| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: "FREEMIUM Software-Updater"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
31.12.2013, 16:14
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  "FREEMIUM Software-Updater" Was wurde da jetzt noch gefunden? Nochmal: Bitte alle Logs vollständig posten!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
01.01.2014, 14:21
| #17 |
 | "FREEMIUM Software-Updater" Muss leider jetzt weg, also müssen wir das wohl auf morgen verschieben, vorrausgesetzt du bist dann da.
__________________Guten rutsch ins neue Jahr & danke für deine Hilfe FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013 01
Ran by Daniel (administrator) on DANIEL-PC on 01-01-2014 13:41:26
Running from C:\Users\Daniel\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Daniel\AppData\Roaming\Spotify\spotify.exe
() C:\Program Files (x86)\puush\puush.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint II\SetPointII.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Akamai Technologies, Inc.) C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Support\couponsupport.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.Exe [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Freecorder FLV Service] - "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-02-06] (Google Inc.)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-05] (Spotify Ltd)
HKCU\...\Run: [VeodinKeyRocket] - "C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Veodin\KeyRocket.appref-ms"
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [Spotify] - C:\Users\Daniel\AppData\Roaming\Spotify\spotify.exe [5951488 2013-12-05] (Spotify Ltd)
HKCU\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2013-09-24] ()
MountPoints2: {0eb306cc-2e84-11e1-ab0b-806e6f6e6963} - E:\DisneySplash.exe
HKU\Default\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\Default\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\Default User\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\Default User\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\UpdatusUser\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\UpdatusUser\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKU\UpdatusUser\...\Run: [Google Update] - C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-02-06] (Google Inc.)
HKU\UpdatusUser\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\UpdatusUser\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\UpdatusUser\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6B64293A05C1CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN40970929134052857&UM=2&ctid=CT3311268&UP=SP31FB8AEA-5FBF-41C4-8820-03700BF3EE46&SSPV=
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=softpb&chnl=softpb&cd=2XzutAtN2Y1L1Qzuzz0Czzzy0AyDyC0B0E0B0CyCtA0C0CtDtN0D0TzutBtDtCtBtDyBtDzz&cr=1508898375
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=softpb&chnl=softpb&cd=2XzutAtN2Y1L1Qzuzz0Czzzy0AyDyC0B0E0B0CyCtA0C0CtDtN0D0TzutBtDtCtBtDyBtDzz&cr=1508898375
SearchScopes: HKLM-x32 - DefaultScope {51934A98-517C-47D9-B65F-04E20E3A642B} URL =
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=DE&userid=951801d2-6e3d-4e57-b59e-b4c18316ccc8&searchtype=ds&q={searchTerms}&installDate=05/04/2013
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP31FB8AEA-5FBF-41C4-8820-03700BF3EE46&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP31FB8AEA-5FBF-41C4-8820-03700BF3EE46&q={searchTerms}&SSPV=
SearchScopes: HKCU - {51934A98-517C-47D9-B65F-04E20E3A642B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3311268&CUI=UN40970929134052857&UM=2
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Daniel\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Daniel\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 09 C:\Windows\SysWOW64\tnnssdj39.dll [294912] (Intra Net Communications)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5B90CD70-E56C-4456-B65F-11601705E13B}: [NameServer]192.168.178.29,192.168.178.1
Tcpip\..\Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65}: [NameServer]192.168.178.60,192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default
FF user.js: detected! => C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\user.js
FF DefaultSearchEngine: WhiteSmoke New V6 Customized Web Search
FF NetworkProxy: "autoconfig_url", "file:///C:\\Users\\Daniel\\AppData\\Local\\Temp\\proxtube.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @idsoftware.com/QuakeLive - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\searchplugins\delta.xml
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\Extensions\ffxtlbr@babylon.com
FF Extension: softonic.com - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\Extensions\ffxtlbra@softonic.com
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\Extensions\staged
FF Extension: WhiteSmoke New V6 - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\Extensions\{da7f5ae1-3be3-43c0-8098-c1d183616e97}
FF Extension: BetterAds - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\Extensions\betterads@BetterAds.org.xpi
FF Extension: PutLockerDownloader V3.0 - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\Extensions\putlockerdownloader3@putlockerdownloader.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
Chrome:
=======
CHR HomePage: hxxp://youtube.de/
CHR RestoreOnStartup: "hxxp://youtube.de/"
CHR DefaultSearchURL: hxxp://www.google.com/search?q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.0.147) - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 7) - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (ProxMate - Proxy on steroids!) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki\3.1.6_0
CHR Extension: (Blood Moon Akali) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkipcmiifbaeoomjmiphhbadobknjjpo\1.0_0
CHR Extension: (Curling) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp\1.0.10_0
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Daniel\AppData\Local\funmoods-speeddial.crx
CHR HKLM\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Users\Daniel\AppData\Local\funmoods.crx
CHR HKLM-x32\...\Chrome\Extension: [cacclhdpfoingihegojhoipnihfnoaki] - C:\Users\Daniel\AppData\Local\MediaBA\betterads.crx
CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Daniel\AppData\Local\funmoods-speeddial.crx
CHR HKLM-x32\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Users\Daniel\AppData\Local\funmoods.crx
CHR HKLM-x32\...\Chrome\Extension: [ibcgjcbeckcdemelifnledhihpaighfk] - C:\Users\Daniel\AppData\Local\CRE\ibcgjcbeckcdemelifnledhihpaighfk.crx
CHR HKLM-x32\...\Chrome\Extension: [koalekbhpbggkcfhkkbolikjoaobbppi] - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 Dnscache; C:\Windows\System32\pouabtzv7.dll [354304 2012-06-02] (Parental Solutions Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4302576 2012-08-16] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-08-11] ()
S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [297984 2014-01-01] ()
R2 Update-Service; %SystemRoot%\System32\UpdSvc.dll [x]
==================== Drivers (Whitelisted) ====================
S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 1394hub; C:\Windows\SysWow64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S0 nvpciflt; system32\DRIVERS\nvpciflt.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-31 10:59 - 2013-12-31 11:18 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-30 21:10 - 2013-12-30 21:10 - 00000000 ____D C:\Users\Daniel\Downloads\+Bora 01 #Isdanny
2013-12-30 21:06 - 2013-12-30 21:06 - 05874386 _____ C:\Users\Daniel\Downloads\+Bora 01 #Isdanny.zip
2013-12-30 20:54 - 2013-12-30 20:54 - 00000000 ____D C:\ProgramData\Oracle
2013-12-30 20:54 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-30 20:53 - 2013-12-30 20:53 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-12-30 20:53 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-30 20:53 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-30 20:53 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-30 20:23 - 2013-12-31 10:59 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-12-30 20:23 - 2013-12-30 20:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-30 20:22 - 2013-12-31 11:18 - 00000000 ____D C:\Users\Daniel\Desktop\mbar
2013-12-30 20:22 - 2013-12-31 10:57 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-30 20:22 - 2013-12-30 20:22 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Daniel\Downloads\mbar-1.07.0.1008.exe
2013-12-30 19:23 - 2013-12-30 19:45 - 00033406 _____ C:\Users\Daniel\Downloads\Addition.txt
2013-12-30 19:22 - 2014-01-01 13:41 - 00022855 _____ C:\Users\Daniel\Downloads\FRST.txt
2013-12-30 19:22 - 2013-12-30 19:22 - 01931302 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2013-12-30 19:22 - 2013-12-30 19:22 - 00000000 ____D C:\FRST
2013-12-30 19:21 - 2013-12-30 19:21 - 01064199 _____ (Farbar) C:\Users\Daniel\Downloads\FRST.exe
2013-12-27 14:39 - 2013-12-27 14:39 - 00000000 ____D C:\Users\Daniel\AppData\Local\SoftwareUpdater
2013-12-26 22:34 - 2013-12-26 22:34 - 00001536 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-12-26 22:34 - 2013-12-26 22:34 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DVDVideoSoft
2013-12-26 22:34 - 2013-12-26 22:34 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-12-26 22:33 - 2013-12-26 22:33 - 34115288 _____ (DVDVideoSoft Ltd. ) C:\Users\Daniel\Downloads\FreeYouTube19ToMP3Converter.exe
2013-12-26 22:31 - 2014-01-01 13:36 - 00004208 _____ C:\Windows\System32\Tasks\Software Updater
2013-12-26 22:31 - 2014-01-01 13:36 - 00004172 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-12-26 22:31 - 2014-01-01 13:32 - 00000358 ____H C:\Windows\Tasks\couponsupport-S-649636217.job
2013-12-26 22:31 - 2013-12-26 22:33 - 00000000 ____D C:\Support
2013-12-26 22:31 - 2013-12-26 22:31 - 00002604 _____ C:\Windows\System32\Tasks\couponsupport-S-649636217
2013-12-26 22:31 - 2013-12-26 22:31 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2013-12-26 22:31 - 2013-12-26 22:31 - 00000000 ____D C:\Users\Administrator
2013-12-26 22:31 - 2013-12-26 22:31 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-12-26 22:29 - 2013-12-30 20:41 - 00000000 ____D C:\Users\Daniel\AppData\Local\DownloadGuide
2013-12-26 22:29 - 2013-12-26 22:29 - 00666088 _____ C:\Users\Daniel\Downloads\tubebox_4.4_de-DE.exe
2013-12-26 22:26 - 2013-12-26 22:26 - 00000000 ____D C:\Program Files (x86)\GreenTree Applications
2013-12-26 22:25 - 2013-12-26 22:25 - 11617048 _____ C:\Users\Daniel\Downloads\YTD471Setup.exe
2013-12-26 20:21 - 2013-12-26 20:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\DayZ
2013-12-26 20:21 - 2013-12-26 20:21 - 00000000 ____D C:\Users\Daniel\Documents\DayZ
2013-12-26 19:53 - 2013-12-26 19:53 - 00000222 _____ C:\Users\Daniel\Desktop\DayZ.url
2013-12-26 12:13 - 2013-12-26 12:13 - 00000219 _____ C:\Users\Daniel\Desktop\Left 4 Dead 2.url
2013-12-25 19:28 - 2013-12-25 19:28 - 00000000 ____D C:\Users\Daniel\Desktop\Arkosia2
2013-12-25 19:03 - 2013-12-25 19:27 - 1507763763 _____ C:\Users\Daniel\Downloads\Arkosia2.rar
2013-12-24 21:41 - 2013-12-24 21:41 - 74862095 _____ C:\Users\Daniel\Desktop\screenshot.rar
