Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: entferne sweetpage

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 04.05.2014, 12:13   #1
Kawey
 
entferne sweetpage - Standard

entferne sweetpage



auf der Suche nach einem Treiber für die Kodak-Camera hab ich den Treiber nicht gefunden.
Dafür erscheint jedesmal die SweetPage, nervige Aufforderung, den PC zu bereinigen und den Browser und MediaPlayer zu aktualisieren.
Es ist nicht möglich, das zu killen! Help, help, help; danke

Alt 04.05.2014, 12:40   #2
M-K-D-B
/// TB-Ausbilder
 
entferne sweetpage - Standard

entferne sweetpage






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
    Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!





Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 04.05.2014, 13:05   #3
Kawey
 
entferne sweetpage - Standard

entferne sweetpage




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014
Ran by Kawey (administrator) on KAWEY-PC on 04-05-2014 12:59:04
Running from C:\Users\Kawey\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
() C:\Program Files\003\buuoujqmrk64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\Caramava\updateCaramava.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
() C:\Program Files (x86)\Caramava\bin\utilCaramava.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-03-08] (Synaptics Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-09] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2568023682-207481756-3843068466-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-2568023682-207481756-3843068466-1000\...\MountPoints2: {e5ab1670-7892-11e3-a6cb-3c970eac15f9} - E:\AutoRun.exe
AppInit_DLLs: C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll => C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll File Not Found
IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bootstrap.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\hpwucli.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\imfrmwrk.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\open energymanagement.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp:///
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Sweet Page
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://de.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Sweet Page
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Sweet Page
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Sweet Page
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Sweet Page
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms}
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe Webs Searches
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms}
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzutA0CzyyBtD0E0A0CtCyD0FzytC0DyDtCtN0D0Tzu0SyBzytAtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyDyD0E0ByEtCyCyBtGzyyDtB0BtGtDyE0EtDtGtBtD0D0DtGtC0C0DyCyEyEyC0EyEyD0Dzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyByB0AtA0E0A0CtGtCyCtAzztG0A0EtDtDtG0EtD0BtBtGtCyC0F0A0CtD0A0AtAyBtB0B2Q&cr=687468405&ir=
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=12302&tm=321&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=33201e43-a4a5-d890-52fb-99fd5190aa5e&searchtype=ds&q={searchTerms}&installDate=07/11/2013
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=12302&tm=321&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=882339C1-50C2-4324-946A-024990A2909C&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1E06BC8556697888&affID=128492&tsp=5222
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=33201e43-a4a5-d890-52fb-99fd5190aa5e&searchtype=ds&q={searchTerms}&installDate=07/11/2013
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1E06BC8556697888&affID=128492&tsp=5222
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms}
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzutA0CzyyBtD0E0A0CtCyD0FzytC0DyDtCtN0D0Tzu0SyBzytAtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyDyD0E0ByEtCyCyBtGzyyDtB0BtGtDyE0EtDtGtBtD0D0DtGtC0C0DyCyEyEyC0EyEyD0Dzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyByB0AtA0E0A0CtGtCyCtAzztG0A0EtDtDtG0EtD0BtBtGtCyC0F0A0CtD0A0AtAyBtB0B2Q&cr=687468405&ir=
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=12302&tm=321&src=ds&p={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
SearchScopes: HKCU - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=882339C1-50C2-4324-946A-024990A2909C&ref=toolbox&q={searchTerms}
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: iminent Helper Object - {112BA211-334C-4A90-90EC-2AD1CDAB287C} -  No File
BHO-x32: Caramava - {1e50bbda-c15a-47d5-9853-d829ff890664} - C:\Program Files (x86)\Caramava\Caramavabho.dll (Caramava)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - Iminent Toolbar - {1FAFD711-ABF9-4F6A-8130-5166C7371427} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{84A47CCA-2016-4EB2-9976-DDB4A782B000}: [NameServer]62.109.121.1 62.109.121.2

FireFox:
========
FF ProfilePath: C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013
FF SelectedSearchEngine: sweet-page
FF Homepage: hxxp://www.sweet-page.com/?type=hppp&ts=1399130289&from=tugs&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\searchplugins\ixquick-https.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\StartWeb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: MediaPlayerplus - C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-04-25]
FF Extension: Adblock Plus - C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-03]
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\90i27aem.default\extensions\quick_start@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox

Chrome: 
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD4F79A21-7465-46DE-A457-C0A42C3CC60E&SSPV=
CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD4F79A21-7465-46DE-A457-C0A42C3CC60E&SSPV="
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchProvider: Conduit Search
CHR DefaultSearchURL: hxxp://search.conduit.com/Results.aspx?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPD4F79A21-7465-46DE-A457-C0A42C3CC60E&q={searchTerms}&SSPV=
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-27]
CHR Extension: (Google Drive) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-27]
CHR Extension: (YouTube) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-27]
CHR Extension: (Google-Suche) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-27]
CHR Extension: (MediaPlayerplus) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-04-09]
CHR Extension: (Google Wallet) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-27]
CHR Extension: (Google Mail) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-09]
CHR HKLM-x32\...\Chrome\Extension: [pkhojieggfgllhllcegoffdcnmdeojgb] - C:\Program Files (x86)\IminentToolbar\1.8.25.0\iminent.crx [2014-04-09]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-09] (AVAST Software)
R2 buuoujqmrk64; C:\Program Files\003\buuoujqmrk64.exe [706560 2014-04-20] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [47416 2014-02-05] (Hewlett-Packard Company)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2138936 2014-03-20] (TuneUp Software)
R2 Update Caramava; C:\Program Files (x86)\Caramava\updateCaramava.exe [350496 2014-04-18] ()
R2 Util Caramava; C:\Program Files (x86)\Caramava\bin\utilCaramava.exe [350496 2014-04-20] ()
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [566272 2014-04-20] (Cherished Technololgy LIMITED)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-09] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-09] ()
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20568 2009-12-22] (Devguru Co., Ltd)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3532160 2011-10-11] (Sonix Technology Co., Ltd.)
S3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2013-08-21] (MCCI Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
S3 AmUStor; system32\drivers\AmUStor.SYS [X]
S0 LHDmgr; System32\DRIVERS\LhdX64.sys [X]
S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X]
U2 TMAgent; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-04 12:44 - 2014-05-04 12:44 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT.exe
2014-05-04 12:44 - 2014-05-04 12:44 - 00000000 ____D () C:\Windows\ERUNT
2014-05-04 12:39 - 2014-05-04 12:59 - 00021952 _____ () C:\Users\Kawey\Downloads\FRST.txt
2014-05-04 12:39 - 2014-05-04 12:59 - 00000000 ____D () C:\FRST
2014-05-04 12:39 - 2014-05-04 12:40 - 00018676 _____ () C:\Users\Kawey\Downloads\Addition.txt
2014-05-04 12:38 - 2014-05-04 12:38 - 02062336 _____ (Farbar) C:\Users\Kawey\Downloads\FRST64.exe
2014-05-04 12:38 - 2014-05-04 12:38 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(2).exe
2014-05-04 12:36 - 2014-05-04 12:36 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(1).exe
2014-05-04 12:35 - 2014-05-04 12:35 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST.exe
2014-05-03 21:55 - 2014-05-03 21:56 - 00008494 _____ () C:\Windows\DPINST.LOG
2014-05-03 21:54 - 2014-05-03 21:55 - 09020696 _____ (Hamrick Software) C:\Users\Kawey\Downloads\vuex6494(1).exe
2014-05-03 08:50 - 2014-05-03 08:50 - 00499072 _____ () C:\Users\Kawey\Downloads\Java(1).exe
2014-05-03 08:49 - 2014-05-03 08:49 - 00499072 _____ () C:\Users\Kawey\Downloads\Java.exe
2014-05-02 15:11 - 2014-05-02 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\Documents\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Local\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\TomTom
2014-05-02 15:10 - 2014-05-02 15:34 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2
2014-05-02 15:10 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2014-05-02 15:07 - 2014-05-02 15:07 - 00000000 ____D () C:\Program Files (x86)\TomTom DesktopSuite
2014-05-02 14:05 - 2014-05-04 12:52 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Nico Mak Computing
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-05-02 14:05 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-05-02 14:02 - 2014-05-02 14:02 - 04892480 _____ (WinZip International LLC ) C:\Users\Kawey\Downloads\wzmp_8.exe
2014-05-02 10:26 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-02 10:26 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-02 10:26 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-02 10:26 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-01 18:34 - 2014-05-01 19:10 - 00000000 ____D () C:\Users\Kawey\Documents\TCM
2014-04-30 21:50 - 2012-06-05 09:37 - 00256904 _____ (Trend Micro Inc.) C:\Windows\SysWOW64\Drivers\tmcomm.sys
2014-04-30 21:46 - 2014-04-30 21:46 - 02002944 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher.exe
2014-04-30 21:40 - 2014-05-01 12:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-30 19:10 - 2014-05-04 12:50 - 00001579 _____ () C:\Windows\setupact.log
2014-04-30 19:10 - 2014-04-30 19:10 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-30 12:33 - 2014-04-30 12:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 11:46 - 2014-04-30 11:46 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-30 11:45 - 2014-04-30 11:45 - 03671432 _____ (Piriform Ltd) C:\Users\Kawey\Downloads\ccsetup413_slim.exe
2014-04-30 11:00 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-30 11:00 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-29 17:04 - 2014-05-03 15:54 - 00000000 ____D () C:\Heilkunde
2014-04-28 10:13 - 2014-04-28 10:14 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE(1).exe
2014-04-28 09:32 - 2014-04-28 09:33 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE.exe
2014-04-27 11:24 - 2014-04-27 11:24 - 00503392 _____ () C:\Users\Kawey\Downloads\Player(2).exe
2014-04-27 11:24 - 2014-04-27 11:24 - 00000000 ____D () C:\Users\Kawey\AppData\Local\SearchProtect
2014-04-27 11:23 - 2014-04-27 11:23 - 00503392 _____ () C:\Users\Kawey\Downloads\Player(1).exe
2014-04-27 11:22 - 2014-04-27 11:22 - 00000000 ____D () C:\ProgramData\IProt
2014-04-27 11:20 - 2014-04-27 11:20 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\ShenProfessional 3.1.lnk
2014-04-27 11:20 - 2014-04-27 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShenProfessional 3.1
2014-04-27 11:14 - 2014-04-27 11:20 - 00760333 _____ () C:\Program Files (x86)\ShenUnInstall.txt
2014-04-27 11:14 - 2014-04-27 11:20 - 00000000 ____D () C:\Program Files (x86)\ShenProfessional 3.1
2014-04-27 11:14 - 2014-03-12 17:39 - 00572448 _____ (Pantaray Research Ltd.) C:\Program Files (x86)\ShenUnInstall.exe
2014-04-27 11:14 - 2011-12-18 09:00 - 00012420 _____ () C:\Program Files (x86)\Deutsch.lng
2014-04-27 11:13 - 2014-04-27 11:20 - 00801542 _____ () C:\Program Files (x86)\Setup.log
2014-04-27 11:01 - 2014-04-27 11:08 - 197984521 _____ (shen.de) C:\Users\Kawey\Downloads\ShenProfessional-3-1.exe
2014-04-27 10:35 - 2014-04-27 10:35 - 00003088 _____ () C:\Windows\System32\Tasks\{6FFDF4FA-9810-4B47-9A34-C3807772493D}
2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\ProgramData\dvdfab
2014-04-25 14:30 - 2014-04-25 14:30 - 00001016 _____ () C:\Users\Kawey\Desktop\DVDFab 8 Qt.lnk
2014-04-25 14:28 - 2014-04-25 14:29 - 21323352 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab8230Qt.exe
2014-04-24 15:36 - 2014-04-24 15:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\Firefox - CHIP-Downloader.exe
2014-04-22 11:50 - 2014-04-22 11:50 - 00907018 _____ () C:\Users\Kawey\Downloads\adblockplus-2.5.1.zip
2014-04-22 11:50 - 2014-04-22 11:50 - 00000000 ____D () C:\Users\Kawey\Downloads\adblockplus-2.5.1
2014-04-22 11:48 - 2014-04-22 11:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\adblockplus-2.5.1 - CHIP-Downloader.exe
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\Documents\PcSetup
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 6
2014-04-21 18:48 - 2014-04-21 18:49 - 13312568 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab6218.exe
2014-04-21 18:08 - 2014-04-21 18:57 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab
2014-04-21 18:08 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab9
2014-04-21 17:47 - 2014-04-21 17:47 - 01672252 _____ () C:\Users\Kawey\Downloads\a-user-guide-of-dvdfab9.zip
2014-04-21 15:47 - 2014-04-21 15:47 - 00000000 _____ () C:\Users\Kawey\AppData\Roaming\CopyToGo.dat
2014-04-21 15:29 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-04-21 15:29 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-04-21 15:29 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-04-21 15:29 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-04-21 15:29 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-04-21 15:29 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-04-21 15:29 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-04-21 15:29 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-04-21 15:29 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-04-21 15:29 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-04-21 15:29 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-04-21 15:29 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-04-21 15:29 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-04-21 15:29 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-04-21 15:11 - 2014-04-21 15:23 - 322746776 _____ (Corel) C:\Users\Kawey\Downloads\KEYDC6PLMLPC.exe
2014-04-21 13:48 - 2014-04-21 13:57 - 00000125 ___SH () C:\ProgramData\.zreglib
2014-04-21 13:45 - 2014-04-21 14:47 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-04-21 13:45 - 2014-04-21 14:46 - 00000000 ____D () C:\ProgramData\SlySoft
2014-04-21 13:45 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-04-21 13:43 - 2014-04-21 13:44 - 10873088 _____ () C:\Users\Kawey\Downloads\SetupAnyDVD7460.exe
2014-04-21 13:43 - 2014-04-21 13:44 - 05185720 _____ () C:\Users\Kawey\Downloads\SetupCloneDVD2930Slysoft.exe
2014-04-21 12:30 - 2014-04-21 14:48 - 00000000 ____D () C:\ProgramData\Freemake
2014-04-21 12:30 - 2014-04-21 14:48 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-04-21 12:27 - 2014-04-21 12:27 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Kawey\Downloads\FreemakeVideoConverterSetup.exe
2014-04-21 11:30 - 2014-04-21 11:30 - 13833720 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab7070.exe
2014-04-20 20:01 - 2014-04-20 20:01 - 00000000 ____D () C:\Users\Kawey\AppData\Local\com
2014-04-20 19:58 - 2014-04-20 20:00 - 00000000 ____D () C:\Program Files\003
2014-04-20 19:57 - 2014-04-20 19:57 - 00450152 _____ () C:\Users\Kawey\Downloads\Player.exe
2014-04-20 19:54 - 2014-04-20 19:54 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\30183
2014-04-20 19:42 - 2014-04-20 19:42 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\DVDFab
2014-04-20 19:07 - 2014-04-25 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt
2014-04-20 19:07 - 2014-04-25 14:30 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 Qt
2014-04-20 19:02 - 2014-04-20 19:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\EuroTrade A.L. Ltd
2014-04-20 19:00 - 2014-04-20 20:16 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Lollipop
2014-04-20 19:00 - 2014-04-20 19:00 - 00000000 ____D () C:\Program Files (x86)\PassWidget-soft
2014-04-20 18:59 - 2014-04-20 18:59 - 04714928 _____ () C:\Users\Kawey\Downloads\installer_dvdfab_platinum_8_0_8_7_beta_Deutsch.exe
2014-04-20 18:46 - 2014-04-20 18:46 - 00673984 _____ () C:\Users\Kawey\Downloads\Brothersoft_downloader_For_DVDFab_Platinum(1).exe
2014-04-20 18:44 - 2014-04-20 22:50 - 00000000 ____D () C:\Program Files (x86)\Caramava
2014-04-20 18:41 - 2014-04-20 18:42 - 00673984 _____ () C:\Users\Kawey\Downloads\Brothersoft_downloader_For_DVDFab_Platinum.exe
2014-04-20 16:03 - 2014-04-20 16:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(7).exe
2014-04-20 00:37 - 2014-04-20 00:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\137
2014-04-19 23:53 - 2014-04-19 23:53 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(6).exe
2014-04-19 21:54 - 2014-04-19 21:54 - 00669648 _____ ( ) C:\Users\Kawey\Downloads\UltimateCodec(2).exe
2014-04-19 20:36 - 2014-04-19 20:36 - 00033947 _____ () C:\Users\Kawey\Downloads\anleitung.htm
2014-04-19 14:06 - 2014-04-19 14:06 - 13888037 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_i686-Win_GUI.exe
2014-04-18 19:16 - 2014-05-02 15:39 - 00000066 _____ () C:\Users\Kawey\AppData\default.pls
2014-04-18 18:49 - 2014-04-18 18:49 - 00386896 _____ (Softonic ) C:\Users\Kawey\Downloads\SoftonicDownloader_fuer_handbrake.exe
2014-04-18 18:43 - 2014-04-18 18:43 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\9130
2014-04-18 18:02 - 2014-04-19 21:46 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\HandBrake
2014-04-18 18:01 - 2014-04-18 18:01 - 14298467 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe
2014-04-18 17:16 - 2014-04-18 17:19 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140(1).exe
2014-04-18 12:57 - 2014-04-20 17:35 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8
2014-04-18 12:46 - 2014-04-18 12:47 - 00386888 _____ (Softonic ) C:\Users\Kawey\Downloads\SoftonicDownloader_for_dvdfab.exe
2014-04-17 23:52 - 2014-04-21 18:52 - 00000034 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.log
2014-04-17 23:51 - 2014-04-21 18:52 - 00099384 _____ () C:\Users\Kawey\AppData\Roaming\inst.exe
2014-04-17 23:51 - 2014-04-21 18:52 - 00082816 _____ (VSO Software) C:\Users\Kawey\AppData\Roaming\pcouffin.sys
2014-04-17 23:51 - 2014-04-21 18:52 - 00007859 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.cat
2014-04-17 23:51 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Vso
2014-04-17 23:51 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys
2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieUserList
2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieSiteList
2014-04-17 21:37 - 2014-04-17 21:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\23260
2014-04-17 21:15 - 2014-04-17 21:15 - 02170880 _____ () C:\Users\Kawey\Downloads\ffmpeg15.exe
2014-04-17 21:15 - 2014-04-17 21:15 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\NCH Software
2014-04-17 20:57 - 2014-04-17 21:04 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-04-17 20:57 - 2014-04-17 20:57 - 00817696 _____ (NCH Software) C:\Users\Kawey\Downloads\burnsetup.exe
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\NCH Software
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-04-17 20:20 - 2014-04-17 20:20 - 00000000 ____D () C:\ProgramData\vsosdk
2014-04-17 19:52 - 2014-04-21 18:08 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9
2014-04-17 19:39 - 2014-04-17 19:41 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140.exe
2014-04-16 23:36 - 2014-04-16 23:36 - 00993712 _____ () C:\Users\Kawey\Downloads\setup(2).exe
2014-04-16 18:32 - 2014-04-16 18:32 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup(1).exe
2014-04-16 18:27 - 2014-04-16 18:27 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup.exe
2014-04-10 00:23 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-10 00:23 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-10 00:22 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-10 00:22 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-10 00:22 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-10 00:22 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-10 00:22 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-10 00:22 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-10 00:22 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-10 00:22 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-10 00:22 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-10 00:22 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-10 00:22 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-10 00:22 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-10 00:22 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-10 00:22 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-10 00:22 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-10 00:22 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-10 00:22 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-10 00:22 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-10 00:22 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-10 00:22 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-10 00:22 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-10 00:22 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-10 00:22 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-10 00:22 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-10 00:22 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-10 00:22 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-10 00:22 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-10 00:22 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-10 00:22 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-10 00:22 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-10 00:22 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-10 00:22 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-10 00:22 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-10 00:22 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-10 00:22 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-10 00:22 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-10 00:22 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-10 00:22 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-10 00:22 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-10 00:22 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-10 00:22 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-10 00:22 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 21:01 - 2014-04-09 21:01 - 05056648 _____ (Systweak Inc ) C:\Users\Kawey\Downloads\rcpsetupg_apptvlatest-apptvlatest_1946.exe
2014-04-09 11:13 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 11:13 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 11:13 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 11:13 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 11:13 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 11:13 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 11:13 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 11:13 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 11:13 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 11:13 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 11:13 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 11:13 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 11:13 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 11:13 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 11:13 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 11:13 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 11:13 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 11:09 - 2014-04-09 11:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

