Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Google youtube Facebook gesperrt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.10.2013, 10:12   #1
Manhhao
 
Google youtube Facebook gesperrt - Standard

Google youtube Facebook gesperrt



Hallo

also kommen wir zum problem
immer wenn ich versuche google youtube facebook zu öffnen
kommt eine seite wo ich ein survey vervollständigen muss.
es handelt sich warscheinlich um eine malware

Alt 26.10.2013, 11:26   #2
aharonov
/// TB-Ausbilder
 
Google youtube Facebook gesperrt - Standard

Google youtube Facebook gesperrt



Hallo,

lass uns mal mit FRST reinschauen, was dir da den Weg versperrt:


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 26.10.2013, 11:46   #3
Manhhao
 
Google youtube Facebook gesperrt - Standard

Google youtube Facebook gesperrt



wo ist der download link da gibt es einen im bild aber es kommt nichts


achso an der seite schon gefunden

achso gefunden


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2013
Ran by Manh hao (administrator) on MANHHAO-PC on 26-10-2013 12:41:01
Running from C:\Users\Manh hao\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corp.) C:\Users\Manh hao\Documents\MSDCSC\msdcsc.exe
(Company) C:\Users\Manh hao\AppData\Roaming\Mining\Mining.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Take-Two Interactive Software, Inc.) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\1_0_0_0\RGSC.exe
() C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe
(Smartbar) C:\Users\Manh hao\AppData\Local\Smartbar\Application\QuickShare.exe
(BitTorrent Inc.) C:\Users\Manh hao\AppData\Roaming\uTorrent\uTorrent.exe
(TeamSpeak Systems GmbH) C:\Users\Manh hao\AppData\Roaming\Mining\coin-miner.exe
() C:\Users\Manh hao\AppData\Local\Temp\SharedReg.exe
() C:\Users\Manh hao\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
(Microsoft Corporation) C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Templates\bootres.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Users\Manh hao\Downloads\FRST64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-16] (Google Inc.)
HKCU\...\Run: [RGSC] - C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [Olympus DSS] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKCU\...\Run: [MicroUpdate] - C:\Users\Manh hao\Documents\MSDCSC\msdcsc.exe [380928 2013-01-27] (Microsoft Corp.)
HKCU\...\Run: [Boot Resource Library] - C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Templates\bootres.exe [14848 2013-09-28] (Microsoft Corporation)
HKCU\...\Run: [Startup] - C:\Users\Manh hao\AppData\Roaming\Mining\Mining.exe [10823 2013-05-12] (Company)
HKCU\...\Run: [8cd98f00b] - C:\Users\Manh hao\AppData\Roaming\8cd98f00b.exe [673792 2013-05-16] (lzoxcQYv)
HKCU\...\Run: [iFunBoxConnector] - C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe [812544 2012-11-20] ()
HKCU\...\Run: [锂劊瞌섥ቾ鄁阢簢滟Ქ裫ꡗ⪒聫뷇╆货箠쉕泞痿独ꁸॅ㠲魹朐뾇ⓒ㫊ꅗ龤隨큝⢴ᒊ⃽쉎騂ᖱ痔ꑺꄮ㟊籲◞ꏚ�䝉䐓梽椫ꙣ⧱⛾쨺꧅啜�⯕⇤] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKCU\...\Run: [SSync] - C:\Users\Manh hao\AppData\Roaming\SSync\SSync.exe [36864 2013-04-10] ()
HKCU\...\Run: [ᩳ欷嗃굻ށ勊ਠ靖摤周䯘⤽쥵ぐ怮쐧筐녃堧䈛隥쥍锞煩룆ᔡ뉒㻬쒅胰䋩α瘄ࠣ惝䴘�ⶴ虽ꢨி敼쁫骻萒㳁劢꿨姍Їᷧ끸ﳅ҄] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKCU\...\Run: [DataMgr] - C:\Users\Manh hao\AppData\Roaming\DataMgr\DataMgr.exe [168848 2013-05-20] (HTTO Group, Ltd.)
HKCU\...\Run: [Browser Infrastructure Helper] - C:\Users\Manh hao\AppData\Local\Smartbar\Application\QuickShare.exe [20248 2013-09-14] (Smartbar)
HKCU\...\Run: [uTorrent] - C:\Users\Manh hao\AppData\Roaming\uTorrent\uTorrent.exe [1052496 2013-02-16] (BitTorrent Inc.)
HKCU\...\Run: [Ƃ诱焱齲ꯜ瀹�姲釛ᢜ豹윾꽕┻퇩찍ﰢἭ뵍恂뺣׬쨌詪╳᳷袿⼗﬇릚蟸ᇡ㎷ථ쀕萁⸦࠳栚ꠄἋ설�慉랼啕祝鵣偪睼ੋ떥獔] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKCU\...\Run: [SCheck] - C:\Users\Manh hao\AppData\Roaming\SCheck\SCheck.exe [36864 2013-04-10] ()
HKCU\...\Run: [Snoozer] - C:\Users\Manh hao\AppData\Roaming\Snz\Snz.exe [1226844 2013-10-11] ()
HKCU\...\Run: [Intermediate] - C:\Users\Manh hao\AppData\Roaming\Intermediate\Intermediate.exe [36864 2013-04-10] ()
HKCU\...\Run: [OMESupervisor] - C:\Users\Manh hao\AppData\Local\omesuperv.exe [2220366 2013-10-11] ()
HKCU\...\Run: [λ嶣䞨㐩࠻亰蝿ꂔঋ㩃햨镸ﳩꭅ葚瑫篈䴌㥬蓴ィ恄尶뙺ꫧ͐챚쩍㲤饱ⶪ�萪컾剳䯶ᒫ鲢欻ﳨ츷햱爅ꡔˣⅇ윐溡삯튮쓑䛩ᮟ듓㴣﷐챣⸪] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKCU\...\Run: [Ꮺꄡ獏僯夏㵛�踲ᓈ愥ॼ�톃칔듌Ⴤ벝ﺧ駋웝閯҄ﭜ鎆৫�㘈顖礰⹯ቤ꒛�ꩣ瘣௟뭩�㥲�흶晗漢낔鐁ﹿ옉죭襝변䉌㠡嚻㹶䍅沔] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKCU\...\Run: [AppsHat] - C:\Users\Manh hao\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [202752 2012-10-26] ()
HKCU\...\Policies\Explorer: [TaskbarNoNotification] 1
HKCU\...\Policies\Explorer: [HideSCAHealth] 1
MountPoints2: {4a95f31e-7825-11e2-8457-8120fbc7507b} - E:\Autorun.exe
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345312 2013-03-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Olympus DSS] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2236816 2013-06-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2345296 2013-10-01] (LogMeIn Inc.)
HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2011-11-29] (CyberLink Corp.)
HKU\Mama\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-16] (Google Inc.)
HKU\Mama\...\Run: [Olympus DSS] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKU\Mama\...\Run: [Startup] - C:\Users\Mama\AppData\Roaming\Mining\mineamillion.exe [93302 2013-04-28] (Cattlescotch)
HKU\Mama\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
HKU\Mama\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\Mama\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
HKU\Papa\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-16] (Google Inc.)
HKU\Papa\...\Run: [IDMan] - C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
HKU\Papa\...\Run: [Olympus DSS] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKU\Papa\...\Run: [贾樮摛䋋ꇺ멊䣫䢻��鄞涅ꭠ簃偠瘏烕Ȣ윟Փ䧖㴎魫됬ᓻ䜷όꗎ賵␑嬍ᡜ㰉뢽ू⛎덩鬴⨬稢官茏�ꦺ쉺蝶뒄�ꊒꟂ⅛ை䯄뜻裸撬謹ᖆ㠯҃嘰] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKU\Papa\...\Run: [] - C:\Users\Papa\AppData\Roaming\\Loader.exe [15360 2013-07-12] ()
HKU\Papa\...\Run: [�蠀꥜ႅ䲇憏㬚ꢛ㻲萪떶㸧༱ﺧඣ筗ꢒ䁉䯕筣싽ḥ�㛈嶝덖㺤먫旔葊罯솫�ꨪلᇀƣ�禙ㅋ猌嘌㔤ᓲ懣ᡡ砟㎘�㌶뀕妕⤞痗뙐] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKU\Papa\...\Run: [Browser Infrastructure Helper] - C:\Users\Papa\AppData\Local\Smartbar\Application\Smartbar.exe [13824 2013-02-20] (Smartbar)
HKU\Papa\...\Run: [쩥蟐䊜☟⑿㥭椇ꄜ뮨⅌ാ떵㎡脇碘빣瑓喺뤹鴐ꉶᧇ䬿튵㧗⏗泸⦧嫮쩥꿊㺛ࣇאָ琥㓇倉쏻㹊寂戨䑵ꛨ레㫃嗵磕泮㤿멠⬈跉蹅鶖迴뷗鈐ḇ] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKU\Papa\...\Run: [iFunBoxConnector] - C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe [812544 2012-11-20] ()
HKU\Selina\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-16] (Google Inc.)
HKU\Selina\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\Selina\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272624 2013-02-05] (Microsoft Corporation)
HKU\Selina\...\Run: [Protection Agent] - C:\ProgramData\Protection Enforcement Module0\ntibcpsaq.exe [1117494 2013-09-10] (ICERAMBOY)
HKU\Selina\...\Run: [Olympus DSS] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKU\Selina\...\Run: [iFunBoxConnector] - C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe [812544 2012-11-20] ()
HKU\Selina\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
AppInit_DLLs:     [0 ] ()
AppInit_DLLs-x32:   c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll  [2704352 2013-10-08] ()
IMEO\bitguard.exe: [Debugger] tasklist.exe
IMEO\bprotect.exe: [Debugger] tasklist.exe
IMEO\browserdefender.exe: [Debugger] tasklist.exe
IMEO\browserprotect.exe: [Debugger] tasklist.exe
IMEO\hijackthis.exe: [Debugger] _.exe
IMEO\housecalllauncher.exe: [Debugger] fxdd_.exe
IMEO\mbam.exe: [Debugger] doj_.exe
IMEO\mbamgui.exe: [Debugger] nkdas_.exe
IMEO\rstrui.exe: [Debugger] _.exe
IMEO\spybotsd.exe: [Debugger] uurst_.exe
Startup: C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\blueincarnations.vbs ()
Startup: C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\blueincarnations.vbs ()
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe.lnk
ShortcutTarget: Adobe.lnk -> C:\Users\Manh hao\AppData\Roaming\data\Adobe.vbs (No File)
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Buefairy.vbs ()
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Deferneder.vbs ()
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Searchindexer.exe ()
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Svchost.exe.lnk
ShortcutTarget: Svchost.exe.lnk -> C:\Users\Manh hao\AppData\Local\Temp\RarSFX32\Svchost.exe (No File)
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Usbport.exe ()
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Usbsupply.exe ()
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\windowsdll.exe.lnk
ShortcutTarget: windowsdll.exe.lnk -> C:\Users\Manh hao\AppData\Local\Temp\RarSFX32\windowsdll.exe (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=5cf79b0f-85c8-4c40-b01b-f818a3069e20&searchtype=ds&q={searchTerms}&installDate=24/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=5cf79b0f-85c8-4c40-b01b-f818a3069e20&searchtype=hp&installDate=24/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x01554D8E2A06CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=42820&st=home&tid=3347
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=42820&tid=3347&st=bs&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=5cf79b0f-85c8-4c40-b01b-f818a3069e20&searchtype=ds&q={searchTerms}&installDate=24/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=F8A600FF33C882A8&affID=122304&tt=180613_ndt1&tsp=4921
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=tugumsd&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyEtCzytB0D0FtB0AtC0BtN0D0Tzu0CyDtCtDtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=1742042479&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=42820&tid=3347&st=bs&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.pur-esult.info/?pid=726&r=2013/09/27&hid=2090508738147741377&lg=EN&cc=DE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=42820&tid=3347&st=bs&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=42820&st=home&tid=3347
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=42820&tid=3347&st=bs&q=
URLSearchHook: HKCU - (No Name) - {539F76FD-084E-4858-86D5-62F02F54AE86} -  No File
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tugumsd&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyEtCzytB0D0FtB0AtC0BtN0D0Tzu0CyDtCtDtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=1742042479&ir=
SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://search.certified-toolbar.com?si=42820&st=bs&tid=3347&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tugumsd&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyEtCzytB0D0FtB0AtC0BtN0D0Tzu0CyDtCtDtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=1742042479&ir=
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.pur-esult.info/?l=1&q={searchTerms}&pid=726&r=2013/09/27&hid=2090508738147741377&lg=EN&cc=DE
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=5cf79b0f-85c8-4c40-b01b-f818a3069e20&searchtype=ds&q={searchTerms}&installDate=24/09/2013
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=F8A600FF33C882A8&affID=122304&tt=180613_ndt1&tsp=4921
SearchScopes: HKCU - {6015E471-9846-49D0-90F9-2CF4FFA91393} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=135c18b1-1241-48c5-996d-6d1b5593e4e0&apn_sauid=368B5388-3ED0-4C2F-9E8D-FF194D686682
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://searchqm.com/search.php?channel=sfde203fbdgy21&q={searchTerms}
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.pur-esult.info/?l=1&q={searchTerms}&pid=726&r=2013/09/27&hid=2090508738147741377&lg=EN&cc=DE
BHO: TubeBoxEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: TubeBoxEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: qualitink - {73ad5d47-66e5-4127-80ca-c0eedabafbcc} - C:\Program Files (x86)\qualitink\qualitinkbho.dll (qualitink)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files (x86)\Minibar\Minibar.dll (KangoExtensions)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - TubeBox - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - TubeBox - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default
FF user.js: detected! => C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\user.js
FF NewTab: hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=5cf79b0f-85c8-4c40-b01b-f818a3069e20&searchtype=nt&installDate=24/09/2013
FF DefaultSearchEngine: WebSearch
FF SearchEngineOrder.1: Delta Search
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=5cf79b0f-85c8-4c40-b01b-f818a3069e20&searchtype=hp&installDate=24/09/2013
FF Keyword.URL: hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=5cf79b0f-85c8-4c40-b01b-f818a3069e20&searchtype=ds&installDate=24/09/2013&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.15.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Program Files (x86)\Roblox\Versions\version-1ff4978f36a64477\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF SearchPlugin: C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Douwnload kEiEpeer - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\ipbi_nhyq@msjoooe.org
FF Extension: SeAirch-eNewTabe - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\tgeeckzpc@r-wm.net
FF Extension: QuickShare Widget - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\{5cf79b0f-85c8-4c40-b01b-f818a3069e20}
FF Extension: Apps Hat - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
FF Extension: MySearchDial - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
FF Extension: firefox-hotfix - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\firefox-hotfix@mozilla.org.xpi
FF Extension: firefox - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\firefox@qualitink.net.xpi
FF Extension: om - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\om@offermosquito.com.xpi
FF Extension: noscript - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions
FF Extension: No Name - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins
FF Extension: movie2kdownloader - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi
FF Extension: No Name - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\profiles\extensions\prefs.bck
FF Extension: No Name - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\profiles\extensions\prefs.js
FF Extension: No Name - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\profiles\extensions\search.sqlite
FF Extension: No Name - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\profiles\extensions\user.js
FF Extension: No Name - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\profiles\extensions\user.js.orig
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U15) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
CHR Plugin: (Roblox Launcher Plugin) - C:\Program Files (x86)\Roblox\Versions\version-1ff4978f36a64477\\NPRobloxProxy.dll ( ROBLOX Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.150.3) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (SeAirch-eNewTabe) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakpdaeljcpejdepmiibkcoamggkpnko\1.0
CHR Extension: (QuickShare Widget) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0
CHR Extension: (Google Docs) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Movie2kDownloader) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf\1.0_0
CHR Extension: (YouTube) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Douwnload kEiEpeer) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdoebkhkmgkfdjjdpjlecjogdfcaopni\1.6
CHR Extension: (OfferMosquito) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk\0.8_0
CHR Extension: (qualitink) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljkcijnbckdflhifmbnfnkjacokloacf\1.0.0_0
CHR Extension: (Awesome New Tab Page\u2122) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg\2013.432.10_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (MySearchDial __MSG_newtab__) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.1.1_0
CHR Extension: (Gmail) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\MANHHA~1\AppData\Local\mysearchdial.crx
CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Program Files (x86)\Movie2KDownloader.com\Movie2KDownloader10.crx
CHR HKLM-x32\...\Chrome\Extension: [ljkcijnbckdflhifmbnfnkjacokloacf] - C:\Program Files (x86)\qualitink\ljkcijnbckdflhifmbnfnkjacokloacf.crx
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\MANHHA~1\AppData\Local\mysearchdial.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752 2013-03-30] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816 2013-03-30] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [565472 2013-03-30] (Avira Operations GmbH & Co. KG)
S2 BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [3032032 2013-10-08] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [296448 2013-04-30] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-16] (DT Soft Ltd)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-03] (Anchorfree Inc.)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-26 12:40 - 2013-10-26 12:40 - 00000000 ____D C:\FRST
2013-10-26 12:39 - 2013-10-26 12:39 - 01956086 _____ (Farbar) C:\Users\Manh hao\Desktop\FRST64.exe
2013-10-26 10:40 - 2013-10-26 10:43 - 00000088 _____ C:\Windows\SysWOW64\12877889519160193173.log
2013-10-26 10:14 - 2013-10-26 10:14 - 00000000 ____D C:\Users\Manh hao\Documents\Optimizer Pro
2013-10-26 10:10 - 2013-10-26 10:10 - 02321335 _____ C:\Users\Manh hao\Downloads\MineCraft Cracker (2).zip
2013-10-26 10:10 - 2013-10-26 10:10 - 02321335 _____ C:\Users\Manh hao\Downloads\MineCraft Cracker (1).zip
2013-10-26 10:09 - 2013-10-26 10:09 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2013-10-26 10:09 - 2013-10-26 10:09 - 00000000 ____D C:\Users\Manh hao\AppData\Local\WebPlayer
2013-10-26 10:09 - 2013-10-26 10:09 - 00000000 ____D C:\Users\Manh hao\AppData\Local\Minibar
2013-10-26 10:09 - 2013-10-26 10:09 - 00000000 ____D C:\Program Files (x86)\Minibar
2013-10-26 10:08 - 2013-10-26 10:08 - 00003264 _____ C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
2013-10-26 10:08 - 2013-10-26 10:08 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
2013-10-26 10:08 - 2013-10-26 10:08 - 00000000 ____D C:\Users\Manh hao\AppData\Local\FilesFrog Update Checker
2013-10-26 10:07 - 2013-10-26 10:07 - 00167304 _____ () C:\Users\Manh hao\Downloads\7Zip-adJLNAZ.exe
2013-10-26 09:58 - 2013-10-26 10:01 - 00000000 ____D C:\Users\Manh hao\Documents\Neuer Ordner
2013-10-26 09:58 - 2013-10-26 09:58 - 00000099 _____ C:\Users\Manh hao\Downloads\MOL_Properties.properties
2013-10-26 09:57 - 2013-10-26 09:58 - 00473416 _____ C:\Users\Manh hao\Downloads\MC_Open_Launcher.jar
2013-10-26 09:47 - 2013-10-26 09:47 - 00251361 _____ C:\Users\Manh hao\Downloads\Mineshafter-launcher (2).jar
2013-10-24 11:33 - 2013-10-24 11:35 - 00000000 ____D C:\Users\Manh hao\Desktop\Minecraft BUKKIT Server! - by MinecraftBukkit
2013-10-24 11:31 - 2013-10-24 11:32 - 17802634 _____ C:\Users\Manh hao\Downloads\Minecraft BUKKIT Server! - by MinecraftBukkit.rar
2013-10-24 11:29 - 2013-10-24 11:30 - 21075419 _____ C:\Users\Manh hao\Downloads\FutureSpawnPoint-Scb v.1.2.2.zip
2013-10-24 11:28 - 2013-10-24 11:27 - 05840896 _____ C:\Users\Manh hao\Desktop\Hamachi220.msi
2013-10-24 11:27 - 2013-10-24 11:27 - 05840896 _____ C:\Users\Manh hao\Downloads\Hamachi220.msi
2013-10-23 18:27 - 2013-10-23 18:28 - 06542715 _____ C:\Users\Manh hao\Downloads\minecraft_server.1.6.4.exe
2013-10-22 22:21 - 2013-10-22 22:21 - 00319736 _____ C:\Users\Papa\Downloads\Setup.exe
2013-10-22 21:57 - 2013-10-22 21:57 - 00000000 ____D C:\Users\Papa\AppData\Roaming\iFunbox_UserCache
2013-10-22 21:51 - 2013-10-22 22:01 - 92587046 _____ C:\Users\Papa\Desktop\Bilder.zip
2013-10-22 21:50 - 2013-10-22 22:00 - 00000000 ____D C:\Users\Papa\Desktop\Bilder
2013-10-22 20:48 - 2013-10-22 20:48 - 00000000 ____D C:\Users\Selina\Documents\Youcam
2013-10-22 20:48 - 2013-10-22 20:48 - 00000000 ____D C:\Users\Selina\AppData\Local\CyberLink
2013-10-21 22:15 - 2013-10-21 22:15 - 00002305 _____ C:\Users\Papa\Desktop\Chrome-App-Übersicht.lnk
