| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Internetexplorer - ständige Popups und Werbung von jsf.sticket.netWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
21.11.2013, 17:47
| #1 |
| |  Internetexplorer - ständige Popups und Werbung von jsf.sticket.net Hallo Schrauber, herzlichen Dank für die Unterstützung!  Der Übeltäter war der Download eines "total sicheren Programms" für die Schule meiner Tochter  Hier die Logs in der gewünschten Reihenfolge: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.11.21.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16736 Andy :: ANDY-LAPTOP [Administrator] Schutz: Aktiviert 21.11.2013 17:06:33 mbam-log-2013-11-21 (17-06-33).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 227834 Laufzeit: 4 Minute(n), 29 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 2 HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 1 C:\Program Files (x86)\IminentToolbar (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 3 C:\Users\Andy\Downloads\Geogebra.exe (PUP.Optional.Firseria) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Andy\Downloads\GeoGebra_brie.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Andy\Downloads\setup.exe (PUP.Optional.AirInstaller) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter # AdwCleaner v3.012 - Bericht erstellt am 21/11/2013 um 17:19:40
# Updated 11/11/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Andy - ANDY-LAPTOP
# Gestartet von : C:\Users\Andy\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : Partner Service
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\ViewPassword
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD000E12-C224-49A5-899E-0B37DBD95F15}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DD000E12-C224-49A5-899E-0B37DBD95F15}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DD000E12-C224-49A5-899E-0B37DBD95F15}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DD000E12-C224-49A5-899E-0B37DBD95F15}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16736
*************************
AdwCleaner[R0].txt - [12486 octets] - [21/11/2013 17:18:39]
AdwCleaner[S0].txt - [12133 octets] - [21/11/2013 17:19:40]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12194 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Andy on 21.11.2013 at 17:27:52,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.11.2013 at 17:35:50,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013
Ran by Andy (administrator) on ANDY-LAPTOP on 21-11-2013 17:40:20
Running from C:\Users\Andy\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(X10) C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\wmi64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IntelPAN] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2294568 2010-09-03] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12661352 2011-08-01] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2264168 2011-07-13] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-10-20] (Google Inc.)
HKLM-x32\...\Run: [HotkeyApp] - C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [207400 2011-08-06] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] - C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2011-08-06] (Wistron Corp.)
HKLM-x32\...\Run: [LMgrOSD] - "C:\Program Files (x86)\Launch Manager\OSDCtrl.exe"
HKLM-x32\...\Run: [Wbutton] - C:\Program Files (x86)\Launch Manager\WButton.exe [447016 2011-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-03] (CyberLink)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\Default\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-22] ()
HKU\Default User\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-22] ()
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [245872 2013-03-11] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [201576 2013-03-11] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7E551A6772D2CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {90FF14CB-CCB0-4BEB-A19D-05E94A5FF385} URL =
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\..\Interfaces\{03825670-E143-4A1C-9D66-6B83C604CAAB}: [NameServer]192.168.178.1
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [jmojojliiicbbihpjmiepllaiflnjobc] - C:\Program Files (x86)\ViewPassword\134.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx
==================== Services (Whitelisted) =================
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-21] (Kaspersky Lab ZAO)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-12-14] ()
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248704 2013-04-30] ()
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2011-08-06] (Wistron Corp.)
