 - 2006-11-02 15:01 - 00032634 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-12 23:36 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2015-06-12 23:20 - 2008-11-06 13:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-12 23:19 - 2013-11-12 20:36 - 00000000 ____D C:\Windows\system32\MRT
2015-06-12 23:02 - 2006-11-02 12:24 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-06-12 22:57 - 2013-07-09 16:04 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-12 22:57 - 2013-07-09 16:04 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-10 17:11 - 2013-02-10 01:31 - 00000000 ____D C:\Users\Kagan Bagci\Tracing
2015-06-10 17:11 - 2012-11-15 20:08 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Skype
2015-06-10 16:09 - 2012-11-20 14:19 - 00000000 ____D C:\Program Files\Steam
2015-06-03 22:31 - 2015-05-07 19:26 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\ppsspp
2015-06-03 22:31 - 2012-12-25 15:09 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\Schulzeug
2015-06-03 22:31 - 2012-12-20 18:09 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\Musik
2015-06-03 22:30 - 2012-12-25 15:09 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\Bilder
2015-06-03 17:38 - 2012-12-02 19:17 - 00000000 ____D C:\Program Files\SystemRequirementsLab
2015-05-31 21:35 - 2006-11-02 12:33 - 01581308 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-28 20:55 - 2012-11-20 14:19 - 00000000 ____D C:\Program Files\Common Files\Steam
2015-05-28 16:54 - 2015-02-01 18:01 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\Battle.net
2015-05-28 16:15 - 2012-11-25 22:18 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\TS3Client
2015-05-28 16:10 - 2015-02-01 17:59 - 00000000 ____D C:\Program Files\Battle.net
2015-05-27 15:17 - 2012-12-02 00:23 - 00000000 ___RD C:\Users\Kagan Bagci\Desktop\Programme
2015-05-27 14:01 - 2015-05-07 20:28 - 00000000 ____D C:\Program Files\System Optimizer
2015-05-27 13:56 - 2008-11-06 13:37 - 00000000 ____D C:\Program Files\Google
2015-05-27 11:31 - 2013-03-25 21:34 - 00001356 _____ C:\Users\Kagan Bagci\AppData\Local\d3d9caps.dat
2015-05-26 12:45 - 2012-11-14 23:40 - 00000000 ____D C:\Users\Kagan Bagci
2015-05-21 21:31 - 2008-11-06 13:55 - 00000000 ____D C:\ProgramData\Skype
2015-05-21 21:21 - 2012-11-15 20:19 - 00000000 ___RD C:\Program Files\Skype
2015-05-21 17:51 - 2013-02-12 23:05 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\DAEMON Tools Lite
2015-05-21 17:40 - 2014-03-31 22:01 - 00000000 ____D C:\ProgramData\Origin
2015-05-21 17:39 - 2015-01-07 16:15 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\NexonLauncher
2015-05-21 17:39 - 2015-01-07 16:14 - 00000000 ____D C:\Program Files\Nexon
2015-05-21 17:39 - 2014-01-26 23:13 - 00000000 ____D C:\Program Files\MyHeritage
2015-05-21 17:38 - 2014-12-27 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-05-21 17:37 - 2008-11-06 13:12 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-05-21 17:33 - 2015-01-26 18:26 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2015-05-21 17:32 - 2015-01-26 18:37 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-05-21 17:32 - 2015-01-26 17:33 - 00000000 ____D C:\AeriaGames
2015-05-20 15:37 - 2012-11-14 23:49 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Adobe

==================== Files in the root of some directories =======

2015-05-27 12:57 - 2015-06-16 15:45 - 0000079 _____ () C:\Program Files\prefs.js
2015-05-27 13:17 - 2015-06-15 14:53 - 0000024 _____ () C:\Users\Kagan Bagci\AppData\Roaming\appdataFr25.bin
2013-03-25 21:34 - 2015-05-27 11:31 - 0001356 _____ () C:\Users\Kagan Bagci\AppData\Local\d3d9caps.dat
2012-11-15 20:49 - 2013-01-27 00:30 - 0030720 _____ () C:\Users\Kagan Bagci\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-11 20:36 - 2014-01-11 20:36 - 0005567 _____ () C:\Users\Kagan Bagci\AppData\Local\HWVendorDetection.log
2015-05-21 21:21 - 2015-05-21 21:21 - 0001236 _____ () C:\Users\Kagan Bagci\AppData\Local\recently-used.xbel
2013-03-18 21:00 - 2013-03-18 21:00 - 1426411 ____N () C:\Users\Kagan Bagci\AppData\Local\Tempmusic.ogg
2013-02-10 21:23 - 2013-02-10 21:23 - 0509465 _____ () C:\ProgramData\1360516069.bdinstall.bin
2013-03-20 15:48 - 2013-03-20 15:48 - 0227776 _____ () C:\ProgramData\1363787221.bdinstall.bin
2013-07-15 14:56 - 2013-07-15 14:56 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
C:\Users\Kagan Bagci\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Kagan Bagci\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Kagan Bagci\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-16 21:09

==================== End of log ============================
Und hier das Addition:
[CODE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2015
Ran by Kagan Bagci at 2015-06-17 12:22:16
Running from C:\Users\Kagan Bagci\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-410520579-760464469-3575665083-500 - Administrator - Disabled)
Gast (S-1-5-21-410520579-760464469-3575665083-501 - Limited - Disabled)
Kagan Bagci (S-1-5-21-410520579-760464469-3575665083-1000 - Administrator - Enabled) => C:\Users\Kagan Bagci

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
ABBYY PDF Transformer 3.0 (HKLM\...\ABBYY PDF Transformer 3.0) (Version: 3.00.317.68010 - ABBYY)
ABBYY PDF Transformer 3.0 (Version: 3.00.317.68010 - ABBYY) Hidden
Activation Assistant for the 2007 Microsoft Office suites (Version:  - Microsoft Corporation) Hidden
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Photoshop Elements 6 (HKLM\...\AdobePE6) (Version:  - )
Adobe Reader 8 (HKLM\...\AdobeReader) (Version:  - )
Advanced SystemCare 6 (HKLM\...\Advanced SystemCare 6_is1) (Version: 6.2 - IObit)
AGEIA PhysX v8.01.18 (HKLM\...\{A5B5A16D-277A-476B-8F62-1029A2F23072}) (Version: 8.01.18 - AGEIA Technologies, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{0BB178A9-D9F6-4D97-3D43-3CD5B3C9B67D}) (Version: 3.0.682.0 - ATI Technologies, Inc.)
ATI VGA driver Ver V V 8.512 (Version:  - ) Hidden
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2008 - Avast Software)
Battle Realms Complete (German) (HKLM\...\GOGPACKBATTLEREALMS_is1) (Version: 2.0.0.9 - GOG.com)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
BioShock 2 (Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
BitTorrent (HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\BitTorrent) (Version: 7.9.2.38657 - BitTorrent Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Browser Address Error Redirector (Version:  - ) Hidden
Call Of Cthulhu DCoTE (HKLM\...\{E4406ED3-B04C-44F1-ABB4-08775B74934F}) (Version: 1.00.000 - )
Carbonite (HKLM\...\Carbonite) (Version:  - )
ccc-core-static (Version: 2008.0703.2236.38526 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.27 - Piriform)
ColoiuckkFeorSale (HKLM\...\{6C998B44-82D8-CC7E-D847-4CD73036412A}) (Version:  - "") <==== ATTENTION
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Community Map packs 1-4 for soulstorm  (HKLM\...\Community_0) (Version:  - )
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cry of Fear (HKLM\...\Steam App 223710) (Version:  - Team Psykskallar)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version:  - FromSoftware)
Dawn of War - Tyranid Mod v0.45SS (HKLM\...\Tyranid_Mod_v04SS) (Version: "0.45SS" - "Team Super Ninja")
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
Dungeon Defenders (HKLM\...\Steam App 65800) (Version:  - Trendy Entertainment)
DVDVideoSoftTB DE Toolbar (HKLM\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Five Nights at Freddy's (HKLM\...\Steam App 319510) (Version:  - Scott Cawthon)
Five Nights at Freddy's 2 (HKLM\...\Steam App 332800) (Version:  - Scott Cawthon)
Gameforge Live 2.0.5 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Goat Simulator (HKLM\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google BAE (HKLM\...\GoogleBAE) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Desktop (Version: 5.7.0807.15159 - Google) Hidden
Google Drive (HKLM\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.)
Google Talk Plugin (HKLM\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Toolbar (HKLM\...\GoogleToolbar) (Version:  - )
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
GoogleDesktop (HKLM\...\GoogleDesktop_XX) (Version:  - )
Half-Life (HKLM\...\Steam App 70) (Version:  - Valve)
Half-Life 2 (HKLM\...\Steam App 220) (Version:  - Valve)
Half-Life: Opposing Force (HKLM\...\Steam App 50) (Version:  - Gearbox)
HDRegDE (HKLM\...\{D359B12F-9B1A-46FD-B70C-F507B5B11590}) (Version: 2.0.0 - Acxiom)
Hearthstone (HKLM\...\Hearthstone) (Version:  - Blizzard Entertainment)
HP Photosmart 5510 series - Grundlegende Software für das Gerät (HKLM\...\{9951F1F7-773D-45FE-B6AE-FDFC481655B1}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Infocentre Rev. 2.0.0.1 (HKLM\...\Infocentre) (Version:  - )
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{26921B2E-3E62-47F9-A514-1FC4A83BD738}) (Version: 12.00.0004 - Intel(R) Corporation)
IObit Apps Toolbar v8.3 (HKLM\...\{B14D51F5-F44F-4D77-86D0-777D6CB6C235}) (Version: 8.3 - Spigot, Inc.) <==== ATTENTION
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Launch Manager V1.5.3 (HKLM\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.3 - Wistron Corp.)
launch manager Ver 1.5.3 (Version:  - ) Hidden
LG United Mobile Drivers (HKLM\...\{C2944BE7-9BFF-4EF0-A362-CB3281B7C50D}) (Version: 3.6.0.0 - LG Electronics)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Metaboli (HKLM\...\METABOLI) (Version:  - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works 9 (HKLM\...\works9) (Version:  - )
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft® Office 2007 (HKLM\...\OFF2k7_GE) (Version:  - )
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 35.0 (x86 de) (HKLM\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM\...\Nero8) (Version:  - )
Norton Internet Security (HKLM\...\NIS2008_DE) (Version:  - )
OkayFreedom (HKLM\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.5.2 - Steganos Software GmbH)
OpenAL (HKLM\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
ORION: Prelude (HKLM\...\Steam App 104900) (Version:  - Spiral Game Studios)
Packard Bell ImageWriter (HKLM\...\ImageWriter) (Version:  - )
Packard Bell LCD Test (HKLM\...\LCDTest) (Version:  - )
Packard Bell Updator (HKLM\...\Updator) (Version:  - )
PrInceCoupon (HKLM\...\{D86C82B0-1F02-816A-5F3D-6466F6A67566}) (Version:  - "") <==== ATTENTION
QuickShare (HKLM\...\{063C68D3-B0B7-4FBC-AE78-A81906C11888}) (Version: 10.165.60.13189 - Linkury Inc.) <==== ATTENTION
Razer Game Booster (HKLM\...\{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}) (Version: 3.5.6.0 - Razer USA Ltd.)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000 - Realtek) Hidden
Realtek cardreader driver Ver6.0.6000.10092 (Version:  - ) Hidden
Realtek High Definition Audio driver Ver6.0.1.5672 (Version:  - ) Hidden
Realtek LAN driver Ver6.206.502.2008 (Version:  - ) Hidden
Realtek USB 2.0 Card Reader (Version:  - Realtek Semiconductor Corp.) Hidden
Repetier-Host Version 0.95D (HKLM\...\{1143F758-929B-4EEB-8784-46CCB622F037}_is1) (Version: 0.95D - repetier)
RoyaalCioaupon (HKLM\...\{40DC4B27-4588-C56F-7737-D03A0ACE4383}) (Version:  - "") <==== ATTENTION
Samsung CLP-360 Series (HKLM\...\Samsung CLP-360 Series) (Version: 1.20 (16.12.2014) - Samsung Electronics Co., Ltd.)
Samsung Drucker-Diagnose (HKLM\...\Samsung Printer Diagnostics) (Version: 1.0.1.16 - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM\...\Samsung Easy Printer Manager) (Version: 1.05.79.00(26.03.2015) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.1.3.2 - Seagate Technology)
Second Home (HKLM\...\{E370F69F-ED3F-925F-31FC-14D1329A713B}) (Version:  - "")
Settings Manager (HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Settings Manager) (Version: 21.4.0.1 - Spigot, Inc.) <==== ATTENTION
SetUp My PC (HKLM\...\SETUPMYPC_DE) (Version:  - )
ShoppierMaaster (HKLM\...\{35E0D123-1F22-9AE6-F973-B7ECA46E8BFE}) (Version:  - "") <==== ATTENTION
Sichern Sie Ihre Daten (Version:  - Carbonite Inc.) Hidden
Skins (Version: 2008.0703.2236.38526 - ATI) Hidden
Skype 3.6.2.248 (HKLM\...\SKYPE) (Version:  - )
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 7.5 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
SoftwareAlert (HKLM\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{5589d471}) (Version:  - Software Publisher) <==== ATTENTION
Startfenster (HKLM\...\Startfenster) (Version:  - Startfenster)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (Version: 11.1.21.0 - Synaptics) Hidden
Synaptics TouchPad driver Ver 11.1.21.0 (Version:  - ) Hidden
System Requirements Lab CYRI (HKLM\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM\...\{2B204A6B-167C-4C37-B40E-56570C96491E}) (Version: 6.1.4.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM\...\Steam App 105600) (Version:  - Re-Logic)
Torchlight II (HKLM\...\Steam App 200710) (Version:  - Runic Games)
UA Map Pack (HKLM\...\UA Map Pack) (Version:  - )
Ultimate Apocalypse - THB Patch version 1.8.1 (HKLM\...\{2D2D99BC-4565-4A97-85E9-4BFCFE95965A}_is1) (Version: 1.8.1 - Ultimate Apocalypse Mod Team)
Ultimate Apocalypse - The Hunt Begins version 1.8.0 (HKLM\...\{A21FAC0C-E2CD-4A79-A88F-4174EA62451A}_is1) (Version: 1.8.0 - Ultimate Apocalypse Mod Team)
Ultimate Apocalypse mod 1.73 (HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Ultimate Apocalypse mod 1.73) (Version:  - )
Unepic (HKLM\...\1207659227_is1) (Version: 2.8.0.13 - GOG.com)
Unity Web Player (HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Volgarr the Viking v2.0.0.1 1.0 (HKLM\...\Volgarr the Viking v2.0.0.1 1.0) (Version: 1.0 - Cat-A-Cat)
Warhammer 40,000: Dawn of War – Soulstorm (HKLM\...\Steam App 9450) (Version:  - Relic Entertainment)
WhiteSmoke New V6 Toolbar for IE (HKLM\...\IECT3311268) (Version: 6.16.2.2 - WhiteSmoke New V6) <==== ATTENTION
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
World of Warcraft (HKLM\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Xvid 1.1.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi))

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{63D99C74-1867-B00A-B48A-F226B9837657}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.26.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

==================== Restore Points =========================

25-05-2015 17:37:46 Geplanter Prüfpunkt
26-05-2015 08:33:10 Windows Update
26-05-2015 12:44:37 Gerätetreiber-Paketinstallation: Samsung Drucker
29-05-2015 19:46:51 Windows Update
02-06-2015 19:31:11 Windows Update
03-06-2015 14:38:19 Geplanter Prüfpunkt
03-06-2015 17:37:56 Installed System Requirements Lab Detection
07-06-2015 20:55:50 Windows Update
10-06-2015 17:02:03 Windows Defender Checkpoint
12-06-2015 22:58:23 Windows Update
16-06-2015 15:39:47 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost
::1            localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {420237FD-AF49-42FB-96F7-C643BD150FF1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-02] (AVAST Software)
Task: {4D79B07F-3ADC-475B-A278-7F3E7B10BA44} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4DE81CF0-AEB5-48F0-984A-E9F1D115C877} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-28] (Facebook Inc.)
Task: {61CC9DC8-EC5B-4AAA-936E-385737A03E73} - System32\Tasks\Erweiterte Garantie-Kagan Bagci => C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-02-04] (Packard Bell BV)
Task: {67042091-C4B7-4D01-B99C-8113C89EFCC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-15] (Google Inc.)
Task: {85C2DA55-956B-4054-A27D-58F5B75EBE56} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {8AD7C484-9944-4BE7-B42B-17858E021DBD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-01-23] (Piriform Ltd)
Task: {988F56DC-F274-4C4C-8EA6-BF708CC24CB2} - System32\Tasks\Recovery DVD Creator-Kagan Bagci => C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe [2008-02-04] (Packard Bell BV)
Task: {9B4352D2-DDA9-40A4-A1E0-583C162BD30B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-11] (Google Inc.)
Task: {A59EDF3E-5B9C-47D4-82CD-05DDF035B9CA} - System32\Tasks\{7C7143E3-9922-433E-9333-D7D15C6C71C7} => pcalua.exe -a "C:\Users\Kagan Bagci\Desktop\libusb-win32-filter-bin-0.1.10.1.exe" -d "C:\Users\Kagan Bagci\Desktop"
Task: {B9338F41-8D44-4BB5-8FB4-9FBD26643559} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-15] (Google Inc.)
Task: {BFB85395-DCA3-418B-9699-F594136DF958} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-11] (Google Inc.)
Task: {C6127032-F189-4535-A026-4462F91D8D4F} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {C731D6DA-B4AE-470C-8041-8E544CCC2F67} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe [2012-11-13] ()
Task: {D96479A1-D81E-48BE-9429-1157B7F2612B} - System32\Tasks\{692E16B8-5C7F-4ACC-A311-B180845E0984} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?page=tsProgressBar
Task: {DC57B16D-CE35-499C-9913-257352FB9D6F} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe [2013-04-08] (IObit)
Task: {DDDF64F1-7681-4AD4-B482-8A3E7FA07592} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-28] (Facebook Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Erweiterte Garantie-Kagan Bagci.job => C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Recovery DVD Creator-Kagan Bagci.job => C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe

==================== Loaded Modules (Whitelisted) ==============

2013-03-18 20:42 - 2013-01-15 18:47 - 00517440 _____ () C:\Program Files\IObit\Advanced SystemCare 6\sqlite3.dll
2013-12-05 20:38 - 2014-09-02 12:13 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2008-04-30 20:13 - 2008-04-30 20:13 - 00200704 _____ () C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2015-06-16 15:27 - 2015-06-16 15:27 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15061600\algo.dll
2015-06-17 12:17 - 2015-06-17 12:17 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15061700\algo.dll
2015-05-27 20:14 - 2015-05-27 20:14 - 02291712 _____ () c:\Program Files\SoftwareAlert\SoftwareAlert.dll
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-08-20 04:25 - 2008-07-04 05:37 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2013-12-05 20:39 - 2014-09-02 12:13 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-08 13:30 - 2014-09-08 13:30 - 00351968 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 13:32 - 2014-09-08 13:32 - 00050688 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2013-03-18 20:42 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madExcept_.bpl
2013-03-18 20:42 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madBasic_.bpl
2013-03-18 20:42 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madDisAsm_.bpl
2015-05-22 18:44 - 2015-05-22 18:44 - 00897520 _____ () C:\Users\Kagan Bagci\AppData\Roaming\Settings Manager\SettingsManager.exe
2015-05-05 17:40 - 2015-06-12 22:57 - 00776880 _____ () C:\Users\Kagan Bagci\AppData\Roaming\Update Manager\UM.exe
2008-11-06 13:17 - 2008-11-06 13:17 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2015-06-10 16:06 - 2015-06-05 20:22 - 15003464 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Kagan Bagci\Downloads\ce4955free.exe:BDU
AlternateDataStreams: C:\Users\Kagan Bagci\Downloads\chromeinstall-7u17.exe:BDU
AlternateDataStreams: C:\Users\Kagan Bagci\Downloads\setup (1).exe:BDU
AlternateDataStreams: C:\Users\Kagan Bagci\Downloads\TERASetup.exe:BDU