2013-10-21 22:15 - 2013-10-21 22:15 - 00000000 ____D C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-21 20:27 - 2013-10-24 13:03 - 944711399 _____ C:\Users\Manh hao\Desktop\GTA+San+Andreas+by+TheSaazZzzz.zip
2013-10-21 18:19 - 2013-10-21 18:19 - 00421267 _____ C:\Users\Manh hao\Downloads\OptiFine 1.6.4.jar
2013-10-21 18:19 - 2013-10-21 18:19 - 00421267 _____ C:\Users\Manh hao\Desktop\OptiFine 1.6.4.jar
2013-10-21 18:15 - 2013-10-26 09:48 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\.minecraft
2013-10-21 18:15 - 2013-10-21 18:15 - 00251361 _____ C:\Users\Manh hao\Downloads\Mineshafter-launcher (1).jar
2013-10-21 18:05 - 2013-10-21 18:05 - 57190400 _____ C:\Users\Manh hao\Downloads\Nicht bestätigt 135859.crdownload
2013-10-21 17:40 - 2013-10-22 09:22 - 00007453 _____ C:\Users\Manh hao\Desktop\WDI_0.9_Log.log
2013-10-21 17:40 - 2013-10-21 17:40 - 00003144 _____ C:\Windows\System32\Tasks\{7D26D12B-2002-4532-B085-E1E262033DFF}
2013-10-21 17:39 - 2013-10-21 17:38 - 15914540 _____ (Montoyo Systems, vInc.) C:\Users\Manh hao\Desktop\WDI_0.9.exe
2013-10-21 17:38 - 2013-10-21 17:38 - 02204394 _____ C:\Users\Manh hao\Downloads\minecraftforge-installer-1.6.4-9.11.0.883.jar
2013-10-21 17:38 - 2013-10-21 17:38 - 02204394 _____ C:\Users\Manh hao\Desktop\minecraftforge-installer-1.6.4-9.11.0.883.jar
2013-10-21 17:37 - 2013-10-21 17:38 - 15914540 _____ (Montoyo Systems, vInc.) C:\Users\Manh hao\Downloads\WDI_0.9.exe
2013-10-21 10:09 - 2013-10-21 10:55 - 268542572 _____ C:\Users\Manh hao\Downloads\Pokemon.Y.3DS-CONTRAST.part4.rar
2013-10-21 09:30 - 2013-10-21 09:30 - 00000000 ____D C:\Users\Manh hao\AppData\Local\Cool_Mirage
2013-10-21 09:29 - 2013-10-21 09:29 - 00000000 ____D C:\Program Files (x86)\qualitink
2013-10-21 09:28 - 2013-10-21 09:28 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1clickmoviedownloader.com
2013-10-21 09:27 - 2013-10-21 09:29 - 65328340 _____ C:\Users\Manh hao\Downloads\Pokemon.Y.3DS-CONTRAST.7z.crdownload
2013-10-21 09:27 - 2013-10-21 09:27 - 00299280 _____ C:\Users\Manh hao\Downloads\3DS0451.part3.exe
2013-10-21 09:13 - 2013-10-21 09:13 - 00167304 _____ () C:\Users\Manh hao\Downloads\7ZipSetup-9wlIA2X.exe
2013-10-21 09:06 - 2013-10-21 09:36 - 00000000 ____D C:\Users\Manh hao\Desktop\desmume-0.9.9-win64
2013-10-21 09:04 - 2013-10-21 09:05 - 01691723 _____ C:\Users\Manh hao\Downloads\desmume-0.9.9-win64.zip
2013-10-19 23:02 - 2013-10-19 23:02 - 00000000 ____D C:\Users\Papa\AppData\Roaming\OpenOffice
2013-10-19 22:08 - 2013-10-19 22:13 - 114264027 _____ C:\Users\Manh hao\Downloads\Pokemon+X+++3DS+Emu.rar
2013-10-19 19:57 - 2013-10-19 19:57 - 05250247 _____ C:\Users\Manh hao\Downloads\Pokemon FireRed.zip
2013-10-19 19:55 - 2013-10-19 19:57 - 00000000 ____D C:\Users\Manh hao\Desktop\PokeMMO-Client
2013-10-19 19:54 - 2013-10-19 19:54 - 09775413 _____ C:\Users\Manh hao\Downloads\PokeMMO-Client.zip
2013-10-19 18:35 - 2013-10-19 18:35 - 00003584 _____ C:\Users\Manh hao\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-19 18:35 - 2013-10-19 18:35 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Solveig Multimedia
2013-10-19 18:15 - 2013-10-19 18:15 - 00000000 ____D C:\Users\Manh hao\Documents\HyperCam3
2013-10-19 18:14 - 2013-10-19 18:14 - 00000068 _____ C:\Users\Manh hao\Downloads\SMM_HyperCam.hc3lic
2013-10-19 18:11 - 2013-10-19 18:11 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\HyperCam
2013-10-19 10:00 - 2013-10-19 21:48 - 00012333 _____ C:\Users\Manh hao\Desktop\Steckbrief von Manh hao1.odt
2013-10-19 09:49 - 2013-10-19 09:49 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2013-10-19 09:49 - 2013-10-19 09:49 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\OpenOffice
2013-10-19 09:47 - 2013-10-19 09:47 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-10-19 09:32 - 2013-10-19 09:32 - 00010476 _____ C:\Users\Manh hao\Downloads\Steckbrief von Manh Hao1.odt
2013-10-19 09:28 - 2013-10-19 09:28 - 00614816 _____ C:\Users\Manh hao\Downloads\OpenOffice - CHIP-Downloader.exe
2013-10-19 09:24 - 2013-10-05 20:06 - 01818624 _____ C:\Users\Manh hao\Desktop\update - Kopie.img
2013-10-19 09:24 - 2013-10-05 11:23 - 02153194 _____ C:\Users\Manh hao\Desktop\minecraftforge-installer-1.6.2-9.10.0.799 - Kopie.jar
2013-10-19 09:24 - 2013-09-20 19:37 - 00038083 _____ C:\Users\Manh hao\Desktop\com.dnddream.headsoccer - Kopie.plist
2013-10-18 17:10 - 2013-10-18 17:10 - 00001569 _____ C:\Users\Manh hao\Desktop\Pokémon Trading Card Game Online.lnk
2013-10-18 17:07 - 2013-10-18 17:10 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Trading Card Game Online
2013-10-18 17:07 - 2013-10-18 17:07 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Pokémon Trading Card Game Online
2013-10-18 16:46 - 2013-10-18 16:56 - 264747520 _____ C:\Users\Manh hao\Downloads\PokemonInstaller.msi
2013-10-18 15:11 - 2013-10-18 15:11 - 01251840 _____ C:\Users\Manh hao\Downloads\Minecraft Gift Code Generator 2013.exe
2013-10-18 15:10 - 2013-10-18 15:11 - 10501695 _____ C:\Users\Manh hao\Downloads\GTA 5 Free Download (June 2013).rar
2013-10-18 15:04 - 2013-10-18 15:04 - 02935637 _____ C:\Users\Manh hao\Downloads\GTA5Generator.rar
2013-10-18 15:00 - 2013-10-18 15:01 - 05180936 _____ C:\Users\Manh hao\Downloads\PS3 Emulator 1.9.4.rar
2013-10-18 14:57 - 2013-10-18 14:57 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Snz
2013-10-17 22:38 - 2013-10-17 22:38 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-14 22:04 - 2013-10-26 12:36 - 00003120 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-10-12 21:56 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-12 21:56 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-12 21:56 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-12 21:56 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-12 21:56 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-12 21:56 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-12 21:56 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-12 21:56 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-12 21:56 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-12 21:56 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-12 21:31 - 2013-09-04 14:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-12 21:31 - 2013-09-04 14:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-12 21:31 - 2013-09-04 14:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-12 21:31 - 2013-09-04 14:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-12 21:31 - 2013-09-04 14:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-12 21:31 - 2013-09-04 14:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-12 21:31 - 2013-09-04 14:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-12 21:17 - 2013-10-12 21:24 - 00000000 ____D C:\Windows\system32\MRT
2013-10-12 18:53 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-10-12 18:53 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-10-12 18:53 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-10-12 18:53 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-10-12 18:53 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-10-12 18:53 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-10-12 18:53 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-10-12 18:53 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-10-12 18:53 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-12 18:53 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-12 18:53 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-10-12 18:53 - 2013-02-27 07:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-10-12 18:53 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-10-12 18:53 - 2013-02-27 06:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-10-12 18:52 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-10-12 18:52 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-10-12 18:52 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-12 18:52 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-12 18:52 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-12 18:52 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-12 18:52 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-12 18:52 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-12 18:52 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-12 18:52 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-12 18:52 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-12 18:51 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-12 18:51 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-12 18:51 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-12 18:51 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-10-12 18:51 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-12 18:51 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-10-12 18:51 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-10-12 18:51 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-10-12 18:51 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-10-12 18:51 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-12 18:51 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-12 18:51 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-12 18:51 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-10-12 18:51 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-10-12 18:51 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-10-12 18:51 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-10-12 18:51 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-12 18:51 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-12 18:51 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-12 18:51 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-12 18:51 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-10-12 18:51 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-10-12 18:51 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-10-12 18:51 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-10-12 18:51 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-12 18:51 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-12 18:51 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-12 18:51 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-10-12 18:51 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-10-12 18:51 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-12 18:51 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-12 18:51 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-12 18:51 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-10-12 18:51 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-12 18:51 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-10-12 18:51 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-10-12 18:50 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-10-12 18:50 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-10-12 18:50 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-10-12 18:50 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-12 18:50 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-12 18:50 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-12 18:50 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-10-12 18:50 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-10-12 18:50 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-10-12 18:50 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-10-12 18:50 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-10-12 18:50 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-10-12 18:49 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-12 18:49 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-10-12 18:49 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-10-12 18:46 - 2013-10-12 18:46 - 00009309 _____ C:\Users\Manh hao\Downloads\test.rar
2013-10-12 18:43 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-10-12 18:43 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-10-12 18:35 - 2013-10-12 18:37 - 30738633 _____ C:\Users\Manh hao\Downloads\1348396423_GTAIVPlanePack.rar
2013-10-12 09:55 - 2013-10-12 09:55 - 00001803 _____ C:\Users\Manh hao\Desktop\LaunchGTAIV - Verknüpfung.lnk
2013-10-11 10:04 - 2013-10-11 10:04 - 02220366 _____ C:\Users\Manh hao\AppData\Local\omesuperv.exe
2013-10-08 18:17 - 2013-10-08 18:17 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-08 17:31 - 2013-10-08 17:31 - 00248860 _____ C:\Users\Manh hao\Downloads\HandlingChanger_v2.zip
2013-10-08 17:30 - 2013-10-08 17:30 - 00613129 _____ C:\Users\Manh hao\Downloads\1.zip
2013-10-08 17:28 - 2013-10-08 17:28 - 00058183 _____ C:\Users\Manh hao\Downloads\sobeit-file-modding.zip
2013-10-08 17:27 - 2013-10-08 17:27 - 00006924 _____ C:\Users\Manh hao\Downloads\files.txt
2013-10-08 17:27 - 2013-10-08 17:27 - 00003295 _____ C:\Users\Manh hao\Downloads\magicpatcher.zip
2013-10-08 17:25 - 2013-10-08 17:25 - 00022981 _____ C:\Users\Manh hao\Downloads\GTAIVModdingUnlockerGamerX5500.zip
2013-10-08 05:32 - 2013-10-08 05:32 - 01394176 _____ C:\Users\Papa\Downloads\Siegen-Kurzexpose.ppt
2013-10-07 22:10 - 2013-10-25 14:39 - 00000000 ____D C:\Users\Papa\Documents\Youcam
2013-10-07 22:09 - 2013-10-07 22:09 - 00000000 ____D C:\Users\Papa\AppData\Local\CyberLink
2013-10-07 17:46 - 2010-06-02 00:29 - 00783931 _____ C:\Users\Manh hao\Desktop\SparkIV EFLC 0.6.6.zip
2013-10-07 17:46 - 2010-05-28 07:34 - 00001602 _____ C:\Users\Manh hao\Desktop\Readme.txt
2013-10-07 17:46 - 2010-05-28 07:32 - 00187392 _____ (Aru) C:\Users\Manh hao\Desktop\SparkIV.exe
2013-10-07 17:46 - 2010-05-28 07:32 - 00151040 _____ C:\Users\Manh hao\Desktop\SparkIV.pdb
2013-10-07 17:46 - 2010-05-28 07:32 - 00014848 _____ (Microsoft Corporation) C:\Users\Manh hao\Desktop\SparkIV.vshost.exe
2013-10-07 17:46 - 2010-04-16 18:16 - 00001344 _____ C:\Users\Manh hao\Desktop\SparkIV.Config.xml
2013-10-07 17:45 - 2013-10-07 17:45 - 01540953 _____ C:\Users\Manh hao\Downloads\SparkIV 0.6.6 (1).zip
2013-10-07 17:45 - 2013-10-07 17:45 - 01540953 _____ C:\Users\Manh hao\Desktop\SparkIV 0.6.6 (1).zip
2013-10-06 17:33 - 2013-10-06 17:33 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2013-10-06 14:19 - 2013-10-06 14:19 - 02816072 _____ (LionSea SoftWare                                            ) C:\Users\Manh hao\Downloads\setup.exe
2013-10-06 14:16 - 2013-10-06 14:16 - 01109896 _____ (Sony Corporation                                            ) C:\Users\Manh hao\Downloads\RIDCAM-01158806-UN.exe
2013-10-06 14:16 - 2013-10-06 14:16 - 00001308 _____ C:\Windows\DPINST.LOG
2013-10-06 14:13 - 2013-10-06 14:13 - 00947767 _____ (DriverIdentifier                                            ) C:\Users\Manh hao\Downloads\driveridentifier_setup.exe
2013-10-06 14:03 - 2013-10-06 14:03 - 00000000 ____D C:\Users\Manh hao\Documents\Avatar
2013-10-06 14:03 - 2013-10-06 14:03 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\CyberLink
2013-10-06 14:02 - 2013-10-26 09:43 - 00000000 ____D C:\Users\Manh hao\Documents\Youcam
2013-10-06 14:02 - 2013-10-21 09:57 - 00000000 ____D C:\ProgramData\CyberLink
2013-10-06 14:02 - 2013-10-06 14:02 - 00000000 ____D C:\Users\Manh hao\AppData\Local\CyberLink
2013-10-06 14:01 - 2013-10-06 14:01 - 00001359 _____ C:\Users\Public\Desktop\CyberLink YouCam 5.lnk
2013-10-06 14:01 - 2011-04-14 05:47 - 00031216 _____ (CyberLink Corporation) C:\Windows\system32\Drivers\clwvd.sys
2013-10-06 13:59 - 2013-10-06 14:01 - 00000000 ____D C:\Program Files (x86)\CyberLink
2013-10-06 13:57 - 2013-10-06 13:57 - 00000000 ____D C:\ProgramData\install_clap
2013-10-06 13:50 - 2013-10-06 13:55 - 17216854 _____ C:\Users\Manh hao\Downloads\CyberLink-Youcam-crack-ful-serial-Keys.rar
2013-10-06 13:48 - 2013-10-06 13:49 - 00000000 ____D C:\Users\Manh hao\Downloads\CyberLink YouCam 5 Deluxe v5.0.1129 [ADHDerby]
2013-10-06 09:59 - 2013-10-06 09:59 - 00003356 _____ C:\Users\Papa\Downloads\Sascha_Schuetz.vcf
2013-10-06 09:59 - 2013-10-06 09:59 - 00003001 _____ C:\Users\Papa\Downloads\Gabor_Fejer (1).vcf
2013-10-06 09:58 - 2013-10-06 09:58 - 00003588 _____ C:\Users\Papa\Downloads\Michael_Hofstetter.vcf
2013-10-06 09:58 - 2013-10-06 09:58 - 00003001 _____ C:\Users\Papa\Downloads\Gabor_Fejer.vcf
2013-10-05 21:18 - 2013-10-05 21:18 - 01540953 _____ C:\Users\Manh hao\Downloads\SparkIV 0.6.6.zip
2013-10-05 21:17 - 2013-10-05 21:17 - 00117057 _____ C:\Users\Manh hao\Downloads\1376727517_Thug Life Clothing.rar
2013-10-05 20:06 - 2013-10-05 20:06 - 01818624 _____ C:\Users\Manh hao\Downloads\update.img
2013-10-05 19:59 - 2013-10-05 20:00 - 16048132 _____ C:\Users\Selina\Downloads\Gta 5 Downloader.rar
2013-10-05 19:58 - 2013-10-05 19:59 - 16682251 _____ C:\Users\Selina\Downloads\XBOX 360 Emulator for PC & GTA5.zip
2013-10-05 11:25 - 2013-10-05 11:23 - 02153194 _____ C:\Users\Manh hao\Desktop\minecraftforge-installer-1.6.2-9.10.0.799.jar
2013-10-05 11:23 - 2013-10-05 11:23 - 02153194 _____ C:\Users\Manh hao\Downloads\minecraftforge-installer-1.6.2-9.10.0.799.jar
2013-10-05 11:22 - 2013-10-05 11:26 - 84734859 _____ C:\Users\Manh hao\Downloads\Pixelmon 2.3.1 install.zip
2013-10-05 10:29 - 2013-10-05 10:29 - 00000000 ____D C:\Users\Manh hao\AppData\Local\LogMeIn
2013-10-04 18:02 - 2013-10-04 18:02 - 00000000 ____D C:\Users\Selina\Desktop\Minecraft Bukkit Server 1.6.4
2013-10-04 17:59 - 2013-10-04 18:01 - 61749197 _____ C:\Users\Selina\Desktop\Minecraft Bukkit Server 1.6.4.zip
2013-10-04 14:49 - 2013-10-04 14:49 - 00000000 ____D C:\Users\Selina\AppData\Local\LogMeIn
2013-10-03 22:45 - 2013-10-03 22:45 - 01394688 _____ C:\Users\Papa\Downloads\120911-Olpe-Kurzexpose-Nagelstudio.ppt
2013-10-03 04:09 - 2013-10-03 04:09 - 00000000 ____D C:\Users\Papa\AppData\Local\LogMeIn
2013-10-03 04:09 - 2013-10-03 04:09 - 00000000 ____D C:\ProgramData\LogMeIn
2013-10-02 22:45 - 2013-10-02 22:45 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-10-02 20:02 - 2013-10-02 20:02 - 536870912 _____ C:\Users\Papa\Downloads\pkms2.nds
2013-09-28 16:45 - 2013-09-28 16:45 - 00004121 _____ C:\Users\Selina\Downloads\mccapes_extra_164a_20130921_1116.zip
2013-09-28 09:38 - 2013-09-28 09:38 - 00004121 _____ C:\Users\Manh hao\Downloads\mccapes_extra_164a_20130921_1116 (1).zip
2013-09-28 09:36 - 2013-09-28 09:36 - 00004121 _____ C:\Users\Manh hao\Downloads\mccapes_extra_164a_20130921_1116.zip
2013-09-27 19:31 - 2013-09-27 19:31 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-09-27 19:26 - 2013-09-27 19:26 - 00000000 ____D C:\Users\Selina\Documents\samsung
2013-09-27 19:26 - 2013-09-27 19:26 - 00000000 ____D C:\Users\Selina\AppData\Roaming\Samsung
2013-09-27 19:26 - 2013-09-27 19:26 - 00000000 ____D C:\Users\Selina\AppData\Local\Samsung
2013-09-27 17:24 - 2013-09-27 17:24 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-27 17:24 - 2013-08-30 09:47 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-09-27 17:22 - 2013-09-27 17:22 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-27 17:21 - 2013-09-28 16:29 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-27 17:11 - 2013-09-27 17:16 - 131918888 _____ C:\Users\Manh hao\Downloads\avast_free_antivirus_setup_8.0.1497.376.exe
2013-09-27 17:02 - 2013-10-26 12:32 - 00000000 ____D C:\ProgramData\SeAirch-eNewTabe
2013-09-27 17:02 - 2013-10-26 12:32 - 00000000 ____D C:\ProgramData\Douwnload kEiEpeer
2013-09-27 17:02 - 2013-09-27 17:02 - 00000000 ____D C:\ProgramData\SummerSoft
2013-09-27 17:00 - 2013-10-21 10:11 - 00000000 ____D C:\ProgramData\InstallMate
2013-09-27 17:00 - 2013-09-27 17:00 - 00309200 _____ (SummerSoft) C:\Users\Manh hao\Downloads\Grand Theft Auto V PC Game [Full Beta GTA 5].exe
2013-09-27 17:00 - 2013-09-27 17:00 - 00309200 _____ (SummerSoft) C:\Users\Manh hao\Downloads\Grand Theft Auto V PC Game [Full Beta GTA 5] (1).exe
2013-09-27 17:00 - 2013-09-27 17:00 - 00093442 _____ C:\Users\Manh hao\Downloads\GTAV-Downloader.rar
2013-09-26 18:01 - 2013-09-26 18:02 - 00000000 ____D C:\Users\Papa\AppData\Local\Smartbar
2013-09-26 17:56 - 2013-09-26 18:01 - 00000000 ____D C:\Users\Papa\AppData\Local\DownloadGuide
2013-09-26 17:55 - 2013-09-26 17:55 - 00000000 ____D C:\Users\Papa\AppData\Local\Software Updater