R2 x10nets; C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe [20480 2009-11-07] (X10)
==================== Drivers (Whitelisted) ====================
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2011-08-10] (ITE )
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-09] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [623200 2013-11-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-21] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-21] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-21] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178784 2013-06-06] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 mod7764; C:\Windows\System32\DRIVERS\mod77-64.sys [1077416 2010-09-16] (DiBcom SA)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254976 2010-07-15] (Jungo)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [15896 2009-05-13] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [32792 2009-05-13] (X10 Wireless Technology, Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-21 17:40 - 2013-11-21 17:40 - 00015364 _____ C:\Users\Andy\Desktop\FRST.txt
2013-11-21 17:35 - 2013-11-21 17:35 - 00000624 _____ C:\Users\Andy\Desktop\JRT.txt
2013-11-21 17:27 - 2013-11-21 17:27 - 00000000 ____D C:\Windows\ERUNT
2013-11-21 17:26 - 2013-11-21 17:26 - 01034531 _____ (Thisisu) C:\Users\Andy\Desktop\JRT.exe
2013-11-21 17:21 - 2013-11-21 17:21 - 00012455 _____ C:\Users\Andy\Desktop\AdwCleaner[S0].txt
2013-11-21 17:18 - 2013-11-21 17:19 - 00000000 ____D C:\AdwCleaner
2013-11-21 17:17 - 2013-11-21 17:17 - 01085542 _____ C:\Users\Andy\Desktop\adwcleaner.exe
2013-11-21 17:01 - 2013-11-21 17:01 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-21 17:01 - 2013-11-21 17:01 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Malwarebytes
2013-11-21 17:01 - 2013-11-21 17:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-21 17:01 - 2013-11-21 17:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-21 17:01 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-20 17:23 - 2013-11-20 17:23 - 00000000 ____D C:\FRST
2013-11-20 17:21 - 2013-11-20 17:22 - 01957964 _____ (Farbar) C:\Users\Andy\Desktop\FRST64.exe
2013-11-20 17:10 - 2013-11-20 17:09 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-11-20 17:10 - 2013-11-20 17:09 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-11-20 17:10 - 2013-11-20 17:09 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-11-20 17:10 - 2013-11-20 17:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-11-20 17:09 - 2013-11-20 17:09 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-18 22:09 - 2013-11-18 22:09 - 00003600 _____ C:\Windows\system32\.crusader
2013-11-18 21:02 - 2013-11-18 21:02 - 00000145 _____ C:\Users\Andy\Downloads\b0h8hsrz408070d0.js
2013-11-18 17:03 - 2013-11-18 22:09 - 00000000 ____D C:\ProgramData\HitmanPro
2013-11-17 12:41 - 2013-11-17 12:41 - 00009216 _____ C:\Users\Andy\Downloads\6EckPyra.ggb
2013-11-17 12:41 - 2013-11-17 12:41 - 00009216 _____ C:\Users\Andy\Downloads\6EckPyra (1).ggb
2013-11-17 12:38 - 2013-11-17 12:38 - 00011764 _____ C:\Users\Andy\Downloads\Walmdach.ggb
2013-11-16 14:32 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-16 14:32 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-16 14:32 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-16 14:32 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-16 14:32 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-16 14:32 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-16 14:32 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-16 14:32 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-16 14:32 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-16 14:32 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-16 14:32 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-16 14:32 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-16 14:32 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-16 14:32 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-16 14:32 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-16 14:32 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-16 14:32 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-16 14:32 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-16 14:32 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-16 14:32 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-16 14:32 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-16 14:32 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-16 