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\aeriagames.com -> hxxp://aeriagames.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-410520579-760464469-3575665083-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kagan Bagci\Desktop\2397008-1531880985-RJTni.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{37A4B201-F203-4386-9C96-AE37072F31F1}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{7EC03DDA-38D1-4DFA-9319-072098A30382}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [TCP Query User{07AB1E1E-1C02-4C46-A238-15F1996BF40E}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{C5F6B9AE-AE9F-4220-BAA9-2E1F147A84C9}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [{A81D73E2-D551-418F-B51F-C3D0D94F4208}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{FB5D8F79-4BFD-4BA8-99C7-1BF0D29695DB}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{2DB6A7CC-EAD3-46D8-A62B-9B0559581F73}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{F46C548D-EC46-4D8B-B3C0-14D2A7FC7F9C}C:\program files\runes of magic\client.exe] => (Allow) C:\program files\runes of magic\client.exe
FirewallRules: [UDP Query User{44948248-23E9-4B9B-AC02-B77B7F79D4C4}C:\program files\runes of magic\client.exe] => (Allow) C:\program files\runes of magic\client.exe
FirewallRules: [{AE7327F5-7515-44D9-A5B4-0D59FBE418C0}] => (Allow) LPort=80
FirewallRules: [{F33838AA-7C2E-4F98-B27D-F63B407DA383}] => (Allow) LPort=80
FirewallRules: [{33C1E5CE-0512-4A20-8E78-9BC68A90A9D5}] => (Allow) LPort=80
FirewallRules: [{9DFDC90A-8370-4B7F-B736-D627255537E3}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{34873EEA-32E9-4998-BF27-EC9712AAE121}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{89D21C15-18EA-4C32-8B77-0CBAA8D415CF}] => (Allow) c:\BrickForce\BfLauncher.exe
FirewallRules: [{BF735AE1-4D4D-4632-86C5-2FD949B3AC06}] => (Allow) c:\BrickForce\BrickForce.exe
FirewallRules: [{B6DCF34B-543E-4F52-BF5F-08CAF773BA03}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4464244B-B8DF-40F1-808B-C54DAE5717CD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{21804082-1DC9-499F-9CCD-0D5BBFA1F3BD}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\half-life\hl.exe
FirewallRules: [{6C0C397B-5722-4861-84B0-E916AD2D5C72}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\half-life\hl.exe
FirewallRules: [{4725C7CD-29CA-4EA3-8A02-914962762632}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{1B5F7671-1BD4-4E32-A9A2-118D383D1413}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{821EF3BD-8C42-43B4-AF5B-607801098C7F}] => (Allow) svchost.exe
FirewallRules: [{D3F1DC62-46EA-4186-B2DB-0066E868A5B9}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{1CF6EBC4-753C-4C31-B7F3-97DBA99F9305}C:\users\kagan bagci\desktop\whitefinger1.0\darkplaces.exe] => (Allow) C:\users\kagan bagci\desktop\whitefinger1.0\darkplaces.exe
FirewallRules: [UDP Query User{EC8DFABE-10CB-4C6E-BB3C-529B6D961F1E}C:\users\kagan bagci\desktop\whitefinger1.0\darkplaces.exe] => (Allow) C:\users\kagan bagci\desktop\whitefinger1.0\darkplaces.exe
FirewallRules: [{945630B1-1C22-4F43-B52E-930786277A7B}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{C458B229-3FB9-4BB5-B9D8-8301396AEEBC}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{1F203F08-3E9B-4EF3-A273-1EAD47C7D5FA}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{5A908225-4AA4-4683-BC36-ED80CFC40C03}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{7F7602D7-57A3-4CF4-8F26-D50D13A128AD}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{FFC4382B-43A2-4127-8A22-1C83C5C1C259}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{DF42ED22-AB76-46DC-9D54-81064AE2B93F}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{785C404B-8205-49A6-946A-EB6E1B371B2E}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{93C71602-24B6-4F39-BACE-8AC44F970DD2}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{A14D2050-4A44-477D-AB80-9E0E101CAD1B}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{AB60DCF7-679C-406C-99B9-84ED97CE01DB}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{3DAE4C50-C814-499D-9DA5-17653931910D}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{8365CDDC-FB96-4BAE-8FE9-1D613867096C}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{7F133585-2B74-4D48-A70C-7AC041F9210D}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [TCP Query User{4CDE0EC4-9674-4803-B28A-7A95145BFEF4}C:\users\kagan bagci\desktop\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe] => (Allow) C:\users\kagan bagci\desktop\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe
FirewallRules: [UDP Query User{351F4EE0-4CCD-454E-8C3A-C7C7A9ED340D}C:\users\kagan bagci\desktop\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe] => (Allow) C:\users\kagan bagci\desktop\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe
FirewallRules: [TCP Query User{8BACB417-AF23-4D82-9051-DA81D6DDAC20}C:\users\kagan bagci\desktop\ghoulsforest3dbeta1.3.0\ghouls forest 3d.exe] => (Allow) C:\users\kagan bagci\desktop\ghoulsforest3dbeta1.3.0\ghouls forest 3d.exe
FirewallRules: [UDP Query User{CB459407-E6DB-4E97-BE4D-380343F062E6}C:\users\kagan bagci\desktop\ghoulsforest3dbeta1.3.0\ghouls forest 3d.exe] => (Allow) C:\users\kagan bagci\desktop\ghoulsforest3dbeta1.3.0\ghouls forest 3d.exe
FirewallRules: [{C50026E4-3104-4285-8042-40A831D43BDE}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\garrysmod\hl2.exe
FirewallRules: [{8D003BEA-C3AF-43CF-88B3-E528C62A7A79}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\garrysmod\hl2.exe
FirewallRules: [TCP Query User{98425062-8699-42E3-8500-C10E149BE7BD}C:\udk\forget me not annie\binaries\win32\udk.exe] => (Allow) C:\udk\forget me not annie\binaries\win32\udk.exe
FirewallRules: [UDP Query User{DBC9E44C-37AF-4172-B723-D9E5D62322FB}C:\udk\forget me not annie\binaries\win32\udk.exe] => (Allow) C:\udk\forget me not annie\binaries\win32\udk.exe
FirewallRules: [{9A8E3F26-1B46-449C-B8D6-BEF38EB281E9}] => (Allow) C:\Program Files\Dragon's Prophet\dp_x86.exe
FirewallRules: [{28C771E9-E619-4D09-BC5C-E5B5A95F166A}] => (Allow) C:\Program Files\Dragon's Prophet\dp_x86.exe
FirewallRules: [{66C50E31-5BCC-496D-A2AE-FD5DAB6519F0}] => (Allow) C:\Program Files\Dragon's Prophet\dp_x64.exe
FirewallRules: [{FEEA5A36-6549-44FE-A244-BB42E4DC875B}] => (Allow) C:\Program Files\Dragon's Prophet\launcher.exe
FirewallRules: [{BA5057B0-A777-40E0-A595-6A256BEE57E8}] => (Allow) C:\Program Files\Dragon's Prophet\dp_x64.exe
FirewallRules: [{8B7F8917-3F26-44A8-9629-12A7705E66DD}] => (Allow) C:\Program Files\Dragon's Prophet\launcher.exe
FirewallRules: [TCP Query User{BAFC5699-B6F0-42BD-AA1D-5A30812A0FFD}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{792D8630-F7DE-4178-8CC8-9AAA7BFF4CF9}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{4677CB95-3B03-49E0-B513-111C974DF195}C:\users\kagan bagci\desktop\world_of_tanks\worldoftanks.exe] => (Allow) C:\users\kagan bagci\desktop\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{D48BC7FA-6BA9-4767-B817-30E64667B2A6}C:\users\kagan bagci\desktop\world_of_tanks\worldoftanks.exe] => (Allow) C:\users\kagan bagci\desktop\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{AED913D2-F398-4ADA-9CC2-B95757F2177A}C:\users\kagan bagci\desktop\world_of_tanks\wotlauncher.exe] => (Allow) C:\users\kagan bagci\desktop\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{31F42C98-8B59-4148-B29F-BDD8CB9B93A6}C:\users\kagan bagci\desktop\world_of_tanks\wotlauncher.exe] => (Allow) C:\users\kagan bagci\desktop\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{B0082B91-71C4-4F40-B70F-DDF1AC85FB54}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{08CD6DC4-FE23-4AE5-9F65-34B6FEFF4890}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [{562A6746-9B46-423F-A265-C45962080E11}] => (Allow) C:\Program Files\Gameforge4D\Elsword_DE\data\x2.exe
FirewallRules: [{00C043A5-5188-4532-A75E-1BA457F4C6E0}] => (Allow) C:\Program Files\Gameforge4D\Elsword_DE\data\x2.exe
FirewallRules: [TCP Query User{ECCC19B2-9149-443A-A9D0-C1B6EE51AE9C}C:\program files\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe] => (Allow) C:\program files\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe
FirewallRules: [UDP Query User{9F304512-C240-40C8-A379-7D15895AAC13}C:\program files\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe] => (Allow) C:\program files\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe
FirewallRules: [TCP Query User{C4DAFC5C-B25A-4244-A32C-9538792CBB78}C:\program files\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{E373DD06-A489-4292-9442-AD786F71647D}C:\program files\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [TCP Query User{A1616B0A-9ED1-4DF0-825E-0D570FA37EB8}C:\program files\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{14E2296D-79E4-401B-8AFB-55477C355CD0}C:\program files\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{0820525C-3B0F-4A1F-B6E5-C3C9D2980061}] => (Allow) C:\Program Files\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{DFD2223B-E451-49BB-943A-45DC24EFF775}] => (Allow) C:\Program Files\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{7DAF3C1D-D459-4851-A1D8-0652395A640B}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe
FirewallRules: [{4E5CE63B-660D-46DA-A3A8-40FE329D096E}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{614795C3-D1BB-4FC4-9071-F1C7688E9150}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{521840FE-61EF-4A82-911A-FBE75D89A57A}C:\program files\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) C:\program files\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [UDP Query User{B543D5CB-65EA-442A-993A-0D8C82993DD2}C:\program files\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) C:\program files\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [{3243D382-AA5E-42EA-8872-DFAA7F27FE52}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{F59C80A8-2AED-474A-AD0B-58ED6D78687F}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [TCP Query User{B04414EC-ADA4-4343-94CC-CB6F9F940F49}C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [UDP Query User{F238EED5-DEA4-4007-AFFA-46574F74EBC0}C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [{D5F7FF9A-6644-493B-93B3-59859057A510}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\opposing force\hl.exe
FirewallRules: [{27E0AFD6-736F-4133-9205-8C98642D8DC9}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\opposing force\hl.exe
FirewallRules: [{4F3B7EE7-9EB9-461B-B74D-C2279D513E70}] => (Allow) C:\Program Files\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{42990F9A-E5D9-4C1A-A1B6-B937D97F7010}] => (Allow) C:\Program Files\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{8A676AE9-BDC5-4760-A1BC-C4B817B547CD}] => (Allow) C:\Program Files\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{AA74E6F5-2AF4-4458-A4E9-AE6B99096DA3}] => (Allow) C:\Program Files\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{FA6B2022-4726-423B-B1C4-36896A269FA3}] => (Allow) C:\Program Files\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{CE4DB209-9A01-4B25-8886-B4706D0369E3}] => (Allow) C:\Program Files\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{3FF9028B-6306-4E7F-B448-09A8115A8DB4}C:\program files\steam\steamapps\common\terraria\terrariaserver.exe] => (Block) C:\program files\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{21AF891A-7361-4D41-980C-E565DBF5A652}C:\program files\steam\steamapps\common\terraria\terrariaserver.exe] => (Block) C:\program files\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{00C479E1-C818-4FF1-BDDD-5E400843DE1E}C:\program files\steam\steam.exe] => (Allow) C:\program files\steam\steam.exe
FirewallRules: [UDP Query User{9168C763-C30B-471C-9657-DA4DBDDC3D82}C:\program files\steam\steam.exe] => (Allow) C:\program files\steam\steam.exe
FirewallRules: [TCP Query User{7E157346-1CD9-4714-96A0-18D425DCEAC6}C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe
FirewallRules: [UDP Query User{6D9F6EC6-FE29-48CD-A87D-DB2426FAA6B3}C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe
FirewallRules: [TCP Query User{9932CFAC-A916-455B-A075-5DE7E9DB12C2}C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe
FirewallRules: [UDP Query User{0F905FC1-8163-4487-A7E6-7B8B526A7AD4}C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe
FirewallRules: [{F46E1BC2-4F69-46D5-9ABE-B83DF194136A}] => (Allow) C:\Program Files\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{EB1A1E9B-8ECD-439E-8CC7-445CAFB97636}] => (Allow) C:\Program Files\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [TCP Query User{90DB0671-B6D4-478B-B1D7-5BDDAF0E8AA3}C:\users\kagan bagci\desktop\spiele und etc\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\spiele und etc\brutal doom mit neuen waffen\zandronum.exe
FirewallRules: [UDP Query User{52380365-8A93-48E4-93F2-27C0B7D063E2}C:\users\kagan bagci\desktop\spiele und etc\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\spiele und etc\brutal doom mit neuen waffen\zandronum.exe
FirewallRules: [{7BDDA3C1-82FE-442D-A50B-50FD4F2CE9D0}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{C0B3B7E8-4801-4491-AB45-1E9F8926DEC9}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{0509B901-42E5-4357-9009-F89D827147DE}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{831359BB-DD03-430A-BF68-99480FBA3FBE}] => (Allow) C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{15727555-DCDF-4109-91A0-A3CF0B314B08}] => (Allow) C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{FA84AFB7-C756-482F-BD24-15C3D9D08AC2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8F51A668-FA7E-4F40-B1CC-271404E73F34}] => (Allow) C:\Program Files\GameforgeLive\Games\DEU_deu\Elsword\data\x2.exe
FirewallRules: [{03FF5574-AB3B-48C9-A6B3-14A82A6DBB0E}] => (Allow) C:\Program Files\GameforgeLive\Games\DEU_deu\Elsword\data\x2.exe
FirewallRules: [{8F41CEE4-5CB8-4878-BD03-5823F87FF28E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8D0ED363-69DD-4F02-9324-A3AEE1DAF6A7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{765E88A6-4948-4FB2-937A-4DDB0FF83AEE}C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{5444F18C-06B6-4998-BAB1-F08259B27C71}C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe
FirewallRules: [{2D09BD47-94BC-41AA-BD32-DC5AE596D44E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{6C91CF7A-873A-4EE4-8FC5-8E6A6D9F9FB5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{AADDB1B7-C36B-4F0C-9C94-EE373FE9C08A}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{41B3A67F-56AF-4A55-A3B1-05BBB6EE0CD9}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{7C7B35BB-225C-4847-B751-13F2703E12A1}] => (Allow) C:\Program Files\Steam\SteamApps\common\Five Nights at Freddy's\FiveNightsatFreddys.exe
FirewallRules: [{E02A3374-A816-4BB9-BC22-89FD458B04C8}] => (Allow) C:\Program Files\Steam\SteamApps\common\Five Nights at Freddy's\FiveNightsatFreddys.exe
FirewallRules: [{03AAFD9B-3E6E-4F20-9729-5ED93D950717}] => (Allow) C:\Program Files\Steam\SteamApps\common\Five Nights at Freddy's 2\FiveNightsatFreddys2.exe
FirewallRules: [{6CE98861-02B1-4B29-9B8D-EC6640C0ADC1}] => (Allow) C:\Program Files\Steam\SteamApps\common\Five Nights at Freddy's 2\FiveNightsatFreddys2.exe
FirewallRules: [TCP Query User{016DBACF-289F-458E-A531-2B85769FC8D9}C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{03F4C02D-DC1D-4BD6-BE9B-3CAA4CC5DCBC}C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe
FirewallRules: [{2A53BC7C-6BD7-4F50-AC4F-E1F5BCD7A532}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe
FirewallRules: [{2B4A3B52-344D-4634-954F-D7A98F7C8B6B}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe
FirewallRules: [{49ED5F59-678B-4831-9444-4FBEC937BF85}] => (Allow) C:\Users\Kagan Bagci\AppData\Roaming\Steganos\OkayFreedom\Proxy\node.exe
FirewallRules: [{EAECAEA3-FCFD-4708-A2DD-9CE00AE15804}] => (Allow) C:\Program Files\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{E061B626-9DA7-4606-B079-4AA966E4A8D3}] => (Allow) C:\Program Files\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{D87C2A32-C994-4A07-842E-AB971008DE9F}] => (Allow) C:\Users\KAGANB~1\AppData\Local\Temp\2cc498d0\WebInstallAgent\SPNTInst.exe
FirewallRules: [{6282A914-DD0F-43A4-9B5A-D3FF3C6855CA}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{0BFF20FD-F0DB-4D69-B2F1-ECD5A56DA45E}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{BFD4CFA3-569E-4993-BCD6-3A19FD8B0B42}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{05FEC9DE-A7E6-42F9-8C41-DF9535294F73}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{F7BB2E41-E0F2-4B1C-B8E4-EA695293C3AB}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{A4858C07-7A45-4076-B29D-51174BD23FB4}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{B5704504-CFA1-4612-A4CC-25E28326EA5F}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{A6DDA808-E474-4C92-9C2F-99D1906FBE49}] => (Allow) C:\Program Files\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{BF04E4FE-A929-41E0-AE45-F59728E3289A}] => (Allow) C:\Program Files\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{F40D6676-FEBE-4D47-81EA-E2ED9B6B6DF4}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{B1B553AE-3E19-4B13-AA69-C023568729B6}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{866E40A1-A328-4B96-86C4-4395EEB6F0F6}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{354441E4-36E5-4D32-A705-D704A0A88EC9}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{64BBC013-F4D0-4FEB-B201-5DA8D5478B4A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{AAFBFD6E-2CA7-4619-ACCC-F57A1102E4C4}C:\gog games\battle realms complete (german)\battle_realms_f.exe] => (Allow) C:\gog games\battle realms complete (german)\battle_realms_f.exe
FirewallRules: [UDP Query User{63A5DA41-AFD2-438D-BA2C-7067731A2793}C:\gog games\battle realms complete (german)\battle_realms_f.exe] => (Allow) C:\gog games\battle realms complete (german)\battle_realms_f.exe
FirewallRules: [TCP Query User{197D79CC-177C-46A7-A5C7-E2B3718570EE}C:\gog games\unepic\unepic.exe] => (Allow) C:\gog games\unepic\unepic.exe
FirewallRules: [UDP Query User{E06CEDB6-B292-446A-9B35-A4139C0B55FD}C:\gog games\unepic\unepic.exe] => (Allow) C:\gog games\unepic\unepic.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/16/2015 09:03:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/16/2015 03:39:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Zugriff verweigert

Error: (06/16/2015 03:39:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Zugriff verweigert

Error: (06/14/2015 08:19:32 PM) (Source: Google Update) (EventID: 20) (User: KaganBagci-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=0, script=hxxp://127.0.0.1:8445/okf.pac.
trying CUP:WinHTTP.
Send request returned 0x800421f8. Http status code 504.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:Win

Error: (06/14/2015 06:03:49 PM) (Source: Google Update) (EventID: 20) (User: KaganBagci-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=0, script=hxxp://127.0.0.1:8445/okf.pac.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHT

Error: (06/12/2015 11:41:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2015 11:17:19 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: SpoolerC:\Windows\system32\winspool.drv4

Error: (06/12/2015 11:17:19 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (06/12/2015 11:17:18 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (06/12/2015 10:58:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Zugriff verweigert


System errors:
=============
Error: (06/17/2015 00:16:31 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 192.168.0.17 für die Netzwerkkarte mit der Netzwerkadresse 00215D829EB0 wurde durch den DHCP-Server 192.168.2.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).

Error: (06/16/2015 09:03:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: SYMTDI

Error: (06/16/2015 09:03:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (06/16/2015 09:03:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: aswFsBlk%%2

Error: (06/16/2015 09:03:20 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 16.06.2015 um 20:58:05 unerwartet heruntergefahren.

Error: (06/16/2015 08:58:25 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 192.168.2.101 für die Netzwerkkarte mit der Netzwerkadresse 00215D829EB0 wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).

Error: (06/16/2015 03:26:33 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 192.168.0.17 für die Netzwerkkarte mit der Netzwerkadresse 00215D829EB0 wurde durch den DHCP-Server 192.168.2.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).

Error: (06/16/2015 03:26:33 PM) (Source: Dhcpv6) (EventID: 1000) (User: )
Description: Die Lease dieses Computers zu der IP-Adresse *üû@ý über die Netzwerkkarte mit der Netzwerkadresse 00215D829EB0 ist verloren gegangen.

Error: (06/15/2015 10:55:21 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 2a02:8108:9640:1eec::298-FE-94-5A-75-74758096385 mit dem Computer mit der
Netzwerkhardwareadresse 98-FE-94-5A-75-74 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (06/15/2015 09:46:43 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 192.168.2.102 für die Netzwerkkarte mit der Netzwerkadresse 00215D829EB0 wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).


Microsoft Office:
=========================
Error: (04/09/2013 03:15:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-12-05 18:34:52.094
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-05 18:34:51.735
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-05 18:34:51.360
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-05 18:34:51.002
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-05 18:34:50.643
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-05 18:34:50.284
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-05 18:34:44.138
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-05 18:34:43.748
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-05 18:34:43.373
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-05 18:34:43.014
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
Percentage of memory in use: 71%
Total physical RAM: 3065.95 MB
Available physical RAM: 867.17 MB
Total Pagefile: 8974.2 MB
Available Pagefile: 6952.53 MB
Total Virtual: 2047.88 MB
Available Virtual: 1879.75 MB

==================== Drives ================================

Drive c: (HDD) (Fixed) (Total:286.09 GB) (Free:10.33 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 40FB6491)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=286.1 GB) - (Type=07 NTFS)

==================== End of log ============================
--- --- ---

deeprybka 17.06.2015 20:13
Hi,

Schritt 1
Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:
    ColoiuckkFeorSale
    IObit Apps Toolbar v8.3
    PrInceCoupon
    QuickShare
    RoyaalCioaupon
    Settings Manager
    ShoppierMaaster
    SoftwareAlert
    WhiteSmoke New V6 Toolbar for IE

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 



Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



(neue Version!)
Schritt 3

http://deeprybka.trojaner-board.de/m...mbamlogo4a.pnghttp://deeprybka.trojaner-board.de/m...mbamlogo4b.png
  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben und poste mir das Log.

Schritt 4

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Decypher 17.06.2015 21:42
Alles gemacht
 
AdwCleaner:

Code:
# AdwCleaner v4.206 - Bericht erstellt 17/06/2015 um 21:44:45
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-17.1 [Server]
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Benutzername : Kagan Bagci - KAGANBAGCI-PC
# Gestarted von : C:\Users\Kagan Bagci\Downloads\AdwCleaner_4.206.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\2a0f46e800006aef
Ordner Gelöscht : C:\ProgramData\431b2240000043bd
Ordner Gelöscht : C:\Program Files\System Optimizer
Ordner Gelöscht : C:\Program Files\ColoiuckkFeorSale
Ordner Gelöscht : C:\Program Files\PrInceCoupon
Ordner Gelöscht : C:\Program Files\RoyaalCioaupon
Ordner Gelöscht : C:\Program Files\RRoyalCOupon
Ordner Gelöscht : C:\Program Files\RuoyaalCouPPon
Ordner Gelöscht : C:\Program Files\ShoppierMaaster
Ordner Gelöscht : C:\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE
Ordner Gelöscht : C:\Users\Kagan Bagci\AppData\Roaming\Update Manager
Ordner Gelöscht : C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\ascsurfingprotection@iobit.com
Ordner Gelöscht : C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Ordner Gelöscht : C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjjngeaknajbdcgpfkgnonkmififhfo
Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_amfclgbdpgndipgoegfpkkgobahigbcl_0.localstorage
Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mhkaekfpcppmmioggniknbnbdbcigpkk
Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp
Datei Gelöscht : C:\Users\Kagan Bagci\Favorites\Startfenster.lnk
Datei Gelöscht : C:\Users\Kagan Bagci\Favorites\Links\Startfenster.lnk
Datei Gelöscht : C:\Program Files\mozilla firefox\dbghelp.dll
Datei Gelöscht : C:\Program Files\prefs.js
Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk
Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\searchplugins\mystartsearch.xml
Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\yahoo_ff.xml
Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\searchplugins\yahoo_ff.xml
Datei Gelöscht : C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\user.js

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com]
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PA18CD12D_C55F_45AF_871F_F25AD339D36F_.PA18CD12D_C55F_45AF_871F_F25AD339D36F_
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PA18CD12D_C55F_45AF_871F_F25AD339D36F_.PA18CD12D_C55F_45AF_871F_F25AD339D36F_.9
Schlüssel Gelöscht : HKLM\SOFTWARE\ecc06a27-07df-647d-b5d8-500ed23a19b2
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A18CD12D-C55F-45AF-871F-F25AD339D36F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{33B8CF8E-1B37-40DD-A652-F97EDFCA9565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A336F17E-321F-43FA-9BE6-873BBDFF418E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A18CD12D-C55F-45AF-871F-F25AD339D36F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A18CD12D-C55F-45AF-871F-F25AD339D36F}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F09E38FE-BD31-4213-94EE-511AB559B58D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F09E38FE-BD31-4213-94EE-511AB559B58D}
Schlüssel Gelöscht : HKCU\Software\eSupport.com
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\System Optimizer
Schlüssel Gelöscht : HKCU\Software\PRODUCTSETUP
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Speedchecker Limited
Schlüssel Gelöscht : HKLM\SOFTWARE\mystartsearchSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Schlüssel Gelöscht : HKLM\SOFTWARE\FFPluginHp
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{40DC4B27-4588-C56F-7737-D03A0ACE4383}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local;<local>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v9.0.8112.16659

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v35.0 (x86 de)

[zigocm5w.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaultenginename", "mystartsearch");
[zigocm5w.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.alias", "mystartsearch");
[zigocm5w.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/favicon.ico");
[zigocm5w.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.name", "mystartsearch");
[zigocm5w.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=ds&ts=1431023221&z=01b37b3de1539111e9b146bg7zcc6gde6o1c8e6t0q&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808R01502015[...]