==================== One Month Modified Files and Folders =======

2013-10-26 12:41 - 2009-07-14 06:45 - 00021648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-26 12:41 - 2009-07-14 06:45 - 00021648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-26 12:40 - 2013-10-26 12:40 - 00000000 ____D C:\FRST
2013-10-26 12:40 - 2013-02-08 20:35 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-26 12:39 - 2013-10-26 12:39 - 01956086 _____ (Farbar) C:\Users\Manh hao\Desktop\FRST64.exe
2013-10-26 12:39 - 2013-02-16 14:48 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\uTorrent
2013-10-26 12:37 - 2013-04-20 12:18 - 00004190 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-10-26 12:36 - 2013-10-14 22:04 - 00003120 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-10-26 12:36 - 2013-04-20 12:17 - 00004208 _____ C:\Windows\System32\Tasks\Software Updater
2013-10-26 12:33 - 2013-02-16 12:52 - 00000000 ____D C:\Users\Manh hao\AppData\Local\LogMeIn Hamachi
2013-10-26 12:33 - 2013-02-08 20:35 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-26 12:32 - 2013-09-27 17:02 - 00000000 ____D C:\ProgramData\SeAirch-eNewTabe
2013-10-26 12:32 - 2013-09-27 17:02 - 00000000 ____D C:\ProgramData\Douwnload kEiEpeer
2013-10-26 12:32 - 2010-11-21 05:47 - 00028286 _____ C:\Windows\PFRO.log
2013-10-26 12:32 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-26 12:32 - 2009-07-14 06:51 - 00016593 _____ C:\Windows\setupact.log
2013-10-26 11:26 - 2013-06-22 11:04 - 00000390 _____ C:\Windows\Tasks\update-S-1-5-21-2823766941-1517505164-3398274235-1005.job
2013-10-26 11:08 - 2013-04-02 20:53 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Skype
2013-10-26 10:44 - 2013-04-20 12:18 - 00000000 ____D C:\Program Files (x86)\Protected Search
2013-10-26 10:43 - 2013-10-26 10:40 - 00000088 _____ C:\Windows\SysWOW64\12877889519160193173.log
2013-10-26 10:40 - 2013-06-09 15:35 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\FBDownloader
2013-10-26 10:39 - 2013-06-22 11:03 - 00000394 _____ C:\Windows\Tasks\update-sys.job
2013-10-26 10:38 - 2013-07-06 10:33 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2823766941-1517505164-3398274235-1005UA.job
2013-10-26 10:38 - 2013-07-06 10:33 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2823766941-1517505164-3398274235-1005Core.job
2013-10-26 10:14 - 2013-10-26 10:14 - 00000000 ____D C:\Users\Manh hao\Documents\Optimizer Pro
2013-10-26 10:10 - 2013-10-26 10:10 - 02321335 _____ C:\Users\Manh hao\Downloads\MineCraft Cracker (2).zip
2013-10-26 10:10 - 2013-10-26 10:10 - 02321335 _____ C:\Users\Manh hao\Downloads\MineCraft Cracker (1).zip
2013-10-26 10:09 - 2013-10-26 10:09 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2013-10-26 10:09 - 2013-10-26 10:09 - 00000000 ____D C:\Users\Manh hao\AppData\Local\WebPlayer
2013-10-26 10:09 - 2013-10-26 10:09 - 00000000 ____D C:\Users\Manh hao\AppData\Local\Minibar
2013-10-26 10:09 - 2013-10-26 10:09 - 00000000 ____D C:\Program Files (x86)\Minibar
2013-10-26 10:09 - 2013-02-06 18:28 - 00000000 ____D C:\Users\Manh hao
2013-10-26 10:08 - 2013-10-26 10:08 - 00003264 _____ C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
2013-10-26 10:08 - 2013-10-26 10:08 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
2013-10-26 10:08 - 2013-10-26 10:08 - 00000000 ____D C:\Users\Manh hao\AppData\Local\FilesFrog Update Checker
2013-10-26 10:07 - 2013-10-26 10:07 - 00167304 _____ () C:\Users\Manh hao\Downloads\7Zip-adJLNAZ.exe
2013-10-26 10:01 - 2013-10-26 09:58 - 00000000 ____D C:\Users\Manh hao\Documents\Neuer Ordner
2013-10-26 09:58 - 2013-10-26 09:58 - 00000099 _____ C:\Users\Manh hao\Downloads\MOL_Properties.properties
2013-10-26 09:58 - 2013-10-26 09:57 - 00473416 _____ C:\Users\Manh hao\Downloads\MC_Open_Launcher.jar
2013-10-26 09:48 - 2013-10-21 18:15 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\.minecraft
2013-10-26 09:47 - 2013-10-26 09:47 - 00251361 _____ C:\Users\Manh hao\Downloads\Mineshafter-launcher (2).jar
2013-10-26 09:43 - 2013-10-06 14:02 - 00000000 ____D C:\Users\Manh hao\Documents\Youcam
2013-10-25 15:01 - 2013-05-17 18:32 - 00000282 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-10-25 14:46 - 2013-03-24 21:38 - 00000000 ____D C:\Users\Papa\AppData\Local\Adobe
2013-10-25 14:39 - 2013-10-07 22:10 - 00000000 ____D C:\Users\Papa\Documents\Youcam
2013-10-25 14:38 - 2013-07-31 22:59 - 00000000 ____D C:\Users\Papa\AppData\Roaming\data
2013-10-25 14:37 - 2013-03-02 21:07 - 00000000 ____D C:\Users\Papa\AppData\Local\LogMeIn Hamachi
2013-10-24 18:23 - 2013-02-06 18:00 - 01155516 _____ C:\Windows\WindowsUpdate.log
2013-10-24 13:03 - 2013-10-21 20:27 - 944711399 _____ C:\Users\Manh hao\Desktop\GTA+San+Andreas+by+TheSaazZzzz.zip
2013-10-24 11:35 - 2013-10-24 11:33 - 00000000 ____D C:\Users\Manh hao\Desktop\Minecraft BUKKIT Server! - by MinecraftBukkit
2013-10-24 11:32 - 2013-10-24 11:31 - 17802634 _____ C:\Users\Manh hao\Downloads\Minecraft BUKKIT Server! - by MinecraftBukkit.rar
2013-10-24 11:30 - 2013-10-24 11:29 - 21075419 _____ C:\Users\Manh hao\Downloads\FutureSpawnPoint-Scb v.1.2.2.zip
2013-10-24 11:27 - 2013-10-24 11:28 - 05840896 _____ C:\Users\Manh hao\Desktop\Hamachi220.msi
2013-10-24 11:27 - 2013-10-24 11:27 - 05840896 _____ C:\Users\Manh hao\Downloads\Hamachi220.msi
2013-10-23 21:24 - 2013-04-13 17:29 - 00000000 ____D C:\Users\Manh hao\Desktop\Gta IV
2013-10-23 18:32 - 2013-05-17 18:32 - 00000290 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-10-23 18:28 - 2013-10-23 18:27 - 06542715 _____ C:\Users\Manh hao\Downloads\minecraft_server.1.6.4.exe
2013-10-23 14:43 - 2013-03-21 19:41 - 00000000 ____D C:\Users\Papa\AppData\Local\DoNotTrackPlus
2013-10-22 22:39 - 2013-04-23 16:41 - 00000000 ____D C:\Users\Papa\AppData\Local\Mozilla
2013-10-22 22:21 - 2013-10-22 22:21 - 00319736 _____ C:\Users\Papa\Downloads\Setup.exe
2013-10-22 22:01 - 2013-10-22 21:51 - 92587046 _____ C:\Users\Papa\Desktop\Bilder.zip
2013-10-22 22:00 - 2013-10-22 21:50 - 00000000 ____D C:\Users\Papa\Desktop\Bilder
2013-10-22 21:57 - 2013-10-22 21:57 - 00000000 ____D C:\Users\Papa\AppData\Roaming\iFunbox_UserCache
2013-10-22 20:50 - 2013-08-30 13:59 - 00000000 ____D C:\ProgramData\IObit
2013-10-22 20:48 - 2013-10-22 20:48 - 00000000 ____D C:\Users\Selina\Documents\Youcam
2013-10-22 20:48 - 2013-10-22 20:48 - 00000000 ____D C:\Users\Selina\AppData\Local\CyberLink
2013-10-22 20:47 - 2013-07-06 11:18 - 00000000 ____D C:\Users\Selina\Tracing
2013-10-22 20:46 - 2013-06-08 08:48 - 00000000 ____D C:\Users\Selina\AppData\Local\Adobe
2013-10-22 20:46 - 2013-03-02 21:04 - 00000000 ____D C:\Users\Selina\AppData\Local\LogMeIn Hamachi
2013-10-22 09:22 - 2013-10-21 17:40 - 00007453 _____ C:\Users\Manh hao\Desktop\WDI_0.9_Log.log
2013-10-21 22:15 - 2013-10-21 22:15 - 00002305 _____ C:\Users\Papa\Desktop\Chrome-App-Übersicht.lnk
2013-10-21 22:15 - 2013-10-21 22:15 - 00000000 ____D C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-21 18:19 - 2013-10-21 18:19 - 00421267 _____ C:\Users\Manh hao\Downloads\OptiFine 1.6.4.jar
2013-10-21 18:19 - 2013-10-21 18:19 - 00421267 _____ C:\Users\Manh hao\Desktop\OptiFine 1.6.4.jar
2013-10-21 18:15 - 2013-10-21 18:15 - 00251361 _____ C:\Users\Manh hao\Downloads\Mineshafter-launcher (1).jar
2013-10-21 18:05 - 2013-10-21 18:05 - 57190400 _____ C:\Users\Manh hao\Downloads\Nicht bestätigt 135859.crdownload
2013-10-21 17:40 - 2013-10-21 17:40 - 00003144 _____ C:\Windows\System32\Tasks\{7D26D12B-2002-4532-B085-E1E262033DFF}
2013-10-21 17:38 - 2013-10-21 17:39 - 15914540 _____ (Montoyo Systems, vInc.) C:\Users\Manh hao\Desktop\WDI_0.9.exe
2013-10-21 17:38 - 2013-10-21 17:38 - 02204394 _____ C:\Users\Manh hao\Downloads\minecraftforge-installer-1.6.4-9.11.0.883.jar
2013-10-21 17:38 - 2013-10-21 17:38 - 02204394 _____ C:\Users\Manh hao\Desktop\minecraftforge-installer-1.6.4-9.11.0.883.jar
2013-10-21 17:38 - 2013-10-21 17:37 - 15914540 _____ (Montoyo Systems, vInc.) C:\Users\Manh hao\Downloads\WDI_0.9.exe
2013-10-21 11:49 - 2013-03-02 21:04 - 00065072 _____ C:\Users\Selina\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-21 10:55 - 2013-10-21 10:09 - 268542572 _____ C:\Users\Manh hao\Downloads\Pokemon.Y.3DS-CONTRAST.part4.rar
2013-10-21 10:11 - 2013-09-27 17:00 - 00000000 ____D C:\ProgramData\InstallMate
2013-10-21 09:57 - 2013-10-06 14:02 - 00000000 ____D C:\ProgramData\CyberLink
2013-10-21 09:36 - 2013-10-21 09:06 - 00000000 ____D C:\Users\Manh hao\Desktop\desmume-0.9.9-win64
2013-10-21 09:30 - 2013-10-21 09:30 - 00000000 ____D C:\Users\Manh hao\AppData\Local\Cool_Mirage
2013-10-21 09:29 - 2013-10-21 09:29 - 00000000 ____D C:\Program Files (x86)\qualitink
2013-10-21 09:29 - 2013-10-21 09:27 - 65328340 _____ C:\Users\Manh hao\Downloads\Pokemon.Y.3DS-CONTRAST.7z.crdownload
2013-10-21 09:28 - 2013-10-21 09:28 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1clickmoviedownloader.com
2013-10-21 09:27 - 2013-10-21 09:27 - 00299280 _____ C:\Users\Manh hao\Downloads\3DS0451.part3.exe
2013-10-21 09:13 - 2013-10-21 09:13 - 00167304 _____ () C:\Users\Manh hao\Downloads\7ZipSetup-9wlIA2X.exe
2013-10-21 09:05 - 2013-10-21 09:04 - 01691723 _____ C:\Users\Manh hao\Downloads\desmume-0.9.9-win64.zip
2013-10-19 23:02 - 2013-10-19 23:02 - 00000000 ____D C:\Users\Papa\AppData\Roaming\OpenOffice
2013-10-19 22:59 - 2013-03-02 21:07 - 00065072 _____ C:\Users\Papa\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-19 22:13 - 2013-10-19 22:08 - 114264027 _____ C:\Users\Manh hao\Downloads\Pokemon+X+++3DS+Emu.rar
2013-10-19 21:48 - 2013-10-19 10:00 - 00012333 _____ C:\Users\Manh hao\Desktop\Steckbrief von Manh hao1.odt
2013-10-19 19:57 - 2013-10-19 19:57 - 05250247 _____ C:\Users\Manh hao\Downloads\Pokemon FireRed.zip
2013-10-19 19:57 - 2013-10-19 19:55 - 00000000 ____D C:\Users\Manh hao\Desktop\PokeMMO-Client
2013-10-19 19:54 - 2013-10-19 19:54 - 09775413 _____ C:\Users\Manh hao\Downloads\PokeMMO-Client.zip
2013-10-19 18:35 - 2013-10-19 18:35 - 00003584 _____ C:\Users\Manh hao\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-19 18:35 - 2013-10-19 18:35 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Solveig Multimedia
2013-10-19 18:15 - 2013-10-19 18:15 - 00000000 ____D C:\Users\Manh hao\Documents\HyperCam3
2013-10-19 18:14 - 2013-10-19 18:14 - 00000068 _____ C:\Users\Manh hao\Downloads\SMM_HyperCam.hc3lic
2013-10-19 18:11 - 2013-10-19 18:11 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\HyperCam
2013-10-19 18:08 - 2013-03-16 19:46 - 00000000 ____D C:\Users\Manh hao\AppData\Local\Windows Live
2013-10-19 18:06 - 2013-05-24 19:26 - 00000000 ____D C:\Users\Manh hao\AppData\Local\Adobe
2013-10-19 18:04 - 2013-02-08 20:34 - 00065072 _____ C:\Users\Manh hao\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-19 18:03 - 2009-07-14 06:45 - 00298984 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-19 09:49 - 2013-10-19 09:49 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2013-10-19 09:49 - 2013-10-19 09:49 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\OpenOffice
2013-10-19 09:47 - 2013-10-19 09:47 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-10-19 09:32 - 2013-10-19 09:32 - 00010476 _____ C:\Users\Manh hao\Downloads\Steckbrief von Manh Hao1.odt
2013-10-19 09:28 - 2013-10-19 09:28 - 00614816 _____ C:\Users\Manh hao\Downloads\OpenOffice - CHIP-Downloader.exe
2013-10-18 20:19 - 2013-03-02 21:03 - 00000000 ___RD C:\Users\Selina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-18 20:19 - 2013-03-02 21:03 - 00000000 ___RD C:\Users\Selina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-18 17:10 - 2013-10-18 17:10 - 00001569 _____ C:\Users\Manh hao\Desktop\Pokémon Trading Card Game Online.lnk
2013-10-18 17:10 - 2013-10-18 17:07 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Trading Card Game Online
2013-10-18 17:07 - 2013-10-18 17:07 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Pokémon Trading Card Game Online
2013-10-18 16:56 - 2013-10-18 16:46 - 264747520 _____ C:\Users\Manh hao\Downloads\PokemonInstaller.msi
2013-10-18 16:38 - 2013-04-23 16:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-18 15:11 - 2013-10-18 15:11 - 01251840 _____ C:\Users\Manh hao\Downloads\Minecraft Gift Code Generator 2013.exe
2013-10-18 15:11 - 2013-10-18 15:10 - 10501695 _____ C:\Users\Manh hao\Downloads\GTA 5 Free Download (June 2013).rar
2013-10-18 15:05 - 2013-04-23 16:31 - 00000000 ____D C:\Users\Manh hao\AppData\Local\Mozilla
2013-10-18 15:04 - 2013-10-18 15:04 - 02935637 _____ C:\Users\Manh hao\Downloads\GTA5Generator.rar
2013-10-18 15:01 - 2013-10-18 15:00 - 05180936 _____ C:\Users\Manh hao\Downloads\PS3 Emulator 1.9.4.rar
2013-10-18 14:59 - 2013-05-31 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-18 14:58 - 2013-06-09 15:35 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Intermediate
2013-10-18 14:57 - 2013-10-18 14:57 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Snz
2013-10-18 14:57 - 2013-06-09 15:35 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\SCheck
2013-10-18 14:55 - 2013-02-06 18:29 - 00000000 ___RD C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-18 14:55 - 2013-02-06 18:29 - 00000000 ___RD C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-17 22:42 - 2013-08-31 21:58 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-17 22:38 - 2013-10-17 22:38 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 22:38 - 2013-03-10 18:13 - 00001931 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-12 23:26 - 2013-03-03 00:37 - 00000000 ____D C:\Users\Papa\AppData\Local\Google
2013-10-12 23:23 - 2013-03-02 21:07 - 00000000 ___RD C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-12 23:23 - 2013-03-02 21:07 - 00000000 ___RD C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-12 23:18 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-10-12 23:18 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-10-12 23:17 - 2011-04-12 09:55 - 00000000 ____D C:\Program Files\Windows Journal
2013-10-12 22:10 - 2013-05-12 19:33 - 01591234 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-12 22:10 - 2011-04-12 09:43 - 00697082 _____ C:\Windows\system32\perfh007.dat
2013-10-12 22:10 - 2011-04-12 09:43 - 00148346 _____ C:\Windows\system32\perfc007.dat
2013-10-12 22:10 - 2009-07-14 07:13 - 01591234 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-12 21:24 - 2013-10-12 21:17 - 00000000 ____D C:\Windows\system32\MRT
2013-10-12 18:59 - 2013-03-16 19:51 - 00166611 _____ C:\Windows\DirectX.log
2013-10-12 18:46 - 2013-10-12 18:46 - 00009309 _____ C:\Users\Manh hao\Downloads\test.rar
2013-10-12 18:37 - 2013-10-12 18:35 - 30738633 _____ C:\Users\Manh hao\Downloads\1348396423_GTAIVPlanePack.rar
2013-10-12 09:55 - 2013-10-12 09:55 - 00001803 _____ C:\Users\Manh hao\Desktop\LaunchGTAIV - Verknüpfung.lnk
2013-10-11 10:04 - 2013-10-11 10:04 - 02220366 _____ C:\Users\Manh hao\AppData\Local\omesuperv.exe
2013-10-10 21:52 - 2013-06-22 11:04 - 00003290 _____ C:\Windows\System32\Tasks\update-sys
2013-10-08 21:43 - 2013-09-13 16:56 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-08 18:17 - 2013-10-08 18:17 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-08 17:31 - 2013-10-08 17:31 - 00248860 _____ C:\Users\Manh hao\Downloads\HandlingChanger_v2.zip
2013-10-08 17:30 - 2013-10-08 17:30 - 00613129 _____ C:\Users\Manh hao\Downloads\1.zip
2013-10-08 17:28 - 2013-10-08 17:28 - 00058183 _____ C:\Users\Manh hao\Downloads\sobeit-file-modding.zip
2013-10-08 17:27 - 2013-10-08 17:27 - 00006924 _____ C:\Users\Manh hao\Downloads\files.txt
2013-10-08 17:27 - 2013-10-08 17:27 - 00003295 _____ C:\Users\Manh hao\Downloads\magicpatcher.zip
2013-10-08 17:25 - 2013-10-08 17:25 - 00022981 _____ C:\Users\Manh hao\Downloads\GTAIVModdingUnlockerGamerX5500.zip
2013-10-08 05:35 - 2013-02-08 20:35 - 00004110 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-08 05:35 - 2013-02-08 20:35 - 00003858 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-08 05:32 - 2013-10-08 05:32 - 01394176 _____ C:\Users\Papa\Downloads\Siegen-Kurzexpose.ppt
2013-10-07 22:09 - 2013-10-07 22:09 - 00000000 ____D C:\Users\Papa\AppData\Local\CyberLink
2013-10-07 17:45 - 2013-10-07 17:45 - 01540953 _____ C:\Users\Manh hao\Downloads\SparkIV 0.6.6 (1).zip
2013-10-07 17:45 - 2013-10-07 17:45 - 01540953 _____ C:\Users\Manh hao\Desktop\SparkIV 0.6.6 (1).zip
2013-10-06 17:33 - 2013-10-06 17:33 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2013-10-06 14:19 - 2013-10-06 14:19 - 02816072 _____ (LionSea SoftWare                                            ) C:\Users\Manh hao\Downloads\setup.exe
2013-10-06 14:16 - 2013-10-06 14:16 - 01109896 _____ (Sony Corporation                                            ) C:\Users\Manh hao\Downloads\RIDCAM-01158806-UN.exe
2013-10-06 14:16 - 2013-10-06 14:16 - 00001308 _____ C:\Windows\DPINST.LOG
2013-10-06 14:13 - 2013-10-06 14:13 - 00947767 _____ (DriverIdentifier                                            ) C:\Users\Manh hao\Downloads\driveridentifier_setup.exe
2013-10-06 14:03 - 2013-10-06 14:03 - 00000000 ____D C:\Users\Manh hao\Documents\Avatar
2013-10-06 14:03 - 2013-10-06 14:03 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\CyberLink
2013-10-06 14:02 - 2013-10-06 14:02 - 00000000 ____D C:\Users\Manh hao\AppData\Local\CyberLink
2013-10-06 14:01 - 2013-10-06 14:01 - 00001359 _____ C:\Users\Public\Desktop\CyberLink YouCam 5.lnk
2013-10-06 14:01 - 2013-10-06 13:59 - 00000000 ____D C:\Program Files (x86)\CyberLink
2013-10-06 13:57 - 2013-10-06 13:57 - 00000000 ____D C:\ProgramData\install_clap
2013-10-06 13:57 - 2013-02-08 20:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-06 13:55 - 2013-10-06 13:50 - 17216854 _____ C:\Users\Manh hao\Downloads\CyberLink-Youcam-crack-ful-serial-Keys.rar
2013-10-06 13:49 - 2013-10-06 13:48 - 00000000 ____D C:\Users\Manh hao\Downloads\CyberLink YouCam 5 Deluxe v5.0.1129 [ADHDerby]
2013-10-06 09:59 - 2013-10-06 09:59 - 00003356 _____ C:\Users\Papa\Downloads\Sascha_Schuetz.vcf
2013-10-06 09:59 - 2013-10-06 09:59 - 00003001 _____ C:\Users\Papa\Downloads\Gabor_Fejer (1).vcf
2013-10-06 09:58 - 2013-10-06 09:58 - 00003588 _____ C:\Users\Papa\Downloads\Michael_Hofstetter.vcf
2013-10-06 09:58 - 2013-10-06 09:58 - 00003001 _____ C:\Users\Papa\Downloads\Gabor_Fejer.vcf
2013-10-05 21:18 - 2013-10-05 21:18 - 01540953 _____ C:\Users\Manh hao\Downloads\SparkIV 0.6.6.zip
2013-10-05 21:17 - 2013-10-05 21:17 - 00117057 _____ C:\Users\Manh hao\Downloads\1376727517_Thug Life Clothing.rar
2013-10-05 20:07 - 2013-02-16 15:44 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\DAEMON Tools Lite
2013-10-05 20:06 - 2013-10-19 09:24 - 01818624 _____ C:\Users\Manh hao\Desktop\update - Kopie.img
2013-10-05 20:06 - 2013-10-05 20:06 - 01818624 _____ C:\Users\Manh hao\Downloads\update.img
2013-10-05 20:00 - 2013-10-05 19:59 - 16048132 _____ C:\Users\Selina\Downloads\Gta 5 Downloader.rar
2013-10-05 19:59 - 2013-10-05 19:58 - 16682251 _____ C:\Users\Selina\Downloads\XBOX 360 Emulator for PC & GTA5.zip
2013-10-05 11:26 - 2013-10-05 11:22 - 84734859 _____ C:\Users\Manh hao\Downloads\Pixelmon 2.3.1 install.zip
2013-10-05 11:23 - 2013-10-19 09:24 - 02153194 _____ C:\Users\Manh hao\Desktop\minecraftforge-installer-1.6.2-9.10.0.799 - Kopie.jar
2013-10-05 11:23 - 2013-10-05 11:25 - 02153194 _____ C:\Users\Manh hao\Desktop\minecraftforge-installer-1.6.2-9.10.0.799.jar
2013-10-05 11:23 - 2013-10-05 11:23 - 02153194 _____ C:\Users\Manh hao\Downloads\minecraftforge-installer-1.6.2-9.10.0.799.jar
2013-10-05 10:29 - 2013-10-05 10:29 - 00000000 ____D C:\Users\Manh hao\AppData\Local\LogMeIn
2013-10-04 18:54 - 2013-06-08 09:21 - 00000000 ____D C:\Users\Selina\AppData\Roaming\Skype
2013-10-04 18:49 - 2013-08-31 13:36 - 00000000 ____D C:\Users\Selina\AppData\Roaming\.minecraft
2013-10-04 18:02 - 2013-10-04 18:02 - 00000000 ____D C:\Users\Selina\Desktop\Minecraft Bukkit Server 1.6.4
2013-10-04 18:01 - 2013-10-04 17:59 - 61749197 _____ C:\Users\Selina\Desktop\Minecraft Bukkit Server 1.6.4.zip
2013-10-04 14:49 - 2013-10-04 14:49 - 00000000 ____D C:\Users\Selina\AppData\Local\LogMeIn
2013-10-03 22:45 - 2013-10-03 22:45 - 01394688 _____ C:\Users\Papa\Downloads\120911-Olpe-Kurzexpose-Nagelstudio.ppt
2013-10-03 04:09 - 2013-10-03 04:09 - 00000000 ____D C:\Users\Papa\AppData\Local\LogMeIn
2013-10-03 04:09 - 2013-10-03 04:09 - 00000000 ____D C:\ProgramData\LogMeIn
2013-10-02 22:46 - 2013-02-16 12:51 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-10-02 22:45 - 2013-10-02 22:45 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-10-02 20:31 - 2013-09-20 19:38 - 00000000 ____D C:\Users\Selina\AppData\Roaming\iFunbox_UserCache
2013-10-02 20:02 - 2013-10-02 20:02 - 536870912 _____ C:\Users\Papa\Downloads\pkms2.nds
2013-09-28 23:23 - 2013-03-02 21:07 - 00000000 ____D C:\Users\Papa\AppData\Local\VirtualStore
2013-09-28 18:32 - 2013-07-20 10:16 - 00352768 _____ C:\Users\Selina\Desktop\Minecraft.exe
2013-09-28 18:01 - 2013-06-22 20:08 - 00000000 ____D C:\Users\Selina\AppData\Roaming\TS3Client
2013-09-28 16:45 - 2013-09-28 16:45 - 00004121 _____ C:\Users\Selina\Downloads\mccapes_extra_164a_20130921_1116.zip
2013-09-28 16:29 - 2013-09-27 17:21 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-28 09:38 - 2013-09-28 09:38 - 00004121 _____ C:\Users\Manh hao\Downloads\mccapes_extra_164a_20130921_1116 (1).zip
2013-09-28 09:36 - 2013-09-28 09:36 - 00004121 _____ C:\Users\Manh hao\Downloads\mccapes_extra_164a_20130921_1116.zip
2013-09-28 09:12 - 2013-03-02 21:05 - 00000000 ____D C:\Users\Mama\AppData\Local\LogMeIn Hamachi
2013-09-27 19:54 - 2013-05-30 14:13 - 00000000 ____D C:\Users\Mama\AppData\Local\Adobe
2013-09-27 19:31 - 2013-09-27 19:31 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-09-27 19:28 - 2013-03-02 21:16 - 00000000 ____D C:\Users\Selina\AppData\Local\DoNotTrackPlus
2013-09-27 19:26 - 2013-09-27 19:26 - 00000000 ____D C:\Users\Selina\Documents\samsung
2013-09-27 19:26 - 2013-09-27 19:26 - 00000000 ____D C:\Users\Selina\AppData\Roaming\Samsung
2013-09-27 19:26 - 2013-09-27 19:26 - 00000000 ____D C:\Users\Selina\AppData\Local\Samsung
2013-09-27 17:24 - 2013-09-27 17:24 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-27 17:22 - 2013-09-27 17:22 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-27 17:16 - 2013-09-27 17:11 - 131918888 _____ C:\Users\Manh hao\Downloads\avast_free_antivirus_setup_8.0.1497.376.exe
2013-09-27 17:02 - 2013-09-27 17:02 - 00000000 ____D C:\ProgramData\SummerSoft
2013-09-27 17:00 - 2013-09-27 17:00 - 00309200 _____ (SummerSoft) C:\Users\Manh hao\Downloads\Grand Theft Auto V PC Game [Full Beta GTA 5].exe
2013-09-27 17:00 - 2013-09-27 17:00 - 00309200 _____ (SummerSoft) C:\Users\Manh hao\Downloads\Grand Theft Auto V PC Game [Full Beta GTA 5] (1).exe
2013-09-27 17:00 - 2013-09-27 17:00 - 00093442 _____ C:\Users\Manh hao\Downloads\GTAV-Downloader.rar
2013-09-27 16:40 - 2013-04-02 20:53 - 00000000 ____D C:\ProgramData\Skype
2013-09-27 16:39 - 2013-04-02 20:53 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-26 18:59 - 2013-04-20 12:16 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-26 18:02 - 2013-09-26 18:01 - 00000000 ____D C:\Users\Papa\AppData\Local\Smartbar
2013-09-26 18:01 - 2013-09-26 17:56 - 00000000 ____D C:\Users\Papa\AppData\Local\DownloadGuide
2013-09-26 17:55 - 2013-09-26 17:55 - 00000000 ____D C:\Users\Papa\AppData\Local\Software Updater
2013-09-26 01:46 - 2013-02-08 21:41 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Files to move or delete:
====================
C:\Users\Papa\dxtssmpj.exe