14:32 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-16 14:32 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-16 14:32 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-16 14:32 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-16 14:32 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-16 14:32 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-16 14:32 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-16 14:32 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-16 14:32 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-14 15:45 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 15:45 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 15:45 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 15:45 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 15:45 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 15:45 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 15:45 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 15:45 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 15:45 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 15:45 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 15:45 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 15:45 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 15:45 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 15:45 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 15:45 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 15:45 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 15:45 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 15:45 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 15:45 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 15:45 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 15:45 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 15:45 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 15:45 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 15:45 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 15:45 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-14 15:44 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 15:44 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 15:44 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 15:44 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 15:44 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-10 14:12 - 2013-11-10 14:12 - 00002006 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2013-11-10 14:12 - 2013-11-10 14:12 - 00001996 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2013-11-10 14:12 - 2013-11-10 14:12 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-11-10 14:12 - 2013-11-10 14:12 - 00000000 ____D C:\Users\Andy\AppData\Local\Samsung
2013-11-10 14:12 - 2013-08-21 05:31 - 00204568 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2013-11-10 14:12 - 2013-08-21 05:31 - 00103576 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2013-11-10 14:11 - 2013-10-30 12:13 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2013-11-10 14:11 - 2013-10-30 12:06 - 00821824 _____ (Devguru Co., Ltd.) C:\Windows\SysWOW64\dgderapi.dll
2013-11-10 14:10 - 2013-11-10 14:12 - 00000000 ____D C:\ProgramData\Samsung
2013-11-10 14:05 - 2013-11-10 14:06 - 69675592 _____ (Samsung Electronics Co., Ltd. ) C:\Users\Andy\Downloads\KiesSetup.exe
2013-11-10 13:57 - 2013-11-10 13:57 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-11-10 13:48 - 2013-11-10 13:48 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2013-11-10 13:47 - 2013-11-10 14:12 - 00000000 ____D C:\Users\Andy\Documents\SelfMV
2013-11-10 13:47 - 2013-11-10 14:12 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-11-10 13:47 - 2013-11-10 14:09 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Samsung
2013-11-10 13:47 - 2013-11-10 13:47 - 00000000 ____D C:\Users\Andy\Documents\samsung
2013-11-10 13:46 - 2013-11-10 14:09 - 00000000 ____D C:\Users\Andy\AppData\Local\Downloaded Installations
2013-11-09 19:41 - 2013-11-09 19:42 - 00000000 ____D C:\Users\Andy\AppData\Local\Microsoft Games
2013-11-07 14:22 - 2013-11-07 14:22 - 00005486 _____ C:\Users\Andy\Downloads\Schragbild eines quadrqt.ggb leo.ggb
2013-11-06 18:03 - 2013-11-06 18:04 - 00005496 _____ C:\Users\Andy\Downloads\Schragbild eines quadrqt.ggb
2013-11-06 17:51 - 2013-11-06 17:51 - 00001855 _____ C:\Users\Public\Desktop\GeoGebra.lnk
2013-11-06 17:51 - 2013-11-06 17:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-06 17:51 - 2013-11-06 17:51 - 00000000 ____D C:\Program Files (x86)\GeoGebra 4.2
