Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Plagegeister: Superfish & Sweetpage

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 16.02.2014, 11:09   #1
hAuNtEdKiD
 
Plagegeister: Superfish & Sweetpage - Standard

Plagegeister: Superfish & Sweetpage



Guten Tag!

Bin Chrome-Nutzer.

a) Ich hab' mit AdwCleaner, CCleaner, AntiMalwareBytes und avast! alles getan, was anging, aber sie konnten mir nicht helfen:
von Zeit zu Zeit wird mir trotz AdBlock, AdBlockPlus, AdBlockSuper und FacebookAdBlock eine Art Pop-Up-Werbebanner angezeigt. Klicke ich d'rauf, werde ich über eine Superfish-URL auf Seiten wie eBay weitergeleitet.

b) Will ich in der URL-Leiste eine Suche ausführen, werde ich über eine Sweetpage-URL an Yahoo weitergeleitet.

Könnt ihr mir helfen?

Alt 16.02.2014, 16:58   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Plagegeister: Superfish & Sweetpage - Standard

Plagegeister: Superfish & Sweetpage



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 16.02.2014, 18:38   #3
hAuNtEdKiD
 
Plagegeister: Superfish & Sweetpage - Standard

Plagegeister: Superfish & Sweetpage




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by HorrorKid (administrator) on LINK on 16-02-2014 18:28:40
Running from C:\Users\HorrorKid\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\WINDOWS\SysWOW64\NLSSRV32.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332STI.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\syswow64\wwahost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-06-26] (Alcor Micro Corp.)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2874256 2012-12-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2013-02-16] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2013-02-16] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [332BigDog] - C:\Program Files (x86)\USB Camera2\VM332STI.EXE [548864 2012-03-20] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-16] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1864232908-4205428584-3793576050-1001\...\Run: [Google Update] - C:\Users\HorrorKid\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-06-18] (Google Inc.)
HKU\S-1-5-21-1864232908-4205428584-3793576050-1001\...\Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {ACFAB3BE-2272-44A5-8567-2996320F2B7C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - {ACFAB3BE-2272-44A5-8567-2996320F2B7C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - {ACFAB3BE-2272-44A5-8567-2996320F2B7C} URL = 
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\HorrorKid\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\HorrorKid\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Extension: HDvid Codec 3 - C:\Users\HorrorKid\AppData\Roaming\Mozilla\Firefox\profiles\extensions\hdvc3@hdvidcodec.com.xpi [2013-06-30]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR HomePage: hxxp://www.google.de/
CHR DefaultSearchKeyword: sweet-page
CHR DefaultSearchProvider: sweet-page
CHR DefaultSearchURL: hxxp://www.sweet-page.com/web/?type=ds&ts=1390592673&from=cor&uid=ST500LT012-9WS142_S0V4B8GZXXXXS0V4B8GZ&q={searchTerms}
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Nitro PDF plugin for Firefox and Chrome) - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
CHR Plugin: (Google Update) - C:\Users\HorrorKid\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\WINDOWS\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
CHR Extension: (ProxTube) - C:\Users\HorrorKid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-07-18]
CHR Extension: (AdBlock) - C:\Users\HorrorKid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-30]
CHR Extension: (avast! Online Security) - C:\Users\HorrorKid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-16]
CHR Extension: (Adblock Super) - C:\Users\HorrorKid\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2014-01-24]
CHR Extension: (Facebook AdBlock) - C:\Users\HorrorKid\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpacabphcagfehdgnigmfnbjdampbaa [2014-01-29]
CHR Extension: (Google Wallet) - C:\Users\HorrorKid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-02-16]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-16] (AVAST Software)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92160 2012-10-17] (ELAN Microelectronics Corp.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1674720 2013-09-25] ()
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-11-18] (Nitro PDF Software)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [78648 2014-02-16] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [92544 2014-02-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-02-16] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1038072 2014-02-16] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [421704 2014-02-16] (AVAST Software)
R3 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [80184 2014-02-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-16] ()
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6822984 2013-02-16] (Broadcom Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-16 18:28 - 2014-02-16 18:28 - 02152960 _____ (Farbar) C:\Users\HorrorKid\Downloads\FRST64.exe
2014-02-16 18:28 - 2014-02-16 18:28 - 00013625 _____ () C:\Users\HorrorKid\Downloads\FRST.txt
2014-02-16 18:28 - 2014-02-16 18:28 - 00000000 ____D () C:\FRST
2014-02-16 13:26 - 2014-02-16 13:26 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\AVAST Software
2014-02-16 10:48 - 2014-02-16 10:48 - 00000000 ____D () C:\Users\HorrorKid\AppData\Roaming\AVAST Software
2014-02-16 10:47 - 2014-02-16 10:48 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-02-16 10:47 - 2014-02-16 10:47 - 00001977 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-16 10:47 - 2014-02-16 10:46 - 01038072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-02-16 10:47 - 2014-02-16 10:46 - 00421704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-02-16 10:47 - 2014-02-16 10:46 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-02-16 10:47 - 2014-02-16 10:46 - 00207904 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-02-16 10:47 - 2014-02-16 10:46 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-02-16 10:47 - 2014-02-16 10:46 - 00080184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-02-16 10:47 - 2014-02-16 10:46 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-02-16 10:47 - 2014-02-16 10:46 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-02-16 10:46 - 2014-02-16 10:46 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-02-16 10:46 - 2014-02-16 10:46 - 00000000 ____D () C:\Program Files\AVAST Software
2014-02-16 10:45 - 2014-02-16 10:45 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-16 10:43 - 2014-02-16 10:45 - 90578216 _____ (AVAST Software) C:\Users\HorrorKid\Downloads\avast_free_antivirus_setup_9.0.2013.exe
2014-02-15 21:22 - 2014-02-15 21:22 - 00003118 _____ () C:\WINDOWS\System32\Tasks\{2D887AA4-C80D-4525-93C4-4CFB2B2AEC9C}
2014-02-15 21:15 - 2014-02-15 21:15 - 00003140 _____ () C:\WINDOWS\System32\Tasks\{EE97E55B-81C7-4EFC-ACA6-B74C93886DC8}
2014-02-15 18:58 - 2014-02-15 20:36 - 153679872 _____ () C:\Users\HorrorKid\Downloads\The.Legend.of.Zelda.Skyward.Sword.part01.rar
2014-02-15 18:55 - 2014-02-15 18:55 - 00011568 _____ () C:\Users\HorrorKid\Downloads\c4b4ae006e36d7d2cf4a23bdf29e989f.dlc
2014-02-15 15:35 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-15 15:35 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-15 15:35 - 2013-03-02 09:23 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-02-15 15:35 - 2013-03-02 03:44 - 01011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-02-15 15:35 - 2012-12-15 05:55 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-02-15 15:35 - 2012-11-03 06:26 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysreset.exe
2014-02-15 15:35 - 2012-11-03 06:25 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\resetengmig.dll
2014-02-15 15:35 - 2012-10-24 04:25 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2014-02-15 15:35 - 2012-10-24 04:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2014-02-15 15:35 - 2012-10-24 04:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2014-02-15 15:35 - 2012-10-24 04:24 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2014-02-15 15:35 - 2012-10-24 04:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2014-02-15 15:35 - 2012-10-24 03:48 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2014-02-15 15:34 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-02-15 15:34 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-15 15:34 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-02-15 15:34 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-15 15:34 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-02-15 15:34 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-02-15 15:34 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-02-15 15:34 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-02-15 15:34 - 2013-03-22 04:49 - 02382336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2014-02-15 15:34 - 2013-03-21 23:47 - 02851840 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2014-02-15 15:33 - 2013-10-02 00:37 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-15 15:33 - 2013-10-02 00:26 - 02304512 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-15 15:33 - 2013-04-03 00:37 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdlg.dll
2014-02-15 15:33 - 2013-04-03 00:12 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdlg.dll
2014-02-15 15:32 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-15 15:32 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-15 14:36 - 2014-02-16 14:40 - 00000000 ____D () C:\Users\HorrorKid\Tracing
2014-02-15 14:25 - 2014-02-15 14:25 - 00000000 ____D () C:\WINDOWS\de
2014-02-15 14:24 - 2014-02-16 14:43 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-02-15 14:24 - 2014-02-15 14:24 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-02-15 14:24 - 2014-02-15 14:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-02-15 14:23 - 2014-02-15 14:23 - 00000199 _____ () C:\WINDOWS\DirectX.log