2013-12-24 21:41 - 2013-12-24 21:41 - 00000000 ____D C:\Users\Daniel\Desktop\screenshot
2013-12-22 21:21 - 2013-12-22 21:22 - 149955351 _____ C:\Users\Daniel\Desktop\Tinie Tempah - Demonstration (2013)_320 kbps {Aryan_l33t} [LittleFairyRG].rar
2013-12-22 20:31 - 2013-12-22 20:31 - 00000222 _____ C:\Users\Daniel\Desktop\Guns of Icarus Online.url
2013-12-22 13:34 - 2013-12-22 13:34 - 00351691 _____ C:\Users\Daniel\Desktop\Sprachmemo 003.m4a
2013-12-21 12:51 - 2013-12-21 12:51 - 00000000 ____D C:\Users\Daniel\Desktop\CloudDownloaderVersion2.0
2013-12-21 12:49 - 2013-12-21 12:49 - 00560306 _____ C:\Users\Daniel\Downloads\CloudDownloaderVersion2.0.zip
2013-12-21 12:46 - 2013-12-21 12:46 - 00008462 _____ C:\Users\Daniel\Desktop\calling-all-the-monsters-1.htm
2013-12-21 12:45 - 2013-12-21 12:45 - 00008462 _____ C:\Users\Daniel\Downloads\calling-all-the-monsters-1.htm
2013-12-15 17:30 - 2013-12-15 17:37 - 00000000 ____D C:\Users\Daniel\Downloads\Rihanna - Unapologetic
2013-12-15 17:25 - 2013-12-15 17:29 - 105545478 _____ C:\Users\Daniel\Downloads\Rihanna - Unapologetic.zip
2013-12-12 21:50 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 21:50 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 21:50 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 21:50 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 21:49 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 21:49 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 21:49 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 21:49 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 21:49 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 21:49 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 21:49 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 21:49 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 21:49 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 21:49 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 21:49 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 21:49 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 21:49 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 21:49 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 21:49 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 21:49 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 21:49 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 21:49 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 21:49 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 21:49 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 21:49 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 21:49 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 21:49 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 21:49 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 21:49 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 21:49 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 21:49 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 21:49 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 21:49 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 21:49 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 21:49 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 15:00 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 15:00 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 15:00 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 15:00 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 15:00 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 15:00 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 15:00 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 15:00 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 15:00 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 15:00 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 15:00 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-12 14:59 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 14:59 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 14:59 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 14:59 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 14:59 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 14:59 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 14:59 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 14:59 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 16:08 - 2013-12-12 15:11 - 00000000 ____D C:\Users\Daniel\Documents\DragonNest
2013-12-11 16:03 - 2013-12-11 16:03 - 00002169 _____ C:\Users\Daniel\Desktop\Dragon Nest Europe.lnk
2013-12-11 16:03 - 2013-12-11 16:03 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SDGi Europe
2013-12-11 15:57 - 2013-12-11 15:57 - 00000000 ____D C:\Program Files (x86)\SDGi Europe
2013-12-10 22:20 - 2013-12-10 22:45 - 3858935200 _____ C:\Users\Daniel\Downloads\DragonNestEUSetup63.exe
2013-12-07 19:39 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-12-07 19:39 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-12-07 19:39 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-07 19:39 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-12-07 19:39 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-12-07 19:39 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-12-07 19:39 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-12-06 19:29 - 2013-12-06 19:29 - 00000221 _____ C:\Users\Daniel\Desktop\Borderlands 2.url
==================== One Month Modified Files and Folders =======
2014-01-01 13:41 - 2013-12-30 19:22 - 00022855 _____ C:\Users\Daniel\Downloads\FRST.txt
2014-01-01 13:36 - 2013-12-26 22:31 - 00004208 _____ C:\Windows\System32\Tasks\Software Updater
2014-01-01 13:36 - 2013-12-26 22:31 - 00004172 _____ C:\Windows\System32\Tasks\Software Updater Ui
2014-01-01 13:34 - 2012-02-04 13:48 - 00000000 ____D C:\Users\Daniel\Desktop\Alles drinn
2014-01-01 13:33 - 2011-12-24 16:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2014-01-01 13:32 - 2013-12-26 22:31 - 00000358 ____H C:\Windows\Tasks\couponsupport-S-649636217.job
2014-01-01 13:32 - 2012-09-04 18:06 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Spotify
2014-01-01 13:32 - 2012-01-13 11:44 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-01 13:30 - 2009-07-14 05:45 - 00017152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-01 13:30 - 2009-07-14 05:45 - 00017152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-01 13:23 - 2013-02-19 13:53 - 00639986 _____ C:\Windows\PFRO.log
2014-01-01 13:23 - 2013-02-18 14:41 - 00055384 _____ C:\Windows\setupact.log
2014-01-01 13:23 - 2011-09-05 23:24 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-01 13:23 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-31 17:24 - 2013-03-10 15:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TS3Client
2013-12-31 17:24 - 2011-12-24 16:12 - 01562856 _____ C:\Windows\WindowsUpdate.log
2013-12-31 17:23 - 2012-07-27 11:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-31 17:17 - 2012-02-06 18:21 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002UA.job
2013-12-31 12:16 - 2012-02-06 18:21 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002Core.job
2013-12-31 11:18 - 2013-12-31 10:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-31 11:18 - 2013-12-30 20:22 - 00000000 ____D C:\Users\Daniel\Desktop\mbar
2013-12-31 10:59 - 2013-12-30 20:23 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-12-31 10:57 - 2013-12-30 20:22 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-30 21:10 - 2013-12-30 21:10 - 00000000 ____D C:\Users\Daniel\Downloads\+Bora 01 #Isdanny
2013-12-30 21:06 - 2013-12-30 21:06 - 05874386 _____ C:\Users\Daniel\Downloads\+Bora 01 #Isdanny.zip
2013-12-30 20:56 - 2012-06-28 19:11 - 00052224 ___SH C:\Users\Daniel\Thumbs.db
2013-12-30 20:54 - 2013-12-30 20:54 - 00000000 ____D C:\ProgramData\Oracle
2013-12-30 20:53 - 2013-12-30 20:53 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-12-30 20:53 - 2011-08-11 23:18 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-30 20:41 - 2013-12-26 22:29 - 00000000 ____D C:\Users\Daniel\AppData\Local\DownloadGuide
2013-12-30 20:23 - 2013-12-30 20:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-30 20:22 - 2013-12-30 20:22 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Daniel\Downloads\mbar-1.07.0.1008.exe
2013-12-30 19:45 - 2013-12-30 19:23 - 00033406 _____ C:\Users\Daniel\Downloads\Addition.txt
2013-12-30 19:22 - 2013-12-30 19:22 - 01931302 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2013-12-30 19:22 - 2013-12-30 19:22 - 00000000 ____D C:\FRST
2013-12-30 19:21 - 2013-12-30 19:21 - 01064199 _____ (Farbar) C:\Users\Daniel\Downloads\FRST.exe
2013-12-30 18:51 - 2012-09-04 18:06 - 00000000 ____D C:\Users\Daniel\AppData\Local\Spotify
2013-12-27 14:39 - 2013-12-27 14:39 - 00000000 ____D C:\Users\Daniel\AppData\Local\SoftwareUpdater
2013-12-26 22:34 - 2013-12-26 22:34 - 00001536 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-12-26 22:34 - 2013-12-26 22:34 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DVDVideoSoft
2013-12-26 22:34 - 2013-12-26 22:34 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-12-26 22:34 - 2012-08-12 21:15 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\OpenCandy
2013-12-26 22:33 - 2013-12-26 22:33 - 34115288 _____ (DVDVideoSoft Ltd. ) C:\Users\Daniel\Downloads\FreeYouTube19ToMP3Converter.exe
2013-12-26 22:33 - 2013-12-26 22:31 - 00000000 ____D C:\Support
2013-12-26 22:31 - 2013-12-26 22:31 - 00002604 _____ C:\Windows\System32\Tasks\couponsupport-S-649636217
2013-12-26 22:31 - 2013-12-26 22:31 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2013-12-26 22:31 - 2013-12-26 22:31 - 00000000 ____D C:\Users\Administrator
2013-12-26 22:31 - 2013-12-26 22:31 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-12-26 22:29 - 2013-12-26 22:29 - 00666088 _____ C:\Users\Daniel\Downloads\tubebox_4.4_de-DE.exe
2013-12-26 22:26 - 2013-12-26 22:26 - 00000000 ____D C:\Program Files (x86)\GreenTree Applications
2013-12-26 22:25 - 2013-12-26 22:25 - 11617048 _____ C:\Users\Daniel\Downloads\YTD471Setup.exe
2013-12-26 20:27 - 2013-12-26 20:21 - 00000000 ____D C:\Users\Daniel\AppData\Local\DayZ
2013-12-26 20:21 - 2013-12-26 20:21 - 00000000 ____D C:\Users\Daniel\Documents\DayZ
2013-12-26 19:53 - 2013-12-26 19:53 - 00000222 _____ C:\Users\Daniel\Desktop\DayZ.url
2013-12-26 19:53 - 2012-01-13 19:28 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-26 12:13 - 2013-12-26 12:13 - 00000219 _____ C:\Users\Daniel\Desktop\Left 4 Dead 2.url
2013-12-25 19:28 - 2013-12-25 19:28 - 00000000 ____D C:\Users\Daniel\Desktop\Arkosia2
2013-12-25 19:27 - 2013-12-25 19:03 - 1507763763 _____ C:\Users\Daniel\Downloads\Arkosia2.rar
2013-12-24 21:41 - 2013-12-24 21:41 - 74862095 _____ C:\Users\Daniel\Desktop\screenshot.rar
2013-12-24 21:41 - 2013-12-24 21:41 - 00000000 ____D C:\Users\Daniel\Desktop\screenshot
2013-12-24 17:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-24 14:08 - 2013-09-14 18:58 - 00055533 _____ C:\Windows\DirectX.log
2013-12-22 21:22 - 2013-12-22 21:21 - 149955351 _____ C:\Users\Daniel\Desktop\Tinie Tempah - Demonstration (2013)_320 kbps {Aryan_l33t} [LittleFairyRG].rar
2013-12-22 20:31 - 2013-12-22 20:31 - 00000222 _____ C:\Users\Daniel\Desktop\Guns of Icarus Online.url