==================== One Month Modified Files and Folders =======

2014-05-04 12:59 - 2014-05-04 12:39 - 00021952 _____ () C:\Users\Kawey\Downloads\FRST.txt
2014-05-04 12:59 - 2014-05-04 12:39 - 00000000 ____D () C:\FRST
2014-05-04 12:58 - 2014-02-02 21:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-04 12:52 - 2014-05-02 14:05 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-05-04 12:51 - 2014-04-03 23:12 - 00001472 _____ () C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-5.job
2014-05-04 12:51 - 2014-04-03 23:10 - 00002782 _____ () C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-3.job
2014-05-04 12:51 - 2014-04-03 23:10 - 00002142 _____ () C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-4.job
2014-05-04 12:50 - 2014-04-30 19:10 - 00001579 _____ () C:\Windows\setupact.log
2014-05-04 12:50 - 2014-04-03 23:12 - 00001368 _____ () C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-2.job
2014-05-04 12:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-04 12:49 - 2013-10-14 18:16 - 01241052 _____ () C:\Windows\WindowsUpdate.log
2014-05-04 12:44 - 2014-05-04 12:44 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT.exe
2014-05-04 12:44 - 2014-05-04 12:44 - 00000000 ____D () C:\Windows\ERUNT
2014-05-04 12:40 - 2014-05-04 12:39 - 00018676 _____ () C:\Users\Kawey\Downloads\Addition.txt
2014-05-04 12:38 - 2014-05-04 12:38 - 02062336 _____ (Farbar) C:\Users\Kawey\Downloads\FRST64.exe
2014-05-04 12:38 - 2014-05-04 12:38 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(2).exe
2014-05-04 12:36 - 2014-05-04 12:36 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(1).exe
2014-05-04 12:35 - 2014-05-04 12:35 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST.exe
2014-05-04 11:04 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-04 11:04 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-03 23:08 - 2014-02-06 20:14 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Deployment
2014-05-03 21:56 - 2014-05-03 21:55 - 00008494 _____ () C:\Windows\DPINST.LOG
2014-05-03 21:55 - 2014-05-03 21:54 - 09020696 _____ (Hamrick Software) C:\Users\Kawey\Downloads\vuex6494(1).exe
2014-05-03 21:55 - 2014-03-05 19:34 - 00000977 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
2014-05-03 21:09 - 2013-10-16 23:53 - 00000000 ____D () C:\ARBEIT &  BEWERBUNGEN
2014-05-03 15:54 - 2014-04-29 17:04 - 00000000 ____D () C:\Heilkunde
2014-05-03 15:54 - 2014-01-14 09:26 - 00000000 ____D () C:\Gesundheit
2014-05-03 08:50 - 2014-05-03 08:50 - 00499072 _____ () C:\Users\Kawey\Downloads\Java(1).exe
2014-05-03 08:49 - 2014-05-03 08:49 - 00499072 _____ () C:\Users\Kawey\Downloads\Java.exe
2014-05-02 15:39 - 2014-04-18 19:16 - 00000066 _____ () C:\Users\Kawey\AppData\default.pls
2014-05-02 15:34 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-05-02 15:34 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2
2014-05-02 15:30 - 2013-10-25 19:28 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Downloaded Installations
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\Documents\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Local\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\TomTom
2014-05-02 15:10 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2014-05-02 15:07 - 2014-05-02 15:07 - 00000000 ____D () C:\Program Files (x86)\TomTom DesktopSuite
2014-05-02 15:01 - 2013-10-15 04:09 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-05-02 15:01 - 2013-10-15 04:09 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-05-02 15:01 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Nico Mak Computing
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-05-02 14:02 - 2014-05-02 14:02 - 04892480 _____ (WinZip International LLC ) C:\Users\Kawey\Downloads\wzmp_8.exe
2014-05-01 19:10 - 2014-05-01 18:34 - 00000000 ____D () C:\Users\Kawey\Documents\TCM
2014-05-01 18:17 - 2013-10-14 20:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-01 12:39 - 2014-04-30 21:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-30 22:16 - 2014-02-02 00:47 - 00102725 _____ () C:\Users\Kawey\AppData\Local\ars.cache
2014-04-30 21:46 - 2014-04-30 21:46 - 02002944 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher.exe
2014-04-30 19:10 - 2014-04-30 19:10 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-30 12:33 - 2014-04-30 12:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 12:06 - 2013-11-04 00:19 - 00000000 ____D () C:\SpaKa
2014-04-30 11:47 - 2013-11-05 12:59 - 00000000 ____D () C:\Windows\Minidump
2014-04-30 11:47 - 2013-10-15 04:12 - 00000000 ____D () C:\Windows\Panther
2014-04-30 11:46 - 2014-04-30 11:46 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-30 11:45 - 2014-04-30 11:45 - 03671432 _____ (Piriform Ltd) C:\Users\Kawey\Downloads\ccsetup413_slim.exe
2014-04-29 18:58 - 2014-02-02 21:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 18:58 - 2013-10-15 23:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 18:58 - 2013-10-15 23:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 17:11 - 2013-10-14 18:31 - 00000000 ____D () C:\Users\Kawey\AppData\Local\VirtualStore
2014-04-29 16:01 - 2014-05-02 10:26 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 15:40 - 2014-05-02 10:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 15:14 - 2014-02-06 00:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-29 14:48 - 2014-05-02 10:26 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-02 10:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-28 10:14 - 2014-04-28 10:13 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE(1).exe
2014-04-28 09:33 - 2014-04-28 09:32 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE.exe
2014-04-27 11:24 - 2014-04-27 11:24 - 00503392 _____ () C:\Users\Kawey\Downloads\Player(2).exe
2014-04-27 11:24 - 2014-04-27 11:24 - 00000000 ____D () C:\Users\Kawey\AppData\Local\SearchProtect
2014-04-27 11:23 - 2014-04-27 11:23 - 00503392 _____ () C:\Users\Kawey\Downloads\Player(1).exe
2014-04-27 11:22 - 2014-04-27 11:22 - 00000000 ____D () C:\ProgramData\IProt
2014-04-27 11:20 - 2014-04-27 11:20 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\ShenProfessional 3.1.lnk
2014-04-27 11:20 - 2014-04-27 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShenProfessional 3.1
2014-04-27 11:20 - 2014-04-27 11:14 - 00760333 _____ () C:\Program Files (x86)\ShenUnInstall.txt
2014-04-27 11:20 - 2014-04-27 11:14 - 00000000 ____D () C:\Program Files (x86)\ShenProfessional 3.1
2014-04-27 11:20 - 2014-04-27 11:13 - 00801542 _____ () C:\Program Files (x86)\Setup.log
2014-04-27 11:08 - 2014-04-27 11:01 - 197984521 _____ (shen.de) C:\Users\Kawey\Downloads\ShenProfessional-3-1.exe
2014-04-27 10:35 - 2014-04-27 10:35 - 00003088 _____ () C:\Windows\System32\Tasks\{6FFDF4FA-9810-4B47-9A34-C3807772493D}
2014-04-26 17:54 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\ProgramData\dvdfab
2014-04-25 14:30 - 2014-04-25 14:30 - 00001016 _____ () C:\Users\Kawey\Desktop\DVDFab 8 Qt.lnk
2014-04-25 14:30 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt
2014-04-25 14:30 - 2014-04-20 19:07 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 Qt
2014-04-25 14:29 - 2014-04-25 14:28 - 21323352 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab8230Qt.exe
2014-04-24 16:15 - 2014-03-29 17:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-24 16:15 - 2014-03-14 14:47 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-24 15:36 - 2014-04-24 15:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\Firefox - CHIP-Downloader.exe
2014-04-22 11:50 - 2014-04-22 11:50 - 00907018 _____ () C:\Users\Kawey\Downloads\adblockplus-2.5.1.zip
2014-04-22 11:50 - 2014-04-22 11:50 - 00000000 ____D () C:\Users\Kawey\Downloads\adblockplus-2.5.1
2014-04-22 11:48 - 2014-04-22 11:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\adblockplus-2.5.1 - CHIP-Downloader.exe
2014-04-21 18:57 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\Documents\PcSetup
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 6
2014-04-21 18:52 - 2014-04-17 23:52 - 00000034 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.log
2014-04-21 18:52 - 2014-04-17 23:51 - 00099384 _____ () C:\Users\Kawey\AppData\Roaming\inst.exe
2014-04-21 18:52 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Users\Kawey\AppData\Roaming\pcouffin.sys
2014-04-21 18:52 - 2014-04-17 23:51 - 00007859 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.cat
2014-04-21 18:52 - 2014-04-17 23:51 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Vso
2014-04-21 18:49 - 2014-04-21 18:48 - 13312568 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab6218.exe
2014-04-21 18:08 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab9
2014-04-21 18:08 - 2014-04-17 19:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9
2014-04-21 17:48 - 2013-10-15 22:37 - 00000000 ____D () C:\PC
2014-04-21 17:47 - 2014-04-21 17:47 - 01672252 _____ () C:\Users\Kawey\Downloads\a-user-guide-of-dvdfab9.zip
2014-04-21 15:55 - 2013-10-14 19:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-21 15:47 - 2014-04-21 15:47 - 00000000 _____ () C:\Users\Kawey\AppData\Roaming\CopyToGo.dat
2014-04-21 15:23 - 2014-04-21 15:11 - 322746776 _____ (Corel) C:\Users\Kawey\Downloads\KEYDC6PLMLPC.exe
2014-04-21 14:48 - 2014-04-21 12:30 - 00000000 ____D () C:\ProgramData\Freemake
2014-04-21 14:48 - 2014-04-21 12:30 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-04-21 14:47 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-04-21 14:46 - 2014-04-21 13:45 - 00000000 ____D () C:\ProgramData\SlySoft
2014-04-21 13:57 - 2014-04-21 13:48 - 00000125 ___SH () C:\ProgramData\.zreglib
2014-04-21 13:45 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-04-21 13:44 - 2014-04-21 13:43 - 10873088 _____ () C:\Users\Kawey\Downloads\SetupAnyDVD7460.exe
2014-04-21 13:44 - 2014-04-21 13:43 - 05185720 _____ () C:\Users\Kawey\Downloads\SetupCloneDVD2930Slysoft.exe
2014-04-21 12:27 - 2014-04-21 12:27 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Kawey\Downloads\FreemakeVideoConverterSetup.exe
2014-04-21 12:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-21 11:30 - 2014-04-21 11:30 - 13833720 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab7070.exe
2014-04-20 22:50 - 2014-04-20 18:44 - 00000000 ____D () C:\Program Files (x86)\Caramava
2014-04-20 20:16 - 2014-04-20 19:00 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Lollipop
2014-04-20 20:01 - 2014-04-20 20:01 - 00000000 ____D () C:\Users\Kawey\AppData\Local\com
2014-04-20 20:00 - 2014-04-20 19:58 - 00000000 ____D () C:\Program Files\003
2014-04-20 19:57 - 2014-04-20 19:57 - 00450152 _____ () C:\Users\Kawey\Downloads\Player.exe
2014-04-20 19:54 - 2014-04-20 19:54 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\30183
2014-04-20 19:42 - 2014-04-20 19:42 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\DVDFab
2014-04-20 19:02 - 2014-04-20 19:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\EuroTrade A.L. Ltd
2014-04-20 19:01 - 2014-04-03 23:14 - 00000000 ____D () C:\ProgramData\WPM
2014-04-20 19:01 - 2014-04-03 23:14 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-20 19:01 - 2014-04-03 23:14 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-20 19:00 - 2014-04-20 19:00 - 00000000 ____D () C:\Program Files (x86)\PassWidget-soft
2014-04-20 19:00 - 2014-04-03 23:13 - 00001613 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-20 18:59 - 2014-04-20 18:59 - 04714928 _____ () C:\Users\Kawey\Downloads\installer_dvdfab_platinum_8_0_8_7_beta_Deutsch.exe
2014-04-20 18:46 - 2014-04-20 18:46 - 00673984 _____ () C:\Users\Kawey\Downloads\Brothersoft_downloader_For_DVDFab_Platinum(1).exe
2014-04-20 18:42 - 2014-04-20 18:41 - 00673984 _____ () C:\Users\Kawey\Downloads\Brothersoft_downloader_For_DVDFab_Platinum.exe
2014-04-20 17:35 - 2014-04-18 12:57 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8
2014-04-20 16:22 - 2014-02-02 00:47 - 00294540 _____ () C:\Users\Kawey\AppData\Local\census.cache
2014-04-20 16:03 - 2014-04-20 16:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(7).exe
2014-04-20 00:37 - 2014-04-20 00:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\137
2014-04-19 23:53 - 2014-04-19 23:53 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(6).exe
2014-04-19 21:54 - 2014-04-19 21:54 - 00669648 _____ ( ) C:\Users\Kawey\Downloads\UltimateCodec(2).exe
2014-04-19 21:46 - 2014-04-18 18:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\HandBrake
2014-04-19 20:36 - 2014-04-19 20:36 - 00033947 _____ () C:\Users\Kawey\Downloads\anleitung.htm
2014-04-19 14:06 - 2014-04-19 14:06 - 13888037 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_i686-Win_GUI.exe
2014-04-18 18:49 - 2014-04-18 18:49 - 00386896 _____ (Softonic ) C:\Users\Kawey\Downloads\SoftonicDownloader_fuer_handbrake.exe
2014-04-18 18:43 - 2014-04-18 18:43 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\9130
2014-04-18 18:01 - 2014-04-18 18:01 - 14298467 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe
2014-04-18 17:19 - 2014-04-18 17:16 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140(1).exe
2014-04-18 12:47 - 2014-04-18 12:46 - 00386888 _____ (Softonic ) C:\Users\Kawey\Downloads\SoftonicDownloader_for_dvdfab.exe
2014-04-18 00:00 - 2013-10-14 20:26 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-04-17 23:51 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys
2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieUserList
2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieSiteList
2014-04-17 21:37 - 2014-04-17 21:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\23260
2014-04-17 21:15 - 2014-04-17 21:15 - 02170880 _____ () C:\Users\Kawey\Downloads\ffmpeg15.exe
2014-04-17 21:15 - 2014-04-17 21:15 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\NCH Software
2014-04-17 21:04 - 2014-04-17 20:57 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-04-17 20:57 - 2014-04-17 20:57 - 00817696 _____ (NCH Software) C:\Users\Kawey\Downloads\burnsetup.exe
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\NCH Software
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-04-17 20:20 - 2014-04-17 20:20 - 00000000 ____D () C:\ProgramData\vsosdk
2014-04-17 19:41 - 2014-04-17 19:39 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140.exe
2014-04-16 23:36 - 2014-04-16 23:36 - 00993712 _____ () C:\Users\Kawey\Downloads\setup(2).exe
2014-04-16 18:32 - 2014-04-16 18:32 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup(1).exe
2014-04-16 18:31 - 2013-10-15 21:52 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Adobe
2014-04-16 18:27 - 2014-04-16 18:27 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup.exe
2014-04-15 16:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-14 04:24 - 2014-04-30 11:00 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-04-30 11:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-10 13:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-10 00:22 - 2013-10-22 19:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 00:20 - 2013-10-22 19:13 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 23:41 - 2013-12-27 20:39 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-09 21:01 - 2014-04-09 21:01 - 05056648 _____ (Systweak Inc ) C:\Users\Kawey\Downloads\rcpsetupg_apptvlatest-apptvlatest_1946.exe
2014-04-09 11:09 - 2014-04-09 11:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-09 11:09 - 2014-02-06 00:16 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-09 11:09 - 2014-02-06 00:16 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-04 11:15 - 2013-10-15 21:55 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-04 11:11 - 2014-04-03 23:10 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-22 15:23