-\\ Google Chrome v43.0.2357.124


*************************

AdwCleaner[R0].txt - [28769 Bytes] - [05/12/2013 15:42:38]
AdwCleaner[R1].txt - [10106 Bytes] - [17/06/2015 21:41:32]
AdwCleaner[S0].txt - [27746 Bytes] - [05/12/2013 15:46:21]
AdwCleaner[S1].txt - [8677 Bytes] - [17/06/2015 21:44:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [8736  Bytes] ##########
Malwarebytes:

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 17.06.2015
Suchlauf-Zeit: 21:57:46
Logdatei: Malwarebytes.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.17.04
Rootkit Datenbank: v2015.06.15.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x86
Dateisystem: NTFS
Benutzer: Kagan Bagci

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 347342
Verstrichene Zeit: 23 Min, 20 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

Decypher 17.06.2015 21:43
FRST und Addition:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015
Ran by Kagan Bagci (administrator) on KAGANBAGCI-PC on 17-06-2015 22:26:05
Running from C:\Users\Kagan Bagci\Downloads
Loaded Profiles: Kagan Bagci (Available Profiles: Kagan Bagci)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ABBYY) C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Steganos Software GmbH) C:\Program Files\OkayFreedom\OkayFreedomService.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Carbonite, Inc.) C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Akamai Technologies, Inc.) C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Akamai Technologies, Inc.) C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Steganos Software GmbH) C:\Program Files\OkayFreedom\OkayFreedomClient.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Joyent, Inc) C:\Users\Kagan Bagci\AppData\Roaming\Steganos\OkayFreedom\Proxy\node.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Kagan Bagci\Downloads\FRST (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [192512 2008-08-22] (Wistron)
HKLM\...\Run: [LMgrOSD] => C:\Program Files\Launch Manager\OSD.exe [430080 2008-05-16] (Wistron Corp.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1328424 2008-07-03] (Synaptics, Inc.)
HKLM\...\Run: [CarboniteSetupLite] => C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe [306112 2008-04-07] (Carbonite, Inc.)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [24064 2008-11-06] (Google)
HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [28672 2007-02-20] ( )
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-09-02] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [351968 2014-09-08] ()
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Facebook Update] => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-28] (Facebook Inc.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Google Update] => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-11] (Google Inc.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Advanced SystemCare 6] => C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-04-18] (IObit)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Overwolf] => C:\Program Files\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [BitTorrent] => C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent\BitTorrent.exe [1442904 2015-02-14] (BitTorrent Inc.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Battle.net] => C:\Program Files\Battle.net\Battle.net Launcher.exe [2861104 2015-05-28] (Blizzard Entertainment)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [UM] => C:\Users\Kagan Bagci\AppData\Roaming\Update Manager\UM.EXE
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files\OkayFreedom\OkayFreedomClient.exe [6591912 2015-04-22] (Steganos Software GmbH)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [OKAYFREEDOM_Update] => C:\Program Files\OkayFreedom\Updater.exe [3864488 2015-04-22] (Steganos Software GmbH)
HKU\S-1-5-18\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe
Startup: C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2013-02-09] ()
Startup: C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk [2013-07-15]
ShortcutTarget: Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk -> C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2014-09-02] (AVAST Software)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-410520579-760464469-3575665083-1000] => hxxp://127.0.0.1:8445/okf.pac
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-410520579-760464469-3575665083-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
URLSearchHook: HKLM - (No Name) - {da7f5ae1-3be3-43c0-8098-c1d183616e97} -  No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\.DEFAULT -> {5AB1FAB0-D468-46DF-94F7-109F64BDC9B4} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=FFFEB447-F2F8-4077-85EB-796D5026A171&apn_sauid=E029870B-C567-4E27-8172-ADB38D7B7123
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\.DEFAULT -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-12] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @talk.google.com/O1DPlugin -> C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kagan Bagci\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-01] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Kagan Bagci\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Kagan Bagci\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\searchplugins\suchmaschine.xml [2015-03-20]
FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-03-18]
FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2015-01-21]
FF Extension: Movie2kDownloader - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-11-20]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-12-19]
FF HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [not found]
FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\extensions\ascsurfingprotection@iobit.com [not found]
FF Extension: No Name - C:\Program Files\IObit Apps Toolbar\FF [not found]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-15]
CHR Extension: (Google Search) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-27]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2015-06-17]
CHR Extension: (Google Wallet) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-12-20]
CHR Extension: (Adblock Pro) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-05-27]
CHR Extension: (Adblock Pro) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\odoejnlfacfofgbahnomeeojkkgcglan [2015-05-27]
CHR Extension: (Gmail) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-15]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-02]
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx [2013-03-18]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2010-02-01] (ABBYY)
S3 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-02] (AVAST Software)
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [815104 2008-04-30] (Intel(R) Corporation) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2008-11-06] (Macrovision Europe Ltd.) [File not signed]
S3 GoogleDesktopManager-071508-051939; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [24064 2008-11-06] (Google) [File not signed]
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1848168 2015-03-30] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-03-30] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 OkayFreedom VPN Starter Service; C:\Program Files\OkayFreedom\OkayFreedomService.exe [330168 2015-04-22] (Steganos Software GmbH)
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-04-30] (Intel(R) Corporation) [File not signed]
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118784 2008-01-15] (Wistron Corp.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2013-12-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2013-12-05] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-12-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774392 2013-12-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [403440 2013-12-05] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2013-12-05] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [178304 2013-12-05] ()
S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2013-02-07] (Phoenix Technologies) [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-02-12] (DT Soft Ltd)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [65896 2013-07-12] (FTDI Ltd.)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-06-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy) [File not signed]
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2014-05-07] (Samsung Electronics) [File not signed]
S3 WinRing0_1_2_0; C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [14416 2012-11-13] (OpenLibSys.org)
S2 aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RTHDMIAzAudService; system32\drivers\RtHDMIV.sys [X]
S1 SYMTDI; \SystemRoot\System32\Drivers\SYMTDI.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-17 22:23 - 2015-06-17 22:23 - 00001227 _____ C:\Users\Kagan Bagci\Desktop\Malwarebytes.txt
2015-06-17 21:56 - 2015-06-17 21:57 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-17 21:55 - 2015-06-17 21:55 - 00000902 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-17 21:55 - 2015-06-17 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-17 21:55 - 2015-06-17 21:55 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-06-17 21:55 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-17 21:55 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-17 21:54 - 2015-06-17 21:55 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Kagan Bagci\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-17 21:40 - 2015-06-17 21:40 - 02231296 _____ C:\Users\Kagan Bagci\Downloads\AdwCleaner_4.206.exe
2015-06-17 21:22 - 2015-06-17 21:22 - 00001060 _____ C:\Users\Kagan Bagci\Desktop\Revo Uninstaller.lnk
2015-06-17 21:22 - 2015-06-17 21:22 - 00000000 ____D C:\Program Files\VS Revo Group
2015-06-17 21:21 - 2015-06-17 21:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kagan Bagci\Downloads\revosetup95.exe
2015-06-17 12:22 - 2015-06-17 12:24 - 00068821 _____ C:\Users\Kagan Bagci\Downloads\Addition.txt
2015-06-17 12:21 - 2015-06-17 22:26 - 00025382 _____ C:\Users\Kagan Bagci\Downloads\FRST.txt
2015-06-17 12:21 - 2015-06-17 22:26 - 00000000 ____D C:\FRST
2015-06-17 12:20 - 2015-06-17 12:21 - 01148416 _____ (Farbar) C:\Users\Kagan Bagci\Downloads\FRST (1).exe
2015-06-17 12:19 - 2015-06-17 12:19 - 02109952 _____ (Farbar) C:\Users\Kagan Bagci\Downloads\FRST64 (1).exe
2015-06-16 22:32 - 2015-06-16 22:39 - 00981877 _____ C:\Users\Kagan Bagci\Downloads\FRST.exe
2015-06-15 14:27 - 2015-06-16 15:27 - 00000000 ____D C:\Program Files\Form Filler
2015-06-13 17:52 - 2015-06-13 17:52 - 00001543 _____ C:\Users\Public\Desktop\Unepic.lnk
2015-06-13 17:46 - 2015-06-13 17:50 - 212530976 _____ (GOG.com ) C:\Users\Kagan Bagci\Downloads\setup_unepic_2.8.0.13.exe
2015-06-12 23:20 - 2015-04-24 17:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-12 23:19 - 2015-05-21 16:22 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-12 23:19 - 2015-05-09 01:08 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-12 22:59 - 2015-05-05 00:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-12 22:59 - 2015-05-05 00:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-12 22:59 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-12 22:59 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-12 22:59 - 2015-05-04 23:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 23:15 - 2015-06-13 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-06-10 23:15 - 2015-06-10 23:15 - 00001797 _____ C:\Users\Public\Desktop\Battle Realms Complete (German).lnk
2015-06-10 23:14 - 2015-06-13 17:51 - 00000000 ____D C:\GOG Games
2015-06-10 23:00 - 2015-06-10 23:10 - 554494280 _____ (GOG.com ) C:\Users\Kagan Bagci\Downloads\setup_battle_realms_complete_german_2.0.0.9.exe
2015-06-10 16:35 - 2015-05-31 01:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 16:35 - 2015-05-31 01:53 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 16:35 - 2015-05-31 01:50 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 16:35 - 2015-05-31 01:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 16:35 - 2015-05-31 01:49 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 16:35 - 2015-05-31 01:49 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 16:35 - 2015-05-31 01:49 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 16:35 - 2015-05-31 01:48 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-06-10 16:35 - 2015-05-31 01:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 16:35 - 2015-05-31 01:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 16:35 - 2015-05-31 01:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-06-10 16:35 - 2015-05-31 01:47 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-06-10 16:34 - 2015-05-31 02:03 - 12385280 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 16:34 - 2015-05-31 01:55 - 01809920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 16:34 - 2015-05-31 01:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 16:26 - 2015-06-10 16:26 - 02197648 _____ (Irfan Skiljan) C:\Users\Kagan Bagci\Downloads\iview438g_setup.exe
2015-06-10 16:26 - 2015-06-10 16:26 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2015-06-10 16:26 - 2015-06-10 16:26 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\IrfanView
2015-06-10 16:26 - 2015-06-10 16:26 - 00000000 ____D C:\Program Files\IrfanView
2015-06-03 22:39 - 2015-06-03 22:39 - 35595593 _____ C:\Users\Kagan Bagci\Desktop\Clockwork.zip
2015-06-03 22:29 - 2015-06-03 22:29 - 00180095 _____ C:\Users\Kagan Bagci\Downloads\a4dven6_460sv (1).wmv
2015-06-03 17:37 - 2015-06-03 17:37 - 00638976 _____ C:\Users\Kagan Bagci\Downloads\Detection (1).msi
2015-06-01 15:24 - 2015-06-01 15:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Apocalypse - The Hunt Begins
2015-06-01 14:15 - 2015-06-01 15:05 - 1216383942 _____ (Ultimate Apocalypse Mod Team ) C:\Users\Kagan Bagci\Downloads\Ultimate_Apocalypse_-_The_Hunt_Begins.exe
2015-06-01 13:49 - 2015-06-01 13:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Apocalypse - THB Patch
2015-05-28 19:11 - 2015-05-28 19:11 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\openvr
2015-05-27 13:57 - 2015-06-10 16:06 - 00001966 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-27 13:57 - 2015-05-27 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-27 13:53 - 2015-05-27 13:53 - 00880208 _____ (Google Inc.) C:\Users\Kagan Bagci\Downloads\ChromeSetup.exe
2015-05-27 13:39 - 2015-05-27 15:13 - 00000000 ____D C:\Program Files\Second Home
2015-05-27 13:37 - 2015-06-15 14:27 - 00000000 ____D C:\ProgramData\12105833042991166924
2015-05-27 13:17 - 2015-06-17 21:17 - 00000024 _____ C:\Users\Kagan Bagci\AppData\Roaming\appdataFr25.bin
2015-05-27 11:36 - 2015-06-17 21:51 - 00005220 _____ C:\Windows\PFRO.log
2015-05-26 12:48 - 2015-05-26 12:48 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Samsung
2015-05-26 12:48 - 2015-05-26 12:48 - 00000000 ____D C:\Program Files\Common Files\Common Desktop Agent
2015-05-26 12:47 - 2015-05-26 12:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2015-05-26 12:45 - 2015-05-26 12:48 - 00000000 ____D C:\ProgramData\Samsung
2015-05-26 12:45 - 2015-05-26 12:45 - 00000000 ____D C:\Program Files\SamsungPrinterLiveUpdate
2015-05-26 12:44 - 2015-05-26 12:48 - 00000000 ____D C:\Program Files\Samsung
2015-05-26 12:44 - 2014-10-30 13:43 - 00686896 _____ (Samsung Electronics) C:\Windows\system32\eed_sl.exe
2015-05-26 12:44 - 2014-10-30 13:43 - 00025600 _____ () C:\Windows\system32\sst6clm.dll
2015-05-26 12:44 - 2014-10-30 13:42 - 02284032 _____ C:\Windows\system32\eed_ec.dll
2015-05-26 12:44 - 2014-09-19 00:10 - 00094208 ____N C:\Windows\system32\ssdevm.dll
2015-05-26 12:44 - 2014-03-05 15:59 - 00158040 _____ (SS) C:\Windows\system32\sst6cci.exe
2015-05-26 12:44 - 2014-03-05 15:58 - 00000273 _____ C:\Windows\system32\eed_sl.exe.config
2015-05-26 12:44 - 2013-04-03 16:32 - 00212600 _____ C:\Windows\system32\SBuySupplies.exe
2015-05-26 12:44 - 2012-08-02 13:07 - 04161048 ____N C:\Windows\sst6cA4.prn
2015-05-26 12:44 - 2012-08-02 13:07 - 03701631 ____N C:\Windows\sst6cLTR.prn
2015-05-26 12:44 - 2012-01-09 13:41 - 00000361 _____ C:\Windows\system32\sst6clm.smt
2015-05-26 12:44 - 2012-01-09 13:40 - 00065536 _____ (SS) C:\Windows\system32\sst6cci.dll
2015-05-26 12:41 - 2015-05-26 12:41 - 03439936 _____ C:\Users\Kagan Bagci\Downloads\SamsungPrinterInstaller.exe
2015-05-25 22:13 - 2015-05-25 22:13 - 00006594 _____ C:\Users\Public\Documents\s.t.a.l.k.e.r.ltx
2015-05-24 21:33 - 2015-05-24 21:33 - 00003294 _____ C:\Users\Kagan Bagci\Downloads\PPSSPP_Cheat_Lists.rar
2015-05-23 21:48 - 2015-05-23 21:48 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\AVG
2015-05-23 21:41 - 2015-05-23 21:41 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\Avg
2015-05-23 21:38 - 2015-05-23 21:49 - 00000000 ____D C:\ProgramData\AVG
2015-05-23 21:31 - 2015-05-23 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
2015-05-23 21:31 - 2015-05-23 21:31 - 03067400 _____ C:\Users\Kagan Bagci\Downloads\Setup_MagicISO.exe
2015-05-21 21:29 - 2015-05-21 21:29 - 01384064 _____ (Skype Technologies S.A.) C:\Users\Kagan Bagci\Downloads\SkypeSetup.exe
2015-05-21 21:21 - 2015-05-21 21:21 - 00001236 _____ C:\Users\Kagan Bagci\AppData\Local\recently-used.xbel

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-17 22:16 - 2013-07-09 16:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-17 22:00 - 2012-11-14 23:45 - 00000352 _____ C:\Windows\Tasks\Recovery DVD Creator-Kagan Bagci.job
2015-06-17 22:00 - 2012-11-14 23:45 - 00000352 _____ C:\Windows\Tasks\Erweiterte Garantie-Kagan Bagci.job
2015-06-17 22:00 - 2012-11-14 22:42 - 01891302 _____ C:\Windows\WindowsUpdate.log
2015-06-17 21:56 - 2013-12-05 14:39 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Malwarebytes
2015-06-17 21:56 - 2013-12-05 14:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-17 21:56 - 2013-01-28 13:51 - 00000952 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job
2015-06-17 21:54 - 2015-05-07 20:27 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Steganos VPN
2015-06-17 21:53 - 2014-01-03 02:51 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\LogMeIn Hamachi
2015-06-17 21:52 - 2013-02-15 21:31 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job
2015-06-17 21:52 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-17 21:52 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-17 21:51 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-17 21:48 - 2006-11-02 15:01 - 00032634 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-17 21:45 - 2013-12-05 15:42 - 00000000 ____D C:\AdwCleaner
2015-06-17 21:45 - 2013-08-22 19:05 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-17 21:12 - 2012-11-15 20:24 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-17 13:52 - 2013-02-15 21:31 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job
2015-06-17 12:56 - 2013-01-28 13:51 - 00000930 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job
2015-06-13 23:28 - 2013-01-31 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-13 17:50 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-06-13 17:45 - 2014-10-04 21:07 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent
2015-06-12 23:40 - 2006-11-02 14:47 - 00326632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-12 23:36 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2015-06-12 23:20 - 2008-11-06 13:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-12 23:19 - 2013-11-12 20:36 - 00000000 ____D C:\Windows\system32\MRT
2015-06-12 23:02 - 2006-11-02 12:24 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-06-12 22:57 - 2013-07-09 16:04 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-12 22:57 - 2013-07-09 16:04 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-10 17:11 - 2013-02-10 01:31 - 00000000 ____D C:\Users\Kagan Bagci\Tracing
2015-06-10 17:11 - 2012-11-15 20:08 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Skype
2015-06-10 16:09 - 2012-11-20 14:19 - 00000000 ____D C:\Program Files\Steam
2015-06-03 22:31 - 2015-05-07 19:26 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\ppsspp
2015-06-03 22:31 - 2012-12-25 15:09 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\Schulzeug
2015-06-03 22:31 - 2012-12-20 18:09 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\Musik
2015-06-03 22:30 - 2012-12-25 15:09 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\Bilder
2015-06-03 17:38 - 2012-12-02 19:17 - 00000000 ____D C:\Program Files\SystemRequirementsLab
2015-05-31 21:35 - 2006-11-02 12:33 - 01581308 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-28 20:55 - 2012-11-20 14:19 - 00000000 ____D C:\Program Files\Common Files\Steam
2015-05-28 16:54 - 2015-02-01 18:01 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\Battle.net
2015-05-28 16:15 - 2012-11-25 22:18 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\TS3Client
2015-05-28 16:10 - 2015-02-01 17:59 - 00000000 ____D C:\Program Files\Battle.net
2015-05-27 15:17 - 2012-12-02 00:23 - 00000000 ___RD C:\Users\Kagan Bagci\Desktop\Programme
2015-05-27 13:56 - 2008-11-06 13:37 - 00000000 ____D C:\Program Files\Google
2015-05-27 11:31 - 2013-03-25 21:34 - 00001356 _____ C:\Users\Kagan Bagci\AppData\Local\d3d9caps.dat
2015-05-26 12:45 - 2012-11-14 23:40 - 00000000 ____D C:\Users\Kagan Bagci
2015-05-21 21:31 - 2008-11-06 13:55 - 00000000 ____D C:\ProgramData\Skype
2015-05-21 21:21 - 2012-11-15 20:19 - 00000000 ___RD C:\Program Files\Skype
2015-05-21 17:51 - 2013-02-12 23:05 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\DAEMON Tools Lite
2015-05-21 17:40 - 2014-03-31 22:01 - 00000000 ____D C:\ProgramData\Origin
2015-05-21 17:39 - 2015-01-07 16:15 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\NexonLauncher
2015-05-21 17:39 - 2015-01-07 16:14 - 00000000 ____D C:\Program Files\Nexon
2015-05-21 17:39 - 2014-01-26 23:13 - 00000000 ____D C:\Program Files\MyHeritage
2015-05-21 17:38 - 2014-12-27 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-05-21 17:37 - 2008-11-06 13:12 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-05-21 17:33 - 2015-01-26 18:26 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2015-05-21 17:32 - 2015-01-26 18:37 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-05-21 17:32 - 2015-01-26 17:33 - 00000000 ____D C:\AeriaGames
2015-05-20 15:37 - 2012-11-14 23:49 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Adobe

==================== Files in the root of some directories =======

2015-05-27 13:17 - 2015-06-17 21:17 - 0000024 _____ () C:\Users\Kagan Bagci\AppData\Roaming\appdataFr25.bin
2013-03-25 21:34 - 2015-05-27 11:31 - 0001356 _____ () C:\Users\Kagan Bagci\AppData\Local\d3d9caps.dat
2012-11-15 20:49 - 2013-01-27 00:30 - 0030720 _____ () C:\Users\Kagan Bagci\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-11 20:36 - 2014-01-11 20:36 - 0005567 _____ () C:\Users\Kagan Bagci\AppData\Local\HWVendorDetection.log
2015-05-21 21:21 - 2015-05-21 21:21 - 0001236 _____ () C:\Users\Kagan Bagci\AppData\Local\recently-used.xbel
2013-03-18 21:00 - 2013-03-18 21:00 - 1426411 _____ () C:\Users\Kagan Bagci\AppData\Local\Tempmusic.ogg
2013-02-10 21:23 - 2013-02-10 21:23 - 0509465 _____ () C:\ProgramData\1360516069.bdinstall.bin
2013-03-20 15:48 - 2013-03-20 15:48 - 0227776 _____ () C:\ProgramData\1363787221.bdinstall.bin
2013-07-15 14:56 - 2013-07-15 14:56 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
C:\Users\Kagan Bagci\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Kagan Bagci\AppData\Local\Temp\Quarantine.exe
C:\Users\Kagan Bagci\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Kagan Bagci\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Kagan Bagci\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-17 22:00

==================== End of log ============================
--- --- ---


[CODE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2015
Ran by Kagan Bagci at 2015-06-17 22:28:53
Running from C:\Users\Kagan Bagci\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-410520579-760464469-3575665083-500 - Administrator - Disabled)
Gast (S-1-5-21-410520579-760464469-3575665083-501 - Limited - Disabled)
Kagan Bagci (S-1-5-21-410520579-760464469-3575665083-1000 - Administrator - Enabled) => C:\Users\Kagan Bagci