2013-12-22 13:34 - 2013-12-22 13:34 - 00351691 _____ C:\Users\Daniel\Desktop\Sprachmemo 003.m4a
2013-12-21 12:51 - 2013-12-21 12:51 - 00000000 ____D C:\Users\Daniel\Desktop\CloudDownloaderVersion2.0
2013-12-21 12:49 - 2013-12-21 12:49 - 00560306 _____ C:\Users\Daniel\Downloads\CloudDownloaderVersion2.0.zip
2013-12-21 12:46 - 2013-12-21 12:46 - 00008462 _____ C:\Users\Daniel\Desktop\calling-all-the-monsters-1.htm
2013-12-21 12:45 - 2013-12-21 12:45 - 00008462 _____ C:\Users\Daniel\Downloads\calling-all-the-monsters-1.htm
2013-12-15 20:23 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-15 17:37 - 2013-12-15 17:30 - 00000000 ____D C:\Users\Daniel\Downloads\Rihanna - Unapologetic
2013-12-15 17:29 - 2013-12-15 17:25 - 105545478 _____ C:\Users\Daniel\Downloads\Rihanna - Unapologetic.zip
2013-12-15 00:54 - 2013-08-14 15:22 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 00:52 - 2011-07-18 21:31 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-13 15:24 - 2011-05-16 15:04 - 00654150 _____ C:\Windows\system32\perfh007.dat
2013-12-13 15:24 - 2011-05-16 15:04 - 00130022 _____ C:\Windows\system32\perfc007.dat
2013-12-13 15:24 - 2009-07-14 06:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-13 15:18 - 2009-07-14 05:45 - 05137424 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 21:50 - 2012-01-27 20:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 19:33 - 2013-08-15 23:22 - 00000000 ____D C:\Users\Daniel\Desktop\Musik
2013-12-12 15:11 - 2013-12-11 16:08 - 00000000 ____D C:\Users\Daniel\Documents\DragonNest
2013-12-11 17:23 - 2012-07-27 11:48 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 17:23 - 2012-07-27 11:48 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 17:23 - 2011-08-10 20:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 16:03 - 2013-12-11 16:03 - 00002169 _____ C:\Users\Daniel\Desktop\Dragon Nest Europe.lnk
2013-12-11 16:03 - 2013-12-11 16:03 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SDGi Europe
2013-12-11 15:57 - 2013-12-11 15:57 - 00000000 ____D C:\Program Files (x86)\SDGi Europe
2013-12-10 22:45 - 2013-12-10 22:20 - 3858935200 _____ C:\Users\Daniel\Downloads\DragonNestEUSetup63.exe
2013-12-10 15:04 - 2013-02-06 13:43 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-10 15:04 - 2011-12-24 16:25 - 00000000 ____D C:\ProgramData\Skype
2013-12-06 20:09 - 2013-02-22 20:29 - 00000000 ____D C:\Users\Daniel\Documents\My Games
2013-12-06 19:29 - 2013-12-06 19:29 - 00000221 _____ C:\Users\Daniel\Desktop\Borderlands 2.url
2013-12-06 10:19 - 2012-02-06 18:21 - 00002366 _____ C:\Users\Daniel\Desktop\Google Chrome.lnk
2013-12-04 12:12 - 2012-02-06 18:21 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002UA
2013-12-04 12:12 - 2012-02-06 18:21 - 00003700 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002Core
Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\2472073_.exe
C:\Users\Daniel\AppData\Local\Temp\2f90b32_.exe
C:\Users\Daniel\AppData\Local\Temp\77687516_.exe
C:\Users\Daniel\AppData\Local\Temp\betterads.exe
C:\Users\Daniel\AppData\Local\Temp\bootstrapper.exe
C:\Users\Daniel\AppData\Local\Temp\dlLogic.exe
C:\Users\Daniel\AppData\Local\Temp\drm_dyndata_7410004.dll
C:\Users\Daniel\AppData\Local\Temp\DropDownDeals_Setup-C4_2013_03_14.exe
C:\Users\Daniel\AppData\Local\Temp\Installer.exe
C:\Users\Daniel\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Daniel\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Daniel\AppData\Local\Temp\NGMDll.dll
C:\Users\Daniel\AppData\Local\Temp\NGMResource.dll
C:\Users\Daniel\AppData\Local\Temp\NGMSetup.exe
C:\Users\Daniel\AppData\Local\Temp\nscE50C.exe
C:\Users\Daniel\AppData\Local\Temp\nsf8AE0.exe
C:\Users\Daniel\AppData\Local\Temp\nsgA64F.exe
C:\Users\Daniel\AppData\Local\Temp\nsh865B.exe
C:\Users\Daniel\AppData\Local\Temp\nshB59F.exe
C:\Users\Daniel\AppData\Local\Temp\nshE356.exe
C:\Users\Daniel\AppData\Local\Temp\nsv8794.exe
C:\Users\Daniel\AppData\Local\Temp\nsv8969.exe
C:\Users\Daniel\AppData\Local\Temp\nsvA351.exe
C:\Users\Daniel\AppData\Local\Temp\nsvA7E5.exe
C:\Users\Daniel\AppData\Local\Temp\nsxB784.exe
C:\Users\Daniel\AppData\Local\Temp\nsxB90B.exe
C:\Users\Daniel\AppData\Local\Temp\nsxE710.exe
C:\Users\Daniel\AppData\Local\Temp\nsz36EF.exe
C:\Users\Daniel\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_32.exe
C:\Users\Daniel\AppData\Local\Temp\setup__3862.exe
C:\Users\Daniel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Daniel\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Daniel\AppData\Local\Temp\tbWhit.dll
C:\Users\Daniel\AppData\Local\Temp\unicows.dll
C:\Users\Daniel\AppData\Local\Temp\uninst1.exe
C:\Users\Daniel\AppData\Local\Temp\utt2325.tmp.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-21 16:18
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- --- --- --- --- --- --- additional Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2013 01
Ran by Daniel at 2013-12-30 19:44:46
Running from C:\Users\Daniel\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
==================== Installed Programs ======================
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Adobe After Effects CS6 (x32 Version: 11 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.1 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (x32 Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) MUI (x32 Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.3.633 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU Version: - Akamai Technologies, Inc)
Akamai NetSession Interface Service (x32 Version: - Akamai Technologies, Inc)
Apple Application Support (x32 Version: 2.3.4 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.12.5.0 - Asmedia Technology)
Borderlands 2 (x32 Version: - Gearbox Software)
Call of Duty: Black Ops II - Multiplayer (x32 Version: - )
Call of Duty: Modern Warfare 3 - Multiplayer (x32 Version: - Infinity Ward - Sledgehammer Games)
CCleaner (Version: 3.26 - Piriform)
Complitly (x32 Version: - Complitly)
Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation)
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation)
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation)
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation)
Counter-Strike: Source (x32 Version: - Valve)
CouponSupport (x32 Version: 2.1.0.1590 - CouponSupport)
CyberLink PowerRecover (x32 Version: 5.5.4125 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft)
DayZ (x32 Version: - Bohemia Interactive)
Dragon Nest Europe (x32 Version: - )
erLT (x32 Version: 1.20.0137 - Logitech, Inc.)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Fraps (remove only) (x32 Version: - )
Free YouTube to MP3 Converter version 3.12.19.1219 (x32 Version: 3.12.19.1219 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Gameforge Live 1.9.0 "Legend" (x32 Version: 1.9.0 - Gameforge)
Google Chrome (HKCU Version: 31.0.1650.63 - Google Inc.)
Guns of Icarus Online (x32 Version: - Muse Games)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 10.5.0.1026 - Intel Corporation)
Java 7 Update 25 (x32 Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.)
Java(TM) 6 Update 30 (x32 Version: 6.0.300 - Oracle)
Java(TM) 7 (64-bit) (Version: 7.0.0 - Oracle)
JavaFX 2.1.0 (x32 Version: 2.1.0 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (x32 Version: 15.4.5722.2 - Microsoft Corporation)
League of Legends (x32 Version: 1.3 - Riot Games)
Left 4 Dead 2 (x32 Version: - Valve)
Logitech SetPoint 5.20 (Version: 5.20 - Logitech)
Magic Bullet Suite 64-bit (Version: 11.1.0 - Red Giant Software)
Magic Bullet Suite 64-bit (x32 Version: 11.1.0 - Red Giant Software)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Metin2 (x32 Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe)
Mozilla Firefox 14.0.1 (x86 de) (x32 Version: 14.0.1 - Mozilla)
Mozilla Maintenance Service (x32 Version: 14.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft)
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft)
NewBlue 3D Explosions for Windows (x32 Version: - )
NewBlue 3D Transformations for Windows (x32 Version: - )
NewBlue Art Blends for Windows (x32 Version: - )
NewBlue Art Effects for Windows (x32 Version: - )
NewBlue Film Effects for Windows (x32 Version: - )
NewBlue Motion Blends for Windows (x32 Version: - )
NewBlue Motion Effects for Windows (x32 Version: - )
NewBlue Paint Blends for Windows (x32 Version: - )
NewBlue Paint Effects for Windows (x32 Version: - )
NewBlue Sampler Pack for Windows (x32 Version: - )
NewBlue Video Essentials for Windows (x32 Version: - )
NewBlue Video Essentials II for Windows (x32 Version: - )
NewBlue Video Essentials III for Windows (x32 Version: - )
Nexon Game Manager (x32 Version: - )
NVIDIA 3D Vision Controller-Treiber 301.42 (Version: 301.42 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.16.0 (Version: 1.3.16.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0213 (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation)
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation)
Origin (x32 Version: 9.1.13.85 - Electronic Arts, Inc.)
Pamela RME 2.0 (x32 Version: 2.0 - Scendix Software-Vertriebsges. mbH)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated)
PlayReady PC Runtime amd64 (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.)
puush (x32 Version: 1.0.0.0 - Dean Herbert)
Quake Live Mozilla Plugin (x32 Version: 1.0.520 - id Software)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader X (x32 Version: 10.0.0 - Adobe Systems Incorporated)
Spotify (HKCU Version: 0.9.6.81.gd359a796 - Spotify AB)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc)
TeamSpeak 3 Client (x32 Version: 3.0.11.1 - TeamSpeak Systems GmbH)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
User's Guides (Version: 1.20.0000 - Logitech)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Vegas Pro 9.0 (64-bit) (Version: 9.0.1146 - Sony)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation)
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Liven asennustyökalu (x32 Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
WinRAR 4.01 (64-Bit) (Version: 4.01.0 - win.rar GmbH)
XSplit (x32 Version: 1.1.1210.3101 - SplitMediaLabs)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
==================== Restore Points =========================
26-12-2013 21:30:25 TubeBox
26-12-2013 21:32:17 TubeBox
26-12-2013 21:51:06 Removed Apple Software Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0D1C9FC8-F00F-4ACC-8A10-49057E2393A8} - System32\Tasks\Google Updater and Installer => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-06] (Google Inc.)
Task: {28128847-4C9C-4E12-8DDF-73377CC2621C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {5DDB60FA-766A-49A4-9C68-F06D0D19AC95} - System32\Tasks\{D69CA72F-13CA-4498-A608-132FE47312E1} => C:\Users\Daniel\Downloads\Launcher (2)\Harmonia3 Patcher\Launcher.exe [2013-07-29] ()
Task: {8E73F256-1A9E-4DB3-AEA3-B57354C95BFB} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-11-29] ()
Task: {B5AB72CF-B219-4A78-AF92-31F9EA6682A6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002Core => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-06] (Google Inc.)