Some content of TEMP:
====================
C:\Users\Mama\AppData\Local\Temp\evoa2s1h.dll
C:\Users\Mama\AppData\Local\Temp\iwpyvtjskus.exe
C:\Users\Mama\AppData\Local\Temp\xiqrf1w1.dll
C:\Users\Manh hao\AppData\Local\Temp\10438uninstall.exe
C:\Users\Manh hao\AppData\Local\Temp\1372.exe
C:\Users\Manh hao\AppData\Local\Temp\67906.exe
C:\Users\Manh hao\AppData\Local\Temp\7kbnrc4w.dll
C:\Users\Manh hao\AppData\Local\Temp\7z920.exe
C:\Users\Manh hao\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Manh hao\AppData\Local\Temp\BackupSetup.exe
C:\Users\Manh hao\AppData\Local\Temp\bdcam64_0.dll
C:\Users\Manh hao\AppData\Local\Temp\bdfilters.dll
C:\Users\Manh hao\AppData\Local\Temp\bitool.dll
C:\Users\Manh hao\AppData\Local\Temp\bzsbkotiula.exe
C:\Users\Manh hao\AppData\Local\Temp\chatzum_softonic_yahoo_62_v5.exe
C:\Users\Manh hao\AppData\Local\Temp\CheatEngine62Clean.exe
C:\Users\Manh hao\AppData\Local\Temp\DeltaTB.exe
C:\Users\Manh hao\AppData\Local\Temp\dp.exe
C:\Users\Manh hao\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Manh hao\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Manh hao\AppData\Local\Temp\e-y6xh5v.dll
C:\Users\Manh hao\AppData\Local\Temp\htmlayout.dll
C:\Users\Manh hao\AppData\Local\Temp\i4jdel0.exe
C:\Users\Manh hao\AppData\Local\Temp\i4jdel1.exe
C:\Users\Manh hao\AppData\Local\Temp\i4jdel2.exe
C:\Users\Manh hao\AppData\Local\Temp\i4jdel3.exe
C:\Users\Manh hao\AppData\Local\Temp\i4jdel4.exe
C:\Users\Manh hao\AppData\Local\Temp\Install_Nokia_Ovi_Suite.exe
C:\Users\Manh hao\AppData\Local\Temp\jansi-32-git-Bukkit-1.6.2-R1.0-9-g9cd35ee-b2908jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-25-g7b6d10e-b2657jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-59-ge869277-b2700jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-94-g141dcf0-b2735jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-b2624jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.1-R0.1-1-gea5a7e4-b2736jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.1-R0.2-11-g8205884-b2765jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R0.1-1-g53734d2-b2772jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R0.1-1-g53734d2-b2774jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R0.1-b2771jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-MCPC-Plus-jenkins-MCPC-Plus-473.dll
C:\Users\Manh hao\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Manh hao\AppData\Local\Temp\LyricsPal.exe
C:\Users\Manh hao\AppData\Local\Temp\lyricstmp.exe
C:\Users\Manh hao\AppData\Local\Temp\m25xxpxf.dll
C:\Users\Manh hao\AppData\Local\Temp\MixiDJToolbar.exe
C:\Users\Manh hao\AppData\Local\Temp\MoviesToolbarSetup_Somoto_9_10_2013.exe
C:\Users\Manh hao\AppData\Local\Temp\o8x5jt68.dll
C:\Users\Manh hao\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Manh hao\AppData\Local\Temp\PAYSAFEGENERATOR.EXE
C:\Users\Manh hao\AppData\Local\Temp\pricepeep_130001_0101.exe
C:\Users\Manh hao\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Manh hao\AppData\Local\Temp\setup.exe
C:\Users\Manh hao\AppData\Local\Temp\SharedReg.exe
C:\Users\Manh hao\AppData\Local\Temp\SingAlong.exe
C:\Users\Manh hao\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Manh hao\AppData\Local\Temp\SmartbarExeInstaller.exe
C:\Users\Manh hao\AppData\Local\Temp\sngalng.exe
C:\Users\Manh hao\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Manh hao\AppData\Local\Temp\Sqlite3.dll
C:\Users\Manh hao\AppData\Local\Temp\toolbar137379285.exe
C:\Users\Manh hao\AppData\Local\Temp\toolbar137390330.exe
C:\Users\Manh hao\AppData\Local\Temp\ttpbkmqmhvm.exe
C:\Users\Manh hao\AppData\Local\Temp\uninst1.exe
C:\Users\Manh hao\AppData\Local\Temp\uninstall3697894.exe
C:\Users\Manh hao\AppData\Local\Temp\uninstall3703448.exe
C:\Users\Manh hao\AppData\Local\Temp\uninstall3703494.exe
C:\Users\Manh hao\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Manh hao\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Manh hao\AppData\Local\Temp\xsytzjapeaj.exe
C:\Users\Papa\AppData\Local\Temp\57156.exe
C:\Users\Papa\AppData\Local\Temp\BJKGMOF.exe
C:\Users\Papa\AppData\Local\Temp\bzsdulhzkch.exe
C:\Users\Papa\AppData\Local\Temp\cnfhtpwsjmh.exe
C:\Users\Papa\AppData\Local\Temp\cptkjxnuxbt.exe
C:\Users\Papa\AppData\Local\Temp\csdpffjeyjy.exe
C:\Users\Papa\AppData\Local\Temp\ctdimlhzezr.exe
C:\Users\Papa\AppData\Local\Temp\ctfblhvctji.exe
C:\Users\Papa\AppData\Local\Temp\cvmsepobvok.exe
C:\Users\Papa\AppData\Local\Temp\cxyqoyqvqwq.exe
C:\Users\Papa\AppData\Local\Temp\enjfvdawxpk.exe
C:\Users\Papa\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Papa\AppData\Local\Temp\iuznffnsdub.exe
C:\Users\Papa\AppData\Local\Temp\iuznffnsdug.exe
C:\Users\Papa\AppData\Local\Temp\jbuxhfvxpxo.exe
C:\Users\Papa\AppData\Local\Temp\jotuklefxbt.exe
C:\Users\Papa\AppData\Local\Temp\ljldzlhqotx.exe
C:\Users\Papa\AppData\Local\Temp\lvznxufvyrl.exe
C:\Users\Papa\AppData\Local\Temp\mfvphbwdgzo.exe
C:\Users\Papa\AppData\Local\Temp\muxzocbrrua.exe
C:\Users\Papa\AppData\Local\Temp\nxwfplvctfj.exe
C:\Users\Papa\AppData\Local\Temp\okskjzljpfo.exe
C:\Users\Papa\AppData\Local\Temp\qepxaflllfr.exe
C:\Users\Papa\AppData\Local\Temp\rixxynpxdab.exe
C:\Users\Papa\AppData\Local\Temp\rzsbkotdpan.exe
C:\Users\Papa\AppData\Local\Temp\tb3tla4g.dll
C:\Users\Papa\AppData\Local\Temp\ttdasndkxac.exe
C:\Users\Papa\AppData\Local\Temp\txgitbsxvez.exe
C:\Users\Papa\AppData\Local\Temp\vzdlfrkbhfo.exe
C:\Users\Papa\AppData\Local\Temp\wpfpdngkdui.exe
C:\Users\Papa\AppData\Local\Temp\xhytzbvrnxo.exe
C:\Users\Papa\AppData\Local\Temp\xinapqlnlip.exe
C:\Users\Papa\AppData\Local\Temp\zpeqkotiuag.exe
C:\Users\Papa\AppData\Local\Temp\zvdtfaamggf.exe
C:\Users\Selina\AppData\Local\Temp\AAMHelper.exe
C:\Users\Selina\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Selina\AppData\Local\Temp\bitool.dll
C:\Users\Selina\AppData\Local\Temp\gtqadjqbeai.exe
C:\Users\Selina\AppData\Local\Temp\i4jdel0.exe
C:\Users\Selina\AppData\Local\Temp\i4jdel1.exe
C:\Users\Selina\AppData\Local\Temp\i4jdel2.exe
C:\Users\Selina\AppData\Local\Temp\i4jdel3.exe
C:\Users\Selina\AppData\Local\Temp\i4jdel4.exe
C:\Users\Selina\AppData\Local\Temp\iuznffnsdro.exe
C:\Users\Selina\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R0.1-b2771jnks.dll
C:\Users\Selina\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R1.0-18-ga8c0dc1-b2808jnks.dll
C:\Users\Selina\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R1.0-3-g9532cb6-b2887jnks.dll
C:\Users\Selina\AppData\Local\Temp\jansi-64-git-MCPC-Plus-jenkins-MCPC-Plus-564.dll
C:\Users\Selina\AppData\Local\Temp\rbvhynpxdtb.exe
C:\Users\Selina\AppData\Local\Temp\riaicxgpxzl.exe
C:\Users\Selina\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Selina\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Selina\AppData\Local\Temp\?odec Performer803975.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 22:04