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
ABBYY PDF Transformer 3.0 (HKLM\...\ABBYY PDF Transformer 3.0) (Version: 3.00.317.68010 - ABBYY)
ABBYY PDF Transformer 3.0 (Version: 3.00.317.68010 - ABBYY) Hidden
Activation Assistant for the 2007 Microsoft Office suites (Version:  - Microsoft Corporation) Hidden
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Photoshop Elements 6 (HKLM\...\AdobePE6) (Version:  - )
Adobe Reader 8 (HKLM\...\AdobeReader) (Version:  - )
Advanced SystemCare 6 (HKLM\...\Advanced SystemCare 6_is1) (Version: 6.2 - IObit)
AGEIA PhysX v8.01.18 (HKLM\...\{A5B5A16D-277A-476B-8F62-1029A2F23072}) (Version: 8.01.18 - AGEIA Technologies, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{0BB178A9-D9F6-4D97-3D43-3CD5B3C9B67D}) (Version: 3.0.682.0 - ATI Technologies, Inc.)
ATI VGA driver Ver V V 8.512 (Version:  - ) Hidden
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2008 - Avast Software)
Battle Realms Complete (German) (HKLM\...\GOGPACKBATTLEREALMS_is1) (Version: 2.0.0.9 - GOG.com)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
BioShock 2 (Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
BitTorrent (HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\BitTorrent) (Version: 7.9.2.38657 - BitTorrent Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Browser Address Error Redirector (Version:  - ) Hidden
Call Of Cthulhu DCoTE (HKLM\...\{E4406ED3-B04C-44F1-ABB4-08775B74934F}) (Version: 1.00.000 - )
Carbonite (HKLM\...\Carbonite) (Version:  - )
ccc-core-static (Version: 2008.0703.2236.38526 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.27 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Community Map packs 1-4 for soulstorm  (HKLM\...\Community_0) (Version:  - )
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cry of Fear (HKLM\...\Steam App 223710) (Version:  - Team Psykskallar)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version:  - FromSoftware)
Dawn of War - Tyranid Mod v0.45SS (HKLM\...\Tyranid_Mod_v04SS) (Version: "0.45SS" - "Team Super Ninja")
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
Dungeon Defenders (HKLM\...\Steam App 65800) (Version:  - Trendy Entertainment)
DVDVideoSoftTB DE Toolbar (HKLM\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Five Nights at Freddy's (HKLM\...\Steam App 319510) (Version:  - Scott Cawthon)
Five Nights at Freddy's 2 (HKLM\...\Steam App 332800) (Version:  - Scott Cawthon)
Gameforge Live 2.0.5 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Goat Simulator (HKLM\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google BAE (HKLM\...\GoogleBAE) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Desktop (Version: 5.7.0807.15159 - Google) Hidden
Google Drive (HKLM\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.)
Google Talk Plugin (HKLM\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Toolbar (HKLM\...\GoogleToolbar) (Version:  - )
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
GoogleDesktop (HKLM\...\GoogleDesktop_XX) (Version:  - )
Half-Life (HKLM\...\Steam App 70) (Version:  - Valve)
Half-Life 2 (HKLM\...\Steam App 220) (Version:  - Valve)
Half-Life: Opposing Force (HKLM\...\Steam App 50) (Version:  - Gearbox)
HDRegDE (HKLM\...\{D359B12F-9B1A-46FD-B70C-F507B5B11590}) (Version: 2.0.0 - Acxiom)
Hearthstone (HKLM\...\Hearthstone) (Version:  - Blizzard Entertainment)
HP Photosmart 5510 series - Grundlegende Software für das Gerät (HKLM\...\{9951F1F7-773D-45FE-B6AE-FDFC481655B1}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Infocentre Rev. 2.0.0.1 (HKLM\...\Infocentre) (Version:  - )
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{26921B2E-3E62-47F9-A514-1FC4A83BD738}) (Version: 12.00.0004 - Intel(R) Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Launch Manager V1.5.3 (HKLM\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.3 - Wistron Corp.)
launch manager Ver 1.5.3 (Version:  - ) Hidden
LG United Mobile Drivers (HKLM\...\{C2944BE7-9BFF-4EF0-A362-CB3281B7C50D}) (Version: 3.6.0.0 - LG Electronics)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Metaboli (HKLM\...\METABOLI) (Version:  - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works 9 (HKLM\...\works9) (Version:  - )
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft® Office 2007 (HKLM\...\OFF2k7_GE) (Version:  - )
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 35.0 (x86 de) (HKLM\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM\...\Nero8) (Version:  - )
Norton Internet Security (HKLM\...\NIS2008_DE) (Version:  - )
OkayFreedom (HKLM\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.5.2 - Steganos Software GmbH)
OpenAL (HKLM\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
ORION: Prelude (HKLM\...\Steam App 104900) (Version:  - Spiral Game Studios)
Packard Bell ImageWriter (HKLM\...\ImageWriter) (Version:  - )
Packard Bell LCD Test (HKLM\...\LCDTest) (Version:  - )
Packard Bell Updator (HKLM\...\Updator) (Version:  - )
Razer Game Booster (HKLM\...\{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}) (Version: 3.5.6.0 - Razer USA Ltd.)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000 - Realtek) Hidden
Realtek cardreader driver Ver6.0.6000.10092 (Version:  - ) Hidden
Realtek High Definition Audio driver Ver6.0.1.5672 (Version:  - ) Hidden
Realtek LAN driver Ver6.206.502.2008 (Version:  - ) Hidden
Realtek USB 2.0 Card Reader (Version:  - Realtek Semiconductor Corp.) Hidden
Repetier-Host Version 0.95D (HKLM\...\{1143F758-929B-4EEB-8784-46CCB622F037}_is1) (Version: 0.95D - repetier)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung CLP-360 Series (HKLM\...\Samsung CLP-360 Series) (Version: 1.20 (16.12.2014) - Samsung Electronics Co., Ltd.)
Samsung Drucker-Diagnose (HKLM\...\Samsung Printer Diagnostics) (Version: 1.0.1.16 - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM\...\Samsung Easy Printer Manager) (Version: 1.05.79.00(26.03.2015) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.1.3.2 - Seagate Technology)
Second Home (HKLM\...\{E370F69F-ED3F-925F-31FC-14D1329A713B}) (Version:  - "")
SetUp My PC (HKLM\...\SETUPMYPC_DE) (Version:  - )
Sichern Sie Ihre Daten (Version:  - Carbonite Inc.) Hidden
Skins (Version: 2008.0703.2236.38526 - ATI) Hidden
Skype 3.6.2.248 (HKLM\...\SKYPE) (Version:  - )
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 7.5 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
Startfenster (HKLM\...\Startfenster) (Version:  - Startfenster)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (Version: 11.1.21.0 - Synaptics) Hidden
Synaptics TouchPad driver Ver 11.1.21.0 (Version:  - ) Hidden
System Requirements Lab CYRI (HKLM\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM\...\{2B204A6B-167C-4C37-B40E-56570C96491E}) (Version: 6.1.4.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM\...\Steam App 105600) (Version:  - Re-Logic)
Torchlight II (HKLM\...\Steam App 200710) (Version:  - Runic Games)
UA Map Pack (HKLM\...\UA Map Pack) (Version:  - )
Ultimate Apocalypse - THB Patch version 1.8.1 (HKLM\...\{2D2D99BC-4565-4A97-85E9-4BFCFE95965A}_is1) (Version: 1.8.1 - Ultimate Apocalypse Mod Team)
Ultimate Apocalypse - The Hunt Begins version 1.8.0 (HKLM\...\{A21FAC0C-E2CD-4A79-A88F-4174EA62451A}_is1) (Version: 1.8.0 - Ultimate Apocalypse Mod Team)
Ultimate Apocalypse mod 1.73 (HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Ultimate Apocalypse mod 1.73) (Version:  - )
Unepic (HKLM\...\1207659227_is1) (Version: 2.8.0.13 - GOG.com)
Unity Web Player (HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Volgarr the Viking v2.0.0.1 1.0 (HKLM\...\Volgarr the Viking v2.0.0.1 1.0) (Version: 1.0 - Cat-A-Cat)
Warhammer 40,000: Dawn of War – Soulstorm (HKLM\...\Steam App 9450) (Version:  - Relic Entertainment)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
World of Warcraft (HKLM\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Xvid 1.1.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi))

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{63D99C74-1867-B00A-B48A-F226B9837657}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.26.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-410520579-760464469-3575665083-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

==================== Restore Points =========================

26-05-2015 12:44:37 Gerätetreiber-Paketinstallation: Samsung Drucker
29-05-2015 19:46:51 Windows Update
02-06-2015 19:31:11 Windows Update
03-06-2015 14:38:19 Geplanter Prüfpunkt
03-06-2015 17:37:56 Installed System Requirements Lab Detection
07-06-2015 20:55:50 Windows Update
10-06-2015 17:02:03 Windows Defender Checkpoint
12-06-2015 22:58:23 Windows Update
16-06-2015 15:39:47 Windows Update
17-06-2015 17:22:36 Geplanter Prüfpunkt
17-06-2015 21:19:45 Software Removal Tool
17-06-2015 21:24:29 Revo Uninstaller's restore point - ColoiuckkFeorSale
17-06-2015 21:26:13 Revo Uninstaller's restore point - ColoiuckkFeorSale
17-06-2015 21:27:17 Revo Uninstaller's restore point - IObit Apps Toolbar v8.3
17-06-2015 21:28:23 Removed IObit Apps Toolbar v8.3.
17-06-2015 21:29:53 Revo Uninstaller's restore point - ColoiuckkFeorSale
17-06-2015 21:31:03 Revo Uninstaller's restore point - PrInceCoupon
17-06-2015 21:32:14 Revo Uninstaller's restore point - QuickShare
17-06-2015 21:33:20 Removed QuickShare
17-06-2015 21:35:31 Revo Uninstaller's restore point - Settings Manager
17-06-2015 21:36:35 Revo Uninstaller's restore point - ShoppierMaaster
17-06-2015 21:37:41 Revo Uninstaller's restore point - SoftwareAlert
17-06-2015 21:38:42 Revo Uninstaller's restore point - WhiteSmoke New V6 Toolbar for IE

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost
::1            localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {420237FD-AF49-42FB-96F7-C643BD150FF1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-02] (AVAST Software)
Task: {4D79B07F-3ADC-475B-A278-7F3E7B10BA44} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4DE81CF0-AEB5-48F0-984A-E9F1D115C877} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-28] (Facebook Inc.)
Task: {61CC9DC8-EC5B-4AAA-936E-385737A03E73} - System32\Tasks\Erweiterte Garantie-Kagan Bagci => C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-02-04] (Packard Bell BV)
Task: {67042091-C4B7-4D01-B99C-8113C89EFCC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-15] (Google Inc.)
Task: {85C2DA55-956B-4054-A27D-58F5B75EBE56} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {8AD7C484-9944-4BE7-B42B-17858E021DBD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-01-23] (Piriform Ltd)
Task: {988F56DC-F274-4C4C-8EA6-BF708CC24CB2} - System32\Tasks\Recovery DVD Creator-Kagan Bagci => C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe [2008-02-04] (Packard Bell BV)
Task: {9B4352D2-DDA9-40A4-A1E0-583C162BD30B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-11] (Google Inc.)
Task: {A59EDF3E-5B9C-47D4-82CD-05DDF035B9CA} - System32\Tasks\{7C7143E3-9922-433E-9333-D7D15C6C71C7} => pcalua.exe -a "C:\Users\Kagan Bagci\Desktop\libusb-win32-filter-bin-0.1.10.1.exe" -d "C:\Users\Kagan Bagci\Desktop"
Task: {B9338F41-8D44-4BB5-8FB4-9FBD26643559} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-15] (Google Inc.)
Task: {BFB85395-DCA3-418B-9699-F594136DF958} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-11] (Google Inc.)
Task: {C6127032-F189-4535-A026-4462F91D8D4F} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {C731D6DA-B4AE-470C-8041-8E544CCC2F67} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe [2012-11-13] ()
Task: {D96479A1-D81E-48BE-9429-1157B7F2612B} - System32\Tasks\{692E16B8-5C7F-4ACC-A311-B180845E0984} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?page=tsProgressBar
Task: {DC57B16D-CE35-499C-9913-257352FB9D6F} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe [2013-04-08] (IObit)
Task: {DDDF64F1-7681-4AD4-B482-8A3E7FA07592} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-28] (Facebook Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Erweiterte Garantie-Kagan Bagci.job => C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Recovery DVD Creator-Kagan Bagci.job => C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe

==================== Loaded Modules (Whitelisted) ==============

2013-03-18 20:42 - 2013-01-15 18:47 - 00517440 _____ () C:\Program Files\IObit\Advanced SystemCare 6\sqlite3.dll
2013-12-05 20:38 - 2014-09-02 12:13 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2008-04-30 20:13 - 2008-04-30 20:13 - 00200704 _____ () C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2015-06-17 12:17 - 2015-06-17 12:17 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15061700\algo.dll
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-08-20 04:25 - 2008-07-04 05:37 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2013-12-05 20:39 - 2014-09-02 12:13 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-08 13:30 - 2014-09-08 13:30 - 00351968 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 13:32 - 2014-09-08 13:32 - 00050688 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2013-03-18 20:42 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madExcept_.bpl
2013-03-18 20:42 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madBasic_.bpl
2013-03-18 20:42 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madDisAsm_.bpl
2008-11-06 13:17 - 2008-11-06 13:17 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2015-06-10 16:06 - 2015-06-05 20:22 - 15003464 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll
2014-04-26 22:52 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-26 22:52 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Kagan Bagci\Downloads\ce4955free.exe:BDU
AlternateDataStreams: C:\Users\Kagan Bagci\Downloads\chromeinstall-7u17.exe:BDU
AlternateDataStreams: C:\Users\Kagan Bagci\Downloads\setup (1).exe:BDU
AlternateDataStreams: C:\Users\Kagan Bagci\Downloads\TERASetup.exe:BDU

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\aeriagames.com -> hxxp://aeriagames.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-410520579-760464469-3575665083-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kagan Bagci\Desktop\2397008-1531880985-RJTni.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{37A4B201-F203-4386-9C96-AE37072F31F1}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{7EC03DDA-38D1-4DFA-9319-072098A30382}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [TCP Query User{07AB1E1E-1C02-4C46-A238-15F1996BF40E}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{C5F6B9AE-AE9F-4220-BAA9-2E1F147A84C9}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [{A81D73E2-D551-418F-B51F-C3D0D94F4208}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{FB5D8F79-4BFD-4BA8-99C7-1BF0D29695DB}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{2DB6A7CC-EAD3-46D8-A62B-9B0559581F73}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{F46C548D-EC46-4D8B-B3C0-14D2A7FC7F9C}C:\program files\runes of magic\client.exe] => (Allow) C:\program files\runes of magic\client.exe
FirewallRules: [UDP Query User{44948248-23E9-4B9B-AC02-B77B7F79D4C4}C:\program files\runes of magic\client.exe] => (Allow) C:\program files\runes of magic\client.exe
FirewallRules: [{AE7327F5-7515-44D9-A5B4-0D59FBE418C0}] => (Allow) LPort=80
FirewallRules: [{F33838AA-7C2E-4F98-B27D-F63B407DA383}] => (Allow) LPort=80
FirewallRules: [{33C1E5CE-0512-4A20-8E78-9BC68A90A9D5}] => (Allow) LPort=80
FirewallRules: [{9DFDC90A-8370-4B7F-B736-D627255537E3}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{34873EEA-32E9-4998-BF27-EC9712AAE121}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{89D21C15-18EA-4C32-8B77-0CBAA8D415CF}] => (Allow) c:\BrickForce\BfLauncher.exe
FirewallRules: [{BF735AE1-4D4D-4632-86C5-2FD949B3AC06}] => (Allow) c:\BrickForce\BrickForce.exe
FirewallRules: [{B6DCF34B-543E-4F52-BF5F-08CAF773BA03}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4464244B-B8DF-40F1-808B-C54DAE5717CD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{21804082-1DC9-499F-9CCD-0D5BBFA1F3BD}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\half-life\hl.exe
FirewallRules: [{6C0C397B-5722-4861-84B0-E916AD2D5C72}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\half-life\hl.exe
FirewallRules: [{4725C7CD-29CA-4EA3-8A02-914962762632}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{1B5F7671-1BD4-4E32-A9A2-118D383D1413}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{821EF3BD-8C42-43B4-AF5B-607801098C7F}] => (Allow) svchost.exe
FirewallRules: [{D3F1DC62-46EA-4186-B2DB-0066E868A5B9}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{1CF6EBC4-753C-4C31-B7F3-97DBA99F9305}C:\users\kagan bagci\desktop\whitefinger1.0\darkplaces.exe] => (Allow) C:\users\kagan bagci\desktop\whitefinger1.0\darkplaces.exe
FirewallRules: [UDP Query User{EC8DFABE-10CB-4C6E-BB3C-529B6D961F1E}C:\users\kagan bagci\desktop\whitefinger1.0\darkplaces.exe] => (Allow) C:\users\kagan bagci\desktop\whitefinger1.0\darkplaces.exe
FirewallRules: [{945630B1-1C22-4F43-B52E-930786277A7B}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{C458B229-3FB9-4BB5-B9D8-8301396AEEBC}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{1F203F08-3E9B-4EF3-A273-1EAD47C7D5FA}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{5A908225-4AA4-4683-BC36-ED80CFC40C03}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{7F7602D7-57A3-4CF4-8F26-D50D13A128AD}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{FFC4382B-43A2-4127-8A22-1C83C5C1C259}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{DF42ED22-AB76-46DC-9D54-81064AE2B93F}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{785C404B-8205-49A6-946A-EB6E1B371B2E}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{93C71602-24B6-4F39-BACE-8AC44F970DD2}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{A14D2050-4A44-477D-AB80-9E0E101CAD1B}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{AB60DCF7-679C-406C-99B9-84ED97CE01DB}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{3DAE4C50-C814-499D-9DA5-17653931910D}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{8365CDDC-FB96-4BAE-8FE9-1D613867096C}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{7F133585-2B74-4D48-A70C-7AC041F9210D}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [TCP Query User{4CDE0EC4-9674-4803-B28A-7A95145BFEF4}C:\users\kagan bagci\desktop\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe] => (Allow) C:\users\kagan bagci\desktop\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe
FirewallRules: [UDP Query User{351F4EE0-4CCD-454E-8C3A-C7C7A9ED340D}C:\users\kagan bagci\desktop\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe] => (Allow) C:\users\kagan bagci\desktop\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe
FirewallRules: [TCP Query User{8BACB417-AF23-4D82-9051-DA81D6DDAC20}C:\users\kagan bagci\desktop\ghoulsforest3dbeta1.3.0\ghouls forest 3d.exe] => (Allow) C:\users\kagan bagci\desktop\ghoulsforest3dbeta1.3.0\ghouls forest 3d.exe
FirewallRules: [UDP Query User{CB459407-E6DB-4E97-BE4D-380343F062E6}C:\users\kagan bagci\desktop\ghoulsforest3dbeta1.3.0\ghouls forest 3d.exe] => (Allow) C:\users\kagan bagci\desktop\ghoulsforest3dbeta1.3.0\ghouls forest 3d.exe
FirewallRules: [{C50026E4-3104-4285-8042-40A831D43BDE}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\garrysmod\hl2.exe
FirewallRules: [{8D003BEA-C3AF-43CF-88B3-E528C62A7A79}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\garrysmod\hl2.exe
FirewallRules: [TCP Query User{98425062-8699-42E3-8500-C10E149BE7BD}C:\udk\forget me not annie\binaries\win32\udk.exe] => (Allow) C:\udk\forget me not annie\binaries\win32\udk.exe
FirewallRules: [UDP Query User{DBC9E44C-37AF-4172-B723-D9E5D62322FB}C:\udk\forget me not annie\binaries\win32\udk.exe] => (Allow) C:\udk\forget me not annie\binaries\win32\udk.exe
FirewallRules: [{9A8E3F26-1B46-449C-B8D6-BEF38EB281E9}] => (Allow) C:\Program Files\Dragon's Prophet\dp_x86.exe
FirewallRules: [{28C771E9-E619-4D09-BC5C-E5B5A95F166A}] => (Allow) C:\Program Files\Dragon's Prophet\dp_x86.exe
FirewallRules: [{66C50E31-5BCC-496D-A2AE-FD5DAB6519F0}] => (Allow) C:\Program Files\Dragon's Prophet\dp_x64.exe
FirewallRules: [{FEEA5A36-6549-44FE-A244-BB42E4DC875B}] => (Allow) C:\Program Files\Dragon's Prophet\launcher.exe
FirewallRules: [{BA5057B0-A777-40E0-A595-6A256BEE57E8}] => (Allow) C:\Program Files\Dragon's Prophet\dp_x64.exe
FirewallRules: [{8B7F8917-3F26-44A8-9629-12A7705E66DD}] => (Allow) C:\Program Files\Dragon's Prophet\launcher.exe
FirewallRules: [TCP Query User{BAFC5699-B6F0-42BD-AA1D-5A30812A0FFD}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{792D8630-F7DE-4178-8CC8-9AAA7BFF4CF9}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{4677CB95-3B03-49E0-B513-111C974DF195}C:\users\kagan bagci\desktop\world_of_tanks\worldoftanks.exe] => (Allow) C:\users\kagan bagci\desktop\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{D48BC7FA-6BA9-4767-B817-30E64667B2A6}C:\users\kagan bagci\desktop\world_of_tanks\worldoftanks.exe] => (Allow) C:\users\kagan bagci\desktop\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{AED913D2-F398-4ADA-9CC2-B95757F2177A}C:\users\kagan bagci\desktop\world_of_tanks\wotlauncher.exe] => (Allow) C:\users\kagan bagci\desktop\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{31F42C98-8B59-4148-B29F-BDD8CB9B93A6}C:\users\kagan bagci\desktop\world_of_tanks\wotlauncher.exe] => (Allow) C:\users\kagan bagci\desktop\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{B0082B91-71C4-4F40-B70F-DDF1AC85FB54}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{08CD6DC4-FE23-4AE5-9F65-34B6FEFF4890}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [{562A6746-9B46-423F-A265-C45962080E11}] => (Allow) C:\Program Files\Gameforge4D\Elsword_DE\data\x2.exe
FirewallRules: [{00C043A5-5188-4532-A75E-1BA457F4C6E0}] => (Allow) C:\Program Files\Gameforge4D\Elsword_DE\data\x2.exe
FirewallRules: [TCP Query User{ECCC19B2-9149-443A-A9D0-C1B6EE51AE9C}C:\program files\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe] => (Allow) C:\program files\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe
FirewallRules: [UDP Query User{9F304512-C240-40C8-A379-7D15895AAC13}C:\program files\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe] => (Allow) C:\program files\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe
FirewallRules: [TCP Query User{C4DAFC5C-B25A-4244-A32C-9538792CBB78}C:\program files\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{E373DD06-A489-4292-9442-AD786F71647D}C:\program files\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [TCP Query User{A1616B0A-9ED1-4DF0-825E-0D570FA37EB8}C:\program files\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{14E2296D-79E4-401B-8AFB-55477C355CD0}C:\program files\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{0820525C-3B0F-4A1F-B6E5-C3C9D2980061}] => (Allow) C:\Program Files\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{DFD2223B-E451-49BB-943A-45DC24EFF775}] => (Allow) C:\Program Files\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{7DAF3C1D-D459-4851-A1D8-0652395A640B}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe
FirewallRules: [{4E5CE63B-660D-46DA-A3A8-40FE329D096E}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{614795C3-D1BB-4FC4-9071-F1C7688E9150}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{521840FE-61EF-4A82-911A-FBE75D89A57A}C:\program files\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) C:\program files\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [UDP Query User{B543D5CB-65EA-442A-993A-0D8C82993DD2}C:\program files\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) C:\program files\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [{3243D382-AA5E-42EA-8872-DFAA7F27FE52}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{F59C80A8-2AED-474A-AD0B-58ED6D78687F}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [TCP Query User{B04414EC-ADA4-4343-94CC-CB6F9F940F49}C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [UDP Query User{F238EED5-DEA4-4007-AFFA-46574F74EBC0}C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [{D5F7FF9A-6644-493B-93B3-59859057A510}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\opposing force\hl.exe
FirewallRules: [{27E0AFD6-736F-4133-9205-8C98642D8DC9}] => (Allow) C:\Program Files\Steam\SteamApps\optimum100\opposing force\hl.exe
FirewallRules: [{4F3B7EE7-9EB9-461B-B74D-C2279D513E70}] => (Allow) C:\Program Files\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{42990F9A-E5D9-4C1A-A1B6-B937D97F7010}] => (Allow) C:\Program Files\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{8A676AE9-BDC5-4760-A1BC-C4B817B547CD}] => (Allow) C:\Program Files\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{AA74E6F5-2AF4-4458-A4E9-AE6B99096DA3}] => (Allow) C:\Program Files\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{FA6B2022-4726-423B-B1C4-36896A269FA3}] => (Allow) C:\Program Files\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{CE4DB209-9A01-4B25-8886-B4706D0369E3}] => (Allow) C:\Program Files\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{3FF9028B-6306-4E7F-B448-09A8115A8DB4}C:\program files\steam\steamapps\common\terraria\terrariaserver.exe] => (Block) C:\program files\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{21AF891A-7361-4D41-980C-E565DBF5A652}C:\program files\steam\steamapps\common\terraria\terrariaserver.exe] => (Block) C:\program files\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{00C479E1-C818-4FF1-BDDD-5E400843DE1E}C:\program files\steam\steam.exe] => (Allow) C:\program files\steam\steam.exe
FirewallRules: [UDP Query User{9168C763-C30B-471C-9657-DA4DBDDC3D82}C:\program files\steam\steam.exe] => (Allow) C:\program files\steam\steam.exe
FirewallRules: [TCP Query User{7E157346-1CD9-4714-96A0-18D425DCEAC6}C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe
FirewallRules: [UDP Query User{6D9F6EC6-FE29-48CD-A87D-DB2426FAA6B3}C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe
FirewallRules: [TCP Query User{9932CFAC-A916-455B-A075-5DE7E9DB12C2}C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe
FirewallRules: [UDP Query User{0F905FC1-8163-4487-A7E6-7B8B526A7AD4}C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\brutal doom mit neuen waffen\zandronum.exe
FirewallRules: [{F46E1BC2-4F69-46D5-9ABE-B83DF194136A}] => (Allow) C:\Program Files\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{EB1A1E9B-8ECD-439E-8CC7-445CAFB97636}] => (Allow) C:\Program Files\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [TCP Query User{90DB0671-B6D4-478B-B1D7-5BDDAF0E8AA3}C:\users\kagan bagci\desktop\spiele und etc\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\spiele und etc\brutal doom mit neuen waffen\zandronum.exe
FirewallRules: [UDP Query User{52380365-8A93-48E4-93F2-27C0B7D063E2}C:\users\kagan bagci\desktop\spiele und etc\brutal doom mit neuen waffen\zandronum.exe] => (Allow) C:\users\kagan bagci\desktop\spiele und etc\brutal doom mit neuen waffen\zandronum.exe
FirewallRules: [{7BDDA3C1-82FE-442D-A50B-50FD4F2CE9D0}] => (Allow) C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{C0B3B7E8-4801-4491-AB45-1E9F8926DEC9}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{0509B901-42E5-4357-9009-F89D827147DE}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{831359BB-DD03-430A-BF68-99480FBA3FBE}] => (Allow) C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{15727555-DCDF-4109-91A0-A3CF0B314B08}] => (Allow) C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{FA84AFB7-C756-482F-BD24-15C3D9D08AC2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8F51A668-FA7E-4F40-B1CC-271404E73F34}] => (Allow) C:\Program Files\GameforgeLive\Games\DEU_deu\Elsword\data\x2.exe
FirewallRules: [{03FF5574-AB3B-48C9-A6B3-14A82A6DBB0E}] => (Allow) C:\Program Files\GameforgeLive\Games\DEU_deu\Elsword\data\x2.exe
FirewallRules: [{8F41CEE4-5CB8-4878-BD03-5823F87FF28E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8D0ED363-69DD-4F02-9324-A3AEE1DAF6A7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{765E88A6-4948-4FB2-937A-4DDB0FF83AEE}C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{5444F18C-06B6-4998-BAB1-F08259B27C71}C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe
FirewallRules: [{2D09BD47-94BC-41AA-BD32-DC5AE596D44E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{6C91CF7A-873A-4EE4-8FC5-8E6A6D9F9FB5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{AADDB1B7-C36B-4F0C-9C94-EE373FE9C08A}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{41B3A67F-56AF-4A55-A3B1-05BBB6EE0CD9}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{7C7B35BB-225C-4847-B751-13F2703E12A1}] => (Allow) C:\Program Files\Steam\SteamApps\common\Five Nights at Freddy's\FiveNightsatFreddys.exe
FirewallRules: [{E02A3374-A816-4BB9-BC22-89FD458B04C8}] => (Allow) C:\Program Files\Steam\SteamApps\common\Five Nights at Freddy's\FiveNightsatFreddys.exe
FirewallRules: [{03AAFD9B-3E6E-4F20-9729-5ED93D950717}] => (Allow) C:\Program Files\Steam\SteamApps\common\Five Nights at Freddy's 2\FiveNightsatFreddys2.exe
FirewallRules: [{6CE98861-02B1-4B29-9B8D-EC6640C0ADC1}] => (Allow) C:\Program Files\Steam\SteamApps\common\Five Nights at Freddy's 2\FiveNightsatFreddys2.exe
FirewallRules: [TCP Query User{016DBACF-289F-458E-A531-2B85769FC8D9}C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{03F4C02D-DC1D-4BD6-BE9B-3CAA4CC5DCBC}C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kagan bagci\appdata\local\akamai\netsession_win.exe
FirewallRules: [{2A53BC7C-6BD7-4F50-AC4F-E1F5BCD7A532}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe
FirewallRules: [{2B4A3B52-344D-4634-954F-D7A98F7C8B6B}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe
FirewallRules: [{49ED5F59-678B-4831-9444-4FBEC937BF85}] => (Allow) C:\Users\Kagan Bagci\AppData\Roaming\Steganos\OkayFreedom\Proxy\node.exe
FirewallRules: [{EAECAEA3-FCFD-4708-A2DD-9CE00AE15804}] => (Allow) C:\Program Files\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{E061B626-9DA7-4606-B079-4AA966E4A8D3}] => (Allow) C:\Program Files\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{D87C2A32-C994-4A07-842E-AB971008DE9F}] => (Allow) C:\Users\KAGANB~1\AppData\Local\Temp\2cc498d0\WebInstallAgent\SPNTInst.exe
FirewallRules: [{6282A914-DD0F-43A4-9B5A-D3FF3C6855CA}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{0BFF20FD-F0DB-4D69-B2F1-ECD5A56DA45E}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{BFD4CFA3-569E-4993-BCD6-3A19FD8B0B42}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{05FEC9DE-A7E6-42F9-8C41-DF9535294F73}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{F7BB2E41-E0F2-4B1C-B8E4-EA695293C3AB}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{A4858C07-7A45-4076-B29D-51174BD23FB4}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{B5704504-CFA1-4612-A4CC-25E28326EA5F}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{A6DDA808-E474-4C92-9C2F-99D1906FBE49}] => (Allow) C:\Program Files\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{BF04E4FE-A929-41E0-AE45-F59728E3289A}] => (Allow) C:\Program Files\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{F40D6676-FEBE-4D47-81EA-E2ED9B6B6DF4}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{B1B553AE-3E19-4B13-AA69-C023568729B6}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{866E40A1-A328-4B96-86C4-4395EEB6F0F6}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{354441E4-36E5-4D32-A705-D704A0A88EC9}] => (Allow) C:\Program Files\Steam\SteamApps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{64BBC013-F4D0-4FEB-B201-5DA8D5478B4A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{AAFBFD6E-2CA7-4619-ACCC-F57A1102E4C4}C:\gog games\battle realms complete (german)\battle_realms_f.exe] => (Allow) C:\gog games\battle realms complete (german)\battle_realms_f.exe
FirewallRules: [UDP Query User{63A5DA41-AFD2-438D-BA2C-7067731A2793}C:\gog games\battle realms complete (german)\battle_realms_f.exe] => (Allow) C:\gog games\battle realms complete (german)\battle_realms_f.exe
FirewallRules: [TCP Query User{197D79CC-177C-46A7-A5C7-E2B3718570EE}C:\gog games\unepic\unepic.exe] => (Allow) C:\gog games\unepic\unepic.exe
FirewallRules: [UDP Query User{E06CEDB6-B292-446A-9B35-A4139C0B55FD}C:\gog games\unepic\unepic.exe] => (Allow) C:\gog games\unepic\unepic.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/17/2015 09:52:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/17/2015 09:38:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Zugriff verweigert