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 04.05.2014, 13:06   #4
M-K-D-B
/// TB-Ausbilder
 
entferne sweetpage - Standard

entferne sweetpage



Addition.txt fehlt noch
__________________
Gruß
M-K-D-B



Das Trojaner-Board unterstützen

Alt 04.05.2014, 13:23   #5
Kawey
 
entferne sweetpage - Standard

entferne sweetpage



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014
Ran by Kawey (administrator) on KAWEY-PC on 04-05-2014 13:20:33
Running from C:\Users\Kawey\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
() C:\Program Files\003\buuoujqmrk64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\Caramava\updateCaramava.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
() C:\Program Files (x86)\Caramava\bin\utilCaramava.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-03-08] (Synaptics Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-09] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2568023682-207481756-3843068466-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-2568023682-207481756-3843068466-1000\...\MountPoints2: {e5ab1670-7892-11e3-a6cb-3c970eac15f9} - E:\AutoRun.exe
AppInit_DLLs: C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll => C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll File Not Found
IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bootstrap.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\hpwucli.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\imfrmwrk.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\open energymanagement.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp:///
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://de.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms}
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1396559579&from=tugs&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms}
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzutA0CzyyBtD0E0A0CtCyD0FzytC0DyDtCtN0D0Tzu0SyBzytAtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyDyD0E0ByEtCyCyBtGzyyDtB0BtGtDyE0EtDtGtBtD0D0DtGtC0C0DyCyEyEyC0EyEyD0Dzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyByB0AtA0E0A0CtGtCyCtAzztG0A0EtDtDtG0EtD0BtBtGtCyC0F0A0CtD0A0AtAyBtB0B2Q&cr=687468405&ir=
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=12302&tm=321&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=33201e43-a4a5-d890-52fb-99fd5190aa5e&searchtype=ds&q={searchTerms}&installDate=07/11/2013
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=12302&tm=321&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=882339C1-50C2-4324-946A-024990A2909C&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1E06BC8556697888&affID=128492&tsp=5222
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=33201e43-a4a5-d890-52fb-99fd5190aa5e&searchtype=ds&q={searchTerms}&installDate=07/11/2013
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1E06BC8556697888&affID=128492&tsp=5222
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1398013228&from=vit&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX&q={searchTerms}
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzutA0CzyyBtD0E0A0CtCyD0FzytC0DyDtCtN0D0Tzu0SyBzytAtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyDyD0E0ByEtCyCyBtGzyyDtB0BtGtDyE0EtDtGtBtD0D0DtGtC0C0DyCyEyEyC0EyEyD0Dzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyByB0AtA0E0A0CtGtCyCtAzztG0A0EtDtDtG0EtD0BtBtGtCyC0F0A0CtD0A0AtAyBtB0B2Q&cr=687468405&ir=
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=12302&tm=321&src=ds&p={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
SearchScopes: HKCU - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=882339C1-50C2-4324-946A-024990A2909C&ref=toolbox&q={searchTerms}
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: iminent Helper Object - {112BA211-334C-4A90-90EC-2AD1CDAB287C} -  No File
BHO-x32: Caramava - {1e50bbda-c15a-47d5-9853-d829ff890664} - C:\Program Files (x86)\Caramava\Caramavabho.dll (Caramava)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - Iminent Toolbar - {1FAFD711-ABF9-4F6A-8130-5166C7371427} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{84A47CCA-2016-4EB2-9976-DDB4A782B000}: [NameServer]62.109.121.1 62.109.121.2