2014-02-15 14:23 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2014-02-15 14:23 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-02-15 14:23 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-02-15 14:23 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2014-02-15 14:23 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-02-15 14:23 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2014-02-15 14:23 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-02-15 14:23 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2014-02-15 14:23 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2014-02-15 14:23 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2014-02-15 14:23 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2014-02-15 14:23 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2014-02-15 14:22 - 2014-02-15 15:16 - 00000000 ____D () C:\Users\HorrorKid\AppData\Local\Windows Live
2014-02-15 14:17 - 2014-02-15 14:21 - 142602520 _____ (Microsoft Corporation) C:\Users\HorrorKid\Downloads\wlsetup-all_16.4.3508.0205 (1).exe
2014-02-14 16:10 - 2014-02-14 16:16 - 246598160 _____ () C:\Users\HorrorKid\Downloads\kis14.0.0.4651de-de.exe
2014-02-14 14:26 - 2014-02-14 14:26 - 00000000 ____D () C:\Users\HorrorKid\AppData\Roaming\Malwarebytes
2014-02-14 14:26 - 2014-02-14 14:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-14 14:26 - 2014-02-14 14:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-14 14:26 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-02-14 14:25 - 2014-02-14 14:25 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\HorrorKid\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-14 11:04 - 2014-02-14 11:04 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Lenovo
2014-02-14 11:03 - 2014-02-14 11:04 - 00001133 _____ () C:\Users\Gast\Desktop\Cyberlink Power2Go.lnk
2014-02-14 11:03 - 2014-02-14 11:03 - 00001449 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-14 11:03 - 2014-02-14 11:03 - 00000020 ___SH () C:\Users\Gast\ntuser.ini
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Vorlagen
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Startmenü
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Netzwerkumgebung
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Lokale Einstellungen
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Eigene Dateien
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Druckumgebung
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Musik
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Bilder
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Verlauf
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Anwendungsdaten
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Anwendungsdaten
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Adobe
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\VirtualStore
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ____D () C:\Users\Gast
2014-02-14 11:03 - 2013-08-16 15:02 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-02-14 11:03 - 2013-06-24 22:27 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-02-14 11:03 - 2013-02-16 03:28 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Macromedia
2014-02-14 11:03 - 2013-02-16 03:26 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-02-14 11:03 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-14 11:03 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-14 11:03 - 2010-12-19 06:31 - 00000189 _____ () C:\Users\Gast\Desktop\Lenovo Telephony Start Now.url
2014-02-14 10:13 - 2014-02-14 10:13 - 01166132 _____ () C:\Users\HorrorKid\Downloads\adwcleaner-3.018 (1).exe
2014-02-13 10:20 - 2014-02-13 10:20 - 00482645 _____ () C:\Users\HorrorKid\Downloads\Ba7ONiWCQAACgVm.png-large
2014-02-12 10:32 - 2014-02-12 10:32 - 01709990 _____ () C:\Users\HorrorKid\Downloads\51.jpeg
2014-02-12 10:02 - 2014-02-12 10:03 - 01166132 _____ () C:\Users\HorrorKid\Downloads\adwcleaner-3.018.exe
2014-02-12 07:56 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-12 07:56 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-12 07:56 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-12 07:56 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-02-12 07:56 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-02-12 07:56 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-12 07:56 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-12 07:56 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-02-12 07:56 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-12 07:56 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-12 07:56 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-02-12 07:56 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-12 07:56 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-12 07:56 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-12 07:56 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-12 07:56 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-12 07:56 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-02-12 07:56 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-12 07:56 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-12 07:56 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-12 07:56 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-02-12 07:56 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-12 07:56 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-12 07:56 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-12 07:56 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-12 07:56 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-12 07:56 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-02-12 07:56 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-12 07:56 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-12 07:56 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-12 07:56 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-12 07:56 - 2013-11-27 01:19 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-12 07:56 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-02-12 07:56 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-12 07:55 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-12 07:55 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-12 07:55 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-12 07:55 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-12 07:55 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-12 07:55 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-02-12 07:54 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-12 07:54 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-12 07:54 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-12 07:54 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-04 23:02 - 2014-02-04 23:54 - 202831872 _____ () C:\Users\HorrorKid\Downloads\Metroid.Prime.Trilogy.part04.rar
2014-02-04 21:48 - 2014-02-04 22:56 - 202831872 _____ () C:\Users\HorrorKid\Downloads\Metroid.Prime.Trilogy.part01.rar
2014-02-04 21:45 - 2014-02-04 21:45 - 00014488 _____ () C:\Users\HorrorKid\Downloads\10c16348d566d79d4202b7e62135c6d6.dlc
2014-02-04 00:48 - 2014-02-04 00:56 - 44350914 _____ () C:\Users\HorrorKid\Downloads\mp2_pal.zip
2014-02-03 23:25 - 2014-02-03 23:25 - 44768128 _____ () C:\Users\HorrorKid\Downloads\N64 Mario Party 2.wad
2014-02-03 20:25 - 2014-02-03 20:26 - 00777208 _____ () C:\Users\HorrorKid\Downloads\wii_gamecube_homebrew_launcher_v0.2.3.rar
2014-02-03 20:11 - 2014-02-03 20:12 - 61569210 _____ () C:\Users\HorrorKid\Downloads\Conker's Bad Fur Day (USA).zip
2014-02-01 18:17 - 2014-02-01 18:17 - 00749735 _____ () C:\Users\HorrorKid\Downloads\wad_manager_1.7.rar
2014-02-01 18:11 - 2014-02-01 18:11 - 00131072 _____ () C:\Users\HorrorKid\Downloads\Super.Mario.World.PAL.PROPER.REPACK.VC.Wii-OneUp.srm
2014-02-01 18:03 - 2014-02-01 18:03 - 00004910 _____ () C:\Users\HorrorKid\Downloads\2A11C738A27C35E6303F36F60D0B001EFB0287BD.torrent
2014-02-01 18:01 - 2014-02-01 18:01 - 00004925 _____ () C:\Users\HorrorKid\Downloads\Super.Mario.World.PAL.PROPER.REPACK.VC.Wii-OneUp.torrent
2014-01-31 22:26 - 2014-01-31 22:31 - 14342256 _____ () C:\Users\HorrorKid\Downloads\LoZ_-_LttP.zip
2014-01-30 15:36 - 2014-01-30 15:36 - 00020203 _____ () C:\Users\HorrorKid\Downloads\20120416-223701.jpg-w=490
2014-01-28 09:28 - 2014-01-28 09:28 - 00037855 _____ () C:\Users\HorrorKid\Downloads\The-animatrix-poster.jpeg
2014-01-28 09:24 - 2014-02-16 17:39 - 00006584 _____ () C:\WINDOWS\PFRO.log
2014-01-28 09:19 - 2014-02-14 10:14 - 00000000 ____D () C:\AdwCleaner
2014-01-28 09:17 - 2014-01-28 09:17 - 01236282 _____ () C:\Users\HorrorKid\Downloads\adwcleaner_3.017 (2).exe
2014-01-27 15:18 - 2014-01-27 15:18 - 00000000 ____D () C:\Users\HorrorKid\AppData\Local\Wii_Converter_GUI
2014-01-27 13:55 - 2014-01-27 13:56 - 16503094 _____ () C:\Users\HorrorKid\Downloads\usbloader_gx_v3_0_allinonepackage_ios249.zip
2014-01-27 12:09 - 2014-02-07 23:58 - 00009415 _____ () C:\WINDOWS\setupact.log
2014-01-27 12:09 - 2014-01-27 12:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-01-26 07:34 - 2009-02-12 22:45 - 405012480 _____ () C:\Users\HorrorKid\Downloads\SuMGal.iso
2014-01-25 09:22 - 2014-01-25 09:22 - 00002736 _____ () C:\Users\HorrorKid\Downloads\relink.us__RMGP01.part0_dd5e61980093677970f4d5002c958e (1).dlc
2014-01-24 21:13 - 2014-01-24 21:13 - 00002736 _____ () C:\Users\HorrorKid\Downloads\relink.us__RMGP01.part0_dd5e61980093677970f4d5002c958e.dlc
2014-01-24 20:58 - 2014-01-24 20:58 - 00921000 _____ (Oracle Corporation) C:\Users\HorrorKid\Downloads\chromeinstall-7u51.exe
2014-01-24 20:45 - 2014-01-24 21:20 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-01-24 20:42 - 2014-01-24 20:42 - 00081488 _____ (AppWork UG (haftungsbeschränkt)) C:\Users\HorrorKid\Downloads\WebInstaller.exe
2014-01-24 19:54 - 2014-01-24 19:54 - 00000000 ____D () C:\wbfs
2014-01-24 19:47 - 2014-01-24 19:47 - 00000000 ____D () C:\ProgramData\Free Download Manager
2014-01-24 19:45 - 2014-01-24 19:45 - 07752897 _____ (FreeDownloadManager.ORG ) C:\Users\HorrorKid\Downloads\fdminst_3.9.3.1360.exe
2014-01-24 08:25 - 2014-01-24 08:25 - 01236282 _____ () C:\Users\HorrorKid\Downloads\adwcleaner_3.017.exe
2014-01-22 08:52 - 2014-01-22 08:52 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2014-01-22 08:52 - 2014-01-22 08:52 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys

==================== One Month Modified Files and Folders =======

2014-02-16 18:28 - 2014-02-16 18:28 - 02152960 _____ (Farbar) C:\Users\HorrorKid\Downloads\FRST64.exe
2014-02-16 18:28 - 2014-02-16 18:28 - 00013625 _____ () C:\Users\HorrorKid\Downloads\FRST.txt
2014-02-16 18:28 - 2014-02-16 18:28 - 00000000 ____D () C:\FRST
2014-02-16 18:19 - 2013-02-16 11:57 - 00753134 _____ () C:\WINDOWS\system32\perfh007.dat
2014-02-16 18:19 - 2013-02-16 11:57 - 00155826 _____ () C:\WINDOWS\system32\perfc007.dat
2014-02-16 18:19 - 2012-07-26 08:28 - 01745416 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-16 18:17 - 2014-01-02 17:59 - 01113784 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-16 17:40 - 2012-07-26 08:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-16 17:39 - 2014-01-28 09:24 - 00006584 _____ () C:\WINDOWS\PFRO.log
2014-02-16 17:39 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-16 16:02 - 2013-06-18 16:31 - 00001146 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1864232908-4205428584-3793576050-1001UA.job
2014-02-16 14:56 - 2013-06-18 16:05 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1864232908-4205428584-3793576050-1001
2014-02-16 14:43 - 2014-02-15 14:24 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-02-16 14:42 - 2013-06-27 13:35 - 00000000 ____D () C:\Users\HorrorKid\AppData\Roaming\Skype
2014-02-16 14:42 - 2013-06-27 13:35 - 00000000 ____D () C:\ProgramData\Skype
2014-02-16 14:40 - 2014-02-15 14:36 - 00000000 ____D () C:\Users\HorrorKid\Tracing
2014-02-16 13:56 - 2013-08-15 09:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-16 13:53 - 2013-06-19 10:51 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-16 13:26 - 2014-02-16 13:26 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\AVAST Software
2014-02-16 10:48 - 2014-02-16 10:48 - 00000000 ____D () C:\Users\HorrorKid\AppData\Roaming\AVAST Software
2014-02-16 10:48 - 2014-02-16 10:47 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-02-16 10:47 - 2014-02-16 10:47 - 00001977 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-16 10:46 - 2014-02-16 10:47 - 01038072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-02-16 10:46 - 2014-02-16 10:47 - 00421704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-02-16 10:46 - 2014-02-16 10:47 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-02-16 10:46 - 2014-02-16 10:47 - 00207904 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-02-16 10:46 - 2014-02-16 10:47 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-02-16 10:46 - 2014-02-16 10:47 - 00080184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-02-16 10:46 - 2014-02-16 10:47 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-02-16 10:46 - 2014-02-16 10:47 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-02-16 10:46 - 2014-02-16 10:46 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-02-16 10:46 - 2014-02-16 10:46 - 00000000 ____D () C:\Program Files\AVAST Software
2014-02-16 10:45 - 2014-02-16 10:45 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-16 10:45 - 2014-02-16 10:43 - 90578216 _____ (AVAST Software) C:\Users\HorrorKid\Downloads\avast_free_antivirus_setup_9.0.2013.exe
2014-02-16 10:21 - 2013-08-17 00:16 - 00000000 ____D () C:\Users\HorrorKid\AppData\Local\Facebook
2014-02-16 10:16 - 2013-07-16 04:44 - 00000000 ____D () C:\ldiag
2014-02-16 10:02 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-02-16 10:01 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-02-16 09:58 - 2013-12-18 13:29 - 00000000 ____D () C:\Gamigo
2014-02-16 09:50 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-16 09:49 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-16 09:49 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\WinStore
2014-02-15 21:22 - 2014-02-15 21:22 - 00003118 _____ () C:\WINDOWS\System32\Tasks\{2D887AA4-C80D-4525-93C4-4CFB2B2AEC9C}
2014-02-15 21:15 - 2014-02-15 21:15 - 00003140 _____ () C:\WINDOWS\System32\Tasks\{EE97E55B-81C7-4EFC-ACA6-B74C93886DC8}
2014-02-15 20:36 - 2014-02-15 18:58 - 153679872 _____ () C:\Users\HorrorKid\Downloads\The.Legend.of.Zelda.Skyward.Sword.part01.rar
2014-02-15 18:55 - 2014-02-15 18:55 - 00011568 _____ () C:\Users\HorrorKid\Downloads\c4b4ae006e36d7d2cf4a23bdf29e989f.dlc
2014-02-15 15:53 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-02-15 15:16 - 2014-02-15 14:22 - 00000000 ____D () C:\Users\HorrorKid\AppData\Local\Windows Live
2014-02-15 14:36 - 2013-06-18 15:56 - 00000000 ____D () C:\Users\HorrorKid
2014-02-15 14:25 - 2014-02-15 14:25 - 00000000 ____D () C:\WINDOWS\de
2014-02-15 14:25 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-02-15 14:24 - 2014-02-15 14:24 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-02-15 14:24 - 2014-02-15 14:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-02-15 14:23 - 2014-02-15 14:23 - 00000199 _____ () C:\WINDOWS\DirectX.log
2014-02-15 14:21 - 2014-02-15 14:17 - 142602520 _____ (Microsoft Corporation) C:\Users\HorrorKid\Downloads\wlsetup-all_16.4.3508.0205 (1).exe
2014-02-14 21:02 - 2013-06-18 16:31 - 00001094 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1864232908-4205428584-3793576050-1001Core.job
2014-02-14 16:16 - 2014-02-14 16:10 - 246598160 _____ () C:\Users\HorrorKid\Downloads\kis14.0.0.4651de-de.exe
2014-02-14 14:26 - 2014-02-14 14:26 - 00000000 ____D () C:\Users\HorrorKid\AppData\Roaming\Malwarebytes
2014-02-14 14:26 - 2014-02-14 14:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-14 14:26 - 2014-02-14 14:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-14 14:25 - 2014-02-14 14:25 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\HorrorKid\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-14 11:04 - 2014-02-14 11:04 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Lenovo
2014-02-14 11:04 - 2014-02-14 11:03 - 00001133 _____ () C:\Users\Gast\Desktop\Cyberlink Power2Go.lnk
2014-02-14 11:03 - 2014-02-14 11:03 - 00001449 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-14 11:03 - 2014-02-14 11:03 - 00000020 ___SH () C:\Users\Gast\ntuser.ini
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Vorlagen
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Startmenü
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Netzwerkumgebung
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Lokale Einstellungen
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Eigene Dateien
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Druckumgebung
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Musik
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Bilder
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Verlauf
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Anwendungsdaten
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Anwendungsdaten
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Adobe
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\VirtualStore
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ____D () C:\Users\Gast
2014-02-14 10:14 - 2014-01-28 09:19 - 00000000 ____D () C:\AdwCleaner
2014-02-14 10:13 - 2014-02-14 10:13 - 01166132 _____ () C:\Users\HorrorKid\Downloads\adwcleaner-3.018 (1).exe
2014-02-13 14:36 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-13 10:20 - 2014-02-13 10:20 - 00482645 _____ () C:\Users\HorrorKid\Downloads\Ba7ONiWCQAACgVm.png-large
2014-02-12 10:32 - 2014-02-12 10:32 - 01709990 _____ () C:\Users\HorrorKid\Downloads\51.jpeg