==================== End Of Log ============================
         
--- --- ---

--- --- ---
__________________

Alt 26.10.2013, 11:47   #4
Manhhao
 
Google youtube Facebook gesperrt - Standard

Google youtube Facebook gesperrt




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2013
Ran by Manh hao (administrator) on MANHHAO-PC on 26-10-2013 12:41:01
Running from C:\Users\Manh hao\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corp.) C:\Users\Manh hao\Documents\MSDCSC\msdcsc.exe
(Company) C:\Users\Manh hao\AppData\Roaming\Mining\Mining.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Take-Two Interactive Software, Inc.) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\1_0_0_0\RGSC.exe
() C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe
(Smartbar) C:\Users\Manh hao\AppData\Local\Smartbar\Application\QuickShare.exe
(BitTorrent Inc.) C:\Users\Manh hao\AppData\Roaming\uTorrent\uTorrent.exe
(TeamSpeak Systems GmbH) C:\Users\Manh hao\AppData\Roaming\Mining\coin-miner.exe
() C:\Users\Manh hao\AppData\Local\Temp\SharedReg.exe
() C:\Users\Manh hao\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
(Microsoft Corporation) C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Templates\bootres.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Users\Manh hao\Downloads\FRST64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-16] (Google Inc.)
HKCU\...\Run: [RGSC] - C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [Olympus DSS] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKCU\...\Run: [MicroUpdate] - C:\Users\Manh hao\Documents\MSDCSC\msdcsc.exe [380928 2013-01-27] (Microsoft Corp.)
HKCU\...\Run: [Boot Resource Library] - C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Templates\bootres.exe [14848 2013-09-28] (Microsoft Corporation)
HKCU\...\Run: [Startup] - C:\Users\Manh hao\AppData\Roaming\Mining\Mining.exe [10823 2013-05-12] (Company)
HKCU\...\Run: [8cd98f00b] - C:\Users\Manh hao\AppData\Roaming\8cd98f00b.exe [673792 2013-05-16] (lzoxcQYv)
HKCU\...\Run: [iFunBoxConnector] - C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe [812544 2012-11-20] ()
HKCU\...\Run: [锂劊瞌섥ቾ鄁阢簢滟Ქ裫ꡗ⪒聫뷇╆货箠쉕泞痿独ꁸॅ㠲魹朐뾇ⓒ㫊ꅗ龤隨큝⢴ᒊ⃽쉎騂ᖱ痔ꑺꄮ㟊籲◞ꏚ�䝉䐓梽椫ꙣ⧱⛾쨺꧅啜�⯕⇤] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKCU\...\Run: [SSync] - C:\Users\Manh hao\AppData\Roaming\SSync\SSync.exe [36864 2013-04-10] ()
HKCU\...\Run: [ᩳ欷嗃굻ށ勊ਠ靖摤周䯘⤽쥵ぐ怮쐧筐녃堧䈛隥쥍锞煩룆ᔡ뉒㻬쒅胰䋩α瘄ࠣ惝䴘�ⶴ虽ꢨி敼쁫骻萒㳁劢꿨姍Їᷧ끸ﳅ҄] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKCU\...\Run: [DataMgr] - C:\Users\Manh hao\AppData\Roaming\DataMgr\DataMgr.exe [168848 2013-05-20] (HTTO Group, Ltd.)
HKCU\...\Run: [Browser Infrastructure Helper] - C:\Users\Manh hao\AppData\Local\Smartbar\Application\QuickShare.exe [20248 2013-09-14] (Smartbar)
HKCU\...\Run: [uTorrent] - C:\Users\Manh hao\AppData\Roaming\uTorrent\uTorrent.exe [1052496 2013-02-16] (BitTorrent Inc.)
HKCU\...\Run: [Ƃ诱焱齲ꯜ瀹�姲釛ᢜ豹윾꽕┻퇩찍ﰢἭ뵍恂뺣׬쨌詪╳᳷袿⼗﬇릚蟸ᇡ㎷ථ쀕萁⸦࠳栚ꠄἋ설�慉랼啕祝鵣偪睼ੋ떥獔] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKCU\...\Run: [SCheck] - C:\Users\Manh hao\AppData\Roaming\SCheck\SCheck.exe [36864 2013-04-10] ()
HKCU\...\Run: [Snoozer] - C:\Users\Manh hao\AppData\Roaming\Snz\Snz.exe [1226844 2013-10-11] ()
HKCU\...\Run: [Intermediate] - C:\Users\Manh hao\AppData\Roaming\Intermediate\Intermediate.exe [36864 2013-04-10] ()
HKCU\...\Run: [OMESupervisor] - C:\Users\Manh hao\AppData\Local\omesuperv.exe [2220366 2013-10-11] ()
HKCU\...\Run: [λ嶣䞨㐩࠻亰蝿ꂔঋ㩃햨镸ﳩꭅ葚瑫篈䴌㥬蓴ィ恄尶뙺ꫧ͐챚쩍㲤饱ⶪ�萪컾剳䯶ᒫ鲢欻ﳨ츷햱爅ꡔˣⅇ윐溡삯튮쓑䛩ᮟ듓㴣﷐챣⸪] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKCU\...\Run: [Ꮺꄡ獏僯夏㵛�踲ᓈ愥ॼ�톃칔듌Ⴤ벝ﺧ駋웝閯҄ﭜ鎆৫�㘈顖礰⹯ቤ꒛�ꩣ瘣௟뭩�㥲�흶晗漢낔鐁ﹿ옉죭襝변䉌㠡嚻㹶䍅沔] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKCU\...\Run: [AppsHat] - C:\Users\Manh hao\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [202752 2012-10-26] ()
HKCU\...\Policies\Explorer: [TaskbarNoNotification] 1
HKCU\...\Policies\Explorer: [HideSCAHealth] 1
MountPoints2: {4a95f31e-7825-11e2-8457-8120fbc7507b} - E:\Autorun.exe
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345312 2013-03-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Olympus DSS] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2236816 2013-06-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2345296 2013-10-01] (LogMeIn Inc.)
HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2011-11-29] (CyberLink Corp.)
HKU\Mama\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-16] (Google Inc.)
HKU\Mama\...\Run: [Olympus DSS] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKU\Mama\...\Run: [Startup] - C:\Users\Mama\AppData\Roaming\Mining\mineamillion.exe [93302 2013-04-28] (Cattlescotch)
HKU\Mama\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
HKU\Mama\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\Mama\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
HKU\Papa\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-16] (Google Inc.)
HKU\Papa\...\Run: [IDMan] - C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
HKU\Papa\...\Run: [Olympus DSS] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKU\Papa\...\Run: [贾樮摛䋋ꇺ멊䣫䢻��鄞涅ꭠ簃偠瘏烕Ȣ윟Փ䧖㴎魫됬ᓻ䜷όꗎ賵␑嬍ᡜ㰉뢽ू⛎덩鬴⨬稢官茏�ꦺ쉺蝶뒄�ꊒꟂ⅛ை䯄뜻裸撬謹ᖆ㠯҃嘰] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKU\Papa\...\Run: [] - C:\Users\Papa\AppData\Roaming\\Loader.exe [15360 2013-07-12] ()
HKU\Papa\...\Run: [�蠀꥜ႅ䲇憏㬚ꢛ㻲萪떶㸧༱ﺧඣ筗ꢒ䁉䯕筣싽ḥ�㛈嶝덖㺤먫旔葊罯솫�ꨪلᇀƣ�禙ㅋ猌嘌㔤ᓲ懣ᡡ砟㎘�㌶뀕妕⤞痗뙐] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKU\Papa\...\Run: [Browser Infrastructure Helper] - C:\Users\Papa\AppData\Local\Smartbar\Application\Smartbar.exe [13824 2013-02-20] (Smartbar)
HKU\Papa\...\Run: [쩥蟐䊜☟⑿㥭椇ꄜ뮨⅌ാ떵㎡脇碘빣瑓喺뤹鴐ꉶᧇ䬿튵㧗⏗泸⦧嫮쩥꿊㺛ࣇאָ琥㓇倉쏻㹊寂戨䑵ꛨ레㫃嗵磕泮㤿멠⬈跉蹅鶖迴뷗鈐ḇ] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKU\Papa\...\Run: [iFunBoxConnector] - C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe [812544 2012-11-20] ()
HKU\Selina\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-16] (Google Inc.)
HKU\Selina\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\Selina\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272624 2013-02-05] (Microsoft Corporation)
HKU\Selina\...\Run: [Protection Agent] - C:\ProgramData\Protection Enforcement Module0\ntibcpsaq.exe [1117494 2013-09-10] (ICERAMBOY)
HKU\Selina\...\Run: [Olympus DSS] - C:\ProgramData\AppleDev0\rzsbkotiu.exe [596992 2013-04-26] (Elite Bypassers)
HKU\Selina\...\Run: [iFunBoxConnector] - C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe [812544 2012-11-20] ()
HKU\Selina\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
AppInit_DLLs:     [0 ] ()
AppInit_DLLs-x32:   c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll  [2704352 2013-10-08] ()
IMEO\bitguard.exe: [Debugger] tasklist.exe
IMEO\bprotect.exe: [Debugger] tasklist.exe
IMEO\browserdefender.exe: [Debugger] tasklist.exe
IMEO\browserprotect.exe: [Debugger] tasklist.exe
IMEO\hijackthis.exe: [Debugger] _.exe
IMEO\housecalllauncher.exe: [Debugger] fxdd_.exe
IMEO\mbam.exe: [Debugger] doj_.exe
IMEO\mbamgui.exe: [Debugger] nkdas_.exe
IMEO\rstrui.exe: [Debugger] _.exe
IMEO\spybotsd.exe: [Debugger] uurst_.exe
Startup: C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\blueincarnations.vbs ()
Startup: C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\blueincarnations.vbs ()
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe.lnk
ShortcutTarget: Adobe.lnk -> C:\Users\Manh hao\AppData\Roaming\data\Adobe.vbs (No File)
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Buefairy.vbs ()
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Deferneder.vbs ()
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Searchindexer.exe ()
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Svchost.exe.lnk
ShortcutTarget: Svchost.exe.lnk -> C:\Users\Manh hao\AppData\Local\Temp\RarSFX32\Svchost.exe (No File)
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Usbport.exe ()
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Usbsupply.exe ()
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\windowsdll.exe.lnk
ShortcutTarget: windowsdll.exe.lnk -> C:\Users\Manh hao\AppData\Local\Temp\RarSFX32\windowsdll.exe (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=5cf79b0f-85c8-4c40-b01b-f818a3069e20&searchtype=ds&q={searchTerms}&installDate=24/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=5cf79b0f-85c8-4c40-b01b-f818a3069e20&searchtype=hp&installDate=24/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x01554D8E2A06CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=42820&st=home&tid=3347
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=42820&tid=3347&st=bs&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=5cf79b0f-85c8-4c40-b01b-f818a3069e20&searchtype=ds&q={searchTerms}&installDate=24/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=F8A600FF33C882A8&affID=122304&tt=180613_ndt1&tsp=4921
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=tugumsd&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyEtCzytB0D0FtB0AtC0BtN0D0Tzu0CyDtCtDtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=1742042479&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=42820&tid=3347&st=bs&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.pur-esult.info/?pid=726&r=2013/09/27&hid=2090508738147741377&lg=EN&cc=DE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=42820&tid=3347&st=bs&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=42820&st=home&tid=3347
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=42820&tid=3347&st=bs&q=
URLSearchHook: HKCU - (No Name) - {539F76FD-084E-4858-86D5-62F02F54AE86} -  No File
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tugumsd&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyEtCzytB0D0FtB0AtC0BtN0D0Tzu0CyDtCtDtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=1742042479&ir=
SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://search.certified-toolbar.com?si=42820&st=bs&tid=3347&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tugumsd&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyEtCzytB0D0FtB0AtC0BtN0D0Tzu0CyDtCtDtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=1742042479&ir=
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.pur-esult.info/?l=1&q={searchTerms}&pid=726&r=2013/09/27&hid=2090508738147741377&lg=EN&cc=DE
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=5cf79b0f-85c8-4c40-b01b-f818a3069e20&searchtype=ds&q={searchTerms}&installDate=24/09/2013
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=F8A600FF33C882A8&affID=122304&tt=180613_ndt1&tsp=4921
SearchScopes: HKCU - {6015E471-9846-49D0-90F9-2CF4FFA91393} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=135c18b1-1241-48c5-996d-6d1b5593e4e0&apn_sauid=368B5388-3ED0-4C2F-9E8D-FF194D686682
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://searchqm.com/search.php?channel=sfde203fbdgy21&q={searchTerms}
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.pur-esult.info/?l=1&q={searchTerms}&pid=726&r=2013/09/27&hid=2090508738147741377&lg=EN&cc=DE
BHO: TubeBoxEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: TubeBoxEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: qualitink - {73ad5d47-66e5-4127-80ca-c0eedabafbcc} - C:\Program Files (x86)\qualitink\qualitinkbho.dll (qualitink)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files (x86)\Minibar\Minibar.dll (KangoExtensions)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - TubeBox - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - TubeBox - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default
FF user.js: detected! => C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\user.js
FF NewTab: hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=5cf79b0f-85c8-4c40-b01b-f818a3069e20&searchtype=nt&installDate=24/09/2013
FF DefaultSearchEngine: WebSearch
FF SearchEngineOrder.1: Delta Search
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=5cf79b0f-85c8-4c40-b01b-f818a3069e20&searchtype=hp&installDate=24/09/2013
FF Keyword.URL: hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=5cf79b0f-85c8-4c40-b01b-f818a3069e20&searchtype=ds&installDate=24/09/2013&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.15.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Program Files (x86)\Roblox\Versions\version-1ff4978f36a64477\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF SearchPlugin: C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Douwnload kEiEpeer - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\ipbi_nhyq@msjoooe.org
FF Extension: SeAirch-eNewTabe - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\tgeeckzpc@r-wm.net
FF Extension: QuickShare Widget - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\{5cf79b0f-85c8-4c40-b01b-f818a3069e20}
FF Extension: Apps Hat - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
FF Extension: MySearchDial - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
FF Extension: firefox-hotfix - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\firefox-hotfix@mozilla.org.xpi
FF Extension: firefox - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\firefox@qualitink.net.xpi
FF Extension: om - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\om@offermosquito.com.xpi
FF Extension: noscript - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions
FF Extension: No Name - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins
FF Extension: movie2kdownloader - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi
FF Extension: No Name - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\profiles\extensions\prefs.bck
FF Extension: No Name - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\profiles\extensions\prefs.js
FF Extension: No Name - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\profiles\extensions\search.sqlite
FF Extension: No Name - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\profiles\extensions\user.js
FF Extension: No Name - C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\profiles\extensions\user.js.orig
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U15) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
CHR Plugin: (Roblox Launcher Plugin) - C:\Program Files (x86)\Roblox\Versions\version-1ff4978f36a64477\\NPRobloxProxy.dll ( ROBLOX Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.150.3) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (SeAirch-eNewTabe) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakpdaeljcpejdepmiibkcoamggkpnko\1.0
CHR Extension: (QuickShare Widget) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0
CHR Extension: (Google Docs) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Movie2kDownloader) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf\1.0_0
CHR Extension: (YouTube) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Douwnload kEiEpeer) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdoebkhkmgkfdjjdpjlecjogdfcaopni\1.6
CHR Extension: (OfferMosquito) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk\0.8_0
CHR Extension: (qualitink) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljkcijnbckdflhifmbnfnkjacokloacf\1.0.0_0
CHR Extension: (Awesome New Tab Page\u2122) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg\2013.432.10_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (MySearchDial __MSG_newtab__) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.1.1_0
CHR Extension: (Gmail) - C:\Users\MANHHA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\MANHHA~1\AppData\Local\mysearchdial.crx
CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Program Files (x86)\Movie2KDownloader.com\Movie2KDownloader10.crx
CHR HKLM-x32\...\Chrome\Extension: [ljkcijnbckdflhifmbnfnkjacokloacf] - C:\Program Files (x86)\qualitink\ljkcijnbckdflhifmbnfnkjacokloacf.crx
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\MANHHA~1\AppData\Local\mysearchdial.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752 2013-03-30] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816 2013-03-30] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [565472 2013-03-30] (Avira Operations GmbH & Co. KG)
S2 BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [3032032 2013-10-08] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [296448 2013-04-30] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-16] (DT Soft Ltd)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-03] (Anchorfree Inc.)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-26 12:40 - 2013-10-26 12:40 - 00000000 ____D C:\FRST
2013-10-26 12:39 - 2013-10-26 12:39 - 01956086 _____ (Farbar) C:\Users\Manh hao\Desktop\FRST64.exe
2013-10-26 10:40 - 2013-10-26 10:43 - 00000088 _____ C:\Windows\SysWOW64\12877889519160193173.log
2013-10-26 10:14 - 2013-10-26 10:14 - 00000000 ____D C:\Users\Manh hao\Documents\Optimizer Pro
2013-10-26 10:10 - 2013-10-26 10:10 - 02321335 _____ C:\Users\Manh hao\Downloads\MineCraft Cracker (2).zip
2013-10-26 10:10 - 2013-10-26 10:10 - 02321335 _____ C:\Users\Manh hao\Downloads\MineCraft Cracker (1).zip
2013-10-26 10:09 - 2013-10-26 10:09 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2013-10-26 10:09 - 2013-10-26 10:09 - 00000000 ____D C:\Users\Manh hao\AppData\Local\WebPlayer
2013-10-26 10:09 - 2013-10-26 10:09 - 00000000 ____D C:\Users\Manh hao\AppData\Local\Minibar
2013-10-26 10:09 - 2013-10-26 10:09 - 00000000 ____D C:\Program Files (x86)\Minibar
2013-10-26 10:08 - 2013-10-26 10:08 - 00003264 _____ C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
2013-10-26 10:08 - 2013-10-26 10:08 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
2013-10-26 10:08 - 2013-10-26 10:08 - 00000000 ____D C:\Users\Manh hao\AppData\Local\FilesFrog Update Checker
2013-10-26 10:07 - 2013-10-26 10:07 - 00167304 _____ () C:\Users\Manh hao\Downloads\7Zip-adJLNAZ.exe
2013-10-26 09:58 - 2013-10-26 10:01 - 00000000 ____D C:\Users\Manh hao\Documents\Neuer Ordner
2013-10-26 09:58 - 2013-10-26 09:58 - 00000099 _____ C:\Users\Manh hao\Downloads\MOL_Properties.properties
2013-10-26 09:57 - 2013-10-26 09:58 - 00473416 _____ C:\Users\Manh hao\Downloads\MC_Open_Launcher.jar
2013-10-26 09:47 - 2013-10-26 09:47 - 00251361 _____ C:\Users\Manh hao\Downloads\Mineshafter-launcher (2).jar
2013-10-24 11:33 - 2013-10-24 11:35 - 00000000 ____D C:\Users\Manh hao\Desktop\Minecraft BUKKIT Server! - by MinecraftBukkit
2013-10-24 11:31 - 2013-10-24 11:32 - 17802634 _____ C:\Users\Manh hao\Downloads\Minecraft BUKKIT Server! - by MinecraftBukkit.rar
2013-10-24 11:29 - 2013-10-24 11:30 - 21075419 _____ C:\Users\Manh hao\Downloads\FutureSpawnPoint-Scb v.1.2.2.zip
2013-10-24 11:28 - 2013-10-24 11:27 - 05840896 _____ C:\Users\Manh hao\Desktop\Hamachi220.msi
2013-10-24 11:27 - 2013-10-24 11:27 - 05840896 _____ C:\Users\Manh hao\Downloads\Hamachi220.msi
2013-10-23 18:27 - 2013-10-23 18:28 - 06542715 _____ C:\Users\Manh hao\Downloads\minecraft_server.1.6.4.exe
2013-10-22 22:21 - 2013-10-22 22:21 - 00319736 _____ C:\Users\Papa\Downloads\Setup.exe
2013-10-22 21:57 - 2013-10-22 21:57 - 00000000 ____D C:\Users\Papa\AppData\Roaming\iFunbox_UserCache
2013-10-22 21:51 - 2013-10-22 22:01 - 92587046 _____ C:\Users\Papa\Desktop\Bilder.zip
2013-10-22 21:50 - 2013-10-22 22:00 - 00000000 ____D C:\Users\Papa\Desktop\Bilder
2013-10-22 20:48 - 2013-10-22 20:48 - 00000000 ____D C:\Users\Selina\Documents\Youcam
2013-10-22 20:48 - 2013-10-22 20:48 - 00000000 ____D C:\Users\Selina\AppData\Local\CyberLink
2013-10-21 22:15 - 2013-10-21 22:15 - 00002305 _____ C:\Users\Papa\Desktop\Chrome-App-Übersicht.lnk
2013-10-21 22:15 - 2013-10-21 22:15 - 00000000 ____D C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-21 20:27 - 2013-10-24 13:03 - 944711399 _____ C:\Users\Manh hao\Desktop\GTA+San+Andreas+by+TheSaazZzzz.zip
2013-10-21 18:19 - 2013-10-21 18:19 - 00421267 _____ C:\Users\Manh hao\Downloads\OptiFine 1.6.4.jar
2013-10-21 18:19 - 2013-10-21 18:19 - 00421267 _____ C:\Users\Manh hao\Desktop\OptiFine 1.6.4.jar
2013-10-21 18:15 - 2013-10-26 09:48 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\.minecraft
2013-10-21 18:15 - 2013-10-21 18:15 - 00251361 _____ C:\Users\Manh hao\Downloads\Mineshafter-launcher (1).jar
2013-10-21 18:05 - 2013-10-21 18:05 - 57190400 _____ C:\Users\Manh hao\Downloads\Nicht bestätigt 135859.crdownload
2013-10-21 17:40 - 2013-10-22 09:22 - 00007453 _____ C:\Users\Manh hao\Desktop\WDI_0.9_Log.log
2013-10-21 17:40 - 2013-10-21 17:40 - 00003144 _____ C:\Windows\System32\Tasks\{7D26D12B-2002-4532-B085-E1E262033DFF}
2013-10-21 17:39 - 2013-10-21 17:38 - 15914540 _____ (Montoyo Systems, vInc.) C:\Users\Manh hao\Desktop\WDI_0.9.exe
2013-10-21 17:38 - 2013-10-21 17:38 - 02204394 _____ C:\Users\Manh hao\Downloads\minecraftforge-installer-1.6.4-9.11.0.883.jar
2013-10-21 17:38 - 2013-10-21 17:38 - 02204394 _____ C:\Users\Manh hao\Desktop\minecraftforge-installer-1.6.4-9.11.0.883.jar
2013-10-21 17:37 - 2013-10-21 17:38 - 15914540 _____ (Montoyo Systems, vInc.) C:\Users\Manh hao\Downloads\WDI_0.9.exe
2013-10-21 10:09 - 2013-10-21 10:55 - 268542572 _____ C:\Users\Manh hao\Downloads\Pokemon.Y.3DS-CONTRAST.part4.rar
2013-10-21 09:30 - 2013-10-21 09:30 - 00000000 ____D C:\Users\Manh hao\AppData\Local\Cool_Mirage
2013-10-21 09:29 - 2013-10-21 09:29 - 00000000 ____D C:\Program Files (x86)\qualitink
2013-10-21 09:28 - 2013-10-21 09:28 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1clickmoviedownloader.com
2013-10-21 09:27 - 2013-10-21 09:29 - 65328340 _____ C:\Users\Manh hao\Downloads\Pokemon.Y.3DS-CONTRAST.7z.crdownload
2013-10-21 09:27 - 2013-10-21 09:27 - 00299280 _____ C:\Users\Manh hao\Downloads\3DS0451.part3.exe
2013-10-21 09:13 - 2013-10-21 09:13 - 00167304 _____ () C:\Users\Manh hao\Downloads\7ZipSetup-9wlIA2X.exe
2013-10-21 09:06 - 2013-10-21 09:36 - 00000000 ____D C:\Users\Manh hao\Desktop\desmume-0.9.9-win64
2013-10-21 09:04 - 2013-10-21 09:05 - 01691723 _____ C:\Users\Manh hao\Downloads\desmume-0.9.9-win64.zip
2013-10-19 23:02 - 2013-10-19 23:02 - 00000000 ____D C:\Users\Papa\AppData\Roaming\OpenOffice
2013-10-19 22:08 - 2013-10-19 22:13 - 114264027 _____ C:\Users\Manh hao\Downloads\Pokemon+X+++3DS+Emu.rar
2013-10-19 19:57 - 2013-10-19 19:57 - 05250247 _____ C:\Users\Manh hao\Downloads\Pokemon FireRed.zip
2013-10-19 19:55 - 2013-10-19 19:57 - 00000000 ____D C:\Users\Manh hao\Desktop\PokeMMO-Client
2013-10-19 19:54 - 2013-10-19 19:54 - 09775413 _____ C:\Users\Manh hao\Downloads\PokeMMO-Client.zip
2013-10-19 18:35 - 2013-10-19 18:35 - 00003584 _____ C:\Users\Manh hao\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-19 18:35 - 2013-10-19 18:35 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Solveig Multimedia
2013-10-19 18:15 - 2013-10-19 18:15 - 00000000 ____D C:\Users\Manh hao\Documents\HyperCam3
2013-10-19 18:14 - 2013-10-19 18:14 - 00000068 _____ C:\Users\Manh hao\Downloads\SMM_HyperCam.hc3lic
2013-10-19 18:11 - 2013-10-19 18:11 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\HyperCam
2013-10-19 10:00 - 2013-10-19 21:48 - 00012333 _____ C:\Users\Manh hao\Desktop\Steckbrief von Manh hao1.odt
2013-10-19 09:49 - 2013-10-19 09:49 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2013-10-19 09:49 - 2013-10-19 09:49 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\OpenOffice
2013-10-19 09:47 - 2013-10-19 09:47 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-10-19 09:32 - 2013-10-19 09:32 - 00010476 _____ C:\Users\Manh hao\Downloads\Steckbrief von Manh Hao1.odt
2013-10-19 09:28 - 2013-10-19 09:28 - 00614816 _____ C:\Users\Manh hao\Downloads\OpenOffice - CHIP-Downloader.exe
2013-10-19 09:24 - 2013-10-05 20:06 - 01818624 _____ C:\Users\Manh hao\Desktop\update - Kopie.img
2013-10-19 09:24 - 2013-10-05 11:23 - 02153194 _____ C:\Users\Manh hao\Desktop\minecraftforge-installer-1.6.2-9.10.0.799 - Kopie.jar
2013-10-19 09:24 - 2013-09-20 19:37 - 00038083 _____ C:\Users\Manh hao\Desktop\com.dnddream.headsoccer - Kopie.plist
2013-10-18 17:10 - 2013-10-18 17:10 - 00001569 _____ C:\Users\Manh hao\Desktop\Pokémon Trading Card Game Online.lnk
2013-10-18 17:07 - 2013-10-18 17:10 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Trading Card Game Online
2013-10-18 17:07 - 2013-10-18 17:07 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Pokémon Trading Card Game Online
2013-10-18 16:46 - 2013-10-18 16:56 - 264747520 _____ C:\Users\Manh hao\Downloads\PokemonInstaller.msi
2013-10-18 15:11 - 2013-10-18 15:11 - 01251840 _____ C:\Users\Manh hao\Downloads\Minecraft Gift Code Generator 2013.exe
2013-10-18 15:10 - 2013-10-18 15:11 - 10501695 _____ C:\Users\Manh hao\Downloads\GTA 5 Free Download (June 2013).rar
2013-10-18 15:04 - 2013-10-18 15:04 - 02935637 _____ C:\Users\Manh hao\Downloads\GTA5Generator.rar
2013-10-18 15:00 - 2013-10-18 15:01 - 05180936 _____ C:\Users\Manh hao\Downloads\PS3 Emulator 1.9.4.rar
2013-10-18 14:57 - 2013-10-18 14:57 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Snz
2013-10-17 22:38 - 2013-10-17 22:38 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-14 22:04 - 2013-10-26 12:36 - 00003120 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-10-12 21:56 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-12 21:56 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-12 21:56 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-12 21:56 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-12 21:56 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-12 21:56 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-12 21:56 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-12 21:56 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-12 21:56 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-12 21:56 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-12 21:56 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-12 21:56 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-12 21:31 - 2013-09-04 14:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-12 21:31 - 2013-09-04 14:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-12 21:31 - 2013-09-04 14:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-12 21:31 - 2013-09-04 14:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-12 21:31 - 2013-09-04 14:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-12 21:31 - 2013-09-04 14:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-12 21:31 - 2013-09-04 14:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-12 21:17 - 2013-10-12 21:24 - 00000000 ____D C:\Windows\system32\MRT
2013-10-12 18:53 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-10-12 18:53 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-10-12 18:53 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-10-12 18:53 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-10-12 18:53 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-10-12 18:53 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-10-12 18:53 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-10-12 18:53 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-10-12 18:53 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-12 18:53 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-12 18:53 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-10-12 18:53 - 2013-02-27 07:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-10-12 18:53 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-10-12 18:53 - 2013-02-27 06:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-10-12 18:52 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-10-12 18:52 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-10-12 18:52 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-12 18:52 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-12 18:52 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-12 18:52 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-12 18:52 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-12 18:52 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-12 18:52 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-12 18:52 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-12 18:52 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-12 18:51 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-12 18:51 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-12 18:51 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-12 18:51 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-10-12 18:51 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-12 18:51 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-10-12 18:51 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-10-12 18:51 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-10-12 18:51 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-10-12 18:51 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-12 18:51 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-12 18:51 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-12 18:51 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-10-12 18:51 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-10-12 18:51 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-10-12 18:51 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-10-12 18:51 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-12 18:51 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-12 18:51 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-12 18:51 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-12 18:51 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-10-12 18:51 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-10-12 18:51 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-10-12 18:51 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-10-12 18:51 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-10-12 18:51 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-12 18:51 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-12 18:51 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-12 18:51 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-10-12 18:51 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-10-12 18:51 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-12 18:51 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-12 18:51 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-12 18:51 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-10-12 18:51 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-12 18:51 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-10-12 18:51 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-10-12 18:50 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-10-12 18:50 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-10-12 18:50 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-10-12 18:50 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-12 18:50 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-12 18:50 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-12 18:50 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-10-12 18:50 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-10-12 18:50 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-10-12 18:50 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-10-12 18:50 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-10-12 18:50 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-10-12 18:49 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-12 18:49 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-10-12 18:49 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-10-12 18:46 - 2013-10-12 18:46 - 00009309 _____ C:\Users\Manh hao\Downloads\test.rar
2013-10-12 18:43 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-10-12 18:43 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-10-12 18:35 - 2013-10-12 18:37 - 30738633 _____ C:\Users\Manh hao\Downloads\1348396423_GTAIVPlanePack.rar
2013-10-12 09:55 - 2013-10-12 09:55 - 00001803 _____ C:\Users\Manh hao\Desktop\LaunchGTAIV - Verknüpfung.lnk
2013-10-11 10:04 - 2013-10-11 10:04 - 02220366 _____ C:\Users\Manh hao\AppData\Local\omesuperv.exe
2013-10-08 18:17 - 2013-10-08 18:17 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-08 17:31 - 2013-10-08 17:31 - 00248860 _____ C:\Users\Manh hao\Downloads\HandlingChanger_v2.zip
2013-10-08 17:30 - 2013-10-08 17:30 - 00613129 _____ C:\Users\Manh hao\Downloads\1.zip
2013-10-08 17:28 - 2013-10-08 17:28 - 00058183 _____ C:\Users\Manh hao\Downloads\sobeit-file-modding.zip
2013-10-08 17:27 - 2013-10-08 17:27 - 00006924 _____ C:\Users\Manh hao\Downloads\files.txt
2013-10-08 17:27 - 2013-10-08 17:27 - 00003295 _____ C:\Users\Manh hao\Downloads\magicpatcher.zip
2013-10-08 17:25 - 2013-10-08 17:25 - 00022981 _____ C:\Users\Manh hao\Downloads\GTAIVModdingUnlockerGamerX5500.zip
2013-10-08 05:32 - 2013-10-08 05:32 - 01394176 _____ C:\Users\Papa\Downloads\Siegen-Kurzexpose.ppt
2013-10-07 22:10 - 2013-10-25 14:39 - 00000000 ____D C:\Users\Papa\Documents\Youcam
2013-10-07 22:09 - 2013-10-07 22:09 - 00000000 ____D C:\Users\Papa\AppData\Local\CyberLink
2013-10-07 17:46 - 2010-06-02 00:29 - 00783931 _____ C:\Users\Manh hao\Desktop\SparkIV EFLC 0.6.6.zip
2013-10-07 17:46 - 2010-05-28 07:34 - 00001602 _____ C:\Users\Manh hao\Desktop\Readme.txt
2013-10-07 17:46 - 2010-05-28 07:32 - 00187392 _____ (Aru) C:\Users\Manh hao\Desktop\SparkIV.exe
2013-10-07 17:46 - 2010-05-28 07:32 - 00151040 _____ C:\Users\Manh hao\Desktop\SparkIV.pdb
2013-10-07 17:46 - 2010-05-28 07:32 - 00014848 _____ (Microsoft Corporation) C:\Users\Manh hao\Desktop\SparkIV.vshost.exe
2013-10-07 17:46 - 2010-04-16 18:16 - 00001344 _____ C:\Users\Manh hao\Desktop\SparkIV.Config.xml
2013-10-07 17:45 - 2013-10-07 17:45 - 01540953 _____ C:\Users\Manh hao\Downloads\SparkIV 0.6.6 (1).zip
2013-10-07 17:45 - 2013-10-07 17:45 - 01540953 _____ C:\Users\Manh hao\Desktop\SparkIV 0.6.6 (1).zip
2013-10-06 17:33 - 2013-10-06 17:33 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2013-10-06 14:19 - 2013-10-06 14:19 - 02816072 _____ (LionSea SoftWare                                            ) C:\Users\Manh hao\Downloads\setup.exe
2013-10-06 14:16 - 2013-10-06 14:16 - 01109896 _____ (Sony Corporation                                            ) C:\Users\Manh hao\Downloads\RIDCAM-01158806-UN.exe
2013-10-06 14:16 - 2013-10-06 14:16 - 00001308 _____ C:\Windows\DPINST.LOG
2013-10-06 14:13 - 2013-10-06 14:13 - 00947767 _____ (DriverIdentifier                                            ) C:\Users\Manh hao\Downloads\driveridentifier_setup.exe
2013-10-06 14:03 - 2013-10-06 14:03 - 00000000 ____D C:\Users\Manh hao\Documents\Avatar
2013-10-06 14:03 - 2013-10-06 14:03 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\CyberLink
2013-10-06 14:02 - 2013-10-26 09:43 - 00000000 ____D C:\Users\Manh hao\Documents\Youcam
2013-10-06 14:02 - 2013-10-21 09:57 - 00000000 ____D C:\ProgramData\CyberLink
2013-10-06 14:02 - 2013-10-06 14:02 - 00000000 ____D C:\Users\Manh hao\AppData\Local\CyberLink
2013-10-06 14:01 - 2013-10-06 14:01 - 00001359 _____ C:\Users\Public\Desktop\CyberLink YouCam 5.lnk
2013-10-06 14:01 - 2011-04-14 05:47 - 00031216 _____ (CyberLink Corporation) C:\Windows\system32\Drivers\clwvd.sys
2013-10-06 13:59 - 2013-10-06 14:01 - 00000000 ____D C:\Program Files (x86)\CyberLink
2013-10-06 13:57 - 2013-10-06 13:57 - 00000000 ____D C:\ProgramData\install_clap
2013-10-06 13:50 - 2013-10-06 13:55 - 17216854 _____ C:\Users\Manh hao\Downloads\CyberLink-Youcam-crack-ful-serial-Keys.rar
2013-10-06 13:48 - 2013-10-06 13:49 - 00000000 ____D C:\Users\Manh hao\Downloads\CyberLink YouCam 5 Deluxe v5.0.1129 [ADHDerby]
2013-10-06 09:59 - 2013-10-06 09:59 - 00003356 _____ C:\Users\Papa\Downloads\Sascha_Schuetz.vcf
2013-10-06 09:59 - 2013-10-06 09:59 - 00003001 _____ C:\Users\Papa\Downloads\Gabor_Fejer (1).vcf
2013-10-06 09:58 - 2013-10-06 09:58 - 00003588 _____ C:\Users\Papa\Downloads\Michael_Hofstetter.vcf
2013-10-06 09:58 - 2013-10-06 09:58 - 00003001 _____ C:\Users\Papa\Downloads\Gabor_Fejer.vcf
2013-10-05 21:18 - 2013-10-05 21:18 - 01540953 _____ C:\Users\Manh hao\Downloads\SparkIV 0.6.6.zip
2013-10-05 21:17 - 2013-10-05 21:17 - 00117057 _____ C:\Users\Manh hao\Downloads\1376727517_Thug Life Clothing.rar
2013-10-05 20:06 - 2013-10-05 20:06 - 01818624 _____ C:\Users\Manh hao\Downloads\update.img
2013-10-05 19:59 - 2013-10-05 20:00 - 16048132 _____ C:\Users\Selina\Downloads\Gta 5 Downloader.rar
2013-10-05 19:58 - 2013-10-05 19:59 - 16682251 _____ C:\Users\Selina\Downloads\XBOX 360 Emulator for PC & GTA5.zip
2013-10-05 11:25 - 2013-10-05 11:23 - 02153194 _____ C:\Users\Manh hao\Desktop\minecraftforge-installer-1.6.2-9.10.0.799.jar
2013-10-05 11:23 - 2013-10-05 11:23 - 02153194 _____ C:\Users\Manh hao\Downloads\minecraftforge-installer-1.6.2-9.10.0.799.jar
2013-10-05 11:22 - 2013-10-05 11:26 - 84734859 _____ C:\Users\Manh hao\Downloads\Pixelmon 2.3.1 install.zip
2013-10-05 10:29 - 2013-10-05 10:29 - 00000000 ____D C:\Users\Manh hao\AppData\Local\LogMeIn
2013-10-04 18:02 - 2013-10-04 18:02 - 00000000 ____D C:\Users\Selina\Desktop\Minecraft Bukkit Server 1.6.4
2013-10-04 17:59 - 2013-10-04 18:01 - 61749197 _____ C:\Users\Selina\Desktop\Minecraft Bukkit Server 1.6.4.zip
2013-10-04 14:49 - 2013-10-04 14:49 - 00000000 ____D C:\Users\Selina\AppData\Local\LogMeIn
2013-10-03 22:45 - 2013-10-03 22:45 - 01394688 _____ C:\Users\Papa\Downloads\120911-Olpe-Kurzexpose-Nagelstudio.ppt
2013-10-03 04:09 - 2013-10-03 04:09 - 00000000 ____D C:\Users\Papa\AppData\Local\LogMeIn
2013-10-03 04:09 - 2013-10-03 04:09 - 00000000 ____D C:\ProgramData\LogMeIn
2013-10-02 22:45 - 2013-10-02 22:45 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-10-02 20:02 - 2013-10-02 20:02 - 536870912 _____ C:\Users\Papa\Downloads\pkms2.nds
2013-09-28 16:45 - 2013-09-28 16:45 - 00004121 _____ C:\Users\Selina\Downloads\mccapes_extra_164a_20130921_1116.zip
2013-09-28 09:38 - 2013-09-28 09:38 - 00004121 _____ C:\Users\Manh hao\Downloads\mccapes_extra_164a_20130921_1116 (1).zip
2013-09-28 09:36 - 2013-09-28 09:36 - 00004121 _____ C:\Users\Manh hao\Downloads\mccapes_extra_164a_20130921_1116.zip
2013-09-27 19:31 - 2013-09-27 19:31 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-09-27 19:26 - 2013-09-27 19:26 - 00000000 ____D C:\Users\Selina\Documents\samsung
2013-09-27 19:26 - 2013-09-27 19:26 - 00000000 ____D C:\Users\Selina\AppData\Roaming\Samsung
2013-09-27 19:26 - 2013-09-27 19:26 - 00000000 ____D C:\Users\Selina\AppData\Local\Samsung
2013-09-27 17:24 - 2013-09-27 17:24 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-27 17:24 - 2013-08-30 09:47 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-09-27 17:22 - 2013-09-27 17:22 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-27 17:21 - 2013-09-28 16:29 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-27 17:11 - 2013-09-27 17:16 - 131918888 _____ C:\Users\Manh hao\Downloads\avast_free_antivirus_setup_8.0.1497.376.exe
2013-09-27 17:02 - 2013-10-26 12:32 - 00000000 ____D C:\ProgramData\SeAirch-eNewTabe
2013-09-27 17:02 - 2013-10-26 12:32 - 00000000 ____D C:\ProgramData\Douwnload kEiEpeer
2013-09-27 17:02 - 2013-09-27 17:02 - 00000000 ____D C:\ProgramData\SummerSoft
2013-09-27 17:00 - 2013-10-21 10:11 - 00000000 ____D C:\ProgramData\InstallMate
2013-09-27 17:00 - 2013-09-27 17:00 - 00309200 _____ (SummerSoft) C:\Users\Manh hao\Downloads\Grand Theft Auto V PC Game [Full Beta GTA 5].exe
2013-09-27 17:00 - 2013-09-27 17:00 - 00309200 _____ (SummerSoft) C:\Users\Manh hao\Downloads\Grand Theft Auto V PC Game [Full Beta GTA 5] (1).exe
2013-09-27 17:00 - 2013-09-27 17:00 - 00093442 _____ C:\Users\Manh hao\Downloads\GTAV-Downloader.rar
2013-09-26 18:01 - 2013-09-26 18:02 - 00000000 ____D C:\Users\Papa\AppData\Local\Smartbar
2013-09-26 17:56 - 2013-09-26 18:01 - 00000000 ____D C:\Users\Papa\AppData\Local\DownloadGuide
2013-09-26 17:55 - 2013-09-26 17:55 - 00000000 ____D C:\Users\Papa\AppData\Local\Software Updater