Error: (06/17/2015 09:38:41 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {859b7351-c638-496d-9c00-ca98da7e490e}

Error: (06/17/2015 09:37:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Zugriff verweigert

Error: (06/17/2015 09:37:41 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {859b7351-c638-496d-9c00-ca98da7e490e}

Error: (06/17/2015 09:36:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Zugriff verweigert

Error: (06/17/2015 09:36:35 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {859b7351-c638-496d-9c00-ca98da7e490e}

Error: (06/17/2015 09:35:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Zugriff verweigert

Error: (06/17/2015 09:35:31 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {859b7351-c638-496d-9c00-ca98da7e490e}

Error: (06/17/2015 09:33:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Zugriff verweigert


System errors:
=============
Error: (06/17/2015 09:52:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: SYMTDI

Error: (06/17/2015 09:52:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (06/17/2015 09:52:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: aswFsBlk%%2

Error: (06/17/2015 09:48:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: C:\Windows\System32\IWMSSvc.dll

Error: (06/17/2015 09:48:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: C:\Windows\System32\IWMSSvc.dll

Error: (06/17/2015 09:48:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: C:\Windows\System32\IWMSSvc.dll

Error: (06/17/2015 09:45:33 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: 1Neustart des DienstsWindows Search%%1056

Error: (06/17/2015 09:45:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Live ID Sign-in Assistant2100001Neustart des Diensts

Error: (06/17/2015 09:45:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search2300001Neustart des Diensts

Error: (06/17/2015 09:45:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: OkayFreedom VPN Starter Service101Neustart des Diensts


Microsoft Office:
=========================
Error: (04/09/2013 03:15:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2015-06-17 22:28:33.750
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-17 22:28:33.117
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-17 22:28:32.470
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-17 22:28:31.689
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-17 22:28:30.891
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-17 22:28:30.141
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-17 22:28:29.516
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-17 22:28:29.084
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-17 22:27:16.379
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-17 22:27:15.958
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
Percentage of memory in use: 66%
Total physical RAM: 3065.95 MB
Available physical RAM: 1029.36 MB
Total Pagefile: 8974.2 MB
Available Pagefile: 6767.56 MB
Total Virtual: 2047.88 MB
Available Virtual: 1902.88 MB

==================== Drives ================================

Drive c: (HDD) (Fixed) (Total:286.09 GB) (Free:9.87 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 40FB6491)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=286.1 GB) - (Type=07 NTFS)

==================== End of log ============================
--- --- ---

deeprybka 18.06.2015 08:29
OK.
Bitte Chrome auch mit dem RevoUninstaller deinstallieren (Lesezeichen etc. bei Bedarf vorher sichern) und anschließend neu installieren. Download

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Decypher 18.06.2015 17:10
Mist ich hab ausversehen auf "Deinstallieren sobald das programm geschlossen wird" gedrückt :headbang: ist das schlimm? muss ich wahrscheinlich nochmal machen :kloppen:

deeprybka 18.06.2015 17:50
Ich benötige ein ESET-Scan-Log um Deinen PC mit abschließenden Schritten als "clean" zu deklarieren. Wenn Du keines hast, dies aber möchtest, musst Du den Scan wiederholen.