2013-11-06 17:50 - 2013-11-21 17:40 - 00000396 _____ C:\Windows\Tasks\ViewPassword Update.job
2013-11-06 17:50 - 2013-11-06 17:56 - 00000866 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-11-06 17:50 - 2013-11-06 17:50 - 00003042 _____ C:\Windows\System32\Tasks\ViewPassword Update
2013-11-02 12:49 - 2010-07-15 12:09 - 00147456 _____ (Jungo) C:\Windows\SysWOW64\wdapi901.dll
2013-11-02 12:39 - 2013-11-02 12:39 - 00002041 _____ C:\Users\Public\Desktop\Cas Interface Studio 9.8.2.lnk
2013-11-02 12:39 - 2010-07-15 11:53 - 00254976 _____ (Jungo) C:\Windows\system32\Drivers\windrvr6.sys
2013-11-02 12:38 - 2013-11-02 12:38 - 00000000 ____D C:\Program Files (x86)\Duolabs
2013-11-02 12:37 - 2013-11-02 12:37 - 00000000 ____D C:\Windows\Downloaded Installations
2013-11-02 12:22 - 2013-11-02 12:23 - 00000000 ____D C:\Users\Andy\Downloads\CAS Studio
2013-11-02 12:13 - 2013-11-02 13:22 - 00000000 ____D C:\Users\Andy\DCC
2013-10-31 16:56 - 2013-10-31 16:56 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-10-31 16:50 - 2013-10-31 16:50 - 00000000 ____D C:\Users\Andy\AppData\Local\Adobe
2013-10-30 12:07 - 2013-10-30 12:07 - 00330240 _____ ((주)마크애니) C:\Windows\MASetupCaller.dll
2013-10-30 12:07 - 2013-10-30 12:07 - 00090112 _____ ((주)마크애니) C:\Windows\MAMCityDownload.ocx
2013-10-30 12:07 - 2013-10-30 12:07 - 00030568 _____ () C:\Windows\MusiccityDownload.exe
2013-10-30 12:06 - 2013-10-30 12:06 - 00974848 _____ C:\Windows\SysWOW64\cis-2.4.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00569344 _____ ((c) MusicCity) C:\Windows\SysWOW64\muzdecode.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00491520 _____ (Musiccity Co.Ltd.) C:\Windows\SysWOW64\muzapp.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00352256 _____ (Sample Corporation) C:\Windows\SysWOW64\MSLUR71.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00258048 _____ ((c) PeeringPortal) C:\Windows\SysWOW64\muzoggsp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00245760 _____ (Teruten Inc.) C:\Windows\SysWOW64\MSCLib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00200704 _____ ( (c) MusicCity) C:\Windows\SysWOW64\muzwmts.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00172032 _____ (Musiccity Co.Ltd.) C:\Windows\SysWOW64\muzapp.exe
2013-10-30 12:06 - 2013-10-30 12:06 - 00155648 _____ (Teruten Inc.) C:\Windows\SysWOW64\MSFLib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00143360 _____ C:\Windows\SysWOW64\3DAudio.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00135168 _____ (Musiccity Co.Ltd.) C:\Windows\SysWOW64\muzaf1.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00131072 _____ ((c) MusicCity) C:\Windows\SysWOW64\muzmpgsp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00122880 _____ ((c) MUSICCITY) C:\Windows\SysWOW64\muzeffect.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00118784 _____ ((주)마크애니) C:\Windows\SysWOW64\MaDRM.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00110592 _____ ((c) MusicCity) C:\Windows\SysWOW64\muzmp4sp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00081920 _____ C:\Windows\SysWOW64\issacapi_bs-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00065536 _____ C:\Windows\SysWOW64\issacapi_pe-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ C:\Windows\SysWOW64\issacapi_se-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ (Marktek) C:\Windows\SysWOW64\MK_Lyric.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ (Marktek Inc.) C:\Windows\SysWOW64\MTXSYNCICON.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00049152 _____ ((주) 마크애니) C:\Windows\SysWOW64\MaJGUILib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045320 _____ (MARKANY) C:\Windows\SysWOW64\MAMACExtract.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045056 _____ ((주) 마크애니) C:\Windows\SysWOW64\MaXMLProto.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045056 _____ ((주) 마크애니) C:\Windows\SysWOW64\MACXMLProto.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00040960 _____ (Telechips Inc.,) C:\Windows\SysWOW64\MTTELECHIP.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00024576 _____ ((주)마크애니) C:\Windows\SysWOW64\MASetupCleaner.exe
2013-10-30 06:38 - 2013-10-30 06:38 - 17813896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-10-29 21:44 - 2013-11-21 17:38 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-29 21:44 - 2013-10-30 06:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-29 21:44 - 2013-10-30 06:38 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-29 21:44 - 2013-10-29 21:44 - 00000000 ____D C:\Windows\system32\Macromed