Task: {B6E29397-8159-4399-BCED-F8BE021FC23A} - System32\Tasks\couponsupport-S-649636217 => C:\Support\couponsupport.exe [2013-12-26] ()
Task: {E01CF95A-2028-47F6-9C27-9CD22CD54584} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {F3B569B7-A2BC-4582-BD46-56570FD1D8A4} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-12-26] ()
Task: {FEBD1607-47C5-4846-87E1-DB16A103F1FE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002UA => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-06] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\couponsupport-S-649636217.job => c:\support\couponsupport.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002Core.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002UA.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-08-11 18:22 - 2013-01-18 16:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-12-26 12:19 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-03-25 13:23 - 2013-11-06 22:48 - 00691200 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2012-01-13 11:45 - 2013-12-11 20:40 - 01135016 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-01-13 11:45 - 2013-11-06 22:48 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-03-18 11:57 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-03-18 11:57 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-03-18 11:57 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 08358400 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 00151040 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-51.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 01152512 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 00333824 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 00026112 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
2012-09-04 18:06 - 2013-12-05 22:32 - 36967424 _____ () C:\Users\Daniel\AppData\Roaming\Spotify\Data\libcef.dll
2013-09-26 10:08 - 2013-12-05 22:32 - 00887808 _____ () C:\Users\Daniel\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-26 10:08 - 2013-12-05 22:32 - 00109568 _____ () C:\Users\Daniel\AppData\Roaming\Spotify\Data\libegl.dll
2013-12-11 17:23 - 2013-12-11 17:23 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
2013-08-14 23:12 - 2013-08-14 23:12 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f60b3ee2de3f41a024920486d46d49f2\IsdiInterop.ni.dll
2011-08-11 21:01 - 2011-04-30 08:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-12-06 10:19 - 2013-12-04 03:47 - 00702416 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-06 10:19 - 2013-12-04 03:47 - 00099792 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-06 10:19 - 2013-12-04 03:48 - 04055504 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-06 10:19 - 2013-12-04 03:48 - 00399312 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-06 10:19 - 2013-12-04 03:47 - 01619408 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:D6FC93CF
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/29/2013 06:52:31 PM) (Source: Application Hang) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f58
Startzeit: 01cf04beb606132d
Endzeit: 2
Anwendungspfad: C:\Riot Games\League of Legends\League of Legends\RADS\system\rads_user_kernel.exe
Berichts-ID: fb1d7034-70b1-11e3-8ccb-8c89a56bebc6
Error: (12/26/2013 01:57:27 PM) (Source: Application Hang) (User: )
Description: Programm left4dead2.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1538
Startzeit: 01cf0232cc33e577
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
Berichts-ID:
Error: (12/26/2013 00:17:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LolClient.exe, Version: 0.0.0.0, Zeitstempel: 0x515663e0
Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.7.0.1530, Zeitstempel: 0x5156646c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0006dd76
ID des fehlerhaften Prozesses: 0x1a38
Startzeit der fehlerhaften Anwendung: 0xLolClient.exe0
Pfad der fehlerhaften Anwendung: LolClient.exe1
Pfad des fehlerhaften Moduls: LolClient.exe2
Berichtskennung: LolClient.exe3
Error: (12/24/2013 04:55:23 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/13/2013 09:48:21 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LolClient.exe, Version: 0.0.0.0, Zeitstempel: 0x515663e0
Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.7.0.1530, Zeitstempel: 0x5156646c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0006dd76
ID des fehlerhaften Prozesses: 0x1628
Startzeit der fehlerhaften Anwendung: 0xLolClient.exe0
Pfad der fehlerhaften Anwendung: LolClient.exe1
Pfad des fehlerhaften Moduls: LolClient.exe2
Berichtskennung: LolClient.exe3
Error: (12/09/2013 10:29:21 PM) (Source: Application Hang) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 23a0
Startzeit: 01cef525b37d372c
Endzeit: 1
Anwendungspfad: C:\Riot Games\League of Legends\League of Legends\RADS\system\rads_user_kernel.exe
Berichts-ID: f6654ff3-6118-11e3-8e06-8c89a56bebc6
Error: (12/09/2013 07:06:52 PM) (Source: Application Hang) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 324
Startzeit: 01cef50969c427ba
Endzeit: 2
Anwendungspfad: C:\Riot Games\League of Legends\League of Legends\RADS\system\rads_user_kernel.exe
Berichts-ID: ac89279d-60fc-11e3-8e06-8c89a56bebc6
Error: (12/09/2013 03:58:58 PM) (Source: Application Hang) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1bd0
Startzeit: 01cef4ef2a3630c8
Endzeit: 1
Anwendungspfad: C:\Riot Games\League of Legends\League of Legends\RADS\system\rads_user_kernel.exe
Berichts-ID: 6d0c47ec-60e2-11e3-8e06-8c89a56bebc6
Error: (12/09/2013 02:52:06 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Updater.exe, Version: 6.8.1.61523, Zeitstempel: 0x52284f88
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00a600c4
ID des fehlerhaften Prozesses: 0x3f8
Startzeit der fehlerhaften Anwendung: 0xUpdater.exe0
Pfad der fehlerhaften Anwendung: Updater.exe1
Pfad des fehlerhaften Moduls: Updater.exe2
Berichtskennung: Updater.exe3
Error: (12/08/2013 03:19:01 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 3.14.0.738, Zeitstempel: 0x52945869
Name des fehlerhaften Moduls: League of Legends.exe, Version: 3.14.0.738, Zeitstempel: 0x52945869
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0042c7b0
ID des fehlerhaften Prozesses: 0x1aa4
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3
System errors:
=============
Error: (12/30/2013 06:52:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (12/30/2013 06:52:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (12/29/2013 04:27:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (12/29/2013 04:27:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (12/29/2013 11:37:12 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (12/29/2013 11:37:12 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (12/28/2013 05:51:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (12/28/2013 05:51:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (12/28/2013 00:39:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (12/28/2013 00:39:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Microsoft Office Sessions:
=========================
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org
Database version: v2014.01.01.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Daniel :: DANIEL-PC [administrator]
01.01.2014 13:45:55
mbar-log-2014-01-01 (13-45-55).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 276827
Time elapsed: 17 minute(s), 12 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
01.01.2014, 19:38
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | "FREEMIUM Software-Updater" Dann bitte jetzt Combofix ausführen:
__________________Scan mit Combofix
__________________ |
|
01.01.2014, 21:55
| #19 |
| | "FREEMIUM Software-Updater"Code:
ATTFilter ComboFix 14-01-01.01 - Daniel 01.01.2014 21:34:24.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4078.2848 [GMT 1:00]
ausgeführt von:: c:\users\Daniel\Downloads\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Complitly
c:\program files (x86)\Complitly\chrome\ComplitlyChrome.crx
c:\program files (x86)\Complitly\FireFoxExtension.exe
c:\program files (x86)\Complitly\InstTracker.exe
c:\program files (x86)\Complitly\support@Complitly.com\chrome.manifest
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\appIcon.png
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\options.js
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\options.xul
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\utils.js
c:\program files (x86)\Complitly\support@Complitly.com\defaults\preferences\predictad.js
c:\program files (x86)\Complitly\support@Complitly.com\install.rdf
c:\program files (x86)\Complitly\unins000.dat
c:\program files (x86)\Complitly\unins000.exe
c:\support\couponsupport.exe
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\extensions\staged\kjjvu@ykypnlc.edu
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\extensions\staged\kjjvu@ykypnlc.edu\bootstrap.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\extensions\staged\kjjvu@ykypnlc.edu\chrome.manifest
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\extensions\staged\kjjvu@ykypnlc.edu\content\bg.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\extensions\staged\kjjvu@ykypnlc.edu\content\zy.xul
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\extensions\staged\kjjvu@ykypnlc.edu\install.rdf
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\extensions\staged\rzfqxh@eiiiyzu.com
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\extensions\staged\rzfqxh@eiiiyzu.com\bootstrap.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\extensions\staged\rzfqxh@eiiiyzu.com\chrome.manifest
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\extensions\staged\rzfqxh@eiiiyzu.com\content\bg.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\extensions\staged\rzfqxh@eiiiyzu.com\content\zy.xul
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\extensions\staged\rzfqxh@eiiiyzu.com\install.rdf
c:\windows\SysWow64\frapsvid.dll
c:\windows\Tasks\couponsupport-S-649636217.job
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-12-01 bis 2014-01-01 ))))))))))))))))))))))))))))))
.
.