Decypher 20.06.2015 19:54
Hat zwar ein wenig gedauert aber jetzt hab ichs :applaus:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6c0e55cc920e6048bc7a72d474c067f0
# end=init
# utc_time=2015-06-18 04:08:54
# local_time=2015-06-18 06:08:54 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 24392
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6c0e55cc920e6048bc7a72d474c067f0
# end=updated
# utc_time=2015-06-18 04:13:32
# local_time=2015-06-18 06:13:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=6c0e55cc920e6048bc7a72d474c067f0
# engine=24392
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-18 04:14:15
# local_time=2015-06-18 06:14:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 16748 48378930 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 6476 272176783 0 0
# scanned=1594
# found=110
# cleaned=0
# scan_time=42
sh=261D3F62AD77A3ADCBEACA46AB4168062ADDD3C8 ft=1 fh=42cb818e4edce42d vn="Win32/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Application Updater\ApplicationUpdater.exe.vir"
sh=D1108CCEB7877B93A8A2ADEE47844C87B40C9D14 ft=1 fh=7ad0cc9270c1f31b vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe.vir"
sh=6DC277BCBC8ED53CB4FF49C1A3BE9A6597A10EBB ft=1 fh=4b12bff76bf30a90 vn="Variante von Win64/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\SearchSettings64.exe.vir"
sh=6D7091E72FE35711C31FE0794C598B3AC8479E9C ft=1 fh=ad1557459b8a0630 vn="Win32/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\wth173.dll.vir"
sh=0DE94FDDDBBF711E22120FCAAB2E9AD7D6A171BA ft=1 fh=4210be0b31e324c5 vn="Win64/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\wthx173.dll.vir"
sh=8F5D982D276220C266963B746185CAA91419E31C ft=1 fh=6728511dc7b9809c vn="Variante von Win32/Toolbar.Widgi.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\WidgiHelper.exe.vir"
sh=5D5A6E64337E00C433AA77FD7A4EC2D7D3D19E39 ft=1 fh=e60bc69521bb6059 vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE.dll.vir"
sh=391C67F5886ACA3B1E99E81123BEE5EB36627AF7 ft=1 fh=7da17f23609c54a9 vn="Variante von Win64/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE64.dll.vir"
sh=5ADD8591D40CA5C10494928BE56EC7D2B9A58BAD ft=1 fh=c71c0011a5e75752 vn="Variante von Win32/Adware.MultiPlug.IY Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\mozilla firefox\dbghelp.dll.vir"
sh=EF7B587B1B3B8E44A2CD26F1949A9D208A97E962 ft=1 fh=c71c00113d556818 vn="Variante von Win32/Adware.MultiPlug.KM Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\RoyaalCioaupon\XJuMb9DIwwa9pZ.dll.vir"
sh=A956F41A0EBBF2E79A550BDC2B887191664CD934 ft=1 fh=c71c001137c536f2 vn="Variante von Win32/Adware.MultiPlug.KM Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\RuoyaalCouPPon\LlkoH7WHvNbupX.dll.vir"
sh=42D1387CA070A110C07E056948621CDC4045DF2E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Montiera.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\softonic.crx.vir"
sh=CF9209557CC4828F1A8536F5AF66358A81393A75 ft=1 fh=b354853738a44732 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicApp.dll.vir"
sh=277966AAC8DD994109B77162DB82849EF1FC8D62 ft=1 fh=f7e7b232febc88cd vn="Variante von Win32/Toolbar.Montiera.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicEng.dll.vir"
sh=431CA401E93A36C4FB726D12B16B4CC058A2C770 ft=1 fh=7cd1c9f2502352b3 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\Softonicsrv.exe.vir"
sh=09AD2A1BCD218E1EA91FC53F55CB6A61770E1144 ft=1 fh=0234086e10d7e544 vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll.vir"
sh=54002848ADA82AC181EAC551104FA02E8CBE4585 ft=1 fh=bfddd9982b578fa9 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\uninstall.exe.vir"
sh=54CBEECF2F4AB81622D6708E8A849E3663853F4D ft=1 fh=a481e6d08e557a48 vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\bh\Softonic.dll.vir"
sh=6B875940FA7CAB25BF815290AEB31D3D4C093936 ft=1 fh=fb908d0cf4a7ef13 vn="Variante von Win32/Adware.SpeedingUpMyPC.AE Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\System Optimizer\SysOptReminder.exe.vir"
sh=C4ECD569EC63E6741D5A0BDA7C02AC4B3302C7B9 ft=1 fh=b3ce349f22d4038f vn="Variante von Win32/Adware.Yontoo.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooIEClient.dll.vir"
sh=A17242612886E2DD1A44007D28414A9AA113D54D ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooLayers.crx.vir"
sh=1AFB621BEBA8272ACD2BAC21B50D8885C9D579D1 ft=1 fh=d7a99a71f47706e7 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Conduit\IE\CT3311268\UninstallerUI.exe.vir"
sh=5CA319EBA10412E2FF4A47FD20624385C11A0C2A ft=1 fh=8ad6e907be4811df vn="Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir"
sh=163547419613D9664CBB4044BCAF4C97AE786B92 ft=1 fh=b06d5f9324f48fc5 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\GoogleChromeRemotePlugin.dll.vir"
sh=E214737549AC8E5F5AEA4C9EBB68843D7B78A639 ft=1 fh=c71c00115e31d3cb vn="Win32/Toolbar.Montiera.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_1\CrmAdpt.dll.vir"
sh=57279257E733B05B254033CFED9DF0A9239A0680 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\back.js.vir"
sh=FE84CBB2C8E1A64DBD7AA169A54B6BD98B90B197 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\yl.js.vir"
sh=1602AAF908ABC99CBD837086B899E501407678E3 ft=1 fh=bb8a7004878da8ef vn="Win32/bProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_1\spext.dll.vir"
sh=138306365B84358D195D609A075BFC39B9B1428B ft=1 fh=f761c0ea7db27d0a vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\BrowserHelper.exe.vir"
sh=1A6101B1D3B91EF9BB81A36B0DDCA8D372DEC8B0 ft=1 fh=75b5b383b76a996d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll.vir"
sh=B77D928178242A3A684498A3EFDD201575628821 ft=1 fh=0456242d348f53bd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\MACTrackBarLib.dll.vir"
sh=499F6757DABA08EA2D1D1AC4C1BB2D31C43FDA3D ft=1 fh=0d0f0f29a87c026a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\NDde.dll.vir"
sh=479F5C5C525E131014B0AF382E22FC337F244BFE ft=1 fh=895896cab8bb7f5c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Newtonsoft.Json.dll.vir"
sh=B2C5215194D0A3B74DED9DA5B40E200152B08308 ft=1 fh=da110da08e660bd7 vn="Variante von Win32/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\QuickShare.exe.vir"
sh=49454893B4DF8B41F97CDBBE26B280B5BB48A6FA ft=1 fh=03484c18a35c034e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sgml.dll.vir"
sh=9BB408F581067BAC176320D97D9208A23541DF9E ft=1 fh=4a30aef221430c8d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sidb.dll.vir"
sh=B4EA0C3F51D3632520C8B084915521E1441D19A5 ft=1 fh=6707333c5dc47937 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\siem.dll.vir"
sh=8C4CF4CC51DAD09019A33083EEC36DFE7461642E ft=1 fh=aef43140c8afe34b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sipb.dll.vir"
sh=0A40E25D9C221AD04E14D991F6953DB5A7E0F285 ft=1 fh=dec3a839d69df31c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sismlp.dll.vir"
sh=C1C473B79A777951E84E2D34FC5D3AEC995EA430 ft=1 fh=d46732a1c355133e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll.vir"
sh=E6A188BB6452AAB999F387EC8EA2E58EBFF8EC7F ft=1 fh=bb435a05affd48f6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll.vir"
sh=2283B0C5188BC4F5847E015799A793F64DE3A85C ft=1 fh=2fc3592be36e193b vn="Variante von Win32/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll.vir"
sh=426F3315896304227F522DB04D0FC23EF2D965D1 ft=1 fh=1fb37d5852ace8c1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll.vir"
sh=1A1018B0D7C5EDAAB4AE2B50D46E14C669515ADE ft=1 fh=1acb2541904cd6d1 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll.vir"
sh=83DDB41864711EF47DAA7291345AE086144A7C49 ft=1 fh=d4351245a6e0effe vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll.vir"
sh=E57596F0796389AD80B64285DFB35391C1BDA168 ft=1 fh=5e307d025767861f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll.vir"
sh=7694F2ACDA1D439945E79B83AF8ABD41753E61E9 ft=1 fh=39c3a1a46b95af38 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll.vir"
sh=823D1FE62D5706F4FA381D4C9F3DD90164E544F9 ft=1 fh=579c88745b455954 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll.vir"
sh=C53BE84ECADD184DBCFACFD49D0E819E3AFDDCA6 ft=1 fh=27e41bdf6a6eaf00 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll.vir"
sh=5D6ADED85FFBDDE17C8642C0A2FF3AFD1AE85C7C ft=1 fh=0770bde3605fd87d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir"
sh=EB16BF2E5897D0E6A5782EBE57FAD804ABD3DFCD ft=1 fh=d422a8c885091f98 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll.vir"
sh=BC90DA19B591D551CBA16771BA188A56CC7894CE ft=1 fh=d9446c7b8978f151 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll.vir"
sh=DC186138C06A56B823E340378C838A5F24263904 ft=1 fh=dc267aca4558bbdb vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll.vir"
sh=FC16FAB71211DA4E2089B9CB2AAB04388C0B590D ft=1 fh=b7f14b5be05108db vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.Translations.dll.vir"
sh=7F27169F8C36CD8679D7507A7D422B0E3678CB8D ft=1 fh=bd125a31e7f66b1b vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir"
sh=7F27169F8C36CD8679D7507A7D422B0E3678CB8D ft=1 fh=bd125a31e7f66b1b vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir"
sh=6BCA1BDFE8C4DACEBE4C1894E1BD61FBFCF38456 ft=1 fh=0e651ba86f27b197 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir"
sh=6BCA1BDFE8C4DACEBE4C1894E1BD61FBFCF38456 ft=1 fh=0e651ba86f27b197 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir"
sh=8C0D6FE28B5E0DD7D5E804B3D4FBBAC8F03F773D ft=1 fh=e94602b08f92056b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spbe.dll.vir"
sh=D712288BE2524F8EA6091017AB07B303B5DDB098 ft=1 fh=993ab4d0f35aac4d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spbl.dll.vir"
sh=7BBFF3FD15D0CC2F7A75802FC52C574741E722FC ft=1 fh=0cc32f0cdad0569d vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sppsm.dll.vir"
sh=4C5473ED67C670FCCC1C178203157FD52F342510 ft=1 fh=2787ddd5aaf1729c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spsm.dll.vir"
sh=85A1AA6ADEF607AC0B29237B7C4ADF7E3ADE9A2C ft=1 fh=c11b715d5eb5a515 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spusm.dll.vir"
sh=F128E221F673E14E30E58BAD00DD252348B99F91 ft=1 fh=e0b53d4b84d8c502 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srau.dll.vir"
sh=65EA239D7F0A966798C2F96FAB9A9BB84E8BDE39 ft=1 fh=f338bd82611e2656 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srbhu.dll.vir"
sh=EBF9A657DF00ADE146A72871EAB72A2D9F8A859E ft=1 fh=f467b19db94d54e4 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srbs.dll.vir"
sh=91D8C63B6F560FFA3C186D654289946EB9F6F8BB ft=1 fh=af687a91fbfd1e1e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srgu.dll.vir"
sh=469801D746EA24387C8E599FEA5D577B8ECFFD69 ft=1 fh=730b716e88b0d4b2 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srns.dll.vir"
sh=A5176F76A19DAB29DBFA74E04D0F78BC9D67F77A ft=1 fh=abaf12d621116edc vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srpdm.dll.vir"
sh=E159AD7566CBC88C5EBEF188C434D0967CF0DAE9 ft=1 fh=92be2fe97ad2cfc8 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srprl.dll.vir"
sh=4F8DC5C191CE4F97743EB7FED66BACBC578BEF14 ft=1 fh=74fd4d0571fbf308 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srpu.dll.vir"
sh=999A9BD5342B476150BC07B5E13D5C4499EAB4AF ft=1 fh=d4fa9272351611a1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srsbs.dll.vir"
sh=C999742A026254D41CEED5F481E1426A171AFEF4 ft=1 fh=c5fbc822d2273f5c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srsbsau.dll.vir"
sh=5E411E598212A56FC5DA22EFF2C8330B9867E7B2 ft=1 fh=fd365c7fbfce8a9f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srsl.dll.vir"
sh=039C143CF6FEE46A4259B6F06A0B96650CF319CE ft=1 fh=caf851110c3232ba vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sruhs.dll.vir"
sh=5EC908B0DD66BC1A541E6613B8509687C90B1583 ft=1 fh=5cb414d6e98eca28 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srus.dll.vir"
sh=9AD658B9BD50A65028164D5E754ED3A45DDD4CB7 ft=1 fh=7f200cca02df23f1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srut.dll.vir"
sh=163547419613D9664CBB4044BCAF4C97AE786B92 ft=1 fh=b06d5f9324f48fc5 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir"
sh=C22E6A34201E094AF7203B1380A45047CD2290F4 ft=1 fh=1a823e13833f8d40 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=D8261F22F2013BD19FE1FBBB034C3D968C284561 ft=1 fh=df535ed8c70238de vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=068AB52DA9AAF173AF1EE29B330E0E8FA1EC0E4A ft=1 fh=ca69214df645faab vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=A9B0596015405113EFBBE432ED591A86E66C3054 ft=1 fh=7869b2d0dbc36a89 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=78B95BC91157F14581B0F235BCB86C96AA01326E ft=1 fh=dd06b644de3d6584 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=C7E054C7BA58AE2D703DB29C52346A3ED84FEF57 ft=1 fh=53532950b9749a4f vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_20.dll.vir"
sh=C546BA3CA78F93EB65DCCEA191BC40B9F940E2EA ft=1 fh=6fd80785d353cf5d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_21.dll.vir"
sh=7C15DA5A80F24F0383C992CFB03CF68E95A464B1 ft=1 fh=be427aaf403ae2ff vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_22.dll.vir"
sh=95544372D9D68E8AFAE5E9DA8B07C14CE5406ABB ft=1 fh=dd489ec711c15129 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_23.dll.vir"
sh=BA8871127FB23B24A8963B6A5992DED58259E590 ft=1 fh=65df87dcc97c6ea8 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_24.dll.vir"
sh=C88DAF3FB5D3FEC090233FF251F7F0CFC73EF4CD ft=1 fh=b74c7f4df627386b vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll.vir"
sh=79835663893CEF71393A321A1336DD497552A91A ft=1 fh=adf25d5bf7ec94b4 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=2612D76E70D48D3F85B33D91319FBD8173832068 ft=1 fh=07e612b3cf135c40 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=9C50BB623DC4D6D79ACB6B096D14800F70758CB2 ft=1 fh=8df231744dc93c2c vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=FDC37C1FBC4AE240CA0AFF686462A34762ABF10E ft=1 fh=9d31b7f982979712 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=00DB8B6BB29BD38EF5C44BA8C12C524B21324E4A ft=1 fh=73b6d0fe6da6b329 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=B3B8FCB0F1D58947C691960B4E44D0A121F1D788 ft=1 fh=7e3bdcf0f3151b4b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll.vir"
sh=844F8720231881148C97F4A81EB6319D5933B087 ft=1 fh=cde1db732574e8a8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll.vir"
sh=8DDFCB6C997478408238A2038CCB4BCA347738A8 ft=1 fh=3f7edfe547952741 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.NotepadPlugin.dll.vir"
sh=B037ABC47F49765C6079E265CB74BE1B624FE095 ft=1 fh=7b256b9c849590e5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.ScreenCapturePlugin.dll.vir"
sh=9D574069A4613DE0BDA40CAC4755D1EAA11E9732 ft=1 fh=e16c98e66f1f5d96 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll.vir"
sh=0CD9D3DC96A2164F6E586BFE49AC83C86118B947 ft=1 fh=b412ebb954962174 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll.vir"
sh=2A4C571A314016F107BF3BA533DE0BF325A0EDB1 ft=1 fh=a1f5d2c68585e2b7 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\spup.dll.vir"
sh=C2C7BD3BD6C75D5DBCCA298C785C208AB6C73CF0 ft=1 fh=154117e7567d41ef vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\ldrtbDVD0.dll.vir"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\ldrtbDVDV.dll.vir"
sh=5C684D51F07A183EEA13D66F5C7E9630C48D93B5 ft=1 fh=53be76e80c29ad73 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\tbDVD0.dll.vir"
sh=41CDE566540E31CF556FFC948255F45D4A94EAF8 ft=1 fh=3fb8233a96c1e513 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\tbDVD1.dll.vir"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\tbDVDV.dll.vir"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll.vir"
sh=671E3E4E9E4C9A039D9AD1479A0C91E670AF18E3 ft=1 fh=d643e79c9fb8f862 vn="Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\BabSolution\Shared\BUSolution.dll.vir"
sh=27FBB2161B29148FBC20EBBCF5A07FDCA991026C ft=1 fh=0456e4230d5bc364 vn="Variante von Win32/Toolbar.Babylon.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\BabSolution\Shared\enhancedNT.dll.vir"
sh=E9C2205B9080833744AFB005AD8B135DF6797683 ft=1 fh=4432f897b3140eb0 vn="Variante von Win32/Speedchecker.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\OpenCandy\B9A3DED63D8048079E5EE2DB8350D76E\PCSU_SL_3.1.2.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6c0e55cc920e6048bc7a72d474c067f0
# end=init
# utc_time=2015-06-18 07:25:43
# local_time=2015-06-18 09:25:43 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 24395
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6c0e55cc920e6048bc7a72d474c067f0
# end=updated
# utc_time=2015-06-18 07:26:15
# local_time=2015-06-18 09:26:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=6c0e55cc920e6048bc7a72d474c067f0
# engine=24395
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-18 09:11:28
# local_time=2015-06-18 11:11:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 6930 48396763 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 24309 272194616 0 0
# scanned=124272
# found=116
# cleaned=0
# scan_time=6313
sh=261D3F62AD77A3ADCBEACA46AB4168062ADDD3C8 ft=1 fh=42cb818e4edce42d vn="Win32/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Application Updater\ApplicationUpdater.exe.vir"
sh=D1108CCEB7877B93A8A2ADEE47844C87B40C9D14 ft=1 fh=7ad0cc9270c1f31b vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe.vir"
sh=6DC277BCBC8ED53CB4FF49C1A3BE9A6597A10EBB ft=1 fh=4b12bff76bf30a90 vn="Variante von Win64/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\SearchSettings64.exe.vir"
sh=6D7091E72FE35711C31FE0794C598B3AC8479E9C ft=1 fh=ad1557459b8a0630 vn="Win32/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\wth173.dll.vir"
sh=0DE94FDDDBBF711E22120FCAAB2E9AD7D6A171BA ft=1 fh=4210be0b31e324c5 vn="Win64/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\wthx173.dll.vir"
sh=8F5D982D276220C266963B746185CAA91419E31C ft=1 fh=6728511dc7b9809c vn="Variante von Win32/Toolbar.Widgi.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\WidgiHelper.exe.vir"
sh=5D5A6E64337E00C433AA77FD7A4EC2D7D3D19E39 ft=1 fh=e60bc69521bb6059 vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE.dll.vir"
sh=391C67F5886ACA3B1E99E81123BEE5EB36627AF7 ft=1 fh=7da17f23609c54a9 vn="Variante von Win64/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE64.dll.vir"
sh=5ADD8591D40CA5C10494928BE56EC7D2B9A58BAD ft=1 fh=c71c0011a5e75752 vn="Variante von Win32/Adware.MultiPlug.IY Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\mozilla firefox\dbghelp.dll.vir"
sh=EF7B587B1B3B8E44A2CD26F1949A9D208A97E962 ft=1 fh=c71c00113d556818 vn="Variante von Win32/Adware.MultiPlug.KM Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\RoyaalCioaupon\XJuMb9DIwwa9pZ.dll.vir"
sh=A956F41A0EBBF2E79A550BDC2B887191664CD934 ft=1 fh=c71c001137c536f2 vn="Variante von Win32/Adware.MultiPlug.KM Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\RuoyaalCouPPon\LlkoH7WHvNbupX.dll.vir"
sh=42D1387CA070A110C07E056948621CDC4045DF2E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Montiera.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\softonic.crx.vir"
sh=CF9209557CC4828F1A8536F5AF66358A81393A75 ft=1 fh=b354853738a44732 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicApp.dll.vir"
sh=277966AAC8DD994109B77162DB82849EF1FC8D62 ft=1 fh=f7e7b232febc88cd vn="Variante von Win32/Toolbar.Montiera.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicEng.dll.vir"
sh=431CA401E93A36C4FB726D12B16B4CC058A2C770 ft=1 fh=7cd1c9f2502352b3 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\Softonicsrv.exe.vir"
sh=09AD2A1BCD218E1EA91FC53F55CB6A61770E1144 ft=1 fh=0234086e10d7e544 vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll.vir"
sh=54002848ADA82AC181EAC551104FA02E8CBE4585 ft=1 fh=bfddd9982b578fa9 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\uninstall.exe.vir"
sh=54CBEECF2F4AB81622D6708E8A849E3663853F4D ft=1 fh=a481e6d08e557a48 vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\bh\Softonic.dll.vir"
sh=6B875940FA7CAB25BF815290AEB31D3D4C093936 ft=1 fh=fb908d0cf4a7ef13 vn="Variante von Win32/Adware.SpeedingUpMyPC.AE Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\System Optimizer\SysOptReminder.exe.vir"
sh=C4ECD569EC63E6741D5A0BDA7C02AC4B3302C7B9 ft=1 fh=b3ce349f22d4038f vn="Variante von Win32/Adware.Yontoo.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooIEClient.dll.vir"
sh=A17242612886E2DD1A44007D28414A9AA113D54D ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooLayers.crx.vir"
sh=1AFB621BEBA8272ACD2BAC21B50D8885C9D579D1 ft=1 fh=d7a99a71f47706e7 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Conduit\IE\CT3311268\UninstallerUI.exe.vir"
sh=5CA319EBA10412E2FF4A47FD20624385C11A0C2A ft=1 fh=8ad6e907be4811df vn="Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir"
sh=163547419613D9664CBB4044BCAF4C97AE786B92 ft=1 fh=b06d5f9324f48fc5 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\GoogleChromeRemotePlugin.dll.vir"
sh=E214737549AC8E5F5AEA4C9EBB68843D7B78A639 ft=1 fh=c71c00115e31d3cb vn="Win32/Toolbar.Montiera.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_1\CrmAdpt.dll.vir"
sh=57279257E733B05B254033CFED9DF0A9239A0680 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\back.js.vir"
sh=FE84CBB2C8E1A64DBD7AA169A54B6BD98B90B197 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\yl.js.vir"
sh=1602AAF908ABC99CBD837086B899E501407678E3 ft=1 fh=bb8a7004878da8ef vn="Win32/bProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_1\spext.dll.vir"
sh=138306365B84358D195D609A075BFC39B9B1428B ft=1 fh=f761c0ea7db27d0a vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\BrowserHelper.exe.vir"
sh=1A6101B1D3B91EF9BB81A36B0DDCA8D372DEC8B0 ft=1 fh=75b5b383b76a996d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll.vir"
sh=B77D928178242A3A684498A3EFDD201575628821 ft=1 fh=0456242d348f53bd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\MACTrackBarLib.dll.vir"
sh=499F6757DABA08EA2D1D1AC4C1BB2D31C43FDA3D ft=1 fh=0d0f0f29a87c026a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\NDde.dll.vir"
sh=479F5C5C525E131014B0AF382E22FC337F244BFE ft=1 fh=895896cab8bb7f5c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Newtonsoft.Json.dll.vir"
sh=B2C5215194D0A3B74DED9DA5B40E200152B08308 ft=1 fh=da110da08e660bd7 vn="Variante von Win32/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\QuickShare.exe.vir"
sh=49454893B4DF8B41F97CDBBE26B280B5BB48A6FA ft=1 fh=03484c18a35c034e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sgml.dll.vir"
sh=9BB408F581067BAC176320D97D9208A23541DF9E ft=1 fh=4a30aef221430c8d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sidb.dll.vir"
sh=B4EA0C3F51D3632520C8B084915521E1441D19A5 ft=1 fh=6707333c5dc47937 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\siem.dll.vir"
sh=8C4CF4CC51DAD09019A33083EEC36DFE7461642E ft=1 fh=aef43140c8afe34b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sipb.dll.vir"
sh=0A40E25D9C221AD04E14D991F6953DB5A7E0F285 ft=1 fh=dec3a839d69df31c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sismlp.dll.vir"
sh=C1C473B79A777951E84E2D34FC5D3AEC995EA430 ft=1 fh=d46732a1c355133e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll.vir"
sh=E6A188BB6452AAB999F387EC8EA2E58EBFF8EC7F ft=1 fh=bb435a05affd48f6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll.vir"
sh=2283B0C5188BC4F5847E015799A793F64DE3A85C ft=1 fh=2fc3592be36e193b vn="Variante von Win32/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll.vir"
sh=426F3315896304227F522DB04D0FC23EF2D965D1 ft=1 fh=1fb37d5852ace8c1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll.vir"
sh=1A1018B0D7C5EDAAB4AE2B50D46E14C669515ADE ft=1 fh=1acb2541904cd6d1 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll.vir"
sh=83DDB41864711EF47DAA7291345AE086144A7C49 ft=1 fh=d4351245a6e0effe vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll.vir"
sh=E57596F0796389AD80B64285DFB35391C1BDA168 ft=1 fh=5e307d025767861f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll.vir"
sh=7694F2ACDA1D439945E79B83AF8ABD41753E61E9 ft=1 fh=39c3a1a46b95af38 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll.vir"
sh=823D1FE62D5706F4FA381D4C9F3DD90164E544F9 ft=1 fh=579c88745b455954 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll.vir"
sh=C53BE84ECADD184DBCFACFD49D0E819E3AFDDCA6 ft=1 fh=27e41bdf6a6eaf00 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll.vir"
sh=5D6ADED85FFBDDE17C8642C0A2FF3AFD1AE85C7C ft=1 fh=0770bde3605fd87d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir"
sh=EB16BF2E5897D0E6A5782EBE57FAD804ABD3DFCD ft=1 fh=d422a8c885091f98 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll.vir"
sh=BC90DA19B591D551CBA16771BA188A56CC7894CE ft=1 fh=d9446c7b8978f151 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll.vir"
sh=DC186138C06A56B823E340378C838A5F24263904 ft=1 fh=dc267aca4558bbdb vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll.vir"
sh=FC16FAB71211DA4E2089B9CB2AAB04388C0B590D ft=1 fh=b7f14b5be05108db vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.Translations.dll.vir"
sh=7F27169F8C36CD8679D7507A7D422B0E3678CB8D ft=1 fh=bd125a31e7f66b1b vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir"
sh=7F27169F8C36CD8679D7507A7D422B0E3678CB8D ft=1 fh=bd125a31e7f66b1b vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir"
sh=6BCA1BDFE8C4DACEBE4C1894E1BD61FBFCF38456 ft=1 fh=0e651ba86f27b197 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir"
sh=6BCA1BDFE8C4DACEBE4C1894E1BD61FBFCF38456 ft=1 fh=0e651ba86f27b197 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir"
sh=8C0D6FE28B5E0DD7D5E804B3D4FBBAC8F03F773D ft=1 fh=e94602b08f92056b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spbe.dll.vir"
sh=D712288BE2524F8EA6091017AB07B303B5DDB098 ft=1 fh=993ab4d0f35aac4d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spbl.dll.vir"
sh=7BBFF3FD15D0CC2F7A75802FC52C574741E722FC ft=1 fh=0cc32f0cdad0569d vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sppsm.dll.vir"
sh=4C5473ED67C670FCCC1C178203157FD52F342510 ft=1 fh=2787ddd5aaf1729c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spsm.dll.vir"
sh=85A1AA6ADEF607AC0B29237B7C4ADF7E3ADE9A2C ft=1 fh=c11b715d5eb5a515 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spusm.dll.vir"
sh=F128E221F673E14E30E58BAD00DD252348B99F91 ft=1 fh=e0b53d4b84d8c502 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srau.dll.vir"
sh=65EA239D7F0A966798C2F96FAB9A9BB84E8BDE39 ft=1 fh=f338bd82611e2656 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srbhu.dll.vir"
sh=EBF9A657DF00ADE146A72871EAB72A2D9F8A859E ft=1 fh=f467b19db94d54e4 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srbs.dll.vir"
sh=91D8C63B6F560FFA3C186D654289946EB9F6F8BB ft=1 fh=af687a91fbfd1e1e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srgu.dll.vir"
sh=469801D746EA24387C8E599FEA5D577B8ECFFD69 ft=1 fh=730b716e88b0d4b2 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srns.dll.vir"