2014-02-12 10:03 - 2014-02-12 10:02 - 01166132 _____ () C:\Users\HorrorKid\Downloads\adwcleaner-3.018.exe
2014-02-11 20:57 - 2013-06-18 16:31 - 00004100 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1864232908-4205428584-3793576050-1001UA
2014-02-11 20:57 - 2013-06-18 16:31 - 00003720 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1864232908-4205428584-3793576050-1001Core
2014-02-10 17:25 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-02-07 23:58 - 2014-01-27 12:09 - 00009415 _____ () C:\WINDOWS\setupact.log
2014-02-04 23:54 - 2014-02-04 23:02 - 202831872 _____ () C:\Users\HorrorKid\Downloads\Metroid.Prime.Trilogy.part04.rar
2014-02-04 22:56 - 2014-02-04 21:48 - 202831872 _____ () C:\Users\HorrorKid\Downloads\Metroid.Prime.Trilogy.part01.rar
2014-02-04 21:45 - 2014-02-04 21:45 - 00014488 _____ () C:\Users\HorrorKid\Downloads\10c16348d566d79d4202b7e62135c6d6.dlc
2014-02-04 00:56 - 2014-02-04 00:48 - 44350914 _____ () C:\Users\HorrorKid\Downloads\mp2_pal.zip
2014-02-03 23:25 - 2014-02-03 23:25 - 44768128 _____ () C:\Users\HorrorKid\Downloads\N64 Mario Party 2.wad
2014-02-03 20:26 - 2014-02-03 20:25 - 00777208 _____ () C:\Users\HorrorKid\Downloads\wii_gamecube_homebrew_launcher_v0.2.3.rar
2014-02-03 20:12 - 2014-02-03 20:11 - 61569210 _____ () C:\Users\HorrorKid\Downloads\Conker's Bad Fur Day (USA).zip
2014-02-02 01:14 - 2013-06-18 15:56 - 00000000 ____D () C:\Users\HorrorKid\AppData\Local\Packages
2014-02-01 18:17 - 2014-02-01 18:17 - 00749735 _____ () C:\Users\HorrorKid\Downloads\wad_manager_1.7.rar
2014-02-01 18:11 - 2014-02-01 18:11 - 00131072 _____ () C:\Users\HorrorKid\Downloads\Super.Mario.World.PAL.PROPER.REPACK.VC.Wii-OneUp.srm
2014-02-01 18:03 - 2014-02-01 18:03 - 00004910 _____ () C:\Users\HorrorKid\Downloads\2A11C738A27C35E6303F36F60D0B001EFB0287BD.torrent
2014-02-01 18:01 - 2014-02-01 18:01 - 00004925 _____ () C:\Users\HorrorKid\Downloads\Super.Mario.World.PAL.PROPER.REPACK.VC.Wii-OneUp.torrent
2014-02-01 10:20 - 2014-02-12 07:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-01 10:19 - 2014-02-12 07:56 - 02241536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-01 10:19 - 2014-02-12 07:56 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-01 10:19 - 2014-02-12 07:56 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-02-01 10:19 - 2014-02-12 07:56 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-02-01 10:18 - 2014-02-12 07:56 - 19274240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-01 10:18 - 2014-02-12 07:56 - 15403520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-01 10:18 - 2014-02-12 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-02-01 10:18 - 2014-02-12 07:56 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-01 10:18 - 2014-02-12 07:56 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-01 10:18 - 2014-02-12 07:56 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-02-01 10:18 - 2014-02-12 07:56 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-01 10:18 - 2014-02-12 07:56 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-01 10:18 - 2014-02-12 07:56 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-01 10:18 - 2014-02-12 07:55 - 03960320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-01 10:18 - 2014-02-12 07:55 - 02648576 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-01 08:58 - 2014-02-12 07:56 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-01 08:58 - 2014-02-12 07:56 - 01140736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-01 08:58 - 2014-02-12 07:56 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-02-01 08:57 - 2014-02-12 07:56 - 13760512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-01 08:57 - 2014-02-12 07:56 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-01 08:57 - 2014-02-12 07:56 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-01 08:57 - 2014-02-12 07:56 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-02-01 08:57 - 2014-02-12 07:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-01 08:57 - 2014-02-12 07:56 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-01 08:57 - 2014-02-12 07:56 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-01 08:57 - 2014-02-12 07:55 - 14359040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-01 08:57 - 2014-02-12 07:55 - 02877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-01 08:57 - 2014-02-12 07:55 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-01 08:57 - 2014-02-12 07:55 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-02-01 08:40 - 2014-02-12 07:56 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-01 08:34 - 2014-02-12 07:56 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-01 06:08 - 2014-02-12 07:56 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-01-31 22:31 - 2014-01-31 22:26 - 14342256 _____ () C:\Users\HorrorKid\Downloads\LoZ_-_LttP.zip
2014-01-30 22:10 - 2013-12-17 20:20 - 00694240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-30 22:10 - 2013-12-17 20:20 - 00078296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-30 15:36 - 2014-01-30 15:36 - 00020203 _____ () C:\Users\HorrorKid\Downloads\20120416-223701.jpg-w=490
2014-01-28 09:28 - 2014-01-28 09:28 - 00037855 _____ () C:\Users\HorrorKid\Downloads\The-animatrix-poster.jpeg
2014-01-28 09:23 - 2013-06-18 16:32 - 00000000 ____D () C:\Users\HorrorKid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-01-28 09:23 - 2013-06-18 15:57 - 00001014 _____ () C:\Users\HorrorKid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-28 09:17 - 2014-01-28 09:17 - 01236282 _____ () C:\Users\HorrorKid\Downloads\adwcleaner_3.017 (2).exe
2014-01-27 15:18 - 2014-01-27 15:18 - 00000000 ____D () C:\Users\HorrorKid\AppData\Local\Wii_Converter_GUI
2014-01-27 13:56 - 2014-01-27 13:55 - 16503094 _____ () C:\Users\HorrorKid\Downloads\usbloader_gx_v3_0_allinonepackage_ios249.zip
2014-01-27 12:09 - 2014-01-27 12:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-01-25 09:22 - 2014-01-25 09:22 - 00002736 _____ () C:\Users\HorrorKid\Downloads\relink.us__RMGP01.part0_dd5e61980093677970f4d5002c958e (1).dlc
2014-01-24 21:20 - 2014-01-24 20:45 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-01-24 21:13 - 2014-01-24 21:13 - 00002736 _____ () C:\Users\HorrorKid\Downloads\relink.us__RMGP01.part0_dd5e61980093677970f4d5002c958e.dlc
2014-01-24 20:58 - 2014-01-24 20:58 - 00921000 _____ (Oracle Corporation) C:\Users\HorrorKid\Downloads\chromeinstall-7u51.exe
2014-01-24 20:42 - 2014-01-24 20:42 - 00081488 _____ (AppWork UG (haftungsbeschränkt)) C:\Users\HorrorKid\Downloads\WebInstaller.exe
2014-01-24 19:54 - 2014-01-24 19:54 - 00000000 ____D () C:\wbfs
2014-01-24 19:47 - 2014-01-24 19:47 - 00000000 ____D () C:\ProgramData\Free Download Manager
2014-01-24 19:45 - 2014-01-24 19:45 - 07752897 _____ (FreeDownloadManager.ORG ) C:\Users\HorrorKid\Downloads\fdminst_3.9.3.1360.exe
2014-01-24 08:25 - 2014-01-24 08:25 - 01236282 _____ () C:\Users\HorrorKid\Downloads\adwcleaner_3.017.exe
2014-01-23 05:57 - 2013-06-30 18:24 - 00019701 _____ () C:\Users\HorrorKid\Desktop\Notizen.txt
2014-01-22 08:52 - 2014-01-22 08:52 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2014-01-22 08:52 - 2014-01-22 08:52 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2014-01-20 13:41 - 2013-12-26 18:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-01-19 08:33 - 2013-07-20 13:41 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\HorrorKid\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-16 13:26