FireFox:
========
FF ProfilePath: C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013
FF SelectedSearchEngine: sweet-page
FF Homepage: hxxp://www.sweet-page.com/?type=hppp&ts=1399130289&from=tugs&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\searchplugins\ixquick-https.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\StartWeb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: MediaPlayerplus - C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-04-25]
FF Extension: Adblock Plus - C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-03]
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\90i27aem.default\extensions\quick_start@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox

Chrome: 
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD4F79A21-7465-46DE-A457-C0A42C3CC60E&SSPV=
CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD4F79A21-7465-46DE-A457-C0A42C3CC60E&SSPV="
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchProvider: Conduit Search
CHR DefaultSearchURL: hxxp://search.conduit.com/Results.aspx?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPD4F79A21-7465-46DE-A457-C0A42C3CC60E&q={searchTerms}&SSPV=
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-27]
CHR Extension: (Google Drive) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-27]
CHR Extension: (YouTube) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-27]
CHR Extension: (Google-Suche) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-27]
CHR Extension: (MediaPlayerplus) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-04-09]
CHR Extension: (Google Wallet) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-27]
CHR Extension: (Google Mail) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-09]
CHR HKLM-x32\...\Chrome\Extension: [pkhojieggfgllhllcegoffdcnmdeojgb] - C:\Program Files (x86)\IminentToolbar\1.8.25.0\iminent.crx [2014-04-09]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-09] (AVAST Software)
R2 buuoujqmrk64; C:\Program Files\003\buuoujqmrk64.exe [706560 2014-04-20] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [47416 2014-02-05] (Hewlett-Packard Company)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2138936 2014-03-20] (TuneUp Software)
R2 Update Caramava; C:\Program Files (x86)\Caramava\updateCaramava.exe [350496 2014-04-18] ()
R2 Util Caramava; C:\Program Files (x86)\Caramava\bin\utilCaramava.exe [350496 2014-04-20] ()
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [566272 2014-04-20] (Cherished Technololgy LIMITED)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-09] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-09] ()
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20568 2009-12-22] (Devguru Co., Ltd)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3532160 2011-10-11] (Sonix Technology Co., Ltd.)
S3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2013-08-21] (MCCI Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
S3 AmUStor; system32\drivers\AmUStor.SYS [X]
S0 LHDmgr; System32\DRIVERS\LhdX64.sys [X]
S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X]
U2 TMAgent; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-04 12:44 - 2014-05-04 12:44 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT.exe
2014-05-04 12:44 - 2014-05-04 12:44 - 00000000 ____D () C:\Windows\ERUNT
2014-05-04 12:39 - 2014-05-04 13:20 - 00021839 _____ () C:\Users\Kawey\Downloads\FRST.txt
2014-05-04 12:39 - 2014-05-04 13:20 - 00000000 ____D () C:\FRST
2014-05-04 12:39 - 2014-05-04 12:40 - 00018676 _____ () C:\Users\Kawey\Downloads\Addition.txt
2014-05-04 12:38 - 2014-05-04 12:38 - 02062336 _____ (Farbar) C:\Users\Kawey\Downloads\FRST64.exe
2014-05-04 12:38 - 2014-05-04 12:38 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(2).exe
2014-05-04 12:36 - 2014-05-04 12:36 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(1).exe
2014-05-04 12:35 - 2014-05-04 12:35 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST.exe
2014-05-03 21:55 - 2014-05-03 21:56 - 00008494 _____ () C:\Windows\DPINST.LOG
2014-05-03 21:54 - 2014-05-03 21:55 - 09020696 _____ (Hamrick Software) C:\Users\Kawey\Downloads\vuex6494(1).exe
2014-05-03 08:50 - 2014-05-03 08:50 - 00499072 _____ () C:\Users\Kawey\Downloads\Java(1).exe
2014-05-03 08:49 - 2014-05-03 08:49 - 00499072 _____ () C:\Users\Kawey\Downloads\Java.exe
2014-05-02 15:11 - 2014-05-02 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\Documents\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Local\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\TomTom
2014-05-02 15:10 - 2014-05-02 15:34 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2
2014-05-02 15:10 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2014-05-02 15:07 - 2014-05-02 15:07 - 00000000 ____D () C:\Program Files (x86)\TomTom DesktopSuite
2014-05-02 14:05 - 2014-05-04 12:52 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Nico Mak Computing
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-05-02 14:05 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-05-02 14:02 - 2014-05-02 14:02 - 04892480 _____ (WinZip International LLC ) C:\Users\Kawey\Downloads\wzmp_8.exe
2014-05-02 10:26 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-02 10:26 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-02 10:26 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-02 10:26 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-01 18:34 - 2014-05-01 19:10 - 00000000 ____D () C:\Users\Kawey\Documents\TCM
2014-04-30 21:50 - 2012-06-05 09:37 - 00256904 _____ (Trend Micro Inc.) C:\Windows\SysWOW64\Drivers\tmcomm.sys
2014-04-30 21:46 - 2014-04-30 21:46 - 02002944 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher.exe
2014-04-30 21:40 - 2014-05-01 12:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-30 19:10 - 2014-05-04 12:50 - 00001579 _____ () C:\Windows\setupact.log
2014-04-30 19:10 - 2014-04-30 19:10 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-30 12:33 - 2014-04-30 12:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 11:46 - 2014-04-30 11:46 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-30 11:45 - 2014-04-30 11:45 - 03671432 _____ (Piriform Ltd) C:\Users\Kawey\Downloads\ccsetup413_slim.exe
2014-04-30 11:00 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-30 11:00 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-29 17:04 - 2014-05-03 15:54 - 00000000 ____D () C:\Heilkunde
2014-04-28 10:13 - 2014-04-28 10:14 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE(1).exe
2014-04-28 09:32 - 2014-04-28 09:33 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE.exe
2014-04-27 11:24 - 2014-04-27 11:24 - 00503392 _____ () C:\Users\Kawey\Downloads\Player(2).exe
2014-04-27 11:24 - 2014-04-27 11:24 - 00000000 ____D () C:\Users\Kawey\AppData\Local\SearchProtect
2014-04-27 11:23 - 2014-04-27 11:23 - 00503392 _____ () C:\Users\Kawey\Downloads\Player(1).exe
2014-04-27 11:22 - 2014-04-27 11:22 - 00000000 ____D () C:\ProgramData\IProt
2014-04-27 11:20 - 2014-04-27 11:20 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\ShenProfessional 3.1.lnk
2014-04-27 11:20 - 2014-04-27 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShenProfessional 3.1
2014-04-27 11:14 - 2014-04-27 11:20 - 00760333 _____ () C:\Program Files (x86)\ShenUnInstall.txt
2014-04-27 11:14 - 2014-04-27 11:20 - 00000000 ____D () C:\Program Files (x86)\ShenProfessional 3.1
2014-04-27 11:14 - 2014-03-12 17:39 - 00572448 _____ (Pantaray Research Ltd.) C:\Program Files (x86)\ShenUnInstall.exe
2014-04-27 11:14 - 2011-12-18 09:00 - 00012420 _____ () C:\Program Files (x86)\Deutsch.lng
2014-04-27 11:13 - 2014-04-27 11:20 - 00801542 _____ () C:\Program Files (x86)\Setup.log
2014-04-27 11:01 - 2014-04-27 11:08 - 197984521 _____ (shen.de) C:\Users\Kawey\Downloads\ShenProfessional-3-1.exe
2014-04-27 10:35 - 2014-04-27 10:35 - 00003088 _____ () C:\Windows\System32\Tasks\{6FFDF4FA-9810-4B47-9A34-C3807772493D}
2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\ProgramData\dvdfab
2014-04-25 14:30 - 2014-04-25 14:30 - 00001016 _____ () C:\Users\Kawey\Desktop\DVDFab 8 Qt.lnk
2014-04-25 14:28 - 2014-04-25 14:29 - 21323352 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab8230Qt.exe
2014-04-24 15:36 - 2014-04-24 15:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\Firefox - CHIP-Downloader.exe
2014-04-22 11:50 - 2014-04-22 11:50 - 00907018 _____ () C:\Users\Kawey\Downloads\adblockplus-2.5.1.zip
2014-04-22 11:50 - 2014-04-22 11:50 - 00000000 ____D () C:\Users\Kawey\Downloads\adblockplus-2.5.1
2014-04-22 11:48 - 2014-04-22 11:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\adblockplus-2.5.1 - CHIP-Downloader.exe
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\Documents\PcSetup
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 6
2014-04-21 18:48 - 2014-04-21 18:49 - 13312568 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab6218.exe
2014-04-21 18:08 - 2014-04-21 18:57 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab
2014-04-21 18:08 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab9
2014-04-21 17:47 - 2014-04-21 17:47 - 01672252 _____ () C:\Users\Kawey\Downloads\a-user-guide-of-dvdfab9.zip
2014-04-21 15:47 - 2014-04-21 15:47 - 00000000 _____ () C:\Users\Kawey\AppData\Roaming\CopyToGo.dat
2014-04-21 15:29 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-04-21 15:29 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-04-21 15:29 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-04-21 15:29 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-04-21 15:29 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-04-21 15:29 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-04-21 15:29 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-04-21 15:29 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-04-21 15:29 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-04-21 15:29 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-04-21 15:29 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-04-21 15:29 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-04-21 15:29 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-04-21 15:29 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-04-21 15:11 - 2014-04-21 15:23 - 322746776 _____ (Corel) C:\Users\Kawey\Downloads\KEYDC6PLMLPC.exe