sh=A5176F76A19DAB29DBFA74E04D0F78BC9D67F77A ft=1 fh=abaf12d621116edc vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srpdm.dll.vir"
sh=E159AD7566CBC88C5EBEF188C434D0967CF0DAE9 ft=1 fh=92be2fe97ad2cfc8 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srprl.dll.vir"
sh=4F8DC5C191CE4F97743EB7FED66BACBC578BEF14 ft=1 fh=74fd4d0571fbf308 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srpu.dll.vir"
sh=999A9BD5342B476150BC07B5E13D5C4499EAB4AF ft=1 fh=d4fa9272351611a1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srsbs.dll.vir"
sh=C999742A026254D41CEED5F481E1426A171AFEF4 ft=1 fh=c5fbc822d2273f5c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srsbsau.dll.vir"
sh=5E411E598212A56FC5DA22EFF2C8330B9867E7B2 ft=1 fh=fd365c7fbfce8a9f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srsl.dll.vir"
sh=039C143CF6FEE46A4259B6F06A0B96650CF319CE ft=1 fh=caf851110c3232ba vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sruhs.dll.vir"
sh=5EC908B0DD66BC1A541E6613B8509687C90B1583 ft=1 fh=5cb414d6e98eca28 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srus.dll.vir"
sh=9AD658B9BD50A65028164D5E754ED3A45DDD4CB7 ft=1 fh=7f200cca02df23f1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srut.dll.vir"
sh=163547419613D9664CBB4044BCAF4C97AE786B92 ft=1 fh=b06d5f9324f48fc5 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir"
sh=C22E6A34201E094AF7203B1380A45047CD2290F4 ft=1 fh=1a823e13833f8d40 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=D8261F22F2013BD19FE1FBBB034C3D968C284561 ft=1 fh=df535ed8c70238de vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=068AB52DA9AAF173AF1EE29B330E0E8FA1EC0E4A ft=1 fh=ca69214df645faab vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=A9B0596015405113EFBBE432ED591A86E66C3054 ft=1 fh=7869b2d0dbc36a89 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=78B95BC91157F14581B0F235BCB86C96AA01326E ft=1 fh=dd06b644de3d6584 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=C7E054C7BA58AE2D703DB29C52346A3ED84FEF57 ft=1 fh=53532950b9749a4f vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_20.dll.vir"
sh=C546BA3CA78F93EB65DCCEA191BC40B9F940E2EA ft=1 fh=6fd80785d353cf5d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_21.dll.vir"
sh=7C15DA5A80F24F0383C992CFB03CF68E95A464B1 ft=1 fh=be427aaf403ae2ff vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_22.dll.vir"
sh=95544372D9D68E8AFAE5E9DA8B07C14CE5406ABB ft=1 fh=dd489ec711c15129 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_23.dll.vir"
sh=BA8871127FB23B24A8963B6A5992DED58259E590 ft=1 fh=65df87dcc97c6ea8 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_24.dll.vir"
sh=C88DAF3FB5D3FEC090233FF251F7F0CFC73EF4CD ft=1 fh=b74c7f4df627386b vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll.vir"
sh=79835663893CEF71393A321A1336DD497552A91A ft=1 fh=adf25d5bf7ec94b4 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=2612D76E70D48D3F85B33D91319FBD8173832068 ft=1 fh=07e612b3cf135c40 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=9C50BB623DC4D6D79ACB6B096D14800F70758CB2 ft=1 fh=8df231744dc93c2c vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=FDC37C1FBC4AE240CA0AFF686462A34762ABF10E ft=1 fh=9d31b7f982979712 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=00DB8B6BB29BD38EF5C44BA8C12C524B21324E4A ft=1 fh=73b6d0fe6da6b329 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=B3B8FCB0F1D58947C691960B4E44D0A121F1D788 ft=1 fh=7e3bdcf0f3151b4b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll.vir"
sh=844F8720231881148C97F4A81EB6319D5933B087 ft=1 fh=cde1db732574e8a8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll.vir"
sh=8DDFCB6C997478408238A2038CCB4BCA347738A8 ft=1 fh=3f7edfe547952741 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.NotepadPlugin.dll.vir"
sh=B037ABC47F49765C6079E265CB74BE1B624FE095 ft=1 fh=7b256b9c849590e5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.ScreenCapturePlugin.dll.vir"
sh=9D574069A4613DE0BDA40CAC4755D1EAA11E9732 ft=1 fh=e16c98e66f1f5d96 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll.vir"
sh=0CD9D3DC96A2164F6E586BFE49AC83C86118B947 ft=1 fh=b412ebb954962174 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll.vir"
sh=2A4C571A314016F107BF3BA533DE0BF325A0EDB1 ft=1 fh=a1f5d2c68585e2b7 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\spup.dll.vir"
sh=C2C7BD3BD6C75D5DBCCA298C785C208AB6C73CF0 ft=1 fh=154117e7567d41ef vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\ldrtbDVD0.dll.vir"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\ldrtbDVDV.dll.vir"
sh=5C684D51F07A183EEA13D66F5C7E9630C48D93B5 ft=1 fh=53be76e80c29ad73 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\tbDVD0.dll.vir"
sh=41CDE566540E31CF556FFC948255F45D4A94EAF8 ft=1 fh=3fb8233a96c1e513 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\tbDVD1.dll.vir"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\tbDVDV.dll.vir"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll.vir"
sh=671E3E4E9E4C9A039D9AD1479A0C91E670AF18E3 ft=1 fh=d643e79c9fb8f862 vn="Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\BabSolution\Shared\BUSolution.dll.vir"
sh=27FBB2161B29148FBC20EBBCF5A07FDCA991026C ft=1 fh=0456e4230d5bc364 vn="Variante von Win32/Toolbar.Babylon.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\BabSolution\Shared\enhancedNT.dll.vir"
sh=E9C2205B9080833744AFB005AD8B135DF6797683 ft=1 fh=4432f897b3140eb0 vn="Variante von Win32/Speedchecker.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\OpenCandy\B9A3DED63D8048079E5EE2DB8350D76E\PCSU_SL_3.1.2.exe.vir"
sh=97C98A20388FD894B92FD8325545966CA945BCFB ft=1 fh=6121d07ea56d1649 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\OpenCandy\C34109193459454882F8C44BDE1F54A2\Setupsft_chr_p1v7.exe.vir"
sh=6340BF53AC5CA243E6FEB7B5DD2139E8A000E5E1 ft=1 fh=fc968932fc69ca56 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\OpenCandy\F0AE23D2DC4C4761A863CAB5B3ECB5D1\speedupmypcDE.exe.vir"
sh=0FC9DEFEA7028D05F98160C998D700B0CA97DF8A ft=1 fh=6f3e0ceb3150aae5 vn="Variante von Win32/Toolbar.Widgi.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\Update Manager\UM.exe.vir"
sh=5789A7E8DF0F046AD787D20E60937C26DE2823B5 ft=1 fh=e0b21b139133d8fa vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\IObit\Advanced SystemCare 5\asc6_setup_v5tov6-0306.exe"
sh=66AD38356276A82B243291DA69C13821D297E5E0 ft=1 fh=834d59cc4b3df5fa vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\IObit\Advanced SystemCare 6\Toolbar\iobitappsToolbar-stub-1.exe"
sh=9958550255192FCC3D111CCA213A8507F3A43CE3 ft=0 fh=0000000000000000 vn="JS/Adware.Steganos.A Anwendung" ac=I fn="C:\Program Files\OkayFreedom\okayfreedom_ff.xpi"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6c0e55cc920e6048bc7a72d474c067f0
# end=init
# utc_time=2015-06-20 07:23:52
# local_time=2015-06-20 09:23:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 24416
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6c0e55cc920e6048bc7a72d474c067f0
# end=updated
# utc_time=2015-06-20 07:26:09
# local_time=2015-06-20 09:26:09 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=6c0e55cc920e6048bc7a72d474c067f0
# engine=24416
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-20 06:17:27
# local_time=2015-06-20 08:17:27 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 169289 48559122 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 186668 272356975 0 0
# scanned=359844
# found=132
# cleaned=0
# scan_time=39078
sh=261D3F62AD77A3ADCBEACA46AB4168062ADDD3C8 ft=1 fh=42cb818e4edce42d vn="Win32/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Application Updater\ApplicationUpdater.exe.vir"
sh=D1108CCEB7877B93A8A2ADEE47844C87B40C9D14 ft=1 fh=7ad0cc9270c1f31b vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe.vir"
sh=6DC277BCBC8ED53CB4FF49C1A3BE9A6597A10EBB ft=1 fh=4b12bff76bf30a90 vn="Variante von Win64/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\SearchSettings64.exe.vir"
sh=6D7091E72FE35711C31FE0794C598B3AC8479E9C ft=1 fh=ad1557459b8a0630 vn="Win32/Toolbar.Widgi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\wth173.dll.vir"
sh=0DE94FDDDBBF711E22120FCAAB2E9AD7D6A171BA ft=1 fh=4210be0b31e324c5 vn="Win64/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\wthx173.dll.vir"
sh=8F5D982D276220C266963B746185CAA91419E31C ft=1 fh=6728511dc7b9809c vn="Variante von Win32/Toolbar.Widgi.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\WidgiHelper.exe.vir"
sh=5D5A6E64337E00C433AA77FD7A4EC2D7D3D19E39 ft=1 fh=e60bc69521bb6059 vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE.dll.vir"
sh=391C67F5886ACA3B1E99E81123BEE5EB36627AF7 ft=1 fh=7da17f23609c54a9 vn="Variante von Win64/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE64.dll.vir"
sh=5ADD8591D40CA5C10494928BE56EC7D2B9A58BAD ft=1 fh=c71c0011a5e75752 vn="Variante von Win32/Adware.MultiPlug.IY Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\mozilla firefox\dbghelp.dll.vir"
sh=EF7B587B1B3B8E44A2CD26F1949A9D208A97E962 ft=1 fh=c71c00113d556818 vn="Variante von Win32/Adware.MultiPlug.KM Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\RoyaalCioaupon\XJuMb9DIwwa9pZ.dll.vir"
sh=A956F41A0EBBF2E79A550BDC2B887191664CD934 ft=1 fh=c71c001137c536f2 vn="Variante von Win32/Adware.MultiPlug.KM Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\RuoyaalCouPPon\LlkoH7WHvNbupX.dll.vir"
sh=42D1387CA070A110C07E056948621CDC4045DF2E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Montiera.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\softonic.crx.vir"
sh=CF9209557CC4828F1A8536F5AF66358A81393A75 ft=1 fh=b354853738a44732 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicApp.dll.vir"
sh=277966AAC8DD994109B77162DB82849EF1FC8D62 ft=1 fh=f7e7b232febc88cd vn="Variante von Win32/Toolbar.Montiera.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicEng.dll.vir"
sh=431CA401E93A36C4FB726D12B16B4CC058A2C770 ft=1 fh=7cd1c9f2502352b3 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\Softonicsrv.exe.vir"
sh=09AD2A1BCD218E1EA91FC53F55CB6A61770E1144 ft=1 fh=0234086e10d7e544 vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll.vir"
sh=54002848ADA82AC181EAC551104FA02E8CBE4585 ft=1 fh=bfddd9982b578fa9 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\uninstall.exe.vir"
sh=54CBEECF2F4AB81622D6708E8A849E3663853F4D ft=1 fh=a481e6d08e557a48 vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\bh\Softonic.dll.vir"
sh=6B875940FA7CAB25BF815290AEB31D3D4C093936 ft=1 fh=fb908d0cf4a7ef13 vn="Variante von Win32/Adware.SpeedingUpMyPC.AE Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\System Optimizer\SysOptReminder.exe.vir"
sh=C4ECD569EC63E6741D5A0BDA7C02AC4B3302C7B9 ft=1 fh=b3ce349f22d4038f vn="Variante von Win32/Adware.Yontoo.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooIEClient.dll.vir"
sh=A17242612886E2DD1A44007D28414A9AA113D54D ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooLayers.crx.vir"
sh=1AFB621BEBA8272ACD2BAC21B50D8885C9D579D1 ft=1 fh=d7a99a71f47706e7 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Conduit\IE\CT3311268\UninstallerUI.exe.vir"
sh=5CA319EBA10412E2FF4A47FD20624385C11A0C2A ft=1 fh=8ad6e907be4811df vn="Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir"
sh=163547419613D9664CBB4044BCAF4C97AE786B92 ft=1 fh=b06d5f9324f48fc5 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\GoogleChromeRemotePlugin.dll.vir"
sh=E214737549AC8E5F5AEA4C9EBB68843D7B78A639 ft=1 fh=c71c00115e31d3cb vn="Win32/Toolbar.Montiera.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_1\CrmAdpt.dll.vir"
sh=57279257E733B05B254033CFED9DF0A9239A0680 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\back.js.vir"
sh=FE84CBB2C8E1A64DBD7AA169A54B6BD98B90B197 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\yl.js.vir"
sh=1602AAF908ABC99CBD837086B899E501407678E3 ft=1 fh=bb8a7004878da8ef vn="Win32/bProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_1\spext.dll.vir"
sh=138306365B84358D195D609A075BFC39B9B1428B ft=1 fh=f761c0ea7db27d0a vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\BrowserHelper.exe.vir"
sh=1A6101B1D3B91EF9BB81A36B0DDCA8D372DEC8B0 ft=1 fh=75b5b383b76a996d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll.vir"
sh=B77D928178242A3A684498A3EFDD201575628821 ft=1 fh=0456242d348f53bd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\MACTrackBarLib.dll.vir"
sh=499F6757DABA08EA2D1D1AC4C1BB2D31C43FDA3D ft=1 fh=0d0f0f29a87c026a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\NDde.dll.vir"
sh=479F5C5C525E131014B0AF382E22FC337F244BFE ft=1 fh=895896cab8bb7f5c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Newtonsoft.Json.dll.vir"
sh=B2C5215194D0A3B74DED9DA5B40E200152B08308 ft=1 fh=da110da08e660bd7 vn="Variante von Win32/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\QuickShare.exe.vir"
sh=49454893B4DF8B41F97CDBBE26B280B5BB48A6FA ft=1 fh=03484c18a35c034e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sgml.dll.vir"
sh=9BB408F581067BAC176320D97D9208A23541DF9E ft=1 fh=4a30aef221430c8d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sidb.dll.vir"
sh=B4EA0C3F51D3632520C8B084915521E1441D19A5 ft=1 fh=6707333c5dc47937 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\siem.dll.vir"
sh=8C4CF4CC51DAD09019A33083EEC36DFE7461642E ft=1 fh=aef43140c8afe34b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sipb.dll.vir"
sh=0A40E25D9C221AD04E14D991F6953DB5A7E0F285 ft=1 fh=dec3a839d69df31c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sismlp.dll.vir"
sh=C1C473B79A777951E84E2D34FC5D3AEC995EA430 ft=1 fh=d46732a1c355133e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll.vir"
sh=E6A188BB6452AAB999F387EC8EA2E58EBFF8EC7F ft=1 fh=bb435a05affd48f6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll.vir"
sh=2283B0C5188BC4F5847E015799A793F64DE3A85C ft=1 fh=2fc3592be36e193b vn="Variante von Win32/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll.vir"
sh=426F3315896304227F522DB04D0FC23EF2D965D1 ft=1 fh=1fb37d5852ace8c1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll.vir"
sh=1A1018B0D7C5EDAAB4AE2B50D46E14C669515ADE ft=1 fh=1acb2541904cd6d1 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll.vir"
sh=83DDB41864711EF47DAA7291345AE086144A7C49 ft=1 fh=d4351245a6e0effe vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll.vir"
sh=E57596F0796389AD80B64285DFB35391C1BDA168 ft=1 fh=5e307d025767861f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll.vir"
sh=7694F2ACDA1D439945E79B83AF8ABD41753E61E9 ft=1 fh=39c3a1a46b95af38 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll.vir"
sh=823D1FE62D5706F4FA381D4C9F3DD90164E544F9 ft=1 fh=579c88745b455954 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll.vir"
sh=C53BE84ECADD184DBCFACFD49D0E819E3AFDDCA6 ft=1 fh=27e41bdf6a6eaf00 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll.vir"
sh=5D6ADED85FFBDDE17C8642C0A2FF3AFD1AE85C7C ft=1 fh=0770bde3605fd87d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir"
sh=EB16BF2E5897D0E6A5782EBE57FAD804ABD3DFCD ft=1 fh=d422a8c885091f98 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll.vir"
sh=BC90DA19B591D551CBA16771BA188A56CC7894CE ft=1 fh=d9446c7b8978f151 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll.vir"
sh=DC186138C06A56B823E340378C838A5F24263904 ft=1 fh=dc267aca4558bbdb vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll.vir"
sh=FC16FAB71211DA4E2089B9CB2AAB04388C0B590D ft=1 fh=b7f14b5be05108db vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\Smartbar.Resources.Translations.dll.vir"
sh=7F27169F8C36CD8679D7507A7D422B0E3678CB8D ft=1 fh=bd125a31e7f66b1b vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir"
sh=7F27169F8C36CD8679D7507A7D422B0E3678CB8D ft=1 fh=bd125a31e7f66b1b vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir"
sh=6BCA1BDFE8C4DACEBE4C1894E1BD61FBFCF38456 ft=1 fh=0e651ba86f27b197 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir"
sh=6BCA1BDFE8C4DACEBE4C1894E1BD61FBFCF38456 ft=1 fh=0e651ba86f27b197 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir"
sh=8C0D6FE28B5E0DD7D5E804B3D4FBBAC8F03F773D ft=1 fh=e94602b08f92056b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spbe.dll.vir"
sh=D712288BE2524F8EA6091017AB07B303B5DDB098 ft=1 fh=993ab4d0f35aac4d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spbl.dll.vir"
sh=7BBFF3FD15D0CC2F7A75802FC52C574741E722FC ft=1 fh=0cc32f0cdad0569d vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sppsm.dll.vir"
sh=4C5473ED67C670FCCC1C178203157FD52F342510 ft=1 fh=2787ddd5aaf1729c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spsm.dll.vir"
sh=85A1AA6ADEF607AC0B29237B7C4ADF7E3ADE9A2C ft=1 fh=c11b715d5eb5a515 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\spusm.dll.vir"
sh=F128E221F673E14E30E58BAD00DD252348B99F91 ft=1 fh=e0b53d4b84d8c502 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srau.dll.vir"
sh=65EA239D7F0A966798C2F96FAB9A9BB84E8BDE39 ft=1 fh=f338bd82611e2656 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srbhu.dll.vir"
sh=EBF9A657DF00ADE146A72871EAB72A2D9F8A859E ft=1 fh=f467b19db94d54e4 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srbs.dll.vir"
sh=91D8C63B6F560FFA3C186D654289946EB9F6F8BB ft=1 fh=af687a91fbfd1e1e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srgu.dll.vir"
sh=469801D746EA24387C8E599FEA5D577B8ECFFD69 ft=1 fh=730b716e88b0d4b2 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srns.dll.vir"
sh=A5176F76A19DAB29DBFA74E04D0F78BC9D67F77A ft=1 fh=abaf12d621116edc vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srpdm.dll.vir"
sh=E159AD7566CBC88C5EBEF188C434D0967CF0DAE9 ft=1 fh=92be2fe97ad2cfc8 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srprl.dll.vir"
sh=4F8DC5C191CE4F97743EB7FED66BACBC578BEF14 ft=1 fh=74fd4d0571fbf308 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srpu.dll.vir"
sh=999A9BD5342B476150BC07B5E13D5C4499EAB4AF ft=1 fh=d4fa9272351611a1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srsbs.dll.vir"
sh=C999742A026254D41CEED5F481E1426A171AFEF4 ft=1 fh=c5fbc822d2273f5c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srsbsau.dll.vir"
sh=5E411E598212A56FC5DA22EFF2C8330B9867E7B2 ft=1 fh=fd365c7fbfce8a9f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srsl.dll.vir"
sh=039C143CF6FEE46A4259B6F06A0B96650CF319CE ft=1 fh=caf851110c3232ba vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\sruhs.dll.vir"
sh=5EC908B0DD66BC1A541E6613B8509687C90B1583 ft=1 fh=5cb414d6e98eca28 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srus.dll.vir"
sh=9AD658B9BD50A65028164D5E754ED3A45DDD4CB7 ft=1 fh=7f200cca02df23f1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\srut.dll.vir"
sh=163547419613D9664CBB4044BCAF4C97AE786B92 ft=1 fh=b06d5f9324f48fc5 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir"
sh=C22E6A34201E094AF7203B1380A45047CD2290F4 ft=1 fh=1a823e13833f8d40 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=D8261F22F2013BD19FE1FBBB034C3D968C284561 ft=1 fh=df535ed8c70238de vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=068AB52DA9AAF173AF1EE29B330E0E8FA1EC0E4A ft=1 fh=ca69214df645faab vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=A9B0596015405113EFBBE432ED591A86E66C3054 ft=1 fh=7869b2d0dbc36a89 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=78B95BC91157F14581B0F235BCB86C96AA01326E ft=1 fh=dd06b644de3d6584 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=C7E054C7BA58AE2D703DB29C52346A3ED84FEF57 ft=1 fh=53532950b9749a4f vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_20.dll.vir"
sh=C546BA3CA78F93EB65DCCEA191BC40B9F940E2EA ft=1 fh=6fd80785d353cf5d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_21.dll.vir"
sh=7C15DA5A80F24F0383C992CFB03CF68E95A464B1 ft=1 fh=be427aaf403ae2ff vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_22.dll.vir"
sh=95544372D9D68E8AFAE5E9DA8B07C14CE5406ABB ft=1 fh=dd489ec711c15129 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_23.dll.vir"
sh=BA8871127FB23B24A8963B6A5992DED58259E590 ft=1 fh=65df87dcc97c6ea8 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_24.dll.vir"
sh=C88DAF3FB5D3FEC090233FF251F7F0CFC73EF4CD ft=1 fh=b74c7f4df627386b vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll.vir"
sh=79835663893CEF71393A321A1336DD497552A91A ft=1 fh=adf25d5bf7ec94b4 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=2612D76E70D48D3F85B33D91319FBD8173832068 ft=1 fh=07e612b3cf135c40 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=9C50BB623DC4D6D79ACB6B096D14800F70758CB2 ft=1 fh=8df231744dc93c2c vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=FDC37C1FBC4AE240CA0AFF686462A34762ABF10E ft=1 fh=9d31b7f982979712 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=00DB8B6BB29BD38EF5C44BA8C12C524B21324E4A ft=1 fh=73b6d0fe6da6b329 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=B3B8FCB0F1D58947C691960B4E44D0A121F1D788 ft=1 fh=7e3bdcf0f3151b4b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll.vir"
sh=844F8720231881148C97F4A81EB6319D5933B087 ft=1 fh=cde1db732574e8a8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll.vir"
sh=8DDFCB6C997478408238A2038CCB4BCA347738A8 ft=1 fh=3f7edfe547952741 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.NotepadPlugin.dll.vir"
sh=B037ABC47F49765C6079E265CB74BE1B624FE095 ft=1 fh=7b256b9c849590e5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.ScreenCapturePlugin.dll.vir"
sh=9D574069A4613DE0BDA40CAC4755D1EAA11E9732 ft=1 fh=e16c98e66f1f5d96 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll.vir"
sh=0CD9D3DC96A2164F6E586BFE49AC83C86118B947 ft=1 fh=b412ebb954962174 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll.vir"
sh=2A4C571A314016F107BF3BA533DE0BF325A0EDB1 ft=1 fh=a1f5d2c68585e2b7 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Local\Smartbar\Common\ServicesPlugins\spup.dll.vir"
sh=C2C7BD3BD6C75D5DBCCA298C785C208AB6C73CF0 ft=1 fh=154117e7567d41ef vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\ldrtbDVD0.dll.vir"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\ldrtbDVDV.dll.vir"
sh=5C684D51F07A183EEA13D66F5C7E9630C48D93B5 ft=1 fh=53be76e80c29ad73 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\tbDVD0.dll.vir"
sh=41CDE566540E31CF556FFC948255F45D4A94EAF8 ft=1 fh=3fb8233a96c1e513 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\tbDVD1.dll.vir"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\tbDVDV.dll.vir"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\LocalLow\DVDVideoSoftTB_DE\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll.vir"
sh=671E3E4E9E4C9A039D9AD1479A0C91E670AF18E3 ft=1 fh=d643e79c9fb8f862 vn="Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\BabSolution\Shared\BUSolution.dll.vir"
sh=27FBB2161B29148FBC20EBBCF5A07FDCA991026C ft=1 fh=0456e4230d5bc364 vn="Variante von Win32/Toolbar.Babylon.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\BabSolution\Shared\enhancedNT.dll.vir"
sh=E9C2205B9080833744AFB005AD8B135DF6797683 ft=1 fh=4432f897b3140eb0 vn="Variante von Win32/Speedchecker.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\OpenCandy\B9A3DED63D8048079E5EE2DB8350D76E\PCSU_SL_3.1.2.exe.vir"
sh=97C98A20388FD894B92FD8325545966CA945BCFB ft=1 fh=6121d07ea56d1649 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\OpenCandy\C34109193459454882F8C44BDE1F54A2\Setupsft_chr_p1v7.exe.vir"
sh=6340BF53AC5CA243E6FEB7B5DD2139E8A000E5E1 ft=1 fh=fc968932fc69ca56 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\OpenCandy\F0AE23D2DC4C4761A863CAB5B3ECB5D1\speedupmypcDE.exe.vir"
sh=0FC9DEFEA7028D05F98160C998D700B0CA97DF8A ft=1 fh=6f3e0ceb3150aae5 vn="Variante von Win32/Toolbar.Widgi.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kagan Bagci\AppData\Roaming\Update Manager\UM.exe.vir"
sh=5789A7E8DF0F046AD787D20E60937C26DE2823B5 ft=1 fh=e0b21b139133d8fa vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\IObit\Advanced SystemCare 5\asc6_setup_v5tov6-0306.exe"
sh=66AD38356276A82B243291DA69C13821D297E5E0 ft=1 fh=834d59cc4b3df5fa vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\IObit\Advanced SystemCare 6\Toolbar\iobitappsToolbar-stub-1.exe"
sh=9958550255192FCC3D111CCA213A8507F3A43CE3 ft=0 fh=0000000000000000 vn="JS/Adware.Steganos.A Anwendung" ac=I fn="C:\Program Files\OkayFreedom\okayfreedom_ff.xpi"
sh=B1C446D661E804591AE2095447F1FBDEEBFF8EBD ft=0 fh=0000000000000000 vn="JS/Adware.Steganos.A Anwendung" ac=I fn="C:\Users\Kagan Bagci\AppData\Local\Temp\avastBCLTMP\firefox\{db981cca-088e-4731-a4a2-2fe218703c0e}\chrome\okayfreedom_ff.jar"
sh=CEF8BAE91D4D3EC24FD95E5D614F12E61CD10245 ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\user.js"
sh=4BB28A5E8D129F015959CE88E99F3917A663C18F ft=1 fh=d62a0000a626a5b5 vn="JS/Adware.Steganos.A Anwendung" ac=I fn="C:\Users\Kagan Bagci\AppData\Roaming\Steganos Updates\okayfreedom.exe"
sh=774E0EB1B55AB1CE858D486BBB67AF0670AC458C ft=1 fh=bb69c23d0ef354e9 vn="möglicherweise unbekannter Virus NewHeur_PE Virus" ac=I fn="C:\Users\Kagan Bagci\Desktop\Spiele und etc\S.T.A.L.K.E.R. - Call Of Pripyat\soProject\soLauncher.exe"
sh=C7EC31B13CC7D2A5D281B15BDE36B0EB4027CA87 ft=1 fh=7594684219292c68 vn="möglicherweise unbekannter Virus NewHeur_PE Virus" ac=I fn="C:\Users\Kagan Bagci\Desktop\Spiele und etc\S.T.A.L.K.E.R. - Call Of Pripyat\soProject\steam-launcher.exe"
sh=BDB9ADCC6484A7C83FC1BA9C12F8501E1B469F87 ft=1 fh=61b8c62aa949cace vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\cbsidlm-cbsi109-Advanced_SystemCare-BP-10407614.exe"
sh=91A7C4411CFDB4F1AC97F0FAF786027AE27BB84A ft=1 fh=6ff2e91813dee848 vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\dffsetup-zlibwapi.exe"
sh=E78755956D9F693B3CEFA0E02EB7EE8A2DDD6581 ft=1 fh=a4b26a75aa740adc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\FreeVideoToAndroidConverter.exe"
sh=81DBC505DB55ED6075F39B0A27DAEA4126A7AEE5 ft=1 fh=69aea8ae059890d8 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\FreeVideoToDVDConverter.exe"
sh=6A6173915D0A489F5F9458B82D3CAB266C79F818 ft=1 fh=b426ceb2a6a4a874 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\FreeVideoToMP3Converter.exe"
sh=82CB0474E2587422BB78F7FCDE642C502D2A784C ft=1 fh=4c0fd17e59ba3d4a vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\FreeYouTubeToDVDConverter.exe"
sh=E8CD33623287C08C7CC3662A042E45522654BB30 ft=1 fh=7cd3b160b0dbd4bd vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\FreeYouTubeToMP3Converter (1).exe"
sh=A6D4FFD859A883F630DDC41C026A7C48D7C1324D ft=1 fh=23060b6acf7e60a7 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\FreeYouTubeToMP3Converter.exe"
sh=FB436942BE890C679B272EDD4270E78C9D0BBB75 ft=1 fh=fbfa24367d477364 vn="Variante von Win32/ELEX.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\HDfilm (1).exe"
sh=FB436942BE890C679B272EDD4270E78C9D0BBB75 ft=1 fh=fbfa24367d477364 vn="Variante von Win32/ELEX.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\HDfilm.exe"
sh=C263D6F30536106B0BB6022A5A3E287A17C8CAD1 ft=1 fh=28a79725d8987cf4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kagan Bagci\Downloads\MotioninJoy - CHIP-Installer.exe"