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by HorrorKid at 2014-02-16 18:29:23
Running from C:\Users\HorrorKid\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Alcor Micro USB Card Reader (x32 Version: 3.8.42.71502 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.8.42.71502 - Alcor Micro Corp.) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.4 - Atheros Communications Inc.)
avast! Free Antivirus (x32 Version: 9.0.2013 - Avast Software)
Benutzerhandbuch (x32 Version: 1.0.0.9 - Lenovo) Hidden
Broadcom 802.11 Network Adapter (Version: 6.30.59.20 - Broadcom Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (x32 Version: 7.2.8000.13 - Dolby Laboratories Inc)
Energy Management (x32 Version: 8.0.2.3 - Lenovo)
Energy Management (x32 Version: 8.0.2.3 - Lenovo) Hidden
ffdshow v1.2.4422 [2012-04-09] (x32 Version: 1.2.4422.0 - )
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKCU Version: 32.0.1700.107 - Google Inc.)
Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2843 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
Left 4 Dead 2 (x32 Version:  - Valve)
Lenovo EasyCamera (x32 Version: 1.12.824.1 - Vimicro)
Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (x32 Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo Photos (x32 Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo pointing device (Version: 11.4.11.7 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4310.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4310.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (Version: 2.3.002.00 - Lenovo Group Limited)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Nitro Pro 8 (Version: 8.0.7.3 - Nitro)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Power2Go (x32 Version: 5.6.0.9109 - CyberLink Corp.)
Project 64 version 2.1.0.1 (x32 Version: 2.1.0.1 - )
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6675 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
Steam (x32 Version:  - Valve Corporation)
SugarSync Manager (x32 Version: 1.9.61.90905 - SugarSync, Inc.)
UserGuide (x32 Version: 1.0.0.9 - Lenovo)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.00 (32-Bit) (x32 Version: 5.00.0 - win.rar GmbH)