2013-10-25 16:07 - 2013-10-25 16:07 - 00000000 ____D C:\Users\Andy\AppData\Roaming\NVIDIA
2013-10-23 20:38 - 2013-10-23 20:38 - 00002126 _____ C:\Users\Andy\Desktop\Minecraft.lnk
2013-10-23 20:38 - 2013-10-23 20:38 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2013-10-23 20:37 - 2013-09-23 11:11 - 66729528 _____ (TeamExtreme ) C:\Users\Andy\Downloads\Minecraft 1.6.4.exe
2013-10-23 20:14 - 2013-10-23 20:37 - 66729611 _____ C:\Users\Andy\Downloads\Minecraft.v1.6.4.CRACKED-P2P.rar
2013-10-22 21:19 - 2013-11-20 17:10 - 00000000 ____D C:\ProgramData\Oracle
2013-10-22 21:09 - 2013-10-22 21:09 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Windows Live Writer
2013-10-22 21:09 - 2013-10-22 21:09 - 00000000 ____D C:\Users\Andy\AppData\Local\Windows Live Writer
2013-10-22 20:53 - 2013-10-27 09:54 - 00000000 ____D C:\Users\Andy\AppData\Roaming\.minecraft
2013-10-22 20:41 - 2013-10-22 20:43 - 46814101 _____ C:\Users\Andy\Downloads\mccrack.rar
2013-10-22 20:00 - 2013-10-22 20:00 - 00000000 ____D C:\Users\Andy\AppData\Roaming\WinRAR
2013-10-22 20:00 - 2013-10-22 20:00 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-10-22 19:59 - 2013-10-22 20:46 - 00000000 ____D C:\Users\Andy\Downloads\WinRar5.0DeutschEnglisch5
2013-10-22 19:59 - 2013-10-22 20:46 - 00000000 ____D C:\Program Files\WinRAR
2013-10-22 16:46 - 2013-10-22 16:46 - 00000000 ___HD C:\ProgramData\CanonBJ
2013-10-22 16:36 - 2013-10-22 16:36 - 05368984 _____ C:\Users\Andy\Downloads\mypr-win-3_1_0-ea11_2.exe
2013-10-22 16:36 - 2013-10-22 16:36 - 00000000 ____D C:\Program Files\Canon
2013-10-22 16:36 - 2013-10-22 16:36 - 00000000 ____D C:\Program Files (x86)\Canon
2013-10-22 15:59 - 2013-10-22 15:59 - 00001164 _____ C:\Users\Public\Desktop\Synology Assistant.lnk
2013-10-22 15:59 - 2013-10-22 15:59 - 00000000 ____D C:\ProgramData\Synology
2013-10-22 15:59 - 2013-10-22 15:59 - 00000000 ____D C:\Program Files (x86)\Synology
==================== One Month Modified Files and Folders =======
2013-11-21 17:41 - 2013-11-21 17:40 - 00015364 _____ C:\Users\Andy\Desktop\FRST.txt
2013-11-21 17:41 - 2013-10-20 19:22 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-21 17:40 - 2013-11-06 17:50 - 00000396 _____ C:\Windows\Tasks\ViewPassword Update.job
2013-11-21 17:38 - 2013-10-29 21:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-21 17:38 - 2013-10-20 19:27 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-11-21 17:37 - 2013-10-20 19:22 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-21 17:37 - 2011-08-10 20:14 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-21 17:37 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-21 17:37 - 2009-07-14 05:51 - 00056726 _____ C:\Windows\setupact.log
2013-11-21 17:36 - 2013-10-20 19:19 - 01451083 _____ C:\Windows\WindowsUpdate.log
2013-11-21 17:35 - 2013-11-21 17:35 - 00000624 _____ C:\Users\Andy\Desktop\JRT.txt
2013-11-21 17:28 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-21 17:28 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-21 17:27 - 2013-11-21 17:27 - 00000000 ____D C:\Windows\ERUNT
2013-11-21 17:26 - 2013-11-21 17:26 - 01034531 _____ (Thisisu) C:\Users\Andy\Desktop\JRT.exe
2013-11-21 17:21 - 2013-11-21 17:21 - 00012455 _____ C:\Users\Andy\Desktop\AdwCleaner[S0].txt
2013-11-21 17:19 - 2013-11-21 17:18 - 00000000 ____D C:\AdwCleaner
2013-11-21 17:17 - 2013-11-21 17:17 - 01085542 _____ C:\Users\Andy\Desktop\adwcleaner.exe
2013-11-21 17:14 - 2010-11-21 04:47 - 00044436 _____ C:\Windows\PFRO.log
2013-11-21 17:01 - 2013-11-21 17:01 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-21 17:01 - 2013-11-21 17:01 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Malwarebytes
2013-11-21 17:01 - 2013-11-21 17:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-21 17:01 - 2013-11-21 17:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-20 21:22 - 2013-10-21 20:29 - 00000000 ____D C:\Users\Andy\Documents\Outlook-Dateien
2013-11-20 17:23 - 2013-11-20 17:23 - 00000000 ____D C:\FRST
2013-11-20 17:22 - 2013-11-20 17:21 - 01957964 _____ (Farbar) C:\Users\Andy\Desktop\FRST64.exe
2013-11-20 17:10 - 2013-10-22 21:19 - 00000000 ____D C:\ProgramData\Oracle