schrauber 21.06.2015 09:40
Hi,

deeprybka ist im Urlaub, deswegen übernehme ich ab hier :)

Bitte noch ein frisches FRST log. Gibt es aktuell noch irgendwelche Probleme mit dem System?

Decypher 21.06.2015 12:06
Ah ok danke fürs weiterhelfen :D

Hier der FRST Logtxt :D

Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-06-2015 01
Ran by Kagan Bagci (administrator) on KAGANBAGCI-PC on 21-06-2015 13:03:29
Running from C:\Users\Kagan Bagci\Downloads
Loaded Profiles: Kagan Bagci &  (Available Profiles: Kagan Bagci)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(ABBYY) C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Steganos Software GmbH) C:\Program Files\OkayFreedom\OkayFreedomService.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Akamai Technologies, Inc.) C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Akamai Technologies, Inc.) C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(www.motioninjoy.com) C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Carbonite, Inc.) C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [192512 2008-08-22] (Wistron)
HKLM\...\Run: [LMgrOSD] => C:\Program Files\Launch Manager\OSD.exe [430080 2008-05-16] (Wistron Corp.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1328424 2008-07-03] (Synaptics, Inc.)
HKLM\...\Run: [CarboniteSetupLite] => C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe [306112 2008-04-07] (Carbonite, Inc.)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [24064 2008-11-06] (Google)
HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [28672 2007-02-20] ( )
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-20] (Avast Software s.r.o.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [351968 2014-09-08] ()
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Facebook Update] => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-28] (Facebook Inc.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Google Update] => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-11] (Google Inc.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Advanced SystemCare 6] => C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-04-18] (IObit)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Overwolf] => C:\Program Files\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [BitTorrent] => C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent\BitTorrent.exe [1696104 2015-06-18] (BitTorrent Inc.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [Battle.net] => C:\Program Files\Battle.net\Battle.net Launcher.exe [2860080 2015-06-20] (Blizzard Entertainment)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [UM] => C:\Users\Kagan Bagci\AppData\Roaming\Update Manager\UM.EXE
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files\OkayFreedom\OkayFreedomClient.exe [6591912 2015-04-22] (Steganos Software GmbH)
HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Run: [OKAYFREEDOM_Update] => C:\Program Files\OkayFreedom\Updater.exe [3864488 2015-04-22] (Steganos Software GmbH)
HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Facebook Update] => C:\Users\Kagan Bagci\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-28] (Facebook Inc.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Kagan Bagci\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-11] (Google Inc.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Advanced SystemCare 6] => C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-04-18] (IObit)
HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Overwolf] => C:\Program Files\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BitTorrent] => C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent\BitTorrent.exe [1696104 2015-06-18] (BitTorrent Inc.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Akamai NetSession Interface] => C:\Users\Kagan Bagci\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Battle.net] => C:\Program Files\Battle.net\Battle.net Launcher.exe [2860080 2015-06-20] (Blizzard Entertainment)
HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [UM] => C:\Users\Kagan Bagci\AppData\Roaming\Update Manager\UM.EXE
HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files\OkayFreedom\OkayFreedomClient.exe [6591912 2015-04-22] (Steganos Software GmbH)
HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OKAYFREEDOM_Update] => C:\Program Files\OkayFreedom\Updater.exe [3864488 2015-04-22] (Steganos Software GmbH)
HKU\S-1-5-18\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe
Startup: C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2013-02-09] ()
Startup: C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk [2013-07-15]
ShortcutTarget: Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk -> C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-06-20] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-410520579-760464469-3575665083-1000] => hxxp://127.0.0.1:8445/okf.pac
AutoConfigURL: [S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => hxxp://127.0.0.1:8445/okf.pac
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-410520579-760464469-3575665083-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
URLSearchHook: HKLM - (No Name) - {da7f5ae1-3be3-43c0-8098-c1d183616e97} -  No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\.DEFAULT -> {5AB1FAB0-D468-46DF-94F7-109F64BDC9B4} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=FFFEB447-F2F8-4077-85EB-796D5026A171&apn_sauid=E029870B-C567-4E27-8172-ADB38D7B7123
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-20] (Avast Software s.r.o.)
Toolbar: HKU\.DEFAULT -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-12] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @talk.google.com/O1DPlugin -> C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kagan Bagci\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-01] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kagan Bagci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/GoogleTalkPlugin -> C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/O1DPlugin -> C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Kagan Bagci\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kagan Bagci\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-01] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Kagan Bagci\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Kagan Bagci\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\zigocm5w.default\searchplugins\suchmaschine.xml [2015-03-20]
FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-03-18]
FF Extension: No Name - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2015-01-21]
FF Extension: Movie2kDownloader - C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-11-20]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-12-19]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-05]
FF HKU\S-1-5-21-410520579-760464469-3575665083-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF HKU\S-1-5-21-410520579-760464469-3575665083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff

Chrome:
=======
CHR Profile: C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-15]
CHR Extension: (Google Search) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-15]
CHR Extension: (Avast Online Security) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-27]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2015-06-17]
CHR Extension: (Google Wallet) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-12-20]
CHR Extension: (Adblock Pro) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-05-27]
CHR Extension: (Adblock Pro) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\odoejnlfacfofgbahnomeeojkkgcglan [2015-05-27]
CHR Extension: (Gmail) - C:\Users\Kagan Bagci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-15]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-20]
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx [2013-03-18]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2010-02-01] (ABBYY)
S3 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-20] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-06-20] (Avast Software s.r.o.)
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [815104 2008-04-30] (Intel(R) Corporation) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2008-11-06] (Macrovision Europe Ltd.) [File not signed]
S3 GoogleDesktopManager-071508-051939; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [24064 2008-11-06] (Google) [File not signed]
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1848168 2015-03-30] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-03-30] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 OkayFreedom VPN Starter Service; C:\Program Files\OkayFreedom\OkayFreedomService.exe [330168 2015-04-22] (Steganos Software GmbH)
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-04-30] (Intel(R) Corporation) [File not signed]
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118784 2008-01-15] (Wistron Corp.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-06-20] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26096 2015-06-20] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-06-20] (Avast Software s.r.o.)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2015-06-20] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [253600 2015-06-20] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-06-20] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-06-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-06-20] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-06-20] (Avast Software s.r.o.)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-06-20] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-06-20] ()
S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2013-02-07] (Phoenix Technologies) [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-02-12] (DT Soft Ltd)
S3 eapihdrv; C:\Users\Kagan Bagci\AppData\Local\Temp\ehdrv.sys [135760 2015-06-20] (ESET)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [65896 2013-07-12] (FTDI Ltd.)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-06-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy) [File not signed]
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2014-05-07] (Samsung Electronics) [File not signed]
S3 WinRing0_1_2_0; C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [14416 2012-11-13] (OpenLibSys.org)
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RTHDMIAzAudService; system32\drivers\RtHDMIV.sys [X]
S1 SYMTDI; \SystemRoot\System32\Drivers\SYMTDI.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-21 13:03 - 2015-06-21 13:03 - 00000000 ____D C:\Users\Kagan Bagci\Downloads\FRST-OlderVersion
2015-06-20 21:16 - 2015-06-20 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-20 21:14 - 2015-06-20 21:14 - 00024144 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-06-20 21:14 - 2015-06-20 21:13 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-06-20 21:14 - 2015-06-20 21:13 - 00026096 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-06-20 21:13 - 2015-06-20 21:13 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-06-20 21:12 - 2015-06-20 21:12 - 00012112 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys
2015-06-18 22:34 - 2015-06-18 22:34 - 00001966 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-18 22:34 - 2015-06-18 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-18 22:31 - 2015-06-18 22:31 - 00931408 _____ (Google Inc.) C:\Users\Kagan Bagci\Downloads\ChromeSetup(1).exe
2015-06-18 22:20 - 2015-06-18 22:20 - 00000849 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-06-18 13:35 - 2015-06-18 13:36 - 02870984 _____ (ESET) C:\Users\Kagan Bagci\Downloads\esetsmartinstaller_deu.exe
2015-06-17 22:23 - 2015-06-17 22:23 - 00001227 _____ C:\Users\Kagan Bagci\Desktop\Malwarebytes.txt
2015-06-17 21:56 - 2015-06-20 23:03 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-17 21:55 - 2015-06-17 21:55 - 00000902 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-17 21:55 - 2015-06-17 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-17 21:55 - 2015-06-17 21:55 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-06-17 21:55 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-17 21:55 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-17 21:54 - 2015-06-17 21:55 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Kagan Bagci\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-17 21:40 - 2015-06-17 21:40 - 02231296 _____ C:\Users\Kagan Bagci\Downloads\AdwCleaner_4.206.exe
2015-06-17 21:22 - 2015-06-17 21:22 - 00001060 _____ C:\Users\Kagan Bagci\Desktop\Revo Uninstaller.lnk
2015-06-17 21:22 - 2015-06-17 21:22 - 00000000 ____D C:\Program Files\VS Revo Group
2015-06-17 21:21 - 2015-06-17 21:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kagan Bagci\Downloads\revosetup95.exe
2015-06-17 12:22 - 2015-06-17 22:40 - 00066707 _____ C:\Users\Kagan Bagci\Downloads\Addition.txt
2015-06-17 12:21 - 2015-06-21 13:03 - 00030861 _____ C:\Users\Kagan Bagci\Downloads\FRST.txt
2015-06-17 12:21 - 2015-06-21 13:03 - 00000000 ____D C:\FRST
2015-06-16 22:32 - 2015-06-21 13:03 - 01148928 _____ (Farbar) C:\Users\Kagan Bagci\Downloads\FRST.exe
2015-06-15 14:27 - 2015-06-16 15:27 - 00000000 ____D C:\Program Files\Form Filler
2015-06-13 17:52 - 2015-06-13 17:52 - 00001543 _____ C:\Users\Public\Desktop\Unepic.lnk
2015-06-13 17:46 - 2015-06-13 17:50 - 212530976 _____ (GOG.com ) C:\Users\Kagan Bagci\Downloads\setup_unepic_2.8.0.13.exe
2015-06-12 23:20 - 2015-04-24 17:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-12 23:19 - 2015-05-21 16:22 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-12 23:19 - 2015-05-09 01:08 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-12 22:59 - 2015-05-05 00:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-12 22:59 - 2015-05-05 00:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-12 22:59 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-12 22:59 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-12 22:59 - 2015-05-04 23:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 23:15 - 2015-06-13 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-06-10 23:15 - 2015-06-10 23:15 - 00001797 _____ C:\Users\Public\Desktop\Battle Realms Complete (German).lnk
2015-06-10 23:14 - 2015-06-13 17:51 - 00000000 ____D C:\GOG Games
2015-06-10 23:00 - 2015-06-10 23:10 - 554494280 _____ (GOG.com ) C:\Users\Kagan Bagci\Downloads\setup_battle_realms_complete_german_2.0.0.9.exe
2015-06-10 16:35 - 2015-05-31 01:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 16:35 - 2015-05-31 01:53 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 16:35 - 2015-05-31 01:50 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 16:35 - 2015-05-31 01:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 16:35 - 2015-05-31 01:49 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 16:35 - 2015-05-31 01:49 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 16:35 - 2015-05-31 01:49 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 16:35 - 2015-05-31 01:48 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 16:35 - 2015-05-31 01:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-06-10 16:35 - 2015-05-31 01:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 16:35 - 2015-05-31 01:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 16:35 - 2015-05-31 01:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-06-10 16:35 - 2015-05-31 01:47 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-06-10 16:34 - 2015-05-31 02:03 - 12385280 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 16:34 - 2015-05-31 01:55 - 01809920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 16:34 - 2015-05-31 01:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 16:26 - 2015-06-10 16:26 - 02197648 _____ (Irfan Skiljan) C:\Users\Kagan Bagci\Downloads\iview438g_setup.exe
2015-06-10 16:26 - 2015-06-10 16:26 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2015-06-10 16:26 - 2015-06-10 16:26 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\IrfanView
2015-06-10 16:26 - 2015-06-10 16:26 - 00000000 ____D C:\Program Files\IrfanView
2015-06-03 22:29 - 2015-06-03 22:29 - 00180095 _____ C:\Users\Kagan Bagci\Downloads\a4dven6_460sv (1).wmv
2015-06-03 17:37 - 2015-06-03 17:37 - 00638976 _____ C:\Users\Kagan Bagci\Downloads\Detection (1).msi
2015-06-01 15:24 - 2015-06-01 15:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Apocalypse - The Hunt Begins
2015-06-01 14:15 - 2015-06-01 15:05 - 1216383942 _____ (Ultimate Apocalypse Mod Team ) C:\Users\Kagan Bagci\Downloads\Ultimate_Apocalypse_-_The_Hunt_Begins.exe
2015-06-01 13:49 - 2015-06-01 13:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Apocalypse - THB Patch
2015-05-28 19:11 - 2015-05-28 19:11 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\openvr
2015-05-27 13:53 - 2015-05-27 13:53 - 00880208 _____ (Google Inc.) C:\Users\Kagan Bagci\Downloads\ChromeSetup.exe
2015-05-27 13:39 - 2015-05-27 15:13 - 00000000 ____D C:\Program Files\Second Home
2015-05-27 13:37 - 2015-06-15 14:27 - 00000000 ____D C:\ProgramData\12105833042991166924
2015-05-27 13:17 - 2015-06-17 21:17 - 00000024 _____ C:\Users\Kagan Bagci\AppData\Roaming\appdataFr25.bin
2015-05-27 11:36 - 2015-06-20 22:10 - 00015208 _____ C:\Windows\PFRO.log
2015-05-26 12:48 - 2015-05-26 12:48 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Samsung
2015-05-26 12:48 - 2015-05-26 12:48 - 00000000 ____D C:\Program Files\Common Files\Common Desktop Agent
2015-05-26 12:47 - 2015-05-26 12:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2015-05-26 12:45 - 2015-05-26 12:48 - 00000000 ____D C:\ProgramData\Samsung
2015-05-26 12:45 - 2015-05-26 12:45 - 00000000 ____D C:\Program Files\SamsungPrinterLiveUpdate
2015-05-26 12:44 - 2015-05-26 12:48 - 00000000 ____D C:\Program Files\Samsung
2015-05-26 12:44 - 2014-10-30 13:43 - 00686896 _____ (Samsung Electronics) C:\Windows\system32\eed_sl.exe
2015-05-26 12:44 - 2014-10-30 13:43 - 00025600 _____ () C:\Windows\system32\sst6clm.dll
2015-05-26 12:44 - 2014-10-30 13:42 - 02284032 _____ C:\Windows\system32\eed_ec.dll
2015-05-26 12:44 - 2014-09-19 00:10 - 00094208 ____N C:\Windows\system32\ssdevm.dll
2015-05-26 12:44 - 2014-03-05 15:59 - 00158040 _____ (SS) C:\Windows\system32\sst6cci.exe
2015-05-26 12:44 - 2014-03-05 15:58 - 00000273 _____ C:\Windows\system32\eed_sl.exe.config
2015-05-26 12:44 - 2013-04-03 16:32 - 00212600 _____ C:\Windows\system32\SBuySupplies.exe
2015-05-26 12:44 - 2012-08-02 13:07 - 04161048 ____N C:\Windows\sst6cA4.prn
2015-05-26 12:44 - 2012-08-02 13:07 - 03701631 ____N C:\Windows\sst6cLTR.prn
2015-05-26 12:44 - 2012-01-09 13:41 - 00000361 _____ C:\Windows\system32\sst6clm.smt
2015-05-26 12:44 - 2012-01-09 13:40 - 00065536 _____ (SS) C:\Windows\system32\sst6cci.dll
2015-05-26 12:41 - 2015-05-26 12:41 - 03439936 _____ C:\Users\Kagan Bagci\Downloads\SamsungPrinterInstaller.exe
2015-05-25 22:13 - 2015-05-25 22:13 - 00006594 _____ C:\Users\Public\Documents\s.t.a.l.k.e.r.ltx
2015-05-24 21:33 - 2015-05-24 21:33 - 00003294 _____ C:\Users\Kagan Bagci\Downloads\PPSSPP_Cheat_Lists.rar
2015-05-23 21:48 - 2015-05-23 21:48 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\AVG
2015-05-23 21:41 - 2015-05-23 21:41 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\Avg
2015-05-23 21:38 - 2015-05-23 21:49 - 00000000 ____D C:\ProgramData\AVG
2015-05-23 21:31 - 2015-05-23 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
2015-05-23 21:31 - 2015-05-23 21:31 - 03067400 _____ C:\Users\Kagan Bagci\Downloads\Setup_MagicISO.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-21 13:00 - 2012-11-14 23:45 - 00000352 _____ C:\Windows\Tasks\Recovery DVD Creator-Kagan Bagci.job
2015-06-21 13:00 - 2012-11-14 23:45 - 00000352 _____ C:\Windows\Tasks\Erweiterte Garantie-Kagan Bagci.job
2015-06-21 12:56 - 2013-01-28 13:51 - 00000952 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job
2015-06-21 12:56 - 2013-01-28 13:51 - 00000930 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job
2015-06-21 12:56 - 2012-11-14 22:42 - 01996940 _____ C:\Windows\WindowsUpdate.log
2015-06-21 12:55 - 2013-02-15 21:31 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000UA.job
2015-06-21 12:55 - 2012-11-15 20:24 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-21 12:54 - 2013-07-09 16:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-21 12:53 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-21 12:53 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-20 22:42 - 2012-12-20 18:09 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\Musik
2015-06-20 22:41 - 2014-10-04 21:07 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\BitTorrent
2015-06-20 22:41 - 2014-01-03 02:51 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\LogMeIn Hamachi
2015-06-20 22:41 - 2012-11-15 20:08 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Skype
2015-06-20 22:38 - 2015-02-01 18:01 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Local\Battle.net
2015-06-20 22:19 - 2015-02-01 17:59 - 00000000 ____D C:\Program Files\Battle.net
2015-06-20 22:16 - 2015-05-07 20:27 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Steganos VPN
2015-06-20 22:15 - 2013-02-10 01:31 - 00000000 ____D C:\Users\Kagan Bagci\Tracing
2015-06-20 22:11 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-20 22:08 - 2006-11-02 15:01 - 00032634 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-20 21:14 - 2013-12-05 20:39 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-06-20 21:14 - 2013-12-05 20:39 - 00209048 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-06-20 21:14 - 2013-12-05 20:39 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-06-20 21:14 - 2013-12-05 20:39 - 00057888 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswTdi.sys
2015-06-20 21:14 - 2013-12-05 20:39 - 00055200 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr.sys
2015-06-20 21:14 - 2013-12-05 20:39 - 00049904 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-06-20 21:13 - 2013-12-05 20:39 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-06-20 21:12 - 2013-12-05 21:32 - 00253600 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdis2.sys
2015-06-20 16:45 - 2013-02-15 21:31 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-410520579-760464469-3575665083-1000Core.job
2015-06-18 22:33 - 2008-11-06 13:37 - 00000000 ____D C:\Program Files\Google
2015-06-18 22:32 - 2012-12-25 15:09 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\Bilder
2015-06-17 22:48 - 2008-11-06 21:44 - 00000000 ____D C:\Windows\de-DE
2015-06-17 21:56 - 2013-12-05 14:39 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\Malwarebytes
2015-06-17 21:56 - 2013-12-05 14:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-17 21:45 - 2013-12-05 15:42 - 00000000 ____D C:\AdwCleaner
2015-06-17 21:45 - 2013-08-22 19:05 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-13 23:28 - 2013-01-31 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-13 17:50 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-06-12 23:40 - 2006-11-02 14:47 - 00326632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-12 23:36 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2015-06-12 23:20 - 2008-11-06 13:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-12 23:19 - 2013-11-12 20:36 - 00000000 ____D C:\Windows\system32\MRT
2015-06-12 23:02 - 2006-11-02 12:24 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-06-12 22:57 - 2013-07-09 16:04 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-12 22:57 - 2013-07-09 16:04 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-10 16:09 - 2012-11-20 14:19 - 00000000 ____D C:\Program Files\Steam
2015-06-03 22:31 - 2015-05-07 19:26 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\ppsspp
2015-06-03 22:31 - 2012-12-25 15:09 - 00000000 ____D C:\Users\Kagan Bagci\Desktop\Schulzeug
2015-06-03 17:38 - 2012-12-02 19:17 - 00000000 ____D C:\Program Files\SystemRequirementsLab
2015-05-31 21:35 - 2006-11-02 12:33 - 01581308 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-28 20:55 - 2012-11-20 14:19 - 00000000 ____D C:\Program Files\Common Files\Steam
2015-05-28 16:15 - 2012-11-25 22:18 - 00000000 ____D C:\Users\Kagan Bagci\AppData\Roaming\TS3Client
2015-05-27 15:17 - 2012-12-02 00:23 - 00000000 ___RD C:\Users\Kagan Bagci\Desktop\Programme
2015-05-27 11:31 - 2013-03-25 21:34 - 00001356 _____ C:\Users\Kagan Bagci\AppData\Local\d3d9caps.dat
2015-05-26 12:45 - 2012-11-14 23:40 - 00000000 ____D C:\Users\Kagan Bagci

==================== Files in the root of some directories =======

2015-05-27 13:17 - 2015-06-17 21:17 - 0000024 _____ () C:\Users\Kagan Bagci\AppData\Roaming\appdataFr25.bin
2013-03-25 21:34 - 2015-05-27 11:31 - 0001356 _____ () C:\Users\Kagan Bagci\AppData\Local\d3d9caps.dat
2012-11-15 20:49 - 2013-01-27 00:30 - 0030720 _____ () C:\Users\Kagan Bagci\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-11 20:36 - 2014-01-11 20:36 - 0005567 _____ () C:\Users\Kagan Bagci\AppData\Local\HWVendorDetection.log
2015-05-21 21:21 - 2015-05-21 21:21 - 0001236 _____ () C:\Users\Kagan Bagci\AppData\Local\recently-used.xbel
2013-03-18 21:00 - 2013-03-18 21:00 - 1426411 _____ () C:\Users\Kagan Bagci\AppData\Local\Tempmusic.ogg
2013-02-10 21:23 - 2013-02-10 21:23 - 0509465 _____ () C:\ProgramData\1360516069.bdinstall.bin
2013-03-20 15:48 - 2013-03-20 15:48 - 0227776 _____ () C:\ProgramData\1363787221.bdinstall.bin
2013-07-15 14:56 - 2013-07-15 14:56 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
C:\Users\Kagan Bagci\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Kagan Bagci\AppData\Local\Temp\Quarantine.exe
C:\Users\Kagan Bagci\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Kagan Bagci\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Kagan Bagci\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-20 22:19

==================== End of log ============================

schrauber 22.06.2015 06:32
meine Frage? :)

Decypher 22.06.2015 12:42
Achso ja sry ^^`
Ja also Wenn ich Programme starte dann taucht erst unten in der Leiste das fensterchen auf und dann erst später das ganze aufm Desktop.
Wenn ich schreibe dann kommen manche Buchstaben verzögert.(ist mir grad aufgefallen)
Wenn ich auf Youtube ein Video gucken will verschwindet einige male einfach der Ton aber das Video läuft weiter, oder das video stoppt und der ton läuft weiter .-.
Sind das anzeichen für andere Viren?

schrauber 23.06.2015 05:51
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Program Files\IObit\Advanced SystemCare 5\asc6_setup_v5tov6-0306.exe

C:\Program Files\IObit\Advanced SystemCare 6\Toolbar\iobitappsToolbar-stub-1.exe

C:\Program Files\OkayFreedom\okayfreedom_ff.xpi

C:\Users\Kagan Bagci\AppData\Local\Temp\avastBCLTMP\firefox\{db981cca-088e-4731-a4a2-2fe218703c0e}\chrome\okayfreedom_ff.jar

C:\Users\Kagan Bagci\AppData\Roaming\Mozilla\Firefox\Profiles\user.js

C:\Users\Kagan Bagci\AppData\Roaming\Steganos Updates\okayfreedom.exe

C:\Users\Kagan Bagci\Desktop\Spiele und etc\S.T.A.L.K.E.R. - Call Of Pripyat\soProject\soLauncher.exe

C:\Users\Kagan Bagci\Desktop\Spiele und etc\S.T.A.L.K.E.R. - Call Of Pripyat\soProject\steam-launcher.exe

C:\Users\Kagan Bagci\Downloads\cbsidlm-cbsi109-Advanced_SystemCare-BP-10407614.exe

C:\Users\Kagan Bagci\Downloads\dffsetup-zlibwapi.exe

C:\Users\Kagan Bagci\Downloads\FreeVideoToAndroidConverter.exe

C:\Users\Kagan Bagci\Downloads\FreeVideoToDVDConverter.exe

C:\Users\Kagan Bagci\Downloads\FreeVideoToMP3Converter.exe

C:\Users\Kagan Bagci\Downloads\FreeYouTubeToDVDConverter.exe

C:\Users\Kagan Bagci\Downloads\FreeYouTubeToMP3Converter (1).exe

C:\Users\Kagan Bagci\Downloads\FreeYouTubeToMP3Converter.exe

C:\Users\Kagan Bagci\Downloads\HDfilm (1).exe

C:\Users\Kagan Bagci\Downloads\HDfilm.exe

C:\Users\Kagan Bagci\Downloads\MotioninJoy - CHIP-Installer.exe

RemoveProxy:
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Alle Zeitangaben in WEZ +1. Es ist jetzt 19:20 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131