2014-01-01 20:43 . 2014-01-01 20:43 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-01-01 20:43 . 2014-01-01 20:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-01 18:16 . 2014-01-01 18:16 -------- d-sh--w- c:\programdata\SecuROM
2014-01-01 18:15 . 2014-01-01 18:15 -------- d-----w- c:\users\Daniel\AppData\Local\Rockstar Games
2014-01-01 18:15 . 2014-01-01 18:15 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2014-01-01 18:15 . 2014-01-01 18:15 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2014-01-01 18:15 . 2014-01-01 18:15 -------- d-----w- c:\windows\SysWow64\xlive
2013-12-31 09:59 . 2014-01-01 13:03 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-12-30 19:54 . 2013-12-30 19:54 -------- d-----w- c:\programdata\Oracle
2013-12-30 19:54 . 2013-12-30 19:54 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-12-30 19:53 . 2013-10-08 06:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-12-30 19:23 . 2013-12-30 19:23 -------- d-----w- c:\programdata\Malwarebytes
2013-12-30 19:23 . 2014-01-01 12:45 117464 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2013-12-30 19:22 . 2014-01-01 12:45 89304 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-12-30 18:22 . 2013-12-30 18:22 -------- d-----w- C:\FRST
2013-12-27 13:39 . 2013-12-27 13:39 -------- d-----w- c:\users\Daniel\AppData\Local\SoftwareUpdater
2013-12-26 21:34 . 2013-12-26 21:34 -------- d-----w- c:\users\Daniel\AppData\Roaming\DVDVideoSoft
2013-12-26 21:34 . 2013-12-26 21:34 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2013-12-26 21:31 . 2014-01-01 20:43 -------- d-----w- C:\Support
2013-12-26 21:31 . 2013-12-26 21:31 -------- d-----w- c:\users\Administrator
2013-12-26 21:31 . 2013-12-26 21:31 -------- d-----w- c:\program files (x86)\SoftwareUpdater
2013-12-26 21:29 . 2013-12-30 19:41 -------- d-----w- c:\users\Daniel\AppData\Local\DownloadGuide
2013-12-26 21:26 . 2013-12-26 21:26 -------- d-----w- c:\program files (x86)\GreenTree Applications
2013-12-26 19:21 . 2013-12-26 19:27 -------- d-----w- c:\users\Daniel\AppData\Local\DayZ
2013-12-12 20:50 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-12 20:50 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-12 20:50 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-12 20:50 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-12 20:50 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-12 14:00 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-12 14:00 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-12 14:00 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-12 14:00 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-12 14:00 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-12 14:00 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-12 14:00 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-12 14:00 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-12 14:00 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-12 14:00 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-12 14:00 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-12 13:59 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-12 13:59 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-12 13:59 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-12 13:59 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-12 13:59 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-12 13:59 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-12 13:59 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-12 13:59 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
2013-12-11 14:57 . 2013-12-11 14:57 -------- d-----w- c:\program files (x86)\SDGi Europe
2013-12-07 18:39 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-12-07 18:39 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-12-07 18:39 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-12-07 18:39 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-12-07 18:39 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-12-07 18:39 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-12-07 18:39 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-14 23:52 . 2011-07-18 20:31 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-11 16:23 . 2012-07-27 10:48 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 16:23 . 2011-08-10 19:09 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-26 17:38 . 2013-11-26 17:38 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-26 17:38 . 2013-11-26 17:38 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-26 17:38 . 2013-11-26 17:38 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-26 17:38 . 2013-11-26 17:38 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-26 17:38 . 2013-11-26 17:38 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-26 17:38 . 2013-11-26 17:38 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-26 17:38 . 2013-11-26 17:38 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-26 17:38 . 2013-11-26 17:38 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-26 17:38 . 2013-11-26 17:38 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-26 17:38 . 2013-11-26 17:38 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-26 17:38 . 2013-11-26 17:38 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-26 17:38 . 2013-11-26 17:38 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-26 17:38 . 2013-11-26 17:38 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-26 17:38 . 2013-11-26 17:38 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-26 17:38 . 2013-11-26 17:38 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-26 17:38 . 2013-11-26 17:38 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-26 17:38 . 2013-11-26 17:38 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-26 17:38 . 2013-11-26 17:38 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-26 17:38 . 2013-11-26 17:38 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-26 17:38 . 2013-11-26 17:38 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-26 17:38 . 2013-11-26 17:38 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-26 17:38 . 2013-11-26 17:38 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-26 17:38 . 2013-11-26 17:38 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-26 17:38 . 2013-11-26 17:38 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-26 17:38 . 2013-11-26 17:38 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-26 17:38 . 2013-11-26 17:38 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-26 17:38 . 2013-11-26 17:38 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-26 17:38 . 2013-11-26 17:38 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-26 17:38 . 2013-11-26 17:38 413696 ----a-w- c:\windows\system32\html.iec
2013-11-26 17:38 . 2013-11-26 17:38 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 17:38 . 2013-11-26 17:38 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-26 17:38 . 2013-11-26 17:38 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-26 17:38 . 2013-11-26 17:38 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-26 17:38 . 2013-11-26 17:38 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-26 17:38 . 2013-11-26 17:38 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-26 17:38 . 2013-11-26 17:38 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-26 17:38 . 2013-11-26 17:38 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-26 17:38 . 2013-11-26 17:38 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-26 17:38 . 2013-11-26 17:38 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-26 17:38 . 2013-11-26 17:38 235520 ----a-w- c:\windows\system32\url.dll
2013-11-26 17:38 . 2013-11-26 17:38 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-26 17:38 . 2013-11-26 17:38 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-26 17:38 . 2013-11-26 17:38 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-26 17:38 . 2013-11-26 17:38 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-26 17:38 . 2013-11-26 17:38 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-26 17:38 . 2013-11-26 17:38 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-26 17:38 . 2013-11-26 17:38 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-26 17:38 . 2013-11-26 17:38 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-26 17:38 . 2013-11-26 17:38 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-26 17:38 . 2013-11-26 17:38 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-26 17:38 . 2013-11-26 17:38 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-26 17:38 . 2013-11-26 17:38 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-26 17:38 . 2013-11-26 17:38 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-26 17:38 . 2013-11-26 17:38 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-26 17:38 . 2013-11-26 17:38 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-26 17:38 . 2013-11-26 17:38 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-26 17:38 . 2013-11-26 17:38 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-26 17:38 . 2013-11-26 17:38 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-26 17:38 . 2013-11-26 17:38 101376 ----a-w- c:\windows\system32\inseng.dll
2013-10-22 23:23 . 2013-10-22 23:23 305 ----a-w- C:\cleaner.bat
2013-10-22 23:10 . 2013-10-22 23:10 4216840 ----a-w- c:\program files (x86)\Common Files\vcredist.exe
2013-10-14 17:00 . 2013-11-26 17:41 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-10-12 02:30 . 2013-11-13 14:03 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-13 14:03 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-13 14:03 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-13 14:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-13 14:03 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25 . 2013-11-13 14:03 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-13 14:03 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-10-04 02:28 . 2013-11-13 14:03 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 02:25 . 2013-11-13 14:03 197120 ----a-w- c:\windows\system32\credui.dll
2013-10-04 02:24 . 2013-11-13 14:03 1930752 ----a-w- c:\windows\system32\authui.dll
2013-10-04 01:58 . 2013-11-13 14:03 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56 . 2013-11-13 14:03 168960 ----a-w- c:\windows\SysWow64\credui.dll
2013-10-04 01:56 . 2013-11-13 14:03 1796096 ----a-w- c:\windows\SysWow64\authui.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-12-11 1823656]
"Akamai NetSession Interface"="c:\users\Daniel\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"Spotify Web Helper"="c:\users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-12-05 1168896]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"Spotify"="c:\users\Daniel\AppData\Roaming\Spotify\Spotify.exe" [2013-12-05 5951488]
"puush"="c:\program files (x86)\puush\puush.exe" [2013-09-24 567880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-04-30 284440]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]
SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetPointII.exe [2009-7-21 815104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 SystemStoreService;System Store;c:\program files (x86)\SoftwareUpdater\SystemStore.exe -displayname System Store -servicename SystemStoreService;c:\program files (x86)\SoftwareUpdater\SystemStore.exe -displayname System Store -servicename SystemStoreService [x]
R2 Update-Service;Update-Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\DRIVERS\LVUSBS64.sys;c:\windows\SYSNATIVE\DRIVERS\LVUSBS64.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Update-Service-Installer-Service REG_MULTI_SZ Update-Service-Installer-Service
Update-Service REG_MULTI_SZ Update-Service
Akamai REG_MULTI_SZ Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-27 16:23]
.
2013-12-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002Core.job
- c:\users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-06 17:21]
.
2014-01-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002UA.job
- c:\users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-06 17:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN40970929134052857&UM=2&ctid=CT3311268&UP=SP31FB8AEA-5FBF-41C4-8820-03700BF3EE46&SSPV=
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{5B90CD70-E56C-4456-B65F-11601705E13B}: NameServer = 192.168.178.29,192.168.178.1
TCP: Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65}: NameServer = 192.168.178.60,192.168.178.1
FF - ProfilePath - c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3311268&CUI=UN34823755062603026&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: network.proxy.type - 2
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - c:\progra~2\Funmoods\1.5.23.22\bh\escort.dll
Toolbar-{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - c:\progra~2\Funmoods\1.5.23.22\escorTlbr.dll
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-Freecorder FLV Service - c:\program files (x86)\Freecorder\FLVSrvc.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
WebBrowser-{1392B8D2-5C05-419F-A8F6-B9F15A596612} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Origin - c:\program files (x86)\Origin\OriginUninstall.exe
AddRemove-PunkBusterSvc - c:\program files (x86)\Origin Games\Battlefield 3\pbsvc.exe
AddRemove-S-649636217 - c:\support\couponsupport.exe
AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files (x86)\Complitly\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-365012384-4195050554-2744055927-1002\Software\SecuROM\License information*]
"datasecu"=hex:cb,f2,b0,b8,ad,4b,df,07,98,d7,24,5b,ac,f0,39,27,7a,00,d5,42,65,
f8,a5,63,90,88,7a,44,5a,c7,e3,7b,9a,e6,41,f4,8b,5e,c6,95,16,3f,aa,0d,99,5e,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-01-01 21:45:45
ComboFix-quarantined-files.txt 2014-01-01 20:45
.
Vor Suchlauf: 11 Verzeichnis(se), 1.655.828.545.536 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 1.656.265.342.976 Bytes frei
.