==================== One Month Modified Files and Folders =======

2013-10-26 12:41 - 2009-07-14 06:45 - 00021648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-26 12:41 - 2009-07-14 06:45 - 00021648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-26 12:40 - 2013-10-26 12:40 - 00000000 ____D C:\FRST
2013-10-26 12:40 - 2013-02-08 20:35 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-26 12:39 - 2013-10-26 12:39 - 01956086 _____ (Farbar) C:\Users\Manh hao\Desktop\FRST64.exe
2013-10-26 12:39 - 2013-02-16 14:48 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\uTorrent
2013-10-26 12:37 - 2013-04-20 12:18 - 00004190 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-10-26 12:36 - 2013-10-14 22:04 - 00003120 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-10-26 12:36 - 2013-04-20 12:17 - 00004208 _____ C:\Windows\System32\Tasks\Software Updater
2013-10-26 12:33 - 2013-02-16 12:52 - 00000000 ____D C:\Users\Manh hao\AppData\Local\LogMeIn Hamachi
2013-10-26 12:33 - 2013-02-08 20:35 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-26 12:32 - 2013-09-27 17:02 - 00000000 ____D C:\ProgramData\SeAirch-eNewTabe
2013-10-26 12:32 - 2013-09-27 17:02 - 00000000 ____D C:\ProgramData\Douwnload kEiEpeer
2013-10-26 12:32 - 2010-11-21 05:47 - 00028286 _____ C:\Windows\PFRO.log
2013-10-26 12:32 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-26 12:32 - 2009-07-14 06:51 - 00016593 _____ C:\Windows\setupact.log
2013-10-26 11:26 - 2013-06-22 11:04 - 00000390 _____ C:\Windows\Tasks\update-S-1-5-21-2823766941-1517505164-3398274235-1005.job
2013-10-26 11:08 - 2013-04-02 20:53 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Skype
2013-10-26 10:44 - 2013-04-20 12:18 - 00000000 ____D C:\Program Files (x86)\Protected Search
2013-10-26 10:43 - 2013-10-26 10:40 - 00000088 _____ C:\Windows\SysWOW64\12877889519160193173.log
2013-10-26 10:40 - 2013-06-09 15:35 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\FBDownloader
2013-10-26 10:39 - 2013-06-22 11:03 - 00000394 _____ C:\Windows\Tasks\update-sys.job
2013-10-26 10:38 - 2013-07-06 10:33 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2823766941-1517505164-3398274235-1005UA.job
2013-10-26 10:38 - 2013-07-06 10:33 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2823766941-1517505164-3398274235-1005Core.job
2013-10-26 10:14 - 2013-10-26 10:14 - 00000000 ____D C:\Users\Manh hao\Documents\Optimizer Pro
2013-10-26 10:10 - 2013-10-26 10:10 - 02321335 _____ C:\Users\Manh hao\Downloads\MineCraft Cracker (2).zip
2013-10-26 10:10 - 2013-10-26 10:10 - 02321335 _____ C:\Users\Manh hao\Downloads\MineCraft Cracker (1).zip
2013-10-26 10:09 - 2013-10-26 10:09 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2013-10-26 10:09 - 2013-10-26 10:09 - 00000000 ____D C:\Users\Manh hao\AppData\Local\WebPlayer
2013-10-26 10:09 - 2013-10-26 10:09 - 00000000 ____D C:\Users\Manh hao\AppData\Local\Minibar
2013-10-26 10:09 - 2013-10-26 10:09 - 00000000 ____D C:\Program Files (x86)\Minibar
2013-10-26 10:09 - 2013-02-06 18:28 - 00000000 ____D C:\Users\Manh hao
2013-10-26 10:08 - 2013-10-26 10:08 - 00003264 _____ C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
2013-10-26 10:08 - 2013-10-26 10:08 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
2013-10-26 10:08 - 2013-10-26 10:08 - 00000000 ____D C:\Users\Manh hao\AppData\Local\FilesFrog Update Checker
2013-10-26 10:07 - 2013-10-26 10:07 - 00167304 _____ () C:\Users\Manh hao\Downloads\7Zip-adJLNAZ.exe
2013-10-26 10:01 - 2013-10-26 09:58 - 00000000 ____D C:\Users\Manh hao\Documents\Neuer Ordner
2013-10-26 09:58 - 2013-10-26 09:58 - 00000099 _____ C:\Users\Manh hao\Downloads\MOL_Properties.properties
2013-10-26 09:58 - 2013-10-26 09:57 - 00473416 _____ C:\Users\Manh hao\Downloads\MC_Open_Launcher.jar
2013-10-26 09:48 - 2013-10-21 18:15 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\.minecraft
2013-10-26 09:47 - 2013-10-26 09:47 - 00251361 _____ C:\Users\Manh hao\Downloads\Mineshafter-launcher (2).jar
2013-10-26 09:43 - 2013-10-06 14:02 - 00000000 ____D C:\Users\Manh hao\Documents\Youcam
2013-10-25 15:01 - 2013-05-17 18:32 - 00000282 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-10-25 14:46 - 2013-03-24 21:38 - 00000000 ____D C:\Users\Papa\AppData\Local\Adobe
2013-10-25 14:39 - 2013-10-07 22:10 - 00000000 ____D C:\Users\Papa\Documents\Youcam
2013-10-25 14:38 - 2013-07-31 22:59 - 00000000 ____D C:\Users\Papa\AppData\Roaming\data
2013-10-25 14:37 - 2013-03-02 21:07 - 00000000 ____D C:\Users\Papa\AppData\Local\LogMeIn Hamachi
2013-10-24 18:23 - 2013-02-06 18:00 - 01155516 _____ C:\Windows\WindowsUpdate.log
2013-10-24 13:03 - 2013-10-21 20:27 - 944711399 _____ C:\Users\Manh hao\Desktop\GTA+San+Andreas+by+TheSaazZzzz.zip
2013-10-24 11:35 - 2013-10-24 11:33 - 00000000 ____D C:\Users\Manh hao\Desktop\Minecraft BUKKIT Server! - by MinecraftBukkit
2013-10-24 11:32 - 2013-10-24 11:31 - 17802634 _____ C:\Users\Manh hao\Downloads\Minecraft BUKKIT Server! - by MinecraftBukkit.rar
2013-10-24 11:30 - 2013-10-24 11:29 - 21075419 _____ C:\Users\Manh hao\Downloads\FutureSpawnPoint-Scb v.1.2.2.zip
2013-10-24 11:27 - 2013-10-24 11:28 - 05840896 _____ C:\Users\Manh hao\Desktop\Hamachi220.msi
2013-10-24 11:27 - 2013-10-24 11:27 - 05840896 _____ C:\Users\Manh hao\Downloads\Hamachi220.msi
2013-10-23 21:24 - 2013-04-13 17:29 - 00000000 ____D C:\Users\Manh hao\Desktop\Gta IV
2013-10-23 18:32 - 2013-05-17 18:32 - 00000290 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-10-23 18:28 - 2013-10-23 18:27 - 06542715 _____ C:\Users\Manh hao\Downloads\minecraft_server.1.6.4.exe
2013-10-23 14:43 - 2013-03-21 19:41 - 00000000 ____D C:\Users\Papa\AppData\Local\DoNotTrackPlus
2013-10-22 22:39 - 2013-04-23 16:41 - 00000000 ____D C:\Users\Papa\AppData\Local\Mozilla
2013-10-22 22:21 - 2013-10-22 22:21 - 00319736 _____ C:\Users\Papa\Downloads\Setup.exe
2013-10-22 22:01 - 2013-10-22 21:51 - 92587046 _____ C:\Users\Papa\Desktop\Bilder.zip
2013-10-22 22:00 - 2013-10-22 21:50 - 00000000 ____D C:\Users\Papa\Desktop\Bilder
2013-10-22 21:57 - 2013-10-22 21:57 - 00000000 ____D C:\Users\Papa\AppData\Roaming\iFunbox_UserCache
2013-10-22 20:50 - 2013-08-30 13:59 - 00000000 ____D C:\ProgramData\IObit
2013-10-22 20:48 - 2013-10-22 20:48 - 00000000 ____D C:\Users\Selina\Documents\Youcam
2013-10-22 20:48 - 2013-10-22 20:48 - 00000000 ____D C:\Users\Selina\AppData\Local\CyberLink
2013-10-22 20:47 - 2013-07-06 11:18 - 00000000 ____D C:\Users\Selina\Tracing
2013-10-22 20:46 - 2013-06-08 08:48 - 00000000 ____D C:\Users\Selina\AppData\Local\Adobe
2013-10-22 20:46 - 2013-03-02 21:04 - 00000000 ____D C:\Users\Selina\AppData\Local\LogMeIn Hamachi
2013-10-22 09:22 - 2013-10-21 17:40 - 00007453 _____ C:\Users\Manh hao\Desktop\WDI_0.9_Log.log
2013-10-21 22:15 - 2013-10-21 22:15 - 00002305 _____ C:\Users\Papa\Desktop\Chrome-App-Übersicht.lnk
2013-10-21 22:15 - 2013-10-21 22:15 - 00000000 ____D C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-21 18:19 - 2013-10-21 18:19 - 00421267 _____ C:\Users\Manh hao\Downloads\OptiFine 1.6.4.jar
2013-10-21 18:19 - 2013-10-21 18:19 - 00421267 _____ C:\Users\Manh hao\Desktop\OptiFine 1.6.4.jar
2013-10-21 18:15 - 2013-10-21 18:15 - 00251361 _____ C:\Users\Manh hao\Downloads\Mineshafter-launcher (1).jar
2013-10-21 18:05 - 2013-10-21 18:05 - 57190400 _____ C:\Users\Manh hao\Downloads\Nicht bestätigt 135859.crdownload
2013-10-21 17:40 - 2013-10-21 17:40 - 00003144 _____ C:\Windows\System32\Tasks\{7D26D12B-2002-4532-B085-E1E262033DFF}
2013-10-21 17:38 - 2013-10-21 17:39 - 15914540 _____ (Montoyo Systems, vInc.) C:\Users\Manh hao\Desktop\WDI_0.9.exe
2013-10-21 17:38 - 2013-10-21 17:38 - 02204394 _____ C:\Users\Manh hao\Downloads\minecraftforge-installer-1.6.4-9.11.0.883.jar
2013-10-21 17:38 - 2013-10-21 17:38 - 02204394 _____ C:\Users\Manh hao\Desktop\minecraftforge-installer-1.6.4-9.11.0.883.jar
2013-10-21 17:38 - 2013-10-21 17:37 - 15914540 _____ (Montoyo Systems, vInc.) C:\Users\Manh hao\Downloads\WDI_0.9.exe
2013-10-21 11:49 - 2013-03-02 21:04 - 00065072 _____ C:\Users\Selina\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-21 10:55 - 2013-10-21 10:09 - 268542572 _____ C:\Users\Manh hao\Downloads\Pokemon.Y.3DS-CONTRAST.part4.rar
2013-10-21 10:11 - 2013-09-27 17:00 - 00000000 ____D C:\ProgramData\InstallMate
2013-10-21 09:57 - 2013-10-06 14:02 - 00000000 ____D C:\ProgramData\CyberLink
2013-10-21 09:36 - 2013-10-21 09:06 - 00000000 ____D C:\Users\Manh hao\Desktop\desmume-0.9.9-win64
2013-10-21 09:30 - 2013-10-21 09:30 - 00000000 ____D C:\Users\Manh hao\AppData\Local\Cool_Mirage
2013-10-21 09:29 - 2013-10-21 09:29 - 00000000 ____D C:\Program Files (x86)\qualitink
2013-10-21 09:29 - 2013-10-21 09:27 - 65328340 _____ C:\Users\Manh hao\Downloads\Pokemon.Y.3DS-CONTRAST.7z.crdownload
2013-10-21 09:28 - 2013-10-21 09:28 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1clickmoviedownloader.com
2013-10-21 09:27 - 2013-10-21 09:27 - 00299280 _____ C:\Users\Manh hao\Downloads\3DS0451.part3.exe
2013-10-21 09:13 - 2013-10-21 09:13 - 00167304 _____ () C:\Users\Manh hao\Downloads\7ZipSetup-9wlIA2X.exe
2013-10-21 09:05 - 2013-10-21 09:04 - 01691723 _____ C:\Users\Manh hao\Downloads\desmume-0.9.9-win64.zip
2013-10-19 23:02 - 2013-10-19 23:02 - 00000000 ____D C:\Users\Papa\AppData\Roaming\OpenOffice
2013-10-19 22:59 - 2013-03-02 21:07 - 00065072 _____ C:\Users\Papa\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-19 22:13 - 2013-10-19 22:08 - 114264027 _____ C:\Users\Manh hao\Downloads\Pokemon+X+++3DS+Emu.rar
2013-10-19 21:48 - 2013-10-19 10:00 - 00012333 _____ C:\Users\Manh hao\Desktop\Steckbrief von Manh hao1.odt
2013-10-19 19:57 - 2013-10-19 19:57 - 05250247 _____ C:\Users\Manh hao\Downloads\Pokemon FireRed.zip
2013-10-19 19:57 - 2013-10-19 19:55 - 00000000 ____D C:\Users\Manh hao\Desktop\PokeMMO-Client
2013-10-19 19:54 - 2013-10-19 19:54 - 09775413 _____ C:\Users\Manh hao\Downloads\PokeMMO-Client.zip
2013-10-19 18:35 - 2013-10-19 18:35 - 00003584 _____ C:\Users\Manh hao\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-19 18:35 - 2013-10-19 18:35 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Solveig Multimedia
2013-10-19 18:15 - 2013-10-19 18:15 - 00000000 ____D C:\Users\Manh hao\Documents\HyperCam3
2013-10-19 18:14 - 2013-10-19 18:14 - 00000068 _____ C:\Users\Manh hao\Downloads\SMM_HyperCam.hc3lic
2013-10-19 18:11 - 2013-10-19 18:11 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\HyperCam
2013-10-19 18:08 - 2013-03-16 19:46 - 00000000 ____D C:\Users\Manh hao\AppData\Local\Windows Live
2013-10-19 18:06 - 2013-05-24 19:26 - 00000000 ____D C:\Users\Manh hao\AppData\Local\Adobe
2013-10-19 18:04 - 2013-02-08 20:34 - 00065072 _____ C:\Users\Manh hao\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-19 18:03 - 2009-07-14 06:45 - 00298984 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-19 09:49 - 2013-10-19 09:49 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2013-10-19 09:49 - 2013-10-19 09:49 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\OpenOffice
2013-10-19 09:47 - 2013-10-19 09:47 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-10-19 09:32 - 2013-10-19 09:32 - 00010476 _____ C:\Users\Manh hao\Downloads\Steckbrief von Manh Hao1.odt
2013-10-19 09:28 - 2013-10-19 09:28 - 00614816 _____ C:\Users\Manh hao\Downloads\OpenOffice - CHIP-Downloader.exe
2013-10-18 20:19 - 2013-03-02 21:03 - 00000000 ___RD C:\Users\Selina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-18 20:19 - 2013-03-02 21:03 - 00000000 ___RD C:\Users\Selina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-18 17:10 - 2013-10-18 17:10 - 00001569 _____ C:\Users\Manh hao\Desktop\Pokémon Trading Card Game Online.lnk
2013-10-18 17:10 - 2013-10-18 17:07 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Trading Card Game Online
2013-10-18 17:07 - 2013-10-18 17:07 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Pokémon Trading Card Game Online
2013-10-18 16:56 - 2013-10-18 16:46 - 264747520 _____ C:\Users\Manh hao\Downloads\PokemonInstaller.msi
2013-10-18 16:38 - 2013-04-23 16:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-18 15:11 - 2013-10-18 15:11 - 01251840 _____ C:\Users\Manh hao\Downloads\Minecraft Gift Code Generator 2013.exe
2013-10-18 15:11 - 2013-10-18 15:10 - 10501695 _____ C:\Users\Manh hao\Downloads\GTA 5 Free Download (June 2013).rar
2013-10-18 15:05 - 2013-04-23 16:31 - 00000000 ____D C:\Users\Manh hao\AppData\Local\Mozilla
2013-10-18 15:04 - 2013-10-18 15:04 - 02935637 _____ C:\Users\Manh hao\Downloads\GTA5Generator.rar
2013-10-18 15:01 - 2013-10-18 15:00 - 05180936 _____ C:\Users\Manh hao\Downloads\PS3 Emulator 1.9.4.rar
2013-10-18 14:59 - 2013-05-31 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-18 14:58 - 2013-06-09 15:35 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Intermediate
2013-10-18 14:57 - 2013-10-18 14:57 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Snz
2013-10-18 14:57 - 2013-06-09 15:35 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\SCheck
2013-10-18 14:55 - 2013-02-06 18:29 - 00000000 ___RD C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-18 14:55 - 2013-02-06 18:29 - 00000000 ___RD C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-17 22:42 - 2013-08-31 21:58 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-17 22:38 - 2013-10-17 22:38 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 22:38 - 2013-03-10 18:13 - 00001931 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-12 23:26 - 2013-03-03 00:37 - 00000000 ____D C:\Users\Papa\AppData\Local\Google
2013-10-12 23:23 - 2013-03-02 21:07 - 00000000 ___RD C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-12 23:23 - 2013-03-02 21:07 - 00000000 ___RD C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-12 23:18 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-10-12 23:18 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-10-12 23:17 - 2011-04-12 09:55 - 00000000 ____D C:\Program Files\Windows Journal
2013-10-12 22:10 - 2013-05-12 19:33 - 01591234 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-12 22:10 - 2011-04-12 09:43 - 00697082 _____ C:\Windows\system32\perfh007.dat
2013-10-12 22:10 - 2011-04-12 09:43 - 00148346 _____ C:\Windows\system32\perfc007.dat
2013-10-12 22:10 - 2009-07-14 07:13 - 01591234 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-12 21:24 - 2013-10-12 21:17 - 00000000 ____D C:\Windows\system32\MRT
2013-10-12 18:59 - 2013-03-16 19:51 - 00166611 _____ C:\Windows\DirectX.log
2013-10-12 18:46 - 2013-10-12 18:46 - 00009309 _____ C:\Users\Manh hao\Downloads\test.rar
2013-10-12 18:37 - 2013-10-12 18:35 - 30738633 _____ C:\Users\Manh hao\Downloads\1348396423_GTAIVPlanePack.rar
2013-10-12 09:55 - 2013-10-12 09:55 - 00001803 _____ C:\Users\Manh hao\Desktop\LaunchGTAIV - Verknüpfung.lnk
2013-10-11 10:04 - 2013-10-11 10:04 - 02220366 _____ C:\Users\Manh hao\AppData\Local\omesuperv.exe
2013-10-10 21:52 - 2013-06-22 11:04 - 00003290 _____ C:\Windows\System32\Tasks\update-sys
2013-10-08 21:43 - 2013-09-13 16:56 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-08 18:17 - 2013-10-08 18:17 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-08 17:31 - 2013-10-08 17:31 - 00248860 _____ C:\Users\Manh hao\Downloads\HandlingChanger_v2.zip
2013-10-08 17:30 - 2013-10-08 17:30 - 00613129 _____ C:\Users\Manh hao\Downloads\1.zip
2013-10-08 17:28 - 2013-10-08 17:28 - 00058183 _____ C:\Users\Manh hao\Downloads\sobeit-file-modding.zip
2013-10-08 17:27 - 2013-10-08 17:27 - 00006924 _____ C:\Users\Manh hao\Downloads\files.txt
2013-10-08 17:27 - 2013-10-08 17:27 - 00003295 _____ C:\Users\Manh hao\Downloads\magicpatcher.zip
2013-10-08 17:25 - 2013-10-08 17:25 - 00022981 _____ C:\Users\Manh hao\Downloads\GTAIVModdingUnlockerGamerX5500.zip
2013-10-08 05:35 - 2013-02-08 20:35 - 00004110 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-08 05:35 - 2013-02-08 20:35 - 00003858 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-08 05:32 - 2013-10-08 05:32 - 01394176 _____ C:\Users\Papa\Downloads\Siegen-Kurzexpose.ppt
2013-10-07 22:09 - 2013-10-07 22:09 - 00000000 ____D C:\Users\Papa\AppData\Local\CyberLink
2013-10-07 17:45 - 2013-10-07 17:45 - 01540953 _____ C:\Users\Manh hao\Downloads\SparkIV 0.6.6 (1).zip
2013-10-07 17:45 - 2013-10-07 17:45 - 01540953 _____ C:\Users\Manh hao\Desktop\SparkIV 0.6.6 (1).zip
2013-10-06 17:33 - 2013-10-06 17:33 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2013-10-06 14:19 - 2013-10-06 14:19 - 02816072 _____ (LionSea SoftWare                                            ) C:\Users\Manh hao\Downloads\setup.exe
2013-10-06 14:16 - 2013-10-06 14:16 - 01109896 _____ (Sony Corporation                                            ) C:\Users\Manh hao\Downloads\RIDCAM-01158806-UN.exe
2013-10-06 14:16 - 2013-10-06 14:16 - 00001308 _____ C:\Windows\DPINST.LOG
2013-10-06 14:13 - 2013-10-06 14:13 - 00947767 _____ (DriverIdentifier                                            ) C:\Users\Manh hao\Downloads\driveridentifier_setup.exe
2013-10-06 14:03 - 2013-10-06 14:03 - 00000000 ____D C:\Users\Manh hao\Documents\Avatar
2013-10-06 14:03 - 2013-10-06 14:03 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\CyberLink
2013-10-06 14:02 - 2013-10-06 14:02 - 00000000 ____D C:\Users\Manh hao\AppData\Local\CyberLink
2013-10-06 14:01 - 2013-10-06 14:01 - 00001359 _____ C:\Users\Public\Desktop\CyberLink YouCam 5.lnk
2013-10-06 14:01 - 2013-10-06 13:59 - 00000000 ____D C:\Program Files (x86)\CyberLink
2013-10-06 13:57 - 2013-10-06 13:57 - 00000000 ____D C:\ProgramData\install_clap
2013-10-06 13:57 - 2013-02-08 20:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-06 13:55 - 2013-10-06 13:50 - 17216854 _____ C:\Users\Manh hao\Downloads\CyberLink-Youcam-crack-ful-serial-Keys.rar
2013-10-06 13:49 - 2013-10-06 13:48 - 00000000 ____D C:\Users\Manh hao\Downloads\CyberLink YouCam 5 Deluxe v5.0.1129 [ADHDerby]
2013-10-06 09:59 - 2013-10-06 09:59 - 00003356 _____ C:\Users\Papa\Downloads\Sascha_Schuetz.vcf
2013-10-06 09:59 - 2013-10-06 09:59 - 00003001 _____ C:\Users\Papa\Downloads\Gabor_Fejer (1).vcf
2013-10-06 09:58 - 2013-10-06 09:58 - 00003588 _____ C:\Users\Papa\Downloads\Michael_Hofstetter.vcf
2013-10-06 09:58 - 2013-10-06 09:58 - 00003001 _____ C:\Users\Papa\Downloads\Gabor_Fejer.vcf
2013-10-05 21:18 - 2013-10-05 21:18 - 01540953 _____ C:\Users\Manh hao\Downloads\SparkIV 0.6.6.zip
2013-10-05 21:17 - 2013-10-05 21:17 - 00117057 _____ C:\Users\Manh hao\Downloads\1376727517_Thug Life Clothing.rar
2013-10-05 20:07 - 2013-02-16 15:44 - 00000000 ____D C:\Users\Manh hao\AppData\Roaming\DAEMON Tools Lite
2013-10-05 20:06 - 2013-10-19 09:24 - 01818624 _____ C:\Users\Manh hao\Desktop\update - Kopie.img
2013-10-05 20:06 - 2013-10-05 20:06 - 01818624 _____ C:\Users\Manh hao\Downloads\update.img
2013-10-05 20:00 - 2013-10-05 19:59 - 16048132 _____ C:\Users\Selina\Downloads\Gta 5 Downloader.rar
2013-10-05 19:59 - 2013-10-05 19:58 - 16682251 _____ C:\Users\Selina\Downloads\XBOX 360 Emulator for PC & GTA5.zip
2013-10-05 11:26 - 2013-10-05 11:22 - 84734859 _____ C:\Users\Manh hao\Downloads\Pixelmon 2.3.1 install.zip
2013-10-05 11:23 - 2013-10-19 09:24 - 02153194 _____ C:\Users\Manh hao\Desktop\minecraftforge-installer-1.6.2-9.10.0.799 - Kopie.jar
2013-10-05 11:23 - 2013-10-05 11:25 - 02153194 _____ C:\Users\Manh hao\Desktop\minecraftforge-installer-1.6.2-9.10.0.799.jar
2013-10-05 11:23 - 2013-10-05 11:23 - 02153194 _____ C:\Users\Manh hao\Downloads\minecraftforge-installer-1.6.2-9.10.0.799.jar
2013-10-05 10:29 - 2013-10-05 10:29 - 00000000 ____D C:\Users\Manh hao\AppData\Local\LogMeIn
2013-10-04 18:54 - 2013-06-08 09:21 - 00000000 ____D C:\Users\Selina\AppData\Roaming\Skype
2013-10-04 18:49 - 2013-08-31 13:36 - 00000000 ____D C:\Users\Selina\AppData\Roaming\.minecraft
2013-10-04 18:02 - 2013-10-04 18:02 - 00000000 ____D C:\Users\Selina\Desktop\Minecraft Bukkit Server 1.6.4
2013-10-04 18:01 - 2013-10-04 17:59 - 61749197 _____ C:\Users\Selina\Desktop\Minecraft Bukkit Server 1.6.4.zip
2013-10-04 14:49 - 2013-10-04 14:49 - 00000000 ____D C:\Users\Selina\AppData\Local\LogMeIn
2013-10-03 22:45 - 2013-10-03 22:45 - 01394688 _____ C:\Users\Papa\Downloads\120911-Olpe-Kurzexpose-Nagelstudio.ppt
2013-10-03 04:09 - 2013-10-03 04:09 - 00000000 ____D C:\Users\Papa\AppData\Local\LogMeIn
2013-10-03 04:09 - 2013-10-03 04:09 - 00000000 ____D C:\ProgramData\LogMeIn
2013-10-02 22:46 - 2013-02-16 12:51 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-10-02 22:45 - 2013-10-02 22:45 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-10-02 20:31 - 2013-09-20 19:38 - 00000000 ____D C:\Users\Selina\AppData\Roaming\iFunbox_UserCache
2013-10-02 20:02 - 2013-10-02 20:02 - 536870912 _____ C:\Users\Papa\Downloads\pkms2.nds
2013-09-28 23:23 - 2013-03-02 21:07 - 00000000 ____D C:\Users\Papa\AppData\Local\VirtualStore
2013-09-28 18:32 - 2013-07-20 10:16 - 00352768 _____ C:\Users\Selina\Desktop\Minecraft.exe
2013-09-28 18:01 - 2013-06-22 20:08 - 00000000 ____D C:\Users\Selina\AppData\Roaming\TS3Client
2013-09-28 16:45 - 2013-09-28 16:45 - 00004121 _____ C:\Users\Selina\Downloads\mccapes_extra_164a_20130921_1116.zip
2013-09-28 16:29 - 2013-09-27 17:21 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-28 09:38 - 2013-09-28 09:38 - 00004121 _____ C:\Users\Manh hao\Downloads\mccapes_extra_164a_20130921_1116 (1).zip
2013-09-28 09:36 - 2013-09-28 09:36 - 00004121 _____ C:\Users\Manh hao\Downloads\mccapes_extra_164a_20130921_1116.zip
2013-09-28 09:12 - 2013-03-02 21:05 - 00000000 ____D C:\Users\Mama\AppData\Local\LogMeIn Hamachi
2013-09-27 19:54 - 2013-05-30 14:13 - 00000000 ____D C:\Users\Mama\AppData\Local\Adobe
2013-09-27 19:31 - 2013-09-27 19:31 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-09-27 19:28 - 2013-03-02 21:16 - 00000000 ____D C:\Users\Selina\AppData\Local\DoNotTrackPlus
2013-09-27 19:26 - 2013-09-27 19:26 - 00000000 ____D C:\Users\Selina\Documents\samsung
2013-09-27 19:26 - 2013-09-27 19:26 - 00000000 ____D C:\Users\Selina\AppData\Roaming\Samsung
2013-09-27 19:26 - 2013-09-27 19:26 - 00000000 ____D C:\Users\Selina\AppData\Local\Samsung
2013-09-27 17:24 - 2013-09-27 17:24 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-27 17:22 - 2013-09-27 17:22 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-27 17:16 - 2013-09-27 17:11 - 131918888 _____ C:\Users\Manh hao\Downloads\avast_free_antivirus_setup_8.0.1497.376.exe
2013-09-27 17:02 - 2013-09-27 17:02 - 00000000 ____D C:\ProgramData\SummerSoft
2013-09-27 17:00 - 2013-09-27 17:00 - 00309200 _____ (SummerSoft) C:\Users\Manh hao\Downloads\Grand Theft Auto V PC Game [Full Beta GTA 5].exe
2013-09-27 17:00 - 2013-09-27 17:00 - 00309200 _____ (SummerSoft) C:\Users\Manh hao\Downloads\Grand Theft Auto V PC Game [Full Beta GTA 5] (1).exe
2013-09-27 17:00 - 2013-09-27 17:00 - 00093442 _____ C:\Users\Manh hao\Downloads\GTAV-Downloader.rar
2013-09-27 16:40 - 2013-04-02 20:53 - 00000000 ____D C:\ProgramData\Skype
2013-09-27 16:39 - 2013-04-02 20:53 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-26 18:59 - 2013-04-20 12:16 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-26 18:02 - 2013-09-26 18:01 - 00000000 ____D C:\Users\Papa\AppData\Local\Smartbar
2013-09-26 18:01 - 2013-09-26 17:56 - 00000000 ____D C:\Users\Papa\AppData\Local\DownloadGuide
2013-09-26 17:55 - 2013-09-26 17:55 - 00000000 ____D C:\Users\Papa\AppData\Local\Software Updater
2013-09-26 01:46 - 2013-02-08 21:41 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Files to move or delete:
====================
C:\Users\Papa\dxtssmpj.exe