2013-11-20 17:09 - 2013-11-20 17:10 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-11-20 17:09 - 2013-11-20 17:10 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-11-20 17:09 - 2013-11-20 17:10 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-11-20 17:09 - 2013-11-20 17:10 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-11-20 17:09 - 2013-11-20 17:09 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-20 01:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-19 17:18 - 2011-08-10 00:07 - 00654166 _____ C:\Windows\system32\perfh007.dat
2013-11-19 17:18 - 2011-08-10 00:07 - 00130006 _____ C:\Windows\system32\perfc007.dat
2013-11-19 17:18 - 2009-07-14 06:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-19 17:09 - 2009-07-14 06:08 - 00003402 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-18 22:09 - 2013-11-18 22:09 - 00003600 _____ C:\Windows\system32\.crusader
2013-11-18 22:09 - 2013-11-18 17:03 - 00000000 ____D C:\ProgramData\HitmanPro
2013-11-18 21:48 - 2013-10-20 19:30 - 00000000 ____D C:\Users\Andy
2013-11-18 21:02 - 2013-11-18 21:02 - 00000145 _____ C:\Users\Andy\Downloads\b0h8hsrz408070d0.js
2013-11-17 12:41 - 2013-11-17 12:41 - 00009216 _____ C:\Users\Andy\Downloads\6EckPyra.ggb
2013-11-17 12:41 - 2013-11-17 12:41 - 00009216 _____ C:\Users\Andy\Downloads\6EckPyra (1).ggb
2013-11-17 12:38 - 2013-11-17 12:38 - 00011764 _____ C:\Users\Andy\Downloads\Walmdach.ggb
2013-11-16 14:33 - 2013-10-21 18:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-16 14:30 - 2013-10-20 20:49 - 00000000 ____D C:\Windows\system32\MRT
2013-11-16 14:27 - 2011-08-10 16:28 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-10 14:12 - 2013-11-10 14:12 - 00002006 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2013-11-10 14:12 - 2013-11-10 14:12 - 00001996 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2013-11-10 14:12 - 2013-11-10 14:12 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-11-10 14:12 - 2013-11-10 14:12 - 00000000 ____D C:\Users\Andy\AppData\Local\Samsung
2013-11-10 14:12 - 2013-11-10 14:10 - 00000000 ____D C:\ProgramData\Samsung
2013-11-10 14:12 - 2013-11-10 13:47 - 00000000 ____D C:\Users\Andy\Documents\SelfMV
2013-11-10 14:12 - 2013-11-10 13:47 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-11-10 14:11 - 2011-08-10 18:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-10 14:09 - 2013-11-10 13:47 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Samsung
2013-11-10 14:09 - 2013-11-10 13:46 - 00000000 ____D C:\Users\Andy\AppData\Local\Downloaded Installations
2013-11-10 14:06 - 2013-11-10 14:05 - 69675592 _____ (Samsung Electronics Co., Ltd. ) C:\Users\Andy\Downloads\KiesSetup.exe
2013-11-10 13:57 - 2013-11-10 13:57 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-11-10 13:48 - 2013-11-10 13:48 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2013-11-10 13:47 - 2013-11-10 13:47 - 00000000 ____D C:\Users\Andy\Documents\samsung
2013-11-09 19:42 - 2013-11-09 19:41 - 00000000 ____D C:\Users\Andy\AppData\Local\Microsoft Games
2013-11-09 17:30 - 2013-08-14 11:40 - 00623200 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-11-09 17:30 - 2013-05-06 08:22 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2013-11-07 14:22 - 2013-11-07 14:22 - 00005486 _____ C:\Users\Andy\Downloads\Schragbild eines quadrqt.ggb leo.ggb
2013-11-06 18:04 - 2013-11-06 18:03 - 00005496 _____ C:\Users\Andy\Downloads\Schragbild eines quadrqt.ggb
2013-11-06 17:56 - 2013-11-06 17:50 - 00000866 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-11-06 17:51 - 2013-11-06 17:51 - 00001855 _____ C:\Users\Public\Desktop\GeoGebra.lnk
2013-11-06 17:51 - 2013-11-06 17:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-06 17:51 - 2013-11-06 17:51 - 00000000 ____D C:\Program Files (x86)\GeoGebra 4.2
2013-11-06 17:51 - 2013-10-21 15:58 - 00000000 ____D C:\Users\Andy\AppData\Local\Google
2013-11-06 17:50 - 2013-11-06 17:50 - 00003042 _____ C:\Windows\System32\Tasks\ViewPassword Update
2013-11-02 13:22 - 2013-11-02 12:13 - 00000000 ____D C:\Users\Andy\DCC
2013-11-02 12:49 - 2013-10-20 19:30 - 00000000 ____D C:\Users\Andy\AppData\Local\VirtualStore
2013-11-02 12:39 - 2013-11-02 12:39 - 00002041 _____ C:\Users\Public\Desktop\Cas Interface Studio 9.8.2.lnk
2013-11-02 12:38 - 2013-11-02 12:38 - 00000000 ____D C:\Program Files (x86)\Duolabs
2013-11-02 12:37 - 2013-11-02 12:37 - 00000000 ____D C:\Windows\Downloaded Installations
2013-11-02 12:23 - 2013-11-02 12:22 - 00000000 ____D C:\Users\Andy\Downloads\CAS Studio
2013-11-01 16:20 - 2011-08-09 23:56 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-11-01 16:20 - 2011-04-12 09:28 - 00000000 ____D C:\Program Files\Windows Journal