- - End Of File - - 64B36F634C1497270031B30544EEB5C6
|
|
01.01.2014, 21:58
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | "FREEMIUM Software-Updater" Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.01.2014, 22:10
| #21 |
| | "FREEMIUM Software-Updater"Code:
ATTFilter # AdwCleaner v3.016 - Bericht erstellt am 01/01/2014 um 22:04:47
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Daniel - DANIEL-PC
# Gestartet von : C:\Users\Daniel\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : SystemStoreService
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\clsoft ltd
Ordner Gelöscht : C:\ProgramData\Conduit
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\SoftSafe
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\Browsse2saVe
Ordner Gelöscht : C:\ProgramData\MAAgniiPPic
Ordner Gelöscht : C:\Program Files (x86)\BrowseToSave
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\GreenTree Applications
Ordner Gelöscht : C:\Program Files (x86)\MagniPic
Ordner Gelöscht : C:\Program Files (x86)\PutLockerDownloader
Ordner Gelöscht : C:\Program Files (x86)\SoftwareUpdater
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Spigot
Ordner Gelöscht : C:\Users\Daniel\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Daniel\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\Daniel\AppData\Local\PutLockerDownloader
Ordner Gelöscht : C:\Users\Daniel\AppData\Local\SoftwareUpdater
Ordner Gelöscht : C:\Users\Daniel\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Daniel\AppData\LocalLow\Funmoods
Ordner Gelöscht : C:\Users\Daniel\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Daniel\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Complitly
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PutLockerDownloader.com
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\CT3311268
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\Extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\Extensions\ffxtlbra@softonic.com
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\Extensions\staged
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\Extensions\{da7f5ae1-3be3-43c0-8098-c1d183616e97}
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\Extensions\putlockerdownloader3@putlockerdownloader.com.xpi
Datei Gelöscht : C:\Users\Daniel\AppData\Local\funmoods.crx
Datei Gelöscht : C:\Users\Daniel\AppData\Local\funmoods-speeddial.crx
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\searchplugins\conduit-search.xml
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\user.js
Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage
Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal
Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage
Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage-journal
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater Ui
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\f
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PutLockerDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitUninstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitUninstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\plus-hd-2_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\plus-hd-2_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\596da8ab76fbf41
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3311268
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_ultimate-boot-cd-for-windows_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_ultimate-boot-cd-for-windows_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_visualboyadvance (1)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_visualboyadvance (1)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\Ask&Record
Schlüssel Gelöscht : HKCU\Software\b1.org
Schlüssel Gelöscht : HKCU\Software\Complitly
Schlüssel Gelöscht : HKCU\Software\Conduit
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\powerpack
Schlüssel Gelöscht : HKCU\Software\PrivitizeVPNInstallDates
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\Software\b1.org
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\SimplyGen
Schlüssel Gelöscht : HKLM\Software\SP Global
Schlüssel Gelöscht : HKLM\Software\SProtector
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\b1.org
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v14.0.1 (de)
[ Datei : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\prefs.js ]
Zeile gelöscht : user_pref("CT3311268.FF19Solved", "true");
Zeile gelöscht : user_pref("CT3311268.UserID", "UN34823755062603026");
Zeile gelöscht : user_pref("CT3311268.browser.search.defaultthis.engineName", "true");
Zeile gelöscht : user_pref("CT3311268.fullUserID", "UN34823755062603026.IN.20131006125501");
Zeile gelöscht : user_pref("CT3311268.installDate", "06/10/2013 12:55:04");
Zeile gelöscht : user_pref("CT3311268.installSessionId", "{5DB31815-6069-4A8A-86B2-EAA94E91BEA0}");
Zeile gelöscht : user_pref("CT3311268.installSp", "false");
Zeile gelöscht : user_pref("CT3311268.installerVersion", "1.7.1.7");
Zeile gelöscht : user_pref("CT3311268.keyword", "true");
Zeile gelöscht : user_pref("CT3311268.originalHomepage", "about:home");
Zeile gelöscht : user_pref("CT3311268.originalSearchAddressUrl", "");
Zeile gelöscht : user_pref("CT3311268.originalSearchEngine", "");
Zeile gelöscht : user_pref("CT3311268.originalSearchEngineName", "");
Zeile gelöscht : user_pref("CT3311268.searchRevert", "true");
Zeile gelöscht : user_pref("CT3311268.searchUserMode", "2");
Zeile gelöscht : user_pref("CT3311268.smartbar.homepage", "true");
Zeile gelöscht : user_pref("CT3311268.versionFromInstaller", "10.20.1.8");
Zeile gelöscht : user_pref("CT3311268.xpeMode", "0");
Zeile gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "WhiteSmoke New V6 Customized Web Search");
Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke New V6 Customized Web Search");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3311268&CUI=UN34823755062603026&UM=2&SearchSource=3&q={searchTerms}");
Zeile gelöscht : user_pref("extensions.Softonic.admin", false);
Zeile gelöscht : user_pref("extensions.Softonic.aflt", "SD");
Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.cntry", "DE");
Zeile gelöscht : user_pref("extensions.Softonic.cv", "cv5");
Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.Softonic.envrmnt", "production");
Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Zeile gelöscht : user_pref("extensions.Softonic.hdrMd5", "4FB67AC43E80BE14D8388210763A2252");
Zeile gelöscht : user_pref("extensions.Softonic.hmpg", false);
Zeile gelöscht : user_pref("extensions.Softonic.id", "204c3cc00000000000008c89a56bebc6");
Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "15605");
Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MON00016");
Zeile gelöscht : user_pref("extensions.Softonic.lastVrsnTs", "1.6.7.414:29:46");
Zeile gelöscht : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");
Zeile gelöscht : user_pref("extensions.Softonic.newTab", false);
Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Zeile gelöscht : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search settings, Click No to restore original settings");
Zeile gelöscht : user_pref("extensions.Softonic.sg", "az");
Zeile gelöscht : user_pref("extensions.Softonic.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00016/tb_v1?SearchSource=1&cc=&q=");
Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.6.7.4");
Zeile gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.6.7.414:29:46");
Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.6.7.4");
Zeile gelöscht : user_pref("extensions.Softonic_i.newTab", false);
Zeile gelöscht : user_pref("extensions.Softonic_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.414:29:46");
Zeile gelöscht : user_pref("extensions.enabledAddons", "{951801d2-6e3d-4e57-b59e-b4c18316ccc8}:1.0,ffxtlbra@softonic.com:1.6.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:14.0.1");
Zeile gelöscht : user_pref("smartbar.addressBarOwnerCTID", "CT3311268");
Zeile gelöscht : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3311268&CUI=UN34823755062603026&UM=2&SearchSource=13");
Zeile gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3311268&SearchSource=2&CUI=UN34823755062603026&UM=2&q=");
Zeile gelöscht : user_pref("smartbar.defaultSearchOwnerCTID", "CT3311268");
Zeile gelöscht : user_pref("smartbar.homePageOwnerCTID", "CT3311268");
Zeile gelöscht : user_pref("smartbar.machineId", "BPHMJ5YY1QZOSWTF/1DBVH3XJ1FJZHBHZ94/O3VCMKNEVJFGSZGKZWOPZTQDJ0ANVJNOSXE3PKL9FSIC4MQQVW");
-\\ Google Chrome v
[ Datei : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [33646 octets] - [01/01/2014 22:01:31]
AdwCleaner[S0].txt - [31406 octets] - [01/01/2014 22:04:47]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [31467 octets] ##########
|
|
01.01.2014, 22:16
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | "FREEMIUM Software-Updater" Bitte mit den anderen Tools fortfahren
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.01.2014, 22:21
| #23 |
| | "FREEMIUM Software-Updater"Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x64
Ran by Daniel on 01.01.2014 at 22:13:02,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DropDownDeals_Setup-C4_2013_03_14-194C_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DropDownDeals_Setup-C4_2013_03_14-194C_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DropDownDeals_Setup-C4_2013_03_14-194C_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DropDownDeals_Setup-C4_2013_03_14-194C_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{51934A98-517C-47D9-B65F-04E20E3A642B}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Daniel\appdata\local\cre"
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1BAD4A12-22DF-4391-A286-F282C068ACC3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1CB3AB2A-F210-40B9-A617-0E2CEA681CFD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2B07A260-6701-4367-BD99-A11AAFE63359}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5DBF5AB7-3C0C-4D5D-B63A-9886F7CD9AAA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7F291CDE-9B41-4CE7-B605-374CC8F10F68}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9ECE0B74-19B8-4F18-BEBA-A2AB086B8492}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{ACA78ADA-9DB7-414E-9844-2E5A6673DB2F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C3843354-964A-4EDD-8EC6-EBC104F86EA2}
~~~ FireFox
Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\ic3dxvxo.default\prefs.js
user_pref("browser.search.defaultengine", "Privitize VPN");
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.01.2014 at 22:17:45,89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-01-2014
Ran by Daniel (administrator) on DANIEL-PC on 01-01-2014 22:20:41
Running from C:\Users\Daniel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Daniel\AppData\Roaming\Spotify\spotify.exe
() C:\Program Files (x86)\puush\puush.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint II\SetPointII.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Akamai Technologies, Inc.) C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.Exe [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-05] (Spotify Ltd)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [Spotify] - C:\Users\Daniel\AppData\Roaming\Spotify\spotify.exe [5951488 2013-12-05] (Spotify Ltd)
HKCU\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2013-09-24] ()
HKU\Default\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\Default\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\Default User\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\Default User\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\UpdatusUser\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\UpdatusUser\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKU\UpdatusUser\...\Run: [Google Update] - C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-02-06] (Google Inc.)
HKU\UpdatusUser\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\UpdatusUser\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\UpdatusUser\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6B64293A05C1CE01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=softpb&chnl=softpb&cd=2XzutAtN2Y1L1Qzuzz0Czzzy0AyDyC0B0E0B0CyCtA0C0CtDtN0D0TzutBtDtCtBtDyBtDzz&cr=1508898375