Some content of TEMP:
====================
C:\Users\Mama\AppData\Local\Temp\evoa2s1h.dll
C:\Users\Mama\AppData\Local\Temp\iwpyvtjskus.exe
C:\Users\Mama\AppData\Local\Temp\xiqrf1w1.dll
C:\Users\Manh hao\AppData\Local\Temp\10438uninstall.exe
C:\Users\Manh hao\AppData\Local\Temp\1372.exe
C:\Users\Manh hao\AppData\Local\Temp\67906.exe
C:\Users\Manh hao\AppData\Local\Temp\7kbnrc4w.dll
C:\Users\Manh hao\AppData\Local\Temp\7z920.exe
C:\Users\Manh hao\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Manh hao\AppData\Local\Temp\BackupSetup.exe
C:\Users\Manh hao\AppData\Local\Temp\bdcam64_0.dll
C:\Users\Manh hao\AppData\Local\Temp\bdfilters.dll
C:\Users\Manh hao\AppData\Local\Temp\bitool.dll
C:\Users\Manh hao\AppData\Local\Temp\bzsbkotiula.exe
C:\Users\Manh hao\AppData\Local\Temp\chatzum_softonic_yahoo_62_v5.exe
C:\Users\Manh hao\AppData\Local\Temp\CheatEngine62Clean.exe
C:\Users\Manh hao\AppData\Local\Temp\DeltaTB.exe
C:\Users\Manh hao\AppData\Local\Temp\dp.exe
C:\Users\Manh hao\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Manh hao\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Manh hao\AppData\Local\Temp\e-y6xh5v.dll
C:\Users\Manh hao\AppData\Local\Temp\htmlayout.dll
C:\Users\Manh hao\AppData\Local\Temp\i4jdel0.exe
C:\Users\Manh hao\AppData\Local\Temp\i4jdel1.exe
C:\Users\Manh hao\AppData\Local\Temp\i4jdel2.exe
C:\Users\Manh hao\AppData\Local\Temp\i4jdel3.exe
C:\Users\Manh hao\AppData\Local\Temp\i4jdel4.exe
C:\Users\Manh hao\AppData\Local\Temp\Install_Nokia_Ovi_Suite.exe
C:\Users\Manh hao\AppData\Local\Temp\jansi-32-git-Bukkit-1.6.2-R1.0-9-g9cd35ee-b2908jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-25-g7b6d10e-b2657jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-59-ge869277-b2700jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-94-g141dcf0-b2735jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-b2624jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.1-R0.1-1-gea5a7e4-b2736jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.1-R0.2-11-g8205884-b2765jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R0.1-1-g53734d2-b2772jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R0.1-1-g53734d2-b2774jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R0.1-b2771jnks.dll
C:\Users\Manh hao\AppData\Local\Temp\jansi-64-git-MCPC-Plus-jenkins-MCPC-Plus-473.dll
C:\Users\Manh hao\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Manh hao\AppData\Local\Temp\LyricsPal.exe
C:\Users\Manh hao\AppData\Local\Temp\lyricstmp.exe
C:\Users\Manh hao\AppData\Local\Temp\m25xxpxf.dll
C:\Users\Manh hao\AppData\Local\Temp\MixiDJToolbar.exe
C:\Users\Manh hao\AppData\Local\Temp\MoviesToolbarSetup_Somoto_9_10_2013.exe
C:\Users\Manh hao\AppData\Local\Temp\o8x5jt68.dll
C:\Users\Manh hao\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Manh hao\AppData\Local\Temp\PAYSAFEGENERATOR.EXE
C:\Users\Manh hao\AppData\Local\Temp\pricepeep_130001_0101.exe
C:\Users\Manh hao\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Manh hao\AppData\Local\Temp\setup.exe
C:\Users\Manh hao\AppData\Local\Temp\SharedReg.exe
C:\Users\Manh hao\AppData\Local\Temp\SingAlong.exe
C:\Users\Manh hao\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Manh hao\AppData\Local\Temp\SmartbarExeInstaller.exe
C:\Users\Manh hao\AppData\Local\Temp\sngalng.exe
C:\Users\Manh hao\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Manh hao\AppData\Local\Temp\Sqlite3.dll
C:\Users\Manh hao\AppData\Local\Temp\toolbar137379285.exe
C:\Users\Manh hao\AppData\Local\Temp\toolbar137390330.exe
C:\Users\Manh hao\AppData\Local\Temp\ttpbkmqmhvm.exe
C:\Users\Manh hao\AppData\Local\Temp\uninst1.exe
C:\Users\Manh hao\AppData\Local\Temp\uninstall3697894.exe
C:\Users\Manh hao\AppData\Local\Temp\uninstall3703448.exe
C:\Users\Manh hao\AppData\Local\Temp\uninstall3703494.exe
C:\Users\Manh hao\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Manh hao\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Manh hao\AppData\Local\Temp\xsytzjapeaj.exe
C:\Users\Papa\AppData\Local\Temp\57156.exe
C:\Users\Papa\AppData\Local\Temp\BJKGMOF.exe
C:\Users\Papa\AppData\Local\Temp\bzsdulhzkch.exe
C:\Users\Papa\AppData\Local\Temp\cnfhtpwsjmh.exe
C:\Users\Papa\AppData\Local\Temp\cptkjxnuxbt.exe
C:\Users\Papa\AppData\Local\Temp\csdpffjeyjy.exe
C:\Users\Papa\AppData\Local\Temp\ctdimlhzezr.exe
C:\Users\Papa\AppData\Local\Temp\ctfblhvctji.exe
C:\Users\Papa\AppData\Local\Temp\cvmsepobvok.exe
C:\Users\Papa\AppData\Local\Temp\cxyqoyqvqwq.exe
C:\Users\Papa\AppData\Local\Temp\enjfvdawxpk.exe
C:\Users\Papa\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Papa\AppData\Local\Temp\iuznffnsdub.exe
C:\Users\Papa\AppData\Local\Temp\iuznffnsdug.exe
C:\Users\Papa\AppData\Local\Temp\jbuxhfvxpxo.exe
C:\Users\Papa\AppData\Local\Temp\jotuklefxbt.exe
C:\Users\Papa\AppData\Local\Temp\ljldzlhqotx.exe
C:\Users\Papa\AppData\Local\Temp\lvznxufvyrl.exe
C:\Users\Papa\AppData\Local\Temp\mfvphbwdgzo.exe
C:\Users\Papa\AppData\Local\Temp\muxzocbrrua.exe
C:\Users\Papa\AppData\Local\Temp\nxwfplvctfj.exe
C:\Users\Papa\AppData\Local\Temp\okskjzljpfo.exe
C:\Users\Papa\AppData\Local\Temp\qepxaflllfr.exe
C:\Users\Papa\AppData\Local\Temp\rixxynpxdab.exe
C:\Users\Papa\AppData\Local\Temp\rzsbkotdpan.exe
C:\Users\Papa\AppData\Local\Temp\tb3tla4g.dll
C:\Users\Papa\AppData\Local\Temp\ttdasndkxac.exe
C:\Users\Papa\AppData\Local\Temp\txgitbsxvez.exe
C:\Users\Papa\AppData\Local\Temp\vzdlfrkbhfo.exe
C:\Users\Papa\AppData\Local\Temp\wpfpdngkdui.exe
C:\Users\Papa\AppData\Local\Temp\xhytzbvrnxo.exe
C:\Users\Papa\AppData\Local\Temp\xinapqlnlip.exe
C:\Users\Papa\AppData\Local\Temp\zpeqkotiuag.exe
C:\Users\Papa\AppData\Local\Temp\zvdtfaamggf.exe
C:\Users\Selina\AppData\Local\Temp\AAMHelper.exe
C:\Users\Selina\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Selina\AppData\Local\Temp\bitool.dll
C:\Users\Selina\AppData\Local\Temp\gtqadjqbeai.exe
C:\Users\Selina\AppData\Local\Temp\i4jdel0.exe
C:\Users\Selina\AppData\Local\Temp\i4jdel1.exe
C:\Users\Selina\AppData\Local\Temp\i4jdel2.exe
C:\Users\Selina\AppData\Local\Temp\i4jdel3.exe
C:\Users\Selina\AppData\Local\Temp\i4jdel4.exe
C:\Users\Selina\AppData\Local\Temp\iuznffnsdro.exe
C:\Users\Selina\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R0.1-b2771jnks.dll
C:\Users\Selina\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R1.0-18-ga8c0dc1-b2808jnks.dll
C:\Users\Selina\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R1.0-3-g9532cb6-b2887jnks.dll
C:\Users\Selina\AppData\Local\Temp\jansi-64-git-MCPC-Plus-jenkins-MCPC-Plus-564.dll
C:\Users\Selina\AppData\Local\Temp\rbvhynpxdtb.exe
C:\Users\Selina\AppData\Local\Temp\riaicxgpxzl.exe
C:\Users\Selina\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Selina\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Selina\AppData\Local\Temp\?odec Performer803975.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 22:04

==================== End Of Log ============================
         
--- --- ---

Alt 26.10.2013, 11:52   #5
Manhhao
 
Google youtube Facebook gesperrt - Standard

Google youtube Facebook gesperrt



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2013
Ran by Manh hao at 2013-10-26 12:44:32
Running from C:\Users\Manh hao\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (x32 Version: 3.3.0.29111)
7-Zip 9.20 (x32)
Adobe Creative Cloud (x32 Version: 2.0.0.183)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Advanced System Protector (x32 Version: 2.1.1000.10844)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
AppsHat Mobile Apps (HKCU Version: 1.0.0.0)
Ask Toolbar (x32 Version: 1.15.18.0)
Atheros WiFi Driver Installation (x32 Version: 3.0)
Avira Free Antivirus (x32 Version: 13.0.0.3185)
Avira SearchFree Toolbar plus Web Protection Updater (HKCU Version: 1.2.4.37268)
Bandicam (x32 Version: 1.8.6.321)
Bandisoft MPEG-1 Decoder (x32)
BitGuard (x32)
Blender (Version: 2.66a)
Bonjour (Version: 3.0.0.10)
Bundled software uninstaller (x32)
Canon MX510 series MP Drivers
Cheat Engine 6.2 (x32)
Cinema 4D version R12 (x32 Version: R12)
Craften Terminal 3.3.4897.28268 (x32 Version: 3.3.4897.28268)
CyberLink YouCam 5 (x32 Version: 5.0.1129)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
FilesFrog Update Checker (x32)
Fotogalerie (x32 Version: 16.4.3508.0205)
Fraps (x32)
Free YouTube Download Manager (x32 Version: 1.0.0.4)
Game Booster 3 (x32 Version: 3.4)
Google Chrome (x32 Version: 30.0.1599.101)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)
Google Update Helper (x32 Version: 1.3.21.165)
Grand Theft Auto IV (x32 Version: 1.0.0013.131)
Grand Theft Auto IV (x32 Version: 1.00.0000)
HyperCam 3 (x32 Version: 3.5.1211.29)
iDemo (x32 Version: 1.3.1)
iExplorer 3.1.0.2 (x32)
iFunbox (v2.1.2228.731), iFunbox DevTeam (x32 Version: v2.1.2228.731)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2932)
ipswDownloader 2.0 (x32 Version: 2.0)
iTunes (Version: 11.0.5.5)
Java 7 Update 15 (x32 Version: 7.0.150)
Java 7 Update 17 (64-bit) (Version: 7.0.170)
Java Auto Updater (x32 Version: 2.1.9.0)
LogMeIn Hamachi (x32 Version: 2.2.0.58)
McAfee Security Scan Plus (Version: 3.8.130.8)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Movie Maker (x32 Version: 16.4.3508.0205)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
No-IP DUC (x32 Version: 4.0.1)
Notepad++ (x32 Version: 6.3.1)
OpenOffice 4.0.1 (x32 Version: 4.01.9714)
Photo Common (x32 Version: 16.4.3508.0205)
Photo Gallery (x32 Version: 16.4.3508.0205)
Pokémon Trading Card Game Online (x32 Version: 1.0.0)
QuickShare (x32 Version: 1.146.60.12450)
QuickTime (x32 Version: 7.72.80.56)
Reflection (x32 Version: 1.0.1)
Reflector (Version: 1.2.3)
ROBLOX Player (x32)
Rockstar Games Social Club (x32 Version: 1.00.0000)
Safari (x32 Version: 5.34.57.2)
Samsung Kies (x32 Version: 2.6.0.13091_9)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
Skype™ 6.7 (x32 Version: 6.7.102)
TeamSpeak 3 Client (HKCU Version: 3.0.10)
TubeBox Smartbar (x32 Version: 1.6.1.864)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205)
Windows Live Essentials (x32 Version: 16.4.3508.0205)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3508.0205)
Windows Live Messenger (x32 Version: 16.4.3508.0205)
Windows Live Photo Common (x32 Version: 16.4.3508.0205)
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205)
Windows Live SOXE (x32 Version: 16.4.3508.0205)
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205)
Windows Live UX Platform (x32 Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205)
WinPcap 4.1.3 (x32 Version: 4.1.0.2980)
WinRAR 4.20 (64-bit) (Version: 4.20.0)

==================== Restore Points  =========================

12-10-2013 16:53:53 Konfiguriert Grand Theft Auto IV
13-10-2013 08:27:28 Windows Modules Installer
19-10-2013 07:46:45 OpenOffice 4.0.1 wird installiert

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-10-26 10:10 - 00010584 ____A C:\Windows\system32\Drivers\etc\hosts
198.71.80.192 www.imeetzu.com
198.71.80.192 imeetzu.com
198.71.80.192 www.omegle.com
198.71.80.192 omegle.com
198.71.80.192 www.runescape.com
198.71.80.192 runescape.com
198.71.80.192 google.com
198.71.80.192 www.google.ae
198.71.80.192 www.google.com.af
198.71.80.192 www.google.com.ag
198.71.80.192 www.google.off.ai
198.71.80.192 www.google.am
198.71.80.192 www.google.com.ar
198.71.80.192 www.google.as
198.71.80.192 www.google.at
198.71.80.192 www.google.com.au
198.71.80.192 www.google.az
198.71.80.192 www.google.ba
198.71.80.192 www.google.com.bd
198.71.80.192 www.google.be
198.71.80.192 www.google.bg
198.71.80.192 www.google.com.bh
198.71.80.192 www.google.bi
198.71.80.192 www.google.com.bo
198.71.80.192 www.google.com.br
198.71.80.192 www.google.bs
198.71.80.192 www.google.co.bw
198.71.80.192 www.google.com.bz
198.71.80.192 www.google.ca

There are 335 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {006B2AF6-5F24-4A60-85AB-33589BA0C86E} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-09-27] ()
Task: {0B377082-372A-460F-8E01-A0443EECB7B2} - System32\Tasks\{3C6C8AAD-79F6-4B6F-B3C9-D3D8F24CE673} => C:\Users\Manh hao\Desktop\Minecraft 1.5.1
Task: {1D206C2B-673C-4CBD-A2F0-09262EA4756C} - System32\Tasks\{5FBB87BF-6D59-4991-B95A-33AA1363574D} => C:\Users\Manh hao\Desktop\Minecraft 1.5.1
Task: {22B6E24A-2B5C-4430-B61A-A22AE3B7B819} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2823766941-1517505164-3398274235-1003
Task: {2450BF80-EECF-4ED9-A9C4-B841EFD05086} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-08-31] ()
Task: {2A4C69CC-04D5-4D65-8DB5-5B667BD8306F} - System32\Tasks\update-S-1-5-21-2823766941-1517505164-3398274235-1005 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-09-27] ()
Task: {46D402CF-13CD-44D6-A19E-0699CC9B120A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2823766941-1517505164-3398274235-1005Core => C:\Users\Selina\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-06] (Facebook Inc.)
Task: {46DEF105-2B4D-496C-A89F-071380058FEC} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
Task: {571EE918-E355-4470-B875-32E398691DDB} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
Task: {589BC977-4536-4E72-A09B-C714B11DFE1D} - System32\Tasks\Windows Update Check - 0x0D1402B8 => C:\ProgramData\AppleDev0\rzsbkotiu.exe [2013-04-26] (Elite Bypassers)
Task: {59BEBB7E-3759-4212-8B0F-288FB729F4A7} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-02-08] ()
Task: {676B9DBE-15B7-4789-A644-51C0A19B7870} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2823766941-1517505164-3398274235-1005UA => C:\Users\Selina\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-06] (Facebook Inc.)
Task: {686BF8D5-6E15-468B-B131-4E9F6375DFF2} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-10-23] ()
Task: {733E9FD4-B414-4277-AC0B-02DDF1DBD2C3} - System32\Tasks\{3CC28608-C036-41C3-98A2-546BB03EA941} => C:\Users\Manh hao\Desktop\Minecraft 1.5.1
Task: {A4CFEA5C-F843-4156-8EA9-00275B3CEED0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.)
Task: {AA2C5F6F-B6FF-44A7-ABE9-4475D00EB6C9} - System32\Tasks\AdobeAAMUpdater-1.0-Manhhao-PC-Mama => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {AC216A19-31E5-4B12-B0D8-8F9F4C544CDF} - System32\Tasks\AdobeAAMUpdater-1.0-Manhhao-PC-Papa => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {AC4F3E75-1166-4560-A71B-FC3A3BAB29EE} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\Manh hao\AppData\Local\FilesFrog Update Checker\update_checker.exe [2013-10-17] (Somoto)
Task: {AF7B0A45-0D7F-4724-AB58-6E6DA4BADDA8} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
Task: {B46EEE2A-E542-4607-94BC-0CAD2F2838F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.)
Task: {B6C79ADC-A164-401A-83AF-E8B3CBE8BB76} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-10-22] ()
Task: {C9E8F188-B3E9-4E33-83F0-22A60EB2BD71} - System32\Tasks\DealPly => C:\Users\Manh hao\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe [2013-02-27] ()
Task: {CD872EF5-4893-4078-9E29-8261E6F05B15} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe
Task: {D19918A2-F1C4-4808-B2B0-045E9C516599} - System32\Tasks\AdobeAAMUpdater-1.0-Manhhao-PC-Manh hao => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {DA07D46A-4A59-4298-8081-6B92C75417C1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DC563907-3844-4FCD-BFF2-09C45F85FD6E} - System32\Tasks\{D56DCA6A-FCA2-48D3-837B-5690EEC3AADC} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {DC5950C9-FE5A-4BFB-BB9F-F1F4A4158A85} - System32\Tasks\AdobeAAMUpdater-1.0-Manhhao-PC-Selina => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {E0532C83-0F74-42AA-BE8D-893D8FB01598} - System32\Tasks\{25703773-878B-449E-9B99-1BE5B8352EFA} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {E0DDF08F-C648-4C94-9437-C99D03267068} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2013-04-09] (Systweak)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2823766941-1517505164-3398274235-1005Core.job => C:\Users\Selina\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2823766941-1517505164-3398274235-1005UA.job => C:\Users\Selina\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2823766941-1517505164-3398274235-1005.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (whitelisted) =============

2013-06-20 00:45 - 2013-06-20 00:45 - 03317616 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2009-08-23 19:24 - 2009-08-23 19:24 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-12-14 03:42 - 2012-12-14 03:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Faulty Device Manager Devices =============

Name: PCI-Gerät
Description: PCI-Gerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Generic Bluetooth Adapter
Description: Generic Bluetooth Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: GenericAdapter
Service: BTHUSB
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (10/26/2013 00:34:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2013 00:33:01 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Datei QueryInterface(57) konnte nicht geladen werden.
Fehlercode: 0x1

Error: (10/26/2013 10:44:03 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: schtasks.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce792c3
Name des fehlerhaften Moduls: bitguard.dll, Version: 2.6.1694.246, Zeitstempel: 0x5253f78e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0017966f
ID des fehlerhaften Prozesses: 0xdc0
Startzeit der fehlerhaften Anwendung: 0xschtasks.exe0
Pfad der fehlerhaften Anwendung: schtasks.exe1
Pfad des fehlerhaften Moduls: schtasks.exe2
Berichtskennung: schtasks.exe3

Error: (10/26/2013 10:44:02 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: schtasks.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce792c3
Name des fehlerhaften Moduls: bitguard.dll, Version: 2.6.1694.246, Zeitstempel: 0x5253f78e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0017966f
ID des fehlerhaften Prozesses: 0xdc0
Startzeit der fehlerhaften Anwendung: 0xschtasks.exe0
Pfad der fehlerhaften Anwendung: schtasks.exe1
Pfad des fehlerhaften Moduls: schtasks.exe2
Berichtskennung: schtasks.exe3

Error: (10/26/2013 10:44:00 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: schtasks.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce792c3
Name des fehlerhaften Moduls: bitguard.dll, Version: 2.6.1694.246, Zeitstempel: 0x5253f78e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0017966f
ID des fehlerhaften Prozesses: 0x1b88
Startzeit der fehlerhaften Anwendung: 0xschtasks.exe0
Pfad der fehlerhaften Anwendung: schtasks.exe1
Pfad des fehlerhaften Moduls: schtasks.exe2
Berichtskennung: schtasks.exe3

Error: (10/26/2013 10:43:57 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: schtasks.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce792c3
Name des fehlerhaften Moduls: bitguard.dll, Version: 2.6.1694.246, Zeitstempel: 0x5253f78e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0017966f
ID des fehlerhaften Prozesses: 0x1b88
Startzeit der fehlerhaften Anwendung: 0xschtasks.exe0
Pfad der fehlerhaften Anwendung: schtasks.exe1
Pfad des fehlerhaften Moduls: schtasks.exe2
Berichtskennung: schtasks.exe3

Error: (10/26/2013 10:42:05 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: cmd.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce78e2b
Name des fehlerhaften Moduls: bitguard.dll, Version: 2.6.1694.246, Zeitstempel: 0x5253f78e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0017966f
ID des fehlerhaften Prozesses: 0x131c
Startzeit der fehlerhaften Anwendung: 0xcmd.exe0
Pfad der fehlerhaften Anwendung: cmd.exe1
Pfad des fehlerhaften Moduls: cmd.exe2
Berichtskennung: cmd.exe3

Error: (10/26/2013 10:42:02 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: cmd.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce78e2b
Name des fehlerhaften Moduls: bitguard.dll, Version: 2.6.1694.246, Zeitstempel: 0x5253f78e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0017966f
ID des fehlerhaften Prozesses: 0x131c
Startzeit der fehlerhaften Anwendung: 0xcmd.exe0
Pfad der fehlerhaften Anwendung: cmd.exe1
Pfad des fehlerhaften Moduls: cmd.exe2
Berichtskennung: cmd.exe3

Error: (10/26/2013 10:41:58 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: timeout.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc013
Name des fehlerhaften Moduls: bitguard.dll, Version: 2.6.1694.246, Zeitstempel: 0x5253f78e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0017966f
ID des fehlerhaften Prozesses: 0x898
Startzeit der fehlerhaften Anwendung: 0xtimeout.exe0
Pfad der fehlerhaften Anwendung: timeout.exe1
Pfad des fehlerhaften Moduls: timeout.exe2
Berichtskennung: timeout.exe3

Error: (10/26/2013 10:41:55 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: timeout.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc013
Name des fehlerhaften Moduls: bitguard.dll, Version: 2.6.1694.246, Zeitstempel: 0x5253f78e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0017966f
ID des fehlerhaften Prozesses: 0x898
Startzeit der fehlerhaften Anwendung: 0xtimeout.exe0
Pfad der fehlerhaften Anwendung: timeout.exe1
Pfad des fehlerhaften Moduls: timeout.exe2
Berichtskennung: timeout.exe3


System errors:
=============
Error: (10/26/2013 00:35:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.