2013-11-01 16:20 - 2011-04-12 09:17 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-11-01 16:20 - 2011-04-12 09:17 - 00000000 ____D C:\Windows\SysWOW64\WCN
2013-11-01 16:20 - 2011-04-12 09:17 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2013-11-01 16:20 - 2011-04-12 09:17 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2013-11-01 16:20 - 2011-04-12 09:17 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2013-11-01 16:20 - 2011-04-12 09:17 - 00000000 ____D C:\Windows\system32\winrm
2013-11-01 16:20 - 2011-04-12 09:17 - 00000000 ____D C:\Windows\system32\WCN
2013-11-01 16:20 - 2011-04-12 09:17 - 00000000 ____D C:\Windows\system32\slmgr
2013-11-01 16:20 - 2011-04-12 09:17 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-11-01 16:20 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-11-01 16:20 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-11-01 16:20 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-11-01 16:20 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2013-11-01 16:20 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-11-01 16:20 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-11-01 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2013-11-01 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-11-01 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-11-01 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-11-01 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-11-01 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\com
2013-11-01 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-11-01 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Setup
2013-11-01 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\oobe
2013-11-01 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\MUI
2013-11-01 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\migwiz
2013-11-01 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2013-11-01 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing
2013-11-01 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\IME
2013-11-01 16:20 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-11-01 16:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\com
2013-11-01 16:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\sl-SI
2013-11-01 16:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\sl-SI
2013-10-31 16:56 - 2013-10-31 16:56 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-10-31 16:51 - 2011-08-10 19:59 - 00000000 ____D C:\ProgramData\Adobe
2013-10-31 16:50 - 2013-10-31 16:50 - 00000000 ____D C:\Users\Andy\AppData\Local\Adobe
2013-10-31 16:50 - 2013-10-20 21:59 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Adobe
2013-10-30 12:13 - 2013-11-10 14:11 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2013-10-30 12:07 - 2013-10-30 12:07 - 00330240 _____ ((주)마크애니) C:\Windows\MASetupCaller.dll
2013-10-30 12:07 - 2013-10-30 12:07 - 00090112 _____ ((주)마크애니) C:\Windows\MAMCityDownload.ocx
2013-10-30 12:07 - 2013-10-30 12:07 - 00030568 _____ () C:\Windows\MusiccityDownload.exe
2013-10-30 12:06 - 2013-11-10 14:11 - 00821824 _____ (Devguru Co., Ltd.) C:\Windows\SysWOW64\dgderapi.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00974848 _____ C:\Windows\SysWOW64\cis-2.4.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00569344 _____ ((c) MusicCity) C:\Windows\SysWOW64\muzdecode.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00491520 _____ (Musiccity Co.Ltd.) C:\Windows\SysWOW64\muzapp.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00352256 _____ (Sample Corporation) C:\Windows\SysWOW64\MSLUR71.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00258048 _____ ((c) PeeringPortal) C:\Windows\SysWOW64\muzoggsp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00245760 _____ (Teruten Inc.) C:\Windows\SysWOW64\MSCLib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00200704 _____ ( (c) MusicCity) C:\Windows\SysWOW64\muzwmts.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00172032 _____ (Musiccity Co.Ltd.) C:\Windows\SysWOW64\muzapp.exe
2013-10-30 12:06 - 2013-10-30 12:06 - 00155648 _____ (Teruten Inc.) C:\Windows\SysWOW64\MSFLib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00143360 _____ C:\Windows\SysWOW64\3DAudio.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00135168 _____ (Musiccity Co.Ltd.) C:\Windows\SysWOW64\muzaf1.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00131072 _____ ((c) MusicCity) C:\Windows\SysWOW64\muzmpgsp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00122880 _____ ((c) MUSICCITY) C:\Windows\SysWOW64\muzeffect.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00118784 _____ ((주)마크애니) C:\Windows\SysWOW64\MaDRM.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00110592 _____ ((c) MusicCity) C:\Windows\SysWOW64\muzmp4sp.ax