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=softpb&chnl=softpb&cd=2XzutAtN2Y1L1Qzuzz0Czzzy0AyDyC0B0E0B0CyCtA0C0CtDtN0D0TzutBtDtCtBtDyBtDzz&cr=1508898375
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 09 C:\Windows\SysWOW64\tnnssdj39.dll [294912] (Intra Net Communications)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5B90CD70-E56C-4456-B65F-11601705E13B}: [NameServer]192.168.178.29,192.168.178.1
Tcpip\..\Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65}: [NameServer]192.168.178.60,192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default
FF NetworkProxy: "autoconfig_url", "file:///C:\\Users\\Daniel\\AppData\\Local\\Temp\\proxtube.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @idsoftware.com/QuakeLive - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Extension: BetterAds - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\Extensions\betterads@BetterAds.org.xpi
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
Chrome:
=======
CHR HomePage: hxxp://youtube.de/
CHR RestoreOnStartup: "hxxp://youtube.de/"
CHR DefaultSearchURL: hxxp://www.google.com/search?q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.0.147) - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 7) - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (ProxMate - Proxy on steroids!) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki\3.1.6_0
CHR Extension: (Blood Moon Akali) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkipcmiifbaeoomjmiphhbadobknjjpo\1.0_0
CHR Extension: (Curling) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp\1.0.10_0
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [cacclhdpfoingihegojhoipnihfnoaki] - C:\Users\Daniel\AppData\Local\MediaBA\betterads.crx
CHR HKLM-x32\...\Chrome\Extension: [ibcgjcbeckcdemelifnledhihpaighfk] - C:\Users\Daniel\AppData\Local\CRE\ibcgjcbeckcdemelifnledhihpaighfk.crx
CHR HKLM-x32\...\Chrome\Extension: [koalekbhpbggkcfhkkbolikjoaobbppi] - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 Dnscache; C:\Windows\System32\pouabtzv7.dll [354304 2012-06-02] (Parental Solutions Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4302576 2012-08-16] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-08-11] ()
R2 Update-Service; %SystemRoot%\System32\UpdSvc.dll [x]
==================== Drivers (Whitelisted) ====================
S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 1394hub; C:\Windows\SysWow64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S0 nvpciflt; system32\DRIVERS\nvpciflt.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-01 22:20 - 2014-01-01 22:20 - 00018067 _____ C:\Users\Daniel\Desktop\FRST.txt
2014-01-01 22:20 - 2014-01-01 22:20 - 00000000 ____D C:\Users\Daniel\Desktop\FRST-OlderVersion
2014-01-01 22:17 - 2014-01-01 22:17 - 00002601 _____ C:\Users\Daniel\Desktop\JRT.txt
2014-01-01 22:12 - 2014-01-01 22:12 - 01036305 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe
2014-01-01 22:12 - 2014-01-01 22:12 - 00000000 ____D C:\Windows\ERUNT
2014-01-01 22:01 - 2014-01-01 22:05 - 00000000 ____D C:\AdwCleaner
2014-01-01 22:00 - 2014-01-01 22:00 - 01233962 _____ C:\Users\Daniel\Desktop\adwcleaner.exe
2014-01-01 21:45 - 2014-01-01 21:45 - 00031410 _____ C:\ComboFix.txt
2014-01-01 21:32 - 2014-01-01 21:45 - 00000000 ____D C:\Qoobox
2014-01-01 21:32 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-01 21:32 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-01 21:32 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-01 21:32 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-01 21:32 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-01 21:32 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-01 21:32 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-01 21:32 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-01 21:31 - 2014-01-01 21:44 - 00000000 ____D C:\Windows\erdnt
2014-01-01 21:30 - 2014-01-01 21:30 - 05160282 ____R (Swearware) C:\Users\Daniel\Downloads\ComboFix.exe
2014-01-01 19:19 - 2014-01-01 19:19 - 00000000 ____D C:\Users\Daniel\Documents\Rockstar Games
2014-01-01 19:16 - 2014-01-01 19:16 - 00000000 __SHD C:\ProgramData\SecuROM
2014-01-01 19:15 - 2014-01-01 19:15 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2014-01-01 19:15 - 2014-01-01 19:15 - 00000000 ____D C:\Windows\SysWOW64\xlive
2014-01-01 19:15 - 2014-01-01 19:15 - 00000000 ____D C:\Users\Daniel\AppData\Local\Rockstar Games
2014-01-01 19:15 - 2014-01-01 19:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-12-31 10:59 - 2014-01-01 14:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-30 21:10 - 2013-12-30 21:10 - 00000000 ____D C:\Users\Daniel\Downloads\+Bora 01 #Isdanny
2013-12-30 21:06 - 2013-12-30 21:06 - 05874386 _____ C:\Users\Daniel\Downloads\+Bora 01 #Isdanny.zip
2013-12-30 20:54 - 2013-12-30 20:54 - 00000000 ____D C:\ProgramData\Oracle
2013-12-30 20:54 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-30 20:53 - 2013-12-30 20:53 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-12-30 20:53 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-30 20:53 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-30 20:53 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-30 20:23 - 2014-01-01 13:45 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-12-30 20:23 - 2013-12-30 20:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-30 20:22 - 2014-01-01 14:03 - 00000000 ____D C:\Users\Daniel\Desktop\mbar
2013-12-30 20:22 - 2014-01-01 13:45 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-30 20:22 - 2013-12-30 20:22 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Daniel\Downloads\mbar-1.07.0.1008.exe
2013-12-30 19:23 - 2013-12-30 19:45 - 00033406 _____ C:\Users\Daniel\Downloads\Addition.txt
2013-12-30 19:22 - 2014-01-01 22:20 - 01931396 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2013-12-30 19:22 - 2014-01-01 22:20 - 00000000 ____D C:\FRST
2013-12-30 19:22 - 2014-01-01 13:42 - 00047939 _____ C:\Users\Daniel\Downloads\FRST.txt
2013-12-30 19:21 - 2013-12-30 19:21 - 01064199 _____ (Farbar) C:\Users\Daniel\Downloads\FRST.exe
2013-12-26 22:34 - 2013-12-26 22:34 - 00001536 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-12-26 22:34 - 2013-12-26 22:34 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DVDVideoSoft
2013-12-26 22:34 - 2013-12-26 22:34 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-12-26 22:33 - 2013-12-26 22:33 - 34115288 _____ (DVDVideoSoft Ltd. ) C:\Users\Daniel\Downloads\FreeYouTube19ToMP3Converter.exe
2013-12-26 22:31 - 2014-01-01 21:43 - 00000000 ____D C:\Support
2013-12-26 22:31 - 2013-12-26 22:31 - 00002604 _____ C:\Windows\System32\Tasks\couponsupport-S-649636217
2013-12-26 22:31 - 2013-12-26 22:31 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2013-12-26 22:31 - 2013-12-26 22:31 - 00000000 ____D C:\Users\Administrator
2013-12-26 22:29 - 2013-12-26 22:29 - 00666088 _____ C:\Users\Daniel\Downloads\tubebox_4.4_de-DE.exe
2013-12-26 22:25 - 2013-12-26 22:25 - 11617048 _____ C:\Users\Daniel\Downloads\YTD471Setup.exe
2013-12-26 20:21 - 2013-12-26 20:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\DayZ
2013-12-26 20:21 - 2013-12-26 20:21 - 00000000 ____D C:\Users\Daniel\Documents\DayZ
2013-12-26 19:53 - 2013-12-26 19:53 - 00000222 _____ C:\Users\Daniel\Desktop\DayZ.url
2013-12-26 12:13 - 2013-12-26 12:13 - 00000219 _____ C:\Users\Daniel\Desktop\Left 4 Dead 2.url
2013-12-25 19:28 - 2013-12-25 19:28 - 00000000 ____D C:\Users\Daniel\Desktop\Arkosia2
2013-12-25 19:03 - 2013-12-25 19:27 - 1507763763 _____ C:\Users\Daniel\Downloads\Arkosia2.rar
2013-12-24 21:41 - 2013-12-24 21:41 - 74862095 _____ C:\Users\Daniel\Desktop\screenshot.rar
2013-12-24 21:41 - 2013-12-24 21:41 - 00000000 ____D C:\Users\Daniel\Desktop\screenshot
2013-12-22 21:21 - 2013-12-22 21:22 - 149955351 _____ C:\Users\Daniel\Desktop\Tinie Tempah - Demonstration (2013)_320 kbps {Aryan_l33t} [LittleFairyRG].rar
2013-12-22 20:31 - 2013-12-22 20:31 - 00000222 _____ C:\Users\Daniel\Desktop\Guns of Icarus Online.url
2013-12-22 13:34 - 2013-12-22 13:34 - 00351691 _____ C:\Users\Daniel\Desktop\Sprachmemo 003.m4a
2013-12-21 12:51 - 2013-12-21 12:51 - 00000000 ____D C:\Users\Daniel\Desktop\CloudDownloaderVersion2.0
2013-12-21 12:49 - 2013-12-21 12:49 - 00560306 _____ C:\Users\Daniel\Downloads\CloudDownloaderVersion2.0.zip
2013-12-21 12:46 - 2013-12-21 12:46 - 00008462 _____ C:\Users\Daniel\Desktop\calling-all-the-monsters-1.htm
2013-12-21 12:45 - 2013-12-21 12:45 - 00008462 _____ C:\Users\Daniel\Downloads\calling-all-the-monsters-1.htm
2013-12-15 17:30 - 2013-12-15 17:37 - 00000000 ____D C:\Users\Daniel\Downloads\Rihanna - Unapologetic
2013-12-15 17:25 - 2013-12-15 17:29 - 105545478 _____ C:\Users\Daniel\Downloads\Rihanna - Unapologetic.zip
2013-12-12 21:50 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 21:50 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 21:50 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 21:50 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 21:49 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 21:49 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 21:49 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 21:49 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 21:49 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 21:49 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 21:49 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 21:49 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 21:49 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 21:49 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 21:49 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 21:49 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 21:49 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 21:49 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 21:49 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 21:49 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 21:49 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 21:49 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 21:49 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 21:49 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 21:49 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 21:49 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 21:49 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 21:49 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 21:49 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 21:49 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 21:49 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 21:49 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 21:49 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 21:49 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 21:49 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 15:00 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 15:00 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 15:00 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 15:00 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 15:00 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 15:00 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 15:00 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 15:00 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 15:00 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 15:00 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 15:00 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-12 14:59 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 14:59 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 14:59 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 14:59 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 14:59 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 14:59 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 14:59 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 14:59 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 16:08 - 2013-12-12 15:11 - 00000000 ____D C:\Users\Daniel\Documents\DragonNest
2013-12-11 16:03 - 2013-12-11 16:03 - 00002169 _____ C:\Users\Daniel\Desktop\Dragon Nest Europe.lnk