Error: (10/26/2013 00:33:57 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (10/26/2013 00:33:07 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1066

Error: (10/26/2013 00:33:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%310.

Error: (10/26/2013 00:32:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BitGuard" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/26/2013 00:32:44 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst BitGuard erreicht.

Error: (10/26/2013 00:32:33 PM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (10/26/2013 10:41:08 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (10/26/2013 10:08:59 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BitGuard" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/26/2013 10:08:59 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst BitGuard erreicht.


Microsoft Office Sessions:
=========================
Error: (10/26/2013 00:34:21 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2013 00:33:01 PM) (Source: Avira Antivirus)(User: NT-AUTORITÄT)
Description: QueryInterface(57)0x1

Error: (10/26/2013 10:44:03 AM) (Source: Application Error)(User: )
Description: schtasks.exe6.1.7601.175144ce792c3bitguard.dll2.6.1694.2465253f78ec00000050017966fdc001ced22785347ff9C:\Windows\SysWOW64\schtasks.exec:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dllc39ab62e-3e1a-11e3-92c2-efa5c2ef6c7e

Error: (10/26/2013 10:44:02 AM) (Source: Application Error)(User: )
Description: schtasks.exe6.1.7601.175144ce792c3bitguard.dll2.6.1694.2465253f78ec00000050017966fdc001ced22785347ff9C:\Windows\SysWOW64\schtasks.exec:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dllc3025e1d-3e1a-11e3-92c2-efa5c2ef6c7e

Error: (10/26/2013 10:44:00 AM) (Source: Application Error)(User: )
Description: schtasks.exe6.1.7601.175144ce792c3bitguard.dll2.6.1694.2465253f78ec00000050017966f1b8801ced22782490fe3C:\Windows\SysWOW64\schtasks.exec:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dllc1f7c3fe-3e1a-11e3-92c2-efa5c2ef6c7e

Error: (10/26/2013 10:43:57 AM) (Source: Application Error)(User: )
Description: schtasks.exe6.1.7601.175144ce792c3bitguard.dll2.6.1694.2465253f78ec00000050017966f1b8801ced22782490fe3C:\Windows\SysWOW64\schtasks.exec:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dllc059948e-3e1a-11e3-92c2-efa5c2ef6c7e

Error: (10/26/2013 10:42:05 AM) (Source: Application Error)(User: )
Description: cmd.exe6.1.7601.175144ce78e2bbitguard.dll2.6.1694.2465253f78ec00000050017966f131c01ced2273dace21cC:\Windows\SysWOW64\cmd.exec:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll7d9255de-3e1a-11e3-92c2-efa5c2ef6c7e

Error: (10/26/2013 10:42:02 AM) (Source: Application Error)(User: )
Description: cmd.exe6.1.7601.175144ce78e2bbitguard.dll2.6.1694.2465253f78ec00000050017966f131c01ced2273dace21cC:\Windows\SysWOW64\cmd.exec:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll7b9c1384-3e1a-11e3-92c2-efa5c2ef6c7e

Error: (10/26/2013 10:41:58 AM) (Source: Application Error)(User: )
Description: timeout.exe6.1.7600.163854a5bc013bitguard.dll2.6.1694.2465253f78ec00000050017966f89801ced2273757d902C:\Windows\SysWOW64\timeout.exec:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll79469a1f-3e1a-11e3-92c2-efa5c2ef6c7e

Error: (10/26/2013 10:41:55 AM) (Source: Application Error)(User: )
Description: timeout.exe6.1.7600.163854a5bc013bitguard.dll2.6.1694.2465253f78ec00000050017966f89801ced2273757d902C:\Windows\SysWOW64\timeout.exec:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll773628a3-3e1a-11e3-92c2-efa5c2ef6c7e


==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 4043.86 MB
Available physical RAM: 2250.54 MB
Total Pagefile: 8085.9 MB
Available Pagefile: 5970.65 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:283.89 GB) (Free:93.66 GB) NTFS
Drive e: (GTA IV Disc 1) (CDROM) (Total:7.03 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 82E28B67)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=284 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         


Alt 26.10.2013, 12:03   #6
aharonov
/// TB-Ausbilder
 
Google youtube Facebook gesperrt - Standard

Google youtube Facebook gesperrt



Hi,

dieser Rechner ist ziemlich übel zugerichtet...
Ich würd mir da schon Gedanken machen, was schief gelaufen ist.


Schritt 1
  • Gehe zu Start --> Systemsteuerung und öffne Programme und Funktionen.
  • Suche und deinstalliere dort der Reihe nach folgende Einträge:
    Advanced System Protector
    AppsHat Mobile Apps
    BitGuard
    Bundled software uninstaller
    FilesFrog Update Checker
    Google Update Helper
  • Schliesse das Fenster wieder und führe einen Neustart durch, wenn das gefordert wurde.



Schritt 2

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Schritt 3

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.




Schritt 4

Starte noch einmal FRST.
  • Setze bei Optional Scan den Haken bei Addition.txt und drücke Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieser beiden Logfiles bitte hier in deinen Thread.
__________________
--> Google youtube Facebook gesperrt

Alt 26.10.2013, 17:20   #7
Manhhao
 
Google youtube Facebook gesperrt - Standard

Google youtube Facebook gesperrt



Code:
ATTFilter
# AdwCleaner v3.010 - Bericht erstellt am 26/10/2013 um 17:58:27
# Updated 20/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Manh hao - MANHHAO-PC
# Gestartet von : C:\Users\Manh hao\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : SystemStoreService

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
[!] Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\ProgramData\BrowserDefender
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\Douwnload kEiEpeer
Ordner Gelöscht : C:\ProgramData\SeAirch-eNewTabe
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Ordner Gelöscht : C:\Program Files (x86)\Ask.com
Ordner Gelöscht : C:\Program Files (x86)\ChatZum Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Gophoto.it
Ordner Gelöscht : C:\Program Files (x86)\Movie2KDownloader.com
Ordner Gelöscht : C:\Program Files (x86)\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup 
Ordner Gelöscht : C:\Program Files (x86)\Protected Search
Ordner Gelöscht : C:\Program Files (x86)\SoftwareUpdater
Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Ordner Gelöscht : C:\Users\Manh hao\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\Manh hao\AppData\Local\cool_mirage
Ordner Gelöscht : C:\Users\Manh hao\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\Manh hao\AppData\Local\FilesFrog Update Checker
Ordner Gelöscht : C:\Users\Manh hao\AppData\Local\PutLockerDownloader
Ordner Gelöscht : C:\Users\Manh hao\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\MANHHA~1\AppData\Local\Temp\AskSearch
Ordner Gelöscht : C:\Users\MANHHA~1\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\MANHHA~1\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\Manh hao\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Manh hao\AppData\LocalLow\SimplyTech
Ordner Gelöscht : C:\Users\Manh hao\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\Manh hao\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Manh hao\AppData\Roaming\Common\LuaRT
Ordner Gelöscht : C:\Users\Manh hao\AppData\Roaming\DataMgr
Ordner Gelöscht : C:\Users\Manh hao\AppData\Roaming\DealPly
Ordner Gelöscht : C:\Users\Manh hao\AppData\Roaming\ExpressFiles
Ordner Gelöscht : C:\Users\Manh hao\AppData\Roaming\fbDownloader
Ordner Gelöscht : C:\Users\Manh hao\AppData\Roaming\Intermediate
Ordner Gelöscht : C:\Users\Manh hao\AppData\Roaming\Mysearchdial
Ordner Gelöscht : C:\Users\Manh hao\AppData\Roaming\SCheck
Ordner Gelöscht : C:\Users\Manh hao\AppData\Roaming\SSync
Ordner Gelöscht : C:\Users\Manh hao\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Manh hao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movie2KDownloader.com
Ordner Gelöscht : C:\Users\Manh hao\Documents\optimizer pro
Ordner Gelöscht : C:\Users\Papa\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\Papa\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\Papa\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\Papa\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Papa\AppData\LocalLow\SimplyTech
Ordner Gelöscht : C:\Users\Papa\AppData\LocalLow\Toolbar4
Ordner Gelöscht : C:\Users\Papa\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\Papa\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Mama\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\Mama\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Mama\AppData\LocalLow\SimplyTech
Ordner Gelöscht : C:\Users\Mama\AppData\LocalLow\Toolbar4
Ordner Gelöscht : C:\Users\Mama\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\Mama\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Selina\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\Selina\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Selina\AppData\LocalLow\mixidj
Ordner Gelöscht : C:\Users\Selina\AppData\LocalLow\Mysearchdial
Ordner Gelöscht : C:\Users\Selina\AppData\LocalLow\SimplyTech
Ordner Gelöscht : C:\Users\Selina\AppData\LocalLow\Toolbar4
Ordner Gelöscht : C:\Users\Selina\AppData\Roaming\ExpressFiles
Ordner Gelöscht : C:\Users\Selina\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\Selina\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
Ordner Gelöscht : C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\u9ofr73y.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\u9ofr73y.default\Extensions\ffxtlbr@mysearchdial.com
Ordner Gelöscht : C:\Users\Manh hao\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Ordner Gelöscht : C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Ordner Gelöscht : C:\Users\Manh hao\AppData\Local\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Ordner Gelöscht : C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Ordner Gelöscht : C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Ordner Gelöscht : C:\Users\Selina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Ordner Gelöscht : C:\Users\Manh hao\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk
Ordner Gelöscht : C:\Users\Manh hao\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Datei Gelöscht : C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\Extensions\om@offermosquito.com.xpi
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Manh hao\AppData\Local\mysearchdial.crx
Datei Gelöscht : C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\u9ofr73y.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Selina\AppData\Roaming\Mozilla\Firefox\Profiles\c88vk4yv.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\u9ofr73y.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Selina\AppData\Roaming\Mozilla\Firefox\Profiles\c88vk4yv.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Selina\AppData\Roaming\Mozilla\Firefox\Profiles\c88vk4yv.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\u9ofr73y.default\invalidprefs.js
Datei Gelöscht : C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\fbdownloader_search.xml
Datei Gelöscht : C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\Mysearchdial.xml
Datei Gelöscht : C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\searchplugins\Mysearchdial.xml
Datei Gelöscht : C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\u9ofr73y.default\searchplugins\Mysearchdial.xml
Datei Gelöscht : C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\u9ofr73y.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\searchplugins\WebSearch.xml
Datei Gelöscht : C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
Datei Gelöscht : C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\user.js
Datei Gelöscht : C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\u9ofr73y.default\user.js
Datei Gelöscht : C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Selina\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\Selina\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Users\Selina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal
Datei Gelöscht : C:\Users\Selina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal
Datei Gelöscht : C:\Windows\System32\Tasks\Dealply
Datei Gelöscht : C:\Windows\System32\Tasks\Express FilesUpdate
Datei Gelöscht : C:\Windows\System32\Tasks\RegClean Pro
Datei Gelöscht : C:\Windows\Tasks\RegClean Pro_DEFAULT.job
Datei Gelöscht : C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
Datei Gelöscht : C:\Windows\Tasks\RegClean Pro_UPDATES.job
Datei Gelöscht : C:\Windows\System32\Tasks\RegClean Pro_UPDATES
Datei Gelöscht : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater Ui
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [DataMgr]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Intermediate]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [scheck]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ssync]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Movie2KDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Movie2KDownloader_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Movie2KDownloader_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKCU\Software\de8fdfb66ded13
Schlüssel Gelöscht : HKLM\SOFTWARE\de8fdfb66ded13
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_gta-iv-patch_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_gta-iv-patch_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_roblox_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\ExpressFiles
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\mysearchdial
Schlüssel Gelöscht : HKCU\Software\mysearchdial.com
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\smartbar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\SProtector
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\XingHaoLyrics
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\Software\ChatZum Toolbar
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\ExpressFiles
Schlüssel Gelöscht : HKLM\Software\InstallCore
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\SP Global
Schlüssel Gelöscht : HKLM\Software\SProtector
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DomaIQ
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16720

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v24.0 (de)

[ Datei : C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "Mysearchdial");
Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Zeile gelöscht : user_pref("browser.search.order.1", "Web Search");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://search.fbdownloader.com/?channel=sfde206");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "FBDownloader Search");

[ Datei : C:\Users\Manh hao\AppData\Roaming\Mozilla\Firefox\Profiles\yvuvu5a8.default\prefs.js ]

Zeile gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Zeile gelöscht : user_pref("aol_toolbar.default.search.check", false);
Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=5cf79b0f-85c8-4c40-b01b-f818a3069e20&searchtype=nt&installDate=24/09/2013");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "WebSearch");
Zeile gelöscht : user_pref("browser.search.defaultenginename,S", "WebSearch");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://websearch.pur-esult.info/?pid=726&r=2013/09/27&hid=2090508738147741377&lg=EN&cc=DE&l=1&q=");
Zeile gelöscht : user_pref("browser.search.order.1", "Delta Search");
Zeile gelöscht : user_pref("browser.search.order.1,S", "WebSearch");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Web Search");
Zeile gelöscht : user_pref("browser.search.selectedEngine,S", "WebSearch");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=5cf79b0f-85c8-4c40-b01b-f818a3069e20&searchtype=hp&installDate=24/09/2013");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Zeile gelöscht : user_pref("extensions.crossrider.bic", "13f4c1a76f83fee6a58b682ddb227641");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.bbDpng", "31");
Zeile gelöscht : user_pref("extensions.delta.cntry", "DE");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.hdrMd5", "8F6E1643C2DB476E858568F83908EFDD");
Zeile gelöscht : user_pref("extensions.delta.id", "f8a62a1b00000000000000ff33c882a8");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15878");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.lastVrsnTs", "1.8.21.512:33:47");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.sg", "azb");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.512:33:47");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=122304&tt=180613_ndt1&tsp=4921");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Zeile gelöscht : user_pref("extensions.helperbar.countryiso", "de");
Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
Zeile gelöscht : user_pref("extensions.helperbar.downloadprovider", "quickobrw");
Zeile gelöscht : user_pref("extensions.helperbar.installationid", "5cf79b0f-85c8-4c40-b01b-f818a3069e20");
Zeile gelöscht : user_pref("extensions.helperbar.installdate", "24/05/2013");
Zeile gelöscht : user_pref("extensions.helperbar.publisher", "quickobrw");
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Zeile gelöscht : user_pref("extensions.helperbar.Visibility", false);
Zeile gelöscht : user_pref("extensions.mysearchdial.aflt", "tugumsd");
Zeile gelöscht : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Zeile gelöscht : user_pref("extensions.mysearchdial.cntry", "DE");
Zeile gelöscht : user_pref("extensions.mysearchdial.dfltLng", "");
Zeile gelöscht : user_pref("extensions.mysearchdial.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.mysearchdial.dnsErr", true);
Zeile gelöscht : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.excTlbr", false);
Zeile gelöscht : user_pref("extensions.mysearchdial.hdrMd5", "958F13F56201067A0BAB6D59CAB3DA23");
Zeile gelöscht : user_pref("extensions.mysearchdial.hmpg", true);
Zeile gelöscht : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=tugumsd&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyEtCzytB0D0FtB0AtC0BtN0D0Tzu0CyDtCtDtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.id", "7A79194192DF2A1B");
Zeile gelöscht : user_pref("extensions.mysearchdial.instlDay", "15849");
Zeile gelöscht : user_pref("extensions.mysearchdial.instlRef", "");
Zeile gelöscht : user_pref("extensions.mysearchdial.lastB", "hxxp://start.mysearchdial.com/?f=1&a=tugumsd&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyEtCzytB0D0FtB0AtC0BtN0D0Tzu0CyDtCtDtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.lastVrsnTs", "19:13:30");
Zeile gelöscht : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=tugumsd&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyEtCzytB0D0FtB0AtC0BtN0D0Tzu0CyDtCtDtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"31\",\"lastVrsn\":\"31\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"true\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
Zeile gelöscht : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Zeile gelöscht : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Zeile gelöscht : user_pref("extensions.mysearchdial.sg", "none");
Zeile gelöscht : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Zeile gelöscht : user_pref("extensions.mysearchdial.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=tugumsd&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyEtCzytB0D0FtB0AtC0BtN0D0Tzu0CyDtCtDtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.vrsn", "");
Zeile gelöscht : user_pref("extensions.mysearchdial.vrsni", "");
Zeile gelöscht : user_pref("extensions.mysearchdial_i.hmpg", true);
Zeile gelöscht : user_pref("extensions.mysearchdial_i.newTab", false);
Zeile gelöscht : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.mysearchdial_i.vrsnTs", "19:13:30");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=5cf79b0f-85c8-4c40-b01b-f818a3069e20&searchtype=ds&installDate=24/09/2013&q=");
Zeile gelöscht : user_pref("om.config", "{\"active\":true,\"name\":\"de\",\"id\":11,\"dispId\":\"CH-11\",\"aboutLink\":\"\",\"trackingGeneral\":true,\"gaAccount\":\"UA-39484183-1\",\"gaDomain\":\"offermosquito.com\",\[...]
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "WebSearch");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "WebSearch");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://websearch.pur-esult.info/?pid=726&r=2013/09/27&hid=2090508738147741377&lg=EN&cc=DE");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://websearch.pur-esult.info/?pid=726&r=2013/09/27&hid=2090508738147741377&lg=EN&cc=DE&l=1&q=");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");

[ Datei : C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\u9ofr73y.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=F8A600FF33C882A8&affID=122304&tt=180613_ndt1&tsp=4921");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Mysearchdial");
Zeile gelöscht : user_pref("browser.search.order.1", "Delta Search");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Web Search");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://feed.snap.do/?publisher=TubeBox&dpid=TubeBox&co=DE&userid=e788c57d-14e0-4d3a-acea-9bf32f3f5307&searchtype=hp&installDate=26/09/2013");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "13f589d2bd8e8206e877e95cb7c75c41");
Zeile gelöscht : user_pref("extensions.enabledAddons", "{e788c57d-14e0-4d3a-acea-9bf32f3f5307}:1.0,7f404ccc-b0a9-4faf-b3c0-89ceea949aea%40a6724a05-9380-4ebe-be02-e67e35a3402c.com:0.91.7,ffxtlbr%40mysearchdial.com:1.6.[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.aflt", "tugumsd");
Zeile gelöscht : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Zeile gelöscht : user_pref("extensions.mysearchdial.cntry", "DE");
Zeile gelöscht : user_pref("extensions.mysearchdial.dfltLng", "");
Zeile gelöscht : user_pref("extensions.mysearchdial.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.mysearchdial.dnsErr", true);
Zeile gelöscht : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.excTlbr", false);
Zeile gelöscht : user_pref("extensions.mysearchdial.hdrMd5", "958F13F56201067A0BAB6D59CAB3DA23");
Zeile gelöscht : user_pref("extensions.mysearchdial.hmpg", true);
Zeile gelöscht : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=tugumsd&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyEtCzytB0D0FtB0AtC0BtN0D0Tzu0CyDtCtDtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.id", "7A79194192DF2A1B");
Zeile gelöscht : user_pref("extensions.mysearchdial.instlDay", "15849");
Zeile gelöscht : user_pref("extensions.mysearchdial.instlRef", "");
Zeile gelöscht : user_pref("extensions.mysearchdial.lastB", "hxxp://start.mysearchdial.com/?f=1&a=tugumsd&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyEtCzytB0D0FtB0AtC0BtN0D0Tzu0CyDtCtDtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.lastVrsnTs", "19:13:30");
Zeile gelöscht : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=tugumsd&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyEtCzytB0D0FtB0AtC0BtN0D0Tzu0CyDtCtDtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"46\",\"lastVrsn\":\"46\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"true\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
Zeile gelöscht : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Zeile gelöscht : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Zeile gelöscht : user_pref("extensions.mysearchdial.sg", "none");
Zeile gelöscht : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Zeile gelöscht : user_pref("extensions.mysearchdial.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=tugumsd&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyEtCzytB0D0FtB0AtC0BtN0D0Tzu0CyDtCtDtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.vrsn", "");
Zeile gelöscht : user_pref("extensions.mysearchdial.vrsni", "");
Zeile gelöscht : user_pref("extensions.mysearchdial_i.hmpg", true);
Zeile gelöscht : user_pref("extensions.mysearchdial_i.newTab", false);
Zeile gelöscht : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.mysearchdial_i.vrsnTs", "19:13:30");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://feed.snap.do/?publisher=TubeBox&dpid=TubeBox&co=DE&userid=e788c57d-14e0-4d3a-acea-9bf32f3f5307&searchtype=ds&installDate=26/09/2013&q=");

[ Datei : C:\Users\Selina\AppData\Roaming\Mozilla\Firefox\Profiles\c88vk4yv.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=F8A600FF33C882A8&affID=122304&tt=180613_ndt1&tsp=4921");
Zeile gelöscht : user_pref("browser.search.order.1", "Delta Search");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Delta Search");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "13f6acc1d9cfdee1ab76f6b9a6569b93");

-\\ Google Chrome v30.0.1599.101

[ Datei : C:\Users\Manh hao\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage
Gelöscht : urls_to_restore_on_startup

[ Datei : C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Selina\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [58346 octets] - [26/10/2013 17:57:15]
AdwCleaner[S0].txt - [53471 octets] - [26/10/2013 17:58:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [53532 octets] ##########
         
ist das ein problem wenn combofix keine log datei erstellt hat

Geändert von Manhhao (26.10.2013 um 17:15 Uhr)

Alt 26.10.2013, 17:31   #8
aharonov
/// TB-Ausbilder
 
Google youtube Facebook gesperrt - Standard

Google youtube Facebook gesperrt



Zitat:
ist das ein problem wenn combofix keine log datei erstellt hat
Ist Combofix denn normal durchgelaufen oder abgestürtzt?
Findest du kein Log unter C:\Combofix.txt oder im Ordner C:\Qoobox?
__________________
cheers,
Leo

Alt 17.11.2013, 22:09   #9
aharonov
/// TB-Ausbilder
 
Google youtube Facebook gesperrt - Standard

Google youtube Facebook gesperrt



Fehlende Rückmeldung
Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung mehr über neue Antworten.
Schreib mir eine PM, falls du das Thema doch wieder fortsetzen möchtest. Dann machen wir hier weiter.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass dein Rechner schon sauber ist.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________
cheers,
Leo

Antwort

Themen zu Google youtube Facebook gesperrt
facebook, facebook gesperrt, gesperrt, google, malwar, malware, seite, survey, versuche, warscheinlich, youtube



Ähnliche Themen: Google youtube Facebook gesperrt


  1. Kann nur Facebook, Google, Youtube und Wikipedia öffnen
    Netzwerk und Hardware - 23.07.2015 (3)
  2. Fehlermeldung bei Youtube und Facebook Virus ?oder anderes Problem?
    Alles rund um Windows - 01.07.2014 (4)
  3. Verschiedene Browser öffnen nur Facebook, Google & YouTube
    Plagegeister aller Art und deren Bekämpfung - 23.06.2014 (17)
  4. Kann nur noch Facebook Youtube und google öffnen :/
    Plagegeister aller Art und deren Bekämpfung - 04.06.2014 (3)
  5. Manche Webseiten wie Google, Youtube, Facebook,... von Survey gesperrt
    Plagegeister aller Art und deren Bekämpfung - 19.12.2013 (14)
  6. Windows 7: Google, Facebook, Youtube laden nicht/ lassen sich nicht öffnen
    Log-Analyse und Auswertung - 19.11.2013 (19)
  7. Werbung auf Facebook, Youtube, etc. Instant Saving App deinstallieren!
    Plagegeister aller Art und deren Bekämpfung - 15.07.2013 (51)
  8. Werbung auf Google, Youtube, Facebook, etc.
    Plagegeister aller Art und deren Bekämpfung - 11.06.2013 (14)
  9. Attention Required; Google, Youtube und viele andere Websiten sind gesperrt
    Plagegeister aller Art und deren Bekämpfung - 12.04.2013 (21)
  10. Internetseiten wie Google und YouTube sind gesperrt
    Plagegeister aller Art und deren Bekämpfung - 03.04.2013 (23)
  11. Internetseiten wie Google, Facebook etc. gesperrt
    Plagegeister aller Art und deren Bekämpfung - 26.03.2013 (17)
  12. Facebook, Youtube , Google, etc durch Surveys gesperrt!
    Plagegeister aller Art und deren Bekämpfung - 04.03.2013 (19)
  13. Facebook,google usw gesperrt
    Plagegeister aller Art und deren Bekämpfung - 20.02.2013 (11)
  14. Kein Zugriff mehr auf YouTube, Facebook, Google,Ebay und tumblr
    Plagegeister aller Art und deren Bekämpfung - 12.02.2013 (1)
  15. Seitenladefehler IE,Firefox bei jeglicher anmeldung (GMX, Facebook,youtube,Google)
    Plagegeister aller Art und deren Bekämpfung - 22.01.2012 (1)
  16. Facebook, Youtube Seiten-Ladefehler (keine Wartungsarbeiten)
    Plagegeister aller Art und deren Bekämpfung - 24.01.2011 (3)

Zum Thema Google youtube Facebook gesperrt - Hallo also kommen wir zum problem immer wenn ich versuche google youtube facebook zu öffnen kommt eine seite wo ich ein survey vervollständigen muss. es handelt sich warscheinlich um eine - Google youtube Facebook gesperrt...
Archiv
Du betrachtest: Google youtube Facebook gesperrt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.