2013-10-30 12:06 - 2013-10-30 12:06 - 00081920 _____ C:\Windows\SysWOW64\issacapi_bs-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00065536 _____ C:\Windows\SysWOW64\issacapi_pe-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ C:\Windows\SysWOW64\issacapi_se-2.3.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ (Marktek) C:\Windows\SysWOW64\MK_Lyric.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00057344 _____ (Marktek Inc.) C:\Windows\SysWOW64\MTXSYNCICON.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00049152 _____ ((주) 마크애니) C:\Windows\SysWOW64\MaJGUILib.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045320 _____ (MARKANY) C:\Windows\SysWOW64\MAMACExtract.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045056 _____ ((주) 마크애니) C:\Windows\SysWOW64\MaXMLProto.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00045056 _____ ((주) 마크애니) C:\Windows\SysWOW64\MACXMLProto.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00040960 _____ (Telechips Inc.,) C:\Windows\SysWOW64\MTTELECHIP.dll
2013-10-30 12:06 - 2013-10-30 12:06 - 00024576 _____ ((주)마크애니) C:\Windows\SysWOW64\MASetupCleaner.exe
2013-10-30 06:38 - 2013-10-30 06:38 - 17813896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-10-30 06:38 - 2013-10-29 21:44 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-30 06:38 - 2013-10-29 21:44 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-30 06:38 - 2011-08-10 20:00 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-29 21:44 - 2013-10-29 21:44 - 00000000 ____D C:\Windows\system32\Macromed
2013-10-28 17:15 - 2013-10-20 21:59 - 00000000 __SHD C:\Users\Andy\AppData\Roaming\.#
2013-10-27 09:54 - 2013-10-22 20:53 - 00000000 ____D C:\Users\Andy\AppData\Roaming\.minecraft
2013-10-26 18:53 - 2013-10-20 19:30 - 00001425 _____ C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-25 16:07 - 2013-10-25 16:07 - 00000000 ____D C:\Users\Andy\AppData\Roaming\NVIDIA
2013-10-23 20:38 - 2013-10-23 20:38 - 00002126 _____ C:\Users\Andy\Desktop\Minecraft.lnk
2013-10-23 20:38 - 2013-10-23 20:38 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2013-10-23 20:37 - 2013-10-23 20:14 - 66729611 _____ C:\Users\Andy\Downloads\Minecraft.v1.6.4.CRACKED-P2P.rar
2013-10-22 21:09 - 2013-10-22 21:09 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Windows Live Writer
2013-10-22 21:09 - 2013-10-22 21:09 - 00000000 ____D C:\Users\Andy\AppData\Local\Windows Live Writer
2013-10-22 20:46 - 2013-10-22 19:59 - 00000000 ____D C:\Users\Andy\Downloads\WinRar5.0DeutschEnglisch5
2013-10-22 20:46 - 2013-10-22 19:59 - 00000000 ____D C:\Program Files\WinRAR
2013-10-22 20:43 - 2013-10-22 20:41 - 46814101 _____ C:\Users\Andy\Downloads\mccrack.rar
2013-10-22 20:00 - 2013-10-22 20:00 - 00000000 ____D C:\Users\Andy\AppData\Roaming\WinRAR
2013-10-22 20:00 - 2013-10-22 20:00 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-10-22 16:46 - 2013-10-22 16:46 - 00000000 ___HD C:\ProgramData\CanonBJ
2013-10-22 16:42 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-10-22 16:36 - 2013-10-22 16:36 - 05368984 _____ C:\Users\Andy\Downloads\mypr-win-3_1_0-ea11_2.exe
2013-10-22 16:36 - 2013-10-22 16:36 - 00000000 ____D C:\Program Files\Canon
2013-10-22 16:36 - 2013-10-22 16:36 - 00000000 ____D C:\Program Files (x86)\Canon
2013-10-22 16:05 - 2013-10-21 15:58 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Google
2013-10-22 15:59 - 2013-10-22 15:59 - 00001164 _____ C:\Users\Public\Desktop\Synology Assistant.lnk
2013-10-22 15:59 - 2013-10-22 15:59 - 00000000 ____D C:\ProgramData\Synology
2013-10-22 15:59 - 2013-10-22 15:59 - 00000000 ____D C:\Program Files (x86)\Synology
Some content of TEMP:
====================
C:\Users\Andy\AppData\Local\Temp\HitmanPro.exe
C:\Users\Andy\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-20 01:00
==================== End Of Log ============================
--- --- --- |
|
| Themen zu Internetexplorer - ständige Popups und Werbung von jsf.sticket.net |
| computer, ergebnis, explorer, gefährdet, gemeinde, interne, internetexplorer, kaspersky, klicke, klicken, meldungen, nichts, notebook, pup.optional.airinstaller, pup.optional.conduit.a, pup.optional.firseria, pup.optional.iminent.a, seite, seiten, tagen, werbung, windows 7, öffnen |
Hybrid-Darstellung