2014-04-21 13:48 - 2014-04-21 13:57 - 00000125 ___SH () C:\ProgramData\.zreglib
2014-04-21 13:45 - 2014-04-21 14:47 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-04-21 13:45 - 2014-04-21 14:46 - 00000000 ____D () C:\ProgramData\SlySoft
2014-04-21 13:45 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-04-21 13:43 - 2014-04-21 13:44 - 10873088 _____ () C:\Users\Kawey\Downloads\SetupAnyDVD7460.exe
2014-04-21 13:43 - 2014-04-21 13:44 - 05185720 _____ () C:\Users\Kawey\Downloads\SetupCloneDVD2930Slysoft.exe
2014-04-21 12:30 - 2014-04-21 14:48 - 00000000 ____D () C:\ProgramData\Freemake
2014-04-21 12:30 - 2014-04-21 14:48 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-04-21 12:27 - 2014-04-21 12:27 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Kawey\Downloads\FreemakeVideoConverterSetup.exe
2014-04-21 11:30 - 2014-04-21 11:30 - 13833720 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab7070.exe
2014-04-20 20:01 - 2014-04-20 20:01 - 00000000 ____D () C:\Users\Kawey\AppData\Local\com
2014-04-20 19:58 - 2014-04-20 20:00 - 00000000 ____D () C:\Program Files\003
2014-04-20 19:57 - 2014-04-20 19:57 - 00450152 _____ () C:\Users\Kawey\Downloads\Player.exe
2014-04-20 19:54 - 2014-04-20 19:54 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\30183
2014-04-20 19:42 - 2014-04-20 19:42 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\DVDFab
2014-04-20 19:07 - 2014-04-25 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt
2014-04-20 19:07 - 2014-04-25 14:30 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 Qt
2014-04-20 19:02 - 2014-04-20 19:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\EuroTrade A.L. Ltd
2014-04-20 19:00 - 2014-04-20 20:16 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Lollipop
2014-04-20 19:00 - 2014-04-20 19:00 - 00000000 ____D () C:\Program Files (x86)\PassWidget-soft
2014-04-20 18:59 - 2014-04-20 18:59 - 04714928 _____ () C:\Users\Kawey\Downloads\installer_dvdfab_platinum_8_0_8_7_beta_Deutsch.exe
2014-04-20 18:46 - 2014-04-20 18:46 - 00673984 _____ () C:\Users\Kawey\Downloads\Brothersoft_downloader_For_DVDFab_Platinum(1).exe
2014-04-20 18:44 - 2014-04-20 22:50 - 00000000 ____D () C:\Program Files (x86)\Caramava
2014-04-20 18:41 - 2014-04-20 18:42 - 00673984 _____ () C:\Users\Kawey\Downloads\Brothersoft_downloader_For_DVDFab_Platinum.exe
2014-04-20 16:03 - 2014-04-20 16:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(7).exe
2014-04-20 00:37 - 2014-04-20 00:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\137
2014-04-19 23:53 - 2014-04-19 23:53 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(6).exe
2014-04-19 21:54 - 2014-04-19 21:54 - 00669648 _____ ( ) C:\Users\Kawey\Downloads\UltimateCodec(2).exe
2014-04-19 20:36 - 2014-04-19 20:36 - 00033947 _____ () C:\Users\Kawey\Downloads\anleitung.htm
2014-04-19 14:06 - 2014-04-19 14:06 - 13888037 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_i686-Win_GUI.exe
2014-04-18 19:16 - 2014-05-02 15:39 - 00000066 _____ () C:\Users\Kawey\AppData\default.pls
2014-04-18 18:49 - 2014-04-18 18:49 - 00386896 _____ (Softonic ) C:\Users\Kawey\Downloads\SoftonicDownloader_fuer_handbrake.exe
2014-04-18 18:43 - 2014-04-18 18:43 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\9130
2014-04-18 18:02 - 2014-04-19 21:46 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\HandBrake
2014-04-18 18:01 - 2014-04-18 18:01 - 14298467 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe
2014-04-18 17:16 - 2014-04-18 17:19 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140(1).exe
2014-04-18 12:57 - 2014-04-20 17:35 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8
2014-04-18 12:46 - 2014-04-18 12:47 - 00386888 _____ (Softonic ) C:\Users\Kawey\Downloads\SoftonicDownloader_for_dvdfab.exe
2014-04-17 23:52 - 2014-04-21 18:52 - 00000034 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.log
2014-04-17 23:51 - 2014-04-21 18:52 - 00099384 _____ () C:\Users\Kawey\AppData\Roaming\inst.exe
2014-04-17 23:51 - 2014-04-21 18:52 - 00082816 _____ (VSO Software) C:\Users\Kawey\AppData\Roaming\pcouffin.sys
2014-04-17 23:51 - 2014-04-21 18:52 - 00007859 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.cat
2014-04-17 23:51 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Vso
2014-04-17 23:51 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys
2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieUserList
2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieSiteList
2014-04-17 21:37 - 2014-04-17 21:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\23260
2014-04-17 21:15 - 2014-04-17 21:15 - 02170880 _____ () C:\Users\Kawey\Downloads\ffmpeg15.exe
2014-04-17 21:15 - 2014-04-17 21:15 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\NCH Software
2014-04-17 20:57 - 2014-04-17 21:04 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-04-17 20:57 - 2014-04-17 20:57 - 00817696 _____ (NCH Software) C:\Users\Kawey\Downloads\burnsetup.exe
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\NCH Software
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-04-17 20:20 - 2014-04-17 20:20 - 00000000 ____D () C:\ProgramData\vsosdk
2014-04-17 19:52 - 2014-04-21 18:08 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9
2014-04-17 19:39 - 2014-04-17 19:41 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140.exe
2014-04-16 23:36 - 2014-04-16 23:36 - 00993712 _____ () C:\Users\Kawey\Downloads\setup(2).exe
2014-04-16 18:32 - 2014-04-16 18:32 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup(1).exe
2014-04-16 18:27 - 2014-04-16 18:27 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup.exe
2014-04-10 00:23 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-10 00:23 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-10 00:22 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-10 00:22 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-10 00:22 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-10 00:22 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-10 00:22 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-10 00:22 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-10 00:22 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-10 00:22 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-10 00:22 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-10 00:22 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-10 00:22 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-10 00:22 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-10 00:22 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-10 00:22 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-10 00:22 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-10 00:22 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-10 00:22 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-10 00:22 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-10 00:22 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-10 00:22 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-10 00:22 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-10 00:22 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-10 00:22 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-10 00:22 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-10 00:22 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-10 00:22 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-10 00:22 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-10 00:22 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-10 00:22 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-10 00:22 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-10 00:22 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-10 00:22 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-10 00:22 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-10 00:22 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-10 00:22 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-10 00:22 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-10 00:22 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-10 00:22 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-10 00:22 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-10 00:22 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-10 00:22 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-10 00:22 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 21:01 - 2014-04-09 21:01 - 05056648 _____ (Systweak Inc ) C:\Users\Kawey\Downloads\rcpsetupg_apptvlatest-apptvlatest_1946.exe
2014-04-09 11:13 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 11:13 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 11:13 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 11:13 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 11:13 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 11:13 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 11:13 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 11:13 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 11:13 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 11:13 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 11:13 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 11:13 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 11:13 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 11:13 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 11:13 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 11:13 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 11:13 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 11:09 - 2014-04-09 11:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