2013-12-11 16:03 - 2013-12-11 16:03 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SDGi Europe
2013-12-11 15:57 - 2013-12-11 15:57 - 00000000 ____D C:\Program Files (x86)\SDGi Europe
2013-12-10 22:20 - 2013-12-10 22:45 - 3858935200 _____ C:\Users\Daniel\Downloads\DragonNestEUSetup63.exe
2013-12-07 19:39 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-12-07 19:39 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-12-07 19:39 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-07 19:39 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-12-07 19:39 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-12-07 19:39 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-12-07 19:39 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-12-06 19:29 - 2013-12-06 19:29 - 00000221 _____ C:\Users\Daniel\Desktop\Borderlands 2.url
==================== One Month Modified Files and Folders =======
2014-01-01 22:21 - 2014-01-01 22:20 - 00018067 _____ C:\Users\Daniel\Desktop\FRST.txt
2014-01-01 22:20 - 2014-01-01 22:20 - 00000000 ____D C:\Users\Daniel\Desktop\FRST-OlderVersion
2014-01-01 22:20 - 2013-12-30 19:22 - 01931396 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-01-01 22:20 - 2013-12-30 19:22 - 00000000 ____D C:\FRST
2014-01-01 22:17 - 2014-01-01 22:17 - 00002601 _____ C:\Users\Daniel\Desktop\JRT.txt
2014-01-01 22:17 - 2012-02-06 18:21 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002UA.job
2014-01-01 22:17 - 2011-12-24 16:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2014-01-01 22:14 - 2009-07-14 05:45 - 00017152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-01 22:14 - 2009-07-14 05:45 - 00017152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-01 22:12 - 2014-01-01 22:12 - 01036305 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe
2014-01-01 22:12 - 2014-01-01 22:12 - 00000000 ____D C:\Windows\ERUNT
2014-01-01 22:10 - 2013-02-18 14:41 - 00055720 _____ C:\Windows\setupact.log
2014-01-01 22:10 - 2012-09-04 18:06 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Spotify
2014-01-01 22:08 - 2012-01-13 11:44 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-01 22:07 - 2013-02-19 13:53 - 00642912 _____ C:\Windows\PFRO.log
2014-01-01 22:07 - 2011-09-05 23:24 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-01 22:07 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-01 22:06 - 2011-12-24 16:12 - 01600176 _____ C:\Windows\WindowsUpdate.log
2014-01-01 22:05 - 2014-01-01 22:01 - 00000000 ____D C:\AdwCleaner
2014-01-01 22:00 - 2014-01-01 22:00 - 01233962 _____ C:\Users\Daniel\Desktop\adwcleaner.exe
2014-01-01 21:45 - 2014-01-01 21:45 - 00031410 _____ C:\ComboFix.txt
2014-01-01 21:45 - 2014-01-01 21:32 - 00000000 ____D C:\Qoobox
2014-01-01 21:44 - 2014-01-01 21:31 - 00000000 ____D C:\Windows\erdnt
2014-01-01 21:43 - 2013-12-26 22:31 - 00000000 ____D C:\Support
2014-01-01 21:43 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-01 21:30 - 2014-01-01 21:30 - 05160282 ____R (Swearware) C:\Users\Daniel\Downloads\ComboFix.exe
2014-01-01 21:23 - 2012-07-27 11:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-01 21:00 - 2013-03-10 15:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TS3Client
2014-01-01 19:19 - 2014-01-01 19:19 - 00000000 ____D C:\Users\Daniel\Documents\Rockstar Games
2014-01-01 19:16 - 2014-01-01 19:16 - 00000000 __SHD C:\ProgramData\SecuROM
2014-01-01 19:15 - 2014-01-01 19:15 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2014-01-01 19:15 - 2014-01-01 19:15 - 00000000 ____D C:\Windows\SysWOW64\xlive
2014-01-01 19:15 - 2014-01-01 19:15 - 00000000 ____D C:\Users\Daniel\AppData\Local\Rockstar Games
2014-01-01 19:15 - 2014-01-01 19:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-01-01 19:14 - 2013-09-14 18:58 - 00074006 _____ C:\Windows\DirectX.log
2014-01-01 14:03 - 2013-12-31 10:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-01 14:03 - 2013-12-30 20:22 - 00000000 ____D C:\Users\Daniel\Desktop\mbar
2014-01-01 13:45 - 2013-12-30 20:23 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-01-01 13:45 - 2013-12-30 20:22 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-01 13:42 - 2013-12-30 19:22 - 00047939 _____ C:\Users\Daniel\Downloads\FRST.txt
2014-01-01 13:34 - 2012-02-04 13:48 - 00000000 ____D C:\Users\Daniel\Desktop\Alles drinn
2013-12-31 12:16 - 2012-02-06 18:21 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002Core.job
2013-12-30 21:10 - 2013-12-30 21:10 - 00000000 ____D C:\Users\Daniel\Downloads\+Bora 01 #Isdanny
2013-12-30 21:06 - 2013-12-30 21:06 - 05874386 _____ C:\Users\Daniel\Downloads\+Bora 01 #Isdanny.zip
2013-12-30 20:56 - 2012-06-28 19:11 - 00052224 ___SH C:\Users\Daniel\Thumbs.db
2013-12-30 20:54 - 2013-12-30 20:54 - 00000000 ____D C:\ProgramData\Oracle
2013-12-30 20:53 - 2013-12-30 20:53 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-12-30 20:53 - 2011-08-11 23:18 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-30 20:23 - 2013-12-30 20:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-30 20:22 - 2013-12-30 20:22 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Daniel\Downloads\mbar-1.07.0.1008.exe
2013-12-30 19:45 - 2013-12-30 19:23 - 00033406 _____ C:\Users\Daniel\Downloads\Addition.txt
2013-12-30 19:21 - 2013-12-30 19:21 - 01064199 _____ (Farbar) C:\Users\Daniel\Downloads\FRST.exe
2013-12-30 18:51 - 2012-09-04 18:06 - 00000000 ____D C:\Users\Daniel\AppData\Local\Spotify
2013-12-26 22:34 - 2013-12-26 22:34 - 00001536 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-12-26 22:34 - 2013-12-26 22:34 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DVDVideoSoft
2013-12-26 22:34 - 2013-12-26 22:34 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-12-26 22:33 - 2013-12-26 22:33 - 34115288 _____ (DVDVideoSoft Ltd. ) C:\Users\Daniel\Downloads\FreeYouTube19ToMP3Converter.exe
2013-12-26 22:31 - 2013-12-26 22:31 - 00002604 _____ C:\Windows\System32\Tasks\couponsupport-S-649636217
2013-12-26 22:31 - 2013-12-26 22:31 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2013-12-26 22:31 - 2013-12-26 22:31 - 00000000 ____D C:\Users\Administrator
2013-12-26 22:29 - 2013-12-26 22:29 - 00666088 _____ C:\Users\Daniel\Downloads\tubebox_4.4_de-DE.exe
2013-12-26 22:25 - 2013-12-26 22:25 - 11617048 _____ C:\Users\Daniel\Downloads\YTD471Setup.exe
2013-12-26 20:27 - 2013-12-26 20:21 - 00000000 ____D C:\Users\Daniel\AppData\Local\DayZ
2013-12-26 20:21 - 2013-12-26 20:21 - 00000000 ____D C:\Users\Daniel\Documents\DayZ
2013-12-26 19:53 - 2013-12-26 19:53 - 00000222 _____ C:\Users\Daniel\Desktop\DayZ.url
2013-12-26 19:53 - 2012-01-13 19:28 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-26 12:13 - 2013-12-26 12:13 - 00000219 _____ C:\Users\Daniel\Desktop\Left 4 Dead 2.url
2013-12-25 19:28 - 2013-12-25 19:28 - 00000000 ____D C:\Users\Daniel\Desktop\Arkosia2
2013-12-25 19:27 - 2013-12-25 19:03 - 1507763763 _____ C:\Users\Daniel\Downloads\Arkosia2.rar
2013-12-24 21:41 - 2013-12-24 21:41 - 74862095 _____ C:\Users\Daniel\Desktop\screenshot.rar
2013-12-24 21:41 - 2013-12-24 21:41 - 00000000 ____D C:\Users\Daniel\Desktop\screenshot
2013-12-24 17:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-22 21:22 - 2013-12-22 21:21 - 149955351 _____ C:\Users\Daniel\Desktop\Tinie Tempah - Demonstration (2013)_320 kbps {Aryan_l33t} [LittleFairyRG].rar
2013-12-22 20:31 - 2013-12-22 20:31 - 00000222 _____ C:\Users\Daniel\Desktop\Guns of Icarus Online.url
2013-12-22 13:34 - 2013-12-22 13:34 - 00351691 _____ C:\Users\Daniel\Desktop\Sprachmemo 003.m4a
2013-12-21 12:51 - 2013-12-21 12:51 - 00000000 ____D C:\Users\Daniel\Desktop\CloudDownloaderVersion2.0
2013-12-21 12:49 - 2013-12-21 12:49 - 00560306 _____ C:\Users\Daniel\Downloads\CloudDownloaderVersion2.0.zip
2013-12-21 12:46 - 2013-12-21 12:46 - 00008462 _____ C:\Users\Daniel\Desktop\calling-all-the-monsters-1.htm
2013-12-21 12:45 - 2013-12-21 12:45 - 00008462 _____ C:\Users\Daniel\Downloads\calling-all-the-monsters-1.htm
2013-12-15 20:23 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-15 17:37 - 2013-12-15 17:30 - 00000000 ____D C:\Users\Daniel\Downloads\Rihanna - Unapologetic
2013-12-15 17:29 - 2013-12-15 17:25 - 105545478 _____ C:\Users\Daniel\Downloads\Rihanna - Unapologetic.zip
2013-12-15 00:54 - 2013-08-14 15:22 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 00:52 - 2011-07-18 21:31 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-13 15:24 - 2011-05-16 15:04 - 00654150 _____ C:\Windows\system32\perfh007.dat
2013-12-13 15:24 - 2011-05-16 15:04 - 00130022 _____ C:\Windows\system32\perfc007.dat
2013-12-13 15:24 - 2009-07-14 06:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-13 15:18 - 2009-07-14 05:45 - 05137424 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 21:50 - 2012-01-27 20:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 19:33 - 2013-08-15 23:22 - 00000000 ____D C:\Users\Daniel\Desktop\Musik
2013-12-12 15:11 - 2013-12-11 16:08 - 00000000 ____D C:\Users\Daniel\Documents\DragonNest
2013-12-11 17:23 - 2012-07-27 11:48 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 17:23 - 2012-07-27 11:48 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 17:23 - 2011-08-10 20:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 16:03 - 2013-12-11 16:03 - 00002169 _____ C:\Users\Daniel\Desktop\Dragon Nest Europe.lnk
2013-12-11 16:03 - 2013-12-11 16:03 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SDGi Europe
2013-12-11 15:57 - 2013-12-11 15:57 - 00000000 ____D C:\Program Files (x86)\SDGi Europe
2013-12-10 22:45 - 2013-12-10 22:20 - 3858935200 _____ C:\Users\Daniel\Downloads\DragonNestEUSetup63.exe
2013-12-10 15:04 - 2013-02-06 13:43 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-10 15:04 - 2011-12-24 16:25 - 00000000 ____D C:\ProgramData\Skype
2013-12-06 20:09 - 2013-02-22 20:29 - 00000000 ____D C:\Users\Daniel\Documents\My Games
2013-12-06 19:29 - 2013-12-06 19:29 - 00000221 _____ C:\Users\Daniel\Desktop\Borderlands 2.url
2013-12-06 10:19 - 2012-02-06 18:21 - 00002366 _____ C:\Users\Daniel\Desktop\Google Chrome.lnk
2013-12-04 12:12 - 2012-02-06 18:21 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002UA
2013-12-04 12:12 - 2012-02-06 18:21 - 00003700 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002Core
Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-21 16:18
==================== End Of Log ============================
--- --- --- |
|
01.01.2014, 23:12
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | "FREEMIUM Software-Updater" Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=softpb&chnl=softpb&cd=2XzutAtN2Y1L1Qzuzz0Czzzy0AyDyC0B0E0B0CyCtA0C0CtDtN0D0TzutBtDtCtBtDyBtDzz&cr=1508898375
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=softpb&chnl=softpb&cd=2XzutAtN2Y1L1Qzuzz0Czzzy0AyDyC0B0E0B0CyCtA0C0CtDtN0D0TzutBtDtCtBtDyBtDzz&cr=1508898375
C:\Users\Daniel\AppData\Local\MediaBA\betterads.crx
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.01.2014, 23:30
| #25 |
| | "FREEMIUM Software-Updater" Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-01-2014 01 Ran by Daniel at 2014-01-01 23:15:04 Run:1 Running from C:\Users\Daniel\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=softpb&chnl=softpb&cd=2XzutAtN2Y1L1Qzuzz0Czzzy0AyDyC0B0E0B0CyCtA0C0CtDtN0D0TzutBtDtCtBtDyBtDzz&cr=1508898375 SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=softpb&chnl=softpb&cd=2XzutAtN2Y1L1Qzuzz0Czzzy0AyDyC0B0E0B0CyCtA0C0CtDtN0D0TzutBtDtCtBtDyBtDzz&cr=1508898375 C:\Users\Daniel\AppData\Local\MediaBA\betterads.crx ***************** HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully. HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found. C:\Users\Daniel\AppData\Local\MediaBA\betterads.crx => Moved successfully. ==== End of Fixlog ==== Bin für heute erstmal offline. Wünsche eine gute nacht. |
|
01.01.2014, 23:45
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | "FREEMIUM Software-Updater" Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM) Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu "FREEMIUM Software-Updater" |
| abend, adblock, bereits, dvdvideosoft ltd., einfach, freemium, freue, guten, hilfe, hotspot, nvpciflt.sys, plug-in, problem, schöne, schönen, spotify web helper, thema, threads, titel, würde |
WARNUNG an die MITLESER: 
Linear-Darstellung