==================== Restore Points  =========================

01-02-2014 02:02:29 Geplanter Prüfpunkt
05-02-2014 13:51:52 Windows Update
13-02-2014 10:13:09 Windows Update
15-02-2014 13:22:19 Windows Live Essentials
16-02-2014 13:41:13 Removed Skype™ 6.3

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01489315-AF0F-4774-AE19-0BA847BA9926} - \Plus-HD-4.8-updater No Task File
Task: {09165554-CF9D-40C5-B22B-4BDBA7783C9B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1864232908-4205428584-3793576050-1001UA => C:\Users\HorrorKid\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-18] (Google Inc.)
Task: {18E51AB3-23BB-4FF3-8ED5-B70833155183} - System32\Tasks\{BC7DEA4D-0781-463A-8967-E46282B99082} => Chrome.exe hxxp://ui.skype.com/ui/0/6.5.0.158/de/go/help.faq.installer?LastError=1603
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1C574E6C-2234-4CDB-9F7C-9F48F12A8800} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-09-25] ()
Task: {1F56F8B8-60FA-45C8-9512-0EEB0F8B07A5} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {254292BD-C1EA-443E-B9D1-DF758A1B4648} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {26971375-77E9-4EA1-8D2F-E26ED1123EB8} - \BrowserDefendert No Task File
Task: {2A36C22A-CC6E-446D-B826-B1D13DF154F9} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-09-25] (Lenovo)
Task: {2C4B9490-7C20-474F-84FA-7149933259EE} - System32\Tasks\{FDFD0B59-2E71-4EEA-B331-70EE75DD3C24} => Chrome.exe hxxp://ui.skype.com/ui/0/6.5.0.158/de/go/help.faq.installer?LastError=1603
Task: {2F92F082-BE72-4DF9-8EF9-10EE522781A3} - System32\Tasks\{CE1DFF19-7686-40D2-8779-ECFDF9BB2731} => Chrome.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/go/help.faq.installer?LastError=1603
Task: {3FCD0E83-2C61-40BD-B1EF-2C547F257819} - \Plus-HD-4.8-firefoxinstaller No Task File
Task: {40212352-FDF9-4008-8860-416CC1EA78C9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-16] (AVAST Software)
Task: {578E351C-0718-40E5-825F-C5FA705AF2E8} - \Desk 365 RunAsStdUser No Task File
Task: {6001EF7C-B27D-42FA-A44C-ED8A2C0E6591} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1864232908-4205428584-3793576050-1001Core => C:\Users\HorrorKid\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-18] (Google Inc.)
Task: {6952FF54-08E7-4395-88D0-441E78BEC008} - System32\Tasks\{2D887AA4-C80D-4525-93C4-4CFB2B2AEC9C} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsWLM
Task: {6CAA9FCB-EB86-45F6-BEDC-BD8D5FCEC2F2} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {71024835-969A-4AB0-AC21-93D8F48C97AA} - System32\Tasks\Microsoft\WINRE\WinRE-Repair => C:\windows\System32\reagentc.exe [2012-10-24] (Microsoft Corporation)
Task: {797C22AC-532C-44B7-8BA6-AAB6A93E5C50} - \Plus-HD-4.8-codedownloader No Task File
Task: {853296E5-99CD-4DF5-B92E-69F5DDDA9AC3} - System32\Tasks\{EE97E55B-81C7-4EFC-ACA6-B74C93886DC8} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/go/help.faq.installer?LastError=1603
Task: {8A30E798-4A62-4FCA-B59A-A1064B0D8D55} - System32\Tasks\{088DAD7B-8373-459B-B5B1-1D426A241776} => Chrome.exe hxxp://ui.skype.com/ui/0/6.5.0.158/de/go/help.faq.installer?LastError=1603
Task: {8B4E1962-DBB6-47A9-987C-3AD80D3E1285} - System32\Tasks\OFFICE2010ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [2012-03-08] ()
Task: {9E50CBAF-C83B-4ECA-AE15-00CE154C0EB3} - System32\Tasks\{C1892C02-5018-46FF-ABBC-ACB87AE8F851} => Chrome.exe hxxp://ui.skype.com/ui/0/6.5.0.158/de/go/help.faq.installer?LastError=1603
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AD808DCC-E606-4FFE-A11E-45B1F696809C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-09-25] (Lenovo)
Task: {B871D65E-D098-456E-8B54-9E0513859B98} - \Plus-HD-4.8-chromeinstaller No Task File
Task: {BE67E384-0466-4563-B204-A3A8E2519EA8} - \Plus-HD-4.8-enabler No Task File
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1864232908-4205428584-3793576050-1001Core.job => C:\Users\HorrorKid\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1864232908-4205428584-3793576050-1001UA.job => C:\Users\HorrorKid\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-08-27 07:13 - 2012-08-23 09:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2014-02-16 10:46 - 2014-02-16 10:46 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-03 23:58 - 2014-02-02 00:41 - 00715592 _____ () C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
2014-02-03 23:58 - 2014-02-02 00:41 - 00100168 _____ () C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\32.0.1700.107\libegl.dll
2014-02-03 23:58 - 2014-02-02 00:42 - 04055368 _____ () C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-03 23:58 - 2014-02-02 00:42 - 00399688 _____ () C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-03 23:58 - 2014-02-02 00:41 - 01634632 _____ () C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2014-02-03 23:58 - 2014-02-02 00:42 - 13616456 _____ () C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/16/2014 02:41:24 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary yotphmjs.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (02/15/2014 09:15:36 PM) (Source: MsiInstaller) (User: LINK)
Description: Product: Skype™ 6.3 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi

Error: (02/15/2014 06:47:03 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MovieMaker.exe, Version: 16.4.3508.205, Zeitstempel: 0x5111fa77
Name des fehlerhaften Moduls: igd10umd32.dll, Version: 9.17.10.2843, Zeitstempel: 0x5033bdbf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0006d0ef
ID des fehlerhaften Prozesses: 0x1fb8
Startzeit der fehlerhaften Anwendung: 0xMovieMaker.exe0
Pfad der fehlerhaften Anwendung: MovieMaker.exe1
Pfad des fehlerhaften Moduls: MovieMaker.exe2
Berichtskennung: MovieMaker.exe3
Vollständiger Name des fehlerhaften Pakets: MovieMaker.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MovieMaker.exe5

Error: (02/15/2014 06:36:23 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MovieMaker.exe, Version: 16.4.3508.205, Zeitstempel: 0x5111fa77
Name des fehlerhaften Moduls: igd10umd32.dll, Version: 9.17.10.2843, Zeitstempel: 0x5033bdbf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0006cfab
ID des fehlerhaften Prozesses: 0x1eb4
Startzeit der fehlerhaften Anwendung: 0xMovieMaker.exe0
Pfad der fehlerhaften Anwendung: MovieMaker.exe1
Pfad des fehlerhaften Moduls: MovieMaker.exe2
Berichtskennung: MovieMaker.exe3
Vollständiger Name des fehlerhaften Pakets: MovieMaker.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MovieMaker.exe5

Error: (02/12/2014 10:06:16 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ismagent.exe, Version: 1.14.1.36458, Zeitstempel: 0x4fbe2d9c
Name des fehlerhaften Moduls: dlnashext.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5010975d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74afdeed
ID des fehlerhaften Prozesses: 0xdf0
Startzeit der fehlerhaften Anwendung: 0xismagent.exe0
Pfad der fehlerhaften Anwendung: ismagent.exe1
Pfad des fehlerhaften Moduls: ismagent.exe2
Berichtskennung: ismagent.exe3
Vollständiger Name des fehlerhaften Pakets: ismagent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ismagent.exe5

Error: (02/12/2014 10:06:14 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ismagent.exe, Version: 1.14.1.36458, Zeitstempel: 0x4fbe2d9c
Name des fehlerhaften Moduls: ncrypt.dll, Version: 6.2.9200.16384, Zeitstempel: 0x50108af8
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x000176d4
ID des fehlerhaften Prozesses: 0xdf0
Startzeit der fehlerhaften Anwendung: 0xismagent.exe0
Pfad der fehlerhaften Anwendung: ismagent.exe1
Pfad des fehlerhaften Moduls: ismagent.exe2
Berichtskennung: ismagent.exe3
Vollständiger Name des fehlerhaften Pakets: ismagent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ismagent.exe5

Error: (02/12/2014 07:48:01 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ismagent.exe, Version: 1.14.1.36458, Zeitstempel: 0x4fbe2d9c
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.2.9200.16680, Zeitstempel: 0x51fb1462
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d45e
ID des fehlerhaften Prozesses: 0xad4
Startzeit der fehlerhaften Anwendung: 0xismagent.exe0
Pfad der fehlerhaften Anwendung: ismagent.exe1
Pfad des fehlerhaften Moduls: ismagent.exe2
Berichtskennung: ismagent.exe3
Vollständiger Name des fehlerhaften Pakets: ismagent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ismagent.exe5

Error: (02/12/2014 07:47:57 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ismagent.exe, Version: 1.14.1.36458, Zeitstempel: 0x4fbe2d9c
Name des fehlerhaften Moduls: dlnashext.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5010975d
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x746176d4
ID des fehlerhaften Prozesses: 0xad4
Startzeit der fehlerhaften Anwendung: 0xismagent.exe0
Pfad der fehlerhaften Anwendung: ismagent.exe1
Pfad des fehlerhaften Moduls: ismagent.exe2
Berichtskennung: ismagent.exe3
Vollständiger Name des fehlerhaften Pakets: ismagent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ismagent.exe5

Error: (02/04/2014 04:22:41 PM) (Source: Google Update) (User: LINK)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (01/21/2014 07:22:41 AM) (Source: Google Update) (User: LINK)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s


System errors:
=============
Error: (02/16/2014 05:39:31 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (02/01/2014 04:38:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f020b fehlgeschlagen: SAMSUNG Electronics Co., Ltd. - Other hardware - SAMSUNG Mobile USB Modem

Error: (02/01/2014 04:38:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f020b fehlgeschlagen: SAMSUNG Electronics Co., Ltd. - Other hardware - SAMSUNG Mobile MTP Device

Error: (01/24/2014 01:12:48 PM) (Source: DCOM) (User: LINK)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (01/16/2014 07:54:42 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (01/09/2014 07:33:07 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎09.‎01.‎2014 um 18:53:11 unerwartet heruntergefahren.

Error: (01/08/2014 10:41:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/08/2014 10:41:59 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (12/26/2013 06:51:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/26/2013 06:51:02 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.