==================== One Month Modified Files and Folders =======

2014-05-04 13:20 - 2014-05-04 12:39 - 00021839 _____ () C:\Users\Kawey\Downloads\FRST.txt
2014-05-04 13:20 - 2014-05-04 12:39 - 00000000 ____D () C:\FRST
2014-05-04 12:59 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-04 12:59 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-04 12:58 - 2014-02-02 21:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-04 12:55 - 2013-10-14 18:16 - 01241052 _____ () C:\Windows\WindowsUpdate.log
2014-05-04 12:52 - 2014-05-02 14:05 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-05-04 12:51 - 2014-04-03 23:12 - 00001472 _____ () C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-5.job
2014-05-04 12:51 - 2014-04-03 23:10 - 00002782 _____ () C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-3.job
2014-05-04 12:51 - 2014-04-03 23:10 - 00002142 _____ () C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-4.job
2014-05-04 12:50 - 2014-04-30 19:10 - 00001579 _____ () C:\Windows\setupact.log
2014-05-04 12:50 - 2014-04-03 23:12 - 00001368 _____ () C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-2.job
2014-05-04 12:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-04 12:44 - 2014-05-04 12:44 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT.exe
2014-05-04 12:44 - 2014-05-04 12:44 - 00000000 ____D () C:\Windows\ERUNT
2014-05-04 12:40 - 2014-05-04 12:39 - 00018676 _____ () C:\Users\Kawey\Downloads\Addition.txt
2014-05-04 12:38 - 2014-05-04 12:38 - 02062336 _____ (Farbar) C:\Users\Kawey\Downloads\FRST64.exe
2014-05-04 12:38 - 2014-05-04 12:38 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(2).exe
2014-05-04 12:36 - 2014-05-04 12:36 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(1).exe
2014-05-04 12:35 - 2014-05-04 12:35 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST.exe
2014-05-03 23:08 - 2014-02-06 20:14 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Deployment
2014-05-03 21:56 - 2014-05-03 21:55 - 00008494 _____ () C:\Windows\DPINST.LOG
2014-05-03 21:55 - 2014-05-03 21:54 - 09020696 _____ (Hamrick Software) C:\Users\Kawey\Downloads\vuex6494(1).exe
2014-05-03 21:55 - 2014-03-05 19:34 - 00000977 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
2014-05-03 21:09 - 2013-10-16 23:53 - 00000000 ____D () C:\ARBEIT &  BEWERBUNGEN
2014-05-03 15:54 - 2014-04-29 17:04 - 00000000 ____D () C:\Heilkunde
2014-05-03 15:54 - 2014-01-14 09:26 - 00000000 ____D () C:\Gesundheit
2014-05-03 08:50 - 2014-05-03 08:50 - 00499072 _____ () C:\Users\Kawey\Downloads\Java(1).exe
2014-05-03 08:49 - 2014-05-03 08:49 - 00499072 _____ () C:\Users\Kawey\Downloads\Java.exe
2014-05-02 15:39 - 2014-04-18 19:16 - 00000066 _____ () C:\Users\Kawey\AppData\default.pls
2014-05-02 15:34 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-05-02 15:34 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2
2014-05-02 15:30 - 2013-10-25 19:28 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Downloaded Installations
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\Documents\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Local\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\TomTom
2014-05-02 15:10 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2014-05-02 15:07 - 2014-05-02 15:07 - 00000000 ____D () C:\Program Files (x86)\TomTom DesktopSuite
2014-05-02 15:01 - 2013-10-15 04:09 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-05-02 15:01 - 2013-10-15 04:09 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-05-02 15:01 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Nico Mak Computing
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-05-02 14:02 - 2014-05-02 14:02 - 04892480 _____ (WinZip International LLC ) C:\Users\Kawey\Downloads\wzmp_8.exe
2014-05-01 19:10 - 2014-05-01 18:34 - 00000000 ____D () C:\Users\Kawey\Documents\TCM
2014-05-01 18:17 - 2013-10-14 20:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-01 12:39 - 2014-04-30 21:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-30 22:16 - 2014-02-02 00:47 - 00102725 _____ () C:\Users\Kawey\AppData\Local\ars.cache
2014-04-30 21:46 - 2014-04-30 21:46 - 02002944 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher.exe
2014-04-30 19:10 - 2014-04-30 19:10 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-30 12:33 - 2014-04-30 12:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 12:06 - 2013-11-04 00:19 - 00000000 ____D () C:\SpaKa
2014-04-30 11:47 - 2013-11-05 12:59 - 00000000 ____D () C:\Windows\Minidump
2014-04-30 11:47 - 2013-10-15 04:12 - 00000000 ____D () C:\Windows\Panther
2014-04-30 11:46 - 2014-04-30 11:46 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-30 11:45 - 2014-04-30 11:45 - 03671432 _____ (Piriform Ltd) C:\Users\Kawey\Downloads\ccsetup413_slim.exe
2014-04-29 18:58 - 2014-02-02 21:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 18:58 - 2013-10-15 23:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 18:58 - 2013-10-15 23:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 17:11 - 2013-10-14 18:31 - 00000000 ____D () C:\Users\Kawey\AppData\Local\VirtualStore
2014-04-29 16:01 - 2014-05-02 10:26 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 15:40 - 2014-05-02 10:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 15:14 - 2014-02-06 00:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-29 14:48 - 2014-05-02 10:26 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-02 10:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-28 10:14 - 2014-04-28 10:13 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE(1).exe
2014-04-28 09:33 - 2014-04-28 09:32 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE.exe
2014-04-27 11:24 - 2014-04-27 11:24 - 00503392 _____ () C:\Users\Kawey\Downloads\Player(2).exe
2014-04-27 11:24 - 2014-04-27 11:24 - 00000000 ____D () C:\Users\Kawey\AppData\Local\SearchProtect
2014-04-27 11:23 - 2014-04-27 11:23 - 00503392 _____ () C:\Users\Kawey\Downloads\Player(1).exe
2014-04-27 11:22 - 2014-04-27 11:22 - 00000000 ____D () C:\ProgramData\IProt
2014-04-27 11:20 - 2014-04-27 11:20 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\ShenProfessional 3.1.lnk
2014-04-27 11:20 - 2014-04-27 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShenProfessional 3.1
2014-04-27 11:20 - 2014-04-27 11:14 - 00760333 _____ () C:\Program Files (x86)\ShenUnInstall.txt
2014-04-27 11:20 - 2014-04-27 11:14 - 00000000 ____D () C:\Program Files (x86)\ShenProfessional 3.1
2014-04-27 11:20 - 2014-04-27 11:13 - 00801542 _____ () C:\Program Files (x86)\Setup.log
2014-04-27 11:08 - 2014-04-27 11:01 - 197984521 _____ (shen.de) C:\Users\Kawey\Downloads\ShenProfessional-3-1.exe
2014-04-27 10:35 - 2014-04-27 10:35 - 00003088 _____ () C:\Windows\System32\Tasks\{6FFDF4FA-9810-4B47-9A34-C3807772493D}
2014-04-26 17:54 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\ProgramData\dvdfab
2014-04-25 14:30 - 2014-04-25 14:30 - 00001016 _____ () C:\Users\Kawey\Desktop\DVDFab 8 Qt.lnk
2014-04-25 14:30 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt
2014-04-25 14:30 - 2014-04-20 19:07 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 Qt
2014-04-25 14:29 - 2014-04-25 14:28 - 21323352 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab8230Qt.exe
2014-04-24 16:15 - 2014-03-29 17:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-24 16:15 - 2014-03-14 14:47 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-24 15:36 - 2014-04-24 15:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\Firefox - CHIP-Downloader.exe
2014-04-22 11:50 - 2014-04-22 11:50 - 00907018 _____ () C:\Users\Kawey\Downloads\adblockplus-2.5.1.zip
2014-04-22 11:50 - 2014-04-22 11:50 - 00000000 ____D () C:\Users\Kawey\Downloads\adblockplus-2.5.1
2014-04-22 11:48 - 2014-04-22 11:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\adblockplus-2.5.1 - CHIP-Downloader.exe
2014-04-21 18:57 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\Documents\PcSetup
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 6
2014-04-21 18:52 - 2014-04-17 23:52 - 00000034 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.log
2014-04-21 18:52 - 2014-04-17 23:51 - 00099384 _____ () C:\Users\Kawey\AppData\Roaming\inst.exe
2014-04-21 18:52 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Users\Kawey\AppData\Roaming\pcouffin.sys
2014-04-21 18:52 - 2014-04-17 23:51 - 00007859 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.cat
2014-04-21 18:52 - 2014-04-17 23:51 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Vso
2014-04-21 18:49 - 2014-04-21 18:48 - 13312568 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab6218.exe
2014-04-21 18:08 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab9
2014-04-21 18:08 - 2014-04-17 19:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9
2014-04-21 17:48 - 2013-10-15 22:37 - 00000000 ____D () C:\PC
2014-04-21 17:47 - 2014-04-21 17:47 - 01672252 _____ () C:\Users\Kawey\Downloads\a-user-guide-of-dvdfab9.zip
2014-04-21 15:55 - 2013-10-14 19:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-21 15:47 - 2014-04-21 15:47 - 00000000 _____ () C:\Users\Kawey\AppData\Roaming\CopyToGo.dat
2014-04-21 15:23 - 2014-04-21 15:11 - 322746776 _____ (Corel) C:\Users\Kawey\Downloads\KEYDC6PLMLPC.exe
2014-04-21 14:48 - 2014-04-21 12:30 - 00000000 ____D () C:\ProgramData\Freemake
2014-04-21 14:48 - 2014-04-21 12:30 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-04-21 14:47 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-04-21 14:46 - 2014-04-21 13:45 - 00000000 ____D () C:\ProgramData\SlySoft
2014-04-21 13:57 - 2014-04-21 13:48 - 00000125 ___SH () C:\ProgramData\.zreglib
2014-04-21 13:45 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-04-21 13:44 - 2014-04-21 13:43 - 10873088 _____ () C:\Users\Kawey\Downloads\SetupAnyDVD7460.exe
2014-04-21 13:44 - 2014-04-21 13:43 - 05185720 _____ () C:\Users\Kawey\Downloads\SetupCloneDVD2930Slysoft.exe
2014-04-21 12:27 - 2014-04-21 12:27 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Kawey\Downloads\FreemakeVideoConverterSetup.exe
2014-04-21 12:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-21 11:30 - 2014-04-21 11:30 - 13833720 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab7070.exe
2014-04-20 22:50 - 2014-04-20 18:44 - 00000000 ____D () C:\Program Files (x86)\Caramava
2014-04-20 20:16 - 2014-04-20 19:00 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Lollipop
2014-04-20 20:01 - 2014-04-20 20:01 - 00000000 ____D () C:\Users\Kawey\AppData\Local\com
2014-04-20 20:00 - 2014-04-20 19:58 - 00000000 ____D () C:\Program Files\003
2014-04-20 19:57 - 2014-04-20 19:57 - 00450152 _____ () C:\Users\Kawey\Downloads\Player.exe
2014-04-20 19:54 - 2014-04-20 19:54 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\30183
2014-04-20 19:42 - 2014-04-20 19:42 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\DVDFab
2014-04-20 19:02 - 2014-04-20 19:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\EuroTrade A.L. Ltd
2014-04-20 19:01 - 2014-04-03 23:14 - 00000000 ____D () C:\ProgramData\WPM
2014-04-20 19:01 - 2014-04-03 23:14 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-20 19:01 - 2014-04-03 23:14 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-20 19:00 - 2014-04-20 19:00 - 00000000 ____D () C:\Program Files (x86)\PassWidget-soft
2014-04-20 19:00 - 2014-04-03 23:13 - 00001613 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-20 18:59 - 2014-04-20 18:59 - 04714928 _____ () C:\Users\Kawey\Downloads\installer_dvdfab_platinum_8_0_8_7_beta_Deutsch.exe
2014-04-20 18:46 - 2014-04-20 18:46 - 00673984 _____ () C:\Users\Kawey\Downloads\Brothersoft_downloader_For_DVDFab_Platinum(1).exe
2014-04-20 18:42 - 2014-04-20 18:41 - 00673984 _____ () C:\Users\Kawey\Downloads\Brothersoft_downloader_For_DVDFab_Platinum.exe
2014-04-20 17:35 - 2014-04-18 12:57 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8
2014-04-20 16:22 - 2014-02-02 00:47 - 00294540 _____ () C:\Users\Kawey\AppData\Local\census.cache
2014-04-20 16:03 - 2014-04-20 16:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(7).exe
2014-04-20 00:37 - 2014-04-20 00:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\137
2014-04-19 23:53 - 2014-04-19 23:53 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(6).exe
2014-04-19 21:54 - 2014-04-19 21:54 - 00669648 _____ ( ) C:\Users\Kawey\Downloads\UltimateCodec(2).exe
2014-04-19 21:46 - 2014-04-18 18:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\HandBrake
2014-04-19 20:36 - 2014-04-19 20:36 - 00033947 _____ () C:\Users\Kawey\Downloads\anleitung.htm
2014-04-19 14:06 - 2014-04-19 14:06 - 13888037 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_i686-Win_GUI.exe
2014-04-18 18:49 - 2014-04-18 18:49 - 00386896 _____ (Softonic ) C:\Users\Kawey\Downloads\SoftonicDownloader_fuer_handbrake.exe
2014-04-18 18:43 - 2014-04-18 18:43 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\9130
2014-04-18 18:01 - 2014-04-18 18:01 - 14298467 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe
2014-04-18 17:19 - 2014-04-18 17:16 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140(1).exe
2014-04-18 12:47 - 2014-04-18 12:46 - 00386888 _____ (Softonic ) C:\Users\Kawey\Downloads\SoftonicDownloader_for_dvdfab.exe
2014-04-18 00:00 - 2013-10-14 20:26 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-04-17 23:51 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys
2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieUserList
2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieSiteList
2014-04-17 21:37 - 2014-04-17 21:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\23260
2014-04-17 21:15 - 2014-04-17 21:15 - 02170880 _____ () C:\Users\Kawey\Downloads\ffmpeg15.exe
2014-04-17 21:15 - 2014-04-17 21:15 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\NCH Software
2014-04-17 21:04 - 2014-04-17 20:57 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-04-17 20:57 - 2014-04-17 20:57 - 00817696 _____ (NCH Software) C:\Users\Kawey\Downloads\burnsetup.exe
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\NCH Software
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-04-17 20:20 - 2014-04-17 20:20 - 00000000 ____D () C:\ProgramData\vsosdk
2014-04-17 19:41 - 2014-04-17 19:39 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140.exe
2014-04-16 23:36 - 2014-04-16 23:36 - 00993712 _____ () C:\Users\Kawey\Downloads\setup(2).exe
2014-04-16 18:32 - 2014-04-16 18:32 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup(1).exe
2014-04-16 18:31 - 2013-10-15 21:52 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Adobe
2014-04-16 18:27 - 2014-04-16 18:27 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup.exe
2014-04-15 16:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-14 04:24 - 2014-04-30 11:00 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-04-30 11:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-10 13:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-10 00:22 - 2013-10-22 19:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 00:20 - 2013-10-22 19:13 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 23:41 - 2013-12-27 20:39 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-09 21:01 - 2014-04-09 21:01 - 05056648 _____ (Systweak Inc ) C:\Users\Kawey\Downloads\rcpsetupg_apptvlatest-apptvlatest_1946.exe
2014-04-09 11:09 - 2014-04-09 11:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-09 11:09 - 2014-02-06 00:16 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-09 11:09 - 2014-02-06 00:16 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-04 11:15 - 2013-10-15 21:55 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-04 11:11 - 2014-04-03 23:10 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-22 15:23