Microsoft Office Sessions:
=========================
Error: (02/16/2014 02:41:24 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary yotphmjs.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (02/15/2014 09:15:36 PM) (Source: MsiInstaller)(User: LINK)
Description: Product: Skype™ 6.3 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (02/15/2014 06:47:03 PM) (Source: Application Error)(User: )
Description: MovieMaker.exe16.4.3508.2055111fa77igd10umd32.dll9.17.10.28435033bdbfc00000050006d0ef1fb801cf2a7478f84461C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exeC:\WINDOWS\SYSTEM32\igd10umd32.dll2d56a15f-9669-11e3-bea2-3c970e761646

Error: (02/15/2014 06:36:23 PM) (Source: Application Error)(User: )
Description: MovieMaker.exe16.4.3508.2055111fa77igd10umd32.dll9.17.10.28435033bdbfc00000050006cfab1eb401cf2a745644b798C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exeC:\WINDOWS\SYSTEM32\igd10umd32.dllafcf6f11-9667-11e3-bea2-3c970e761646

Error: (02/12/2014 10:06:16 AM) (Source: Application Error)(User: )
Description: ismagent.exe1.14.1.364584fbe2d9cdlnashext.dll_unloaded0.0.0.05010975dc000000574afdeeddf001cf27d1acdbe867C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exedlnashext.dlled1f4ace-93c4-11e3-be9f-3c970e761646

Error: (02/12/2014 10:06:14 AM) (Source: Application Error)(User: )
Description: ismagent.exe1.14.1.364584fbe2d9cncrypt.dll6.2.9200.1638450108af8c00001a5000176d4df001cf27d1acdbe867C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exeC:\WINDOWS\SYSTEM32\ncrypt.dllec1904c7-93c4-11e3-be9f-3c970e761646

Error: (02/12/2014 07:48:01 AM) (Source: Application Error)(User: )
Description: ismagent.exe1.14.1.364584fbe2d9cSHELL32.dll6.2.9200.1668051fb1462c00000050001d45ead401cf27be56233d5aC:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exeC:\WINDOWS\SYSTEM32\SHELL32.dll9cd62df5-93b1-11e3-be9e-3c970e761646

Error: (02/12/2014 07:47:57 AM) (Source: Application Error)(User: )
Description: ismagent.exe1.14.1.364584fbe2d9cdlnashext.dll_unloaded0.0.0.05010975dc00001a5746176d4ad401cf27be56233d5aC:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exedlnashext.dll9ae17ad0-93b1-11e3-be9e-3c970e761646

Error: (02/04/2014 04:22:41 PM) (Source: Google Update)(User: LINK)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (01/21/2014 07:22:41 AM) (Source: Google Update)(User: LINK)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s


==================== Memory info =========================== 

Percentage of memory in use: 41%
Total physical RAM: 3941.41 MB
Available physical RAM: 2300.64 MB
Total Pagefile: 4645.41 MB
Available Pagefile: 2859.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.75 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:418.43 GB) (Free:352.83 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 4B804535)

Partition: GPT Partition Type
==================== End Of Log ============================
         
Zusätzliche Informationen:

1.Ich benutze Windows 8.
2.Ich habe dieses Tutorial vollständig durchgemacht: Sweet Page entfernen - Kostenlos den Virus löschen | Browserdoktor
3.Mir ist aufgefallen, daß bei der Weiterleitung noch ein Plagegeist auftritt - sweetpage leitet über myv9.com an Yahoo (yhs4.com) weiter.
__________________

Alt 17.02.2014, 13:46   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Plagegeister: Superfish & Sweetpage - Standard

Plagegeister: Superfish & Sweetpage



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Plagegeister: Superfish & Sweetpage
adwcleaner, antimalwarebytes, ausführen, avast, avast!, ccleaner, ebay, guten, klicke, konnte, plagegeister, seite, seiten, spyhunter, spyhunter entfernen, suche, superfish, sweet page, sweet page entfernen, sweet-page, sweet-page entfernen, sweetpage, sweetpage entfernen, trotz, yahoo



Ähnliche Themen: Plagegeister: Superfish & Sweetpage


  1. Windows 7: Firefox - superfish.com
    Plagegeister aller Art und deren Bekämpfung - 20.03.2015 (10)
  2. Microsofts Virenscanner entfernt Superfish
    Nachrichten - 22.02.2015 (0)
  3. Probleme mit Adware/Malware (sweetpage)
    Plagegeister aller Art und deren Bekämpfung - 11.11.2014 (12)
  4. Sweetpage hat netbook verlangsamt
    Plagegeister aller Art und deren Bekämpfung - 03.08.2014 (3)
  5. Sweetpage Virus
    Log-Analyse und Auswertung - 22.07.2014 (11)
  6. grün unterstrichene Worte/superfish/sweetpage
    Plagegeister aller Art und deren Bekämpfung - 20.07.2014 (7)
  7. ShopperPro und Superfish nerven
    Plagegeister aller Art und deren Bekämpfung - 15.07.2014 (24)
  8. Verschiedene Ergebnisse mit MAM (hauptsächlich Sweetpage)
    Plagegeister aller Art und deren Bekämpfung - 06.07.2014 (7)
  9. Windows 7 - Google Chrome - SweetPage
    Log-Analyse und Auswertung - 02.07.2014 (7)
  10. Sweetpage und mehrere Funde von MBAM und ESET
    Log-Analyse und Auswertung - 29.06.2014 (23)
  11. Vorbeugende Maßnahmen gegen Sweetpage / Mysearch u.ä.
    Antiviren-, Firewall- und andere Schutzprogramme - 03.06.2014 (13)
  12. Windows 8 (PUP.Optional.SweetPage.A) und andere Bedrohungen
    Log-Analyse und Auswertung - 11.05.2014 (11)
  13. entferne sweetpage
    Plagegeister aller Art und deren Bekämpfung - 06.05.2014 (11)
  14. SuperFish.com entfernen
    Anleitungen, FAQs & Links - 25.03.2014 (2)
  15. Problem mit Superfish.com
    Log-Analyse und Auswertung - 19.09.2013 (20)
  16. Lahmes Internet und superfish.com
    Plagegeister aller Art und deren Bekämpfung - 14.11.2012 (6)
  17. Was ist Superfish.com bei Google Chrome?
    Plagegeister aller Art und deren Bekämpfung - 18.09.2012 (32)

Zum Thema Plagegeister: Superfish & Sweetpage - Guten Tag! Bin Chrome-Nutzer. a) Ich hab' mit AdwCleaner, CCleaner, AntiMalwareBytes und avast! alles getan, was anging, aber sie konnten mir nicht helfen: von Zeit zu Zeit wird mir trotz - Plagegeister: Superfish & Sweetpage...
Archiv
Du betrachtest: Plagegeister: Superfish & Sweetpage auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.