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

ich finde das wo? Danke


Alt 04.05.2014, 13:24   #6
M-K-D-B
/// TB-Ausbilder
 
entferne sweetpage - Standard

entferne sweetpage



lass mal, wir machen es anders.





Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
Kontrollscan mit FRST
Führe wie zuvor beschrieben einen Scan mit FRST aus.
Setze dazu einen Haken bei Addition.txt rechts unten und klicke auf Scan.
Es werden zwei Logdateien erzeugt. Poste mir diese.





Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
__________________
--> entferne sweetpage

Alt 04.05.2014, 14:09   #7
Kawey
 
entferne sweetpage - Standard

entferne sweetpage



Code:
ATTFilter
# AdwCleaner v3.205 - Bericht erstellt am 04/05/2014 um 13:59:08
# Aktualisiert 28/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Kawey - KAWEY-PC
# Gestartet von : C:\Users\Kawey\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : buuoujqmrk64
Dienst Gelöscht : IePluginService
Dienst Gelöscht : Wpm

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\Fortunitas
Ordner Gelöscht : C:\Program Files (x86)\MediaPlayerplus
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files (x86)\SuperLyrics-16
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Program Files\003
Ordner Gelöscht : C:\Users\Kawey\AppData\Local\lollipop
Ordner Gelöscht : C:\Users\Kawey\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Kawey\AppData\Local\Tuguu_SL
Ordner Gelöscht : C:\Users\Kawey\AppData\Roaming\DigitalSites
Ordner Gelöscht : C:\Users\Kawey\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Kawey\AppData\Roaming\webssearches
Ordner Gelöscht : C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com
Ordner Gelöscht : C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\StartWeb.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml
Datei Gelöscht : C:\Windows\System32\Tasks\Advanced System Protector
Datei Gelöscht : C:\Windows\System32\Tasks\MySearchDial
Datei Gelöscht : C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-2.job
Datei Gelöscht : C:\Windows\System32\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-2
Datei Gelöscht : C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-3.job
Datei Gelöscht : C:\Windows\System32\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-3
Datei Gelöscht : C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-4.job
Datei Gelöscht : C:\Windows\System32\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-4
Datei Gelöscht : C:\Windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-5.job
Datei Gelöscht : C:\Windows\System32\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-5

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Kawey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Kawey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Kawey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.iminentESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.iminentESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iminent.iminentappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iminent.iminentappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iminent.iminentHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iminent.iminentHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0054246.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0054246.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vuescan_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vuescan_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1FAFD711-ABF9-4F6A-8130-5166C7371427}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99E71BF1-5F51-4AF9-830B-67015D59640D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9FD0C1D9-180B-4834-B80B-4B7325AF90E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A2CC3C46-143B-4142-9D5A-B8543F0A6F55}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522422246}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544424446}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{828DC97A-2277-4E10-92A9-4907FA0922A9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11f3ef39-17fe-42f3-a985-bc211800d723}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{528e4069-acef-4f7b-b4a6-fe74749d4539}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5f9a73f8-fd01-44c9-8350-49b673b9696f}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87b74557-e5a8-4c80-971e-3a03ac848d30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c2448860-2d00-4f1a-a7d1-3f0e3aa98e72}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1FAFD711-ABF9-4F6A-8130-5166C7371427}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522422246}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11f3ef39-17fe-42f3-a985-bc211800d723}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{528e4069-acef-4f7b-b4a6-fe74749d4539}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5f9a73f8-fd01-44c9-8350-49b673b9696f}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87b74557-e5a8-4c80-971e-3a03ac848d30}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c2448860-2d00-4f1a-a7d1-3f0e3aa98e72}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\AVG Secure Search
Schlüssel Gelöscht : HKCU\Software\blockAndSurf
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\MediaPlayerplus
Schlüssel Gelöscht : HKCU\Software\mysearchdial.com
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\SearchProtectINT
Schlüssel Gelöscht : HKCU\Software\SearchProtectInt2
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\blockAndSurf
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\MediaPlayerplus
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Supra Savings
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SuperLyrics-16
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\MediaPlayerplus
Schlüssel Gelöscht : HKLM\Software\supTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\sweet-pageSoftware
Schlüssel Gelöscht : HKLM\Software\Vittalia
Schlüssel Gelöscht : HKLM\Software\webssearchesSoftware
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DigitalSite
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DomaIQ
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\installedbrowserextensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Speedchecker Limited
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\suprasavings
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\prefs.js ]

Zeile gelöscht : user_pref("browser.search.selectedEngine", "sweet-page");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.sweet-page.com/?type=hppp&ts=1399130289&from=tugs&uid=HGSTXHTS545032A7E380_TMA45C480ET18L0ET18LX");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "14598d741266e32bebc80a6fee20d2c8");

-\\ Google Chrome v

[ Datei : C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPD4F79A21-7465-46DE-A457-C0A42C3CC60E&q={searchTerms}&SSPV=
Gelöscht [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzutA0CzyyBtD0E0A0CtCyD0FzytC0DyDtCtN0D0Tzu0SyBzytAtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyDyD0E0ByEtCyCyBtGzyyDtB0BtGtDyE0EtDtGtBtD0D0DtGtC0C0DyCyEyEyC0EyEyD0Dzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyByB0AtA0E0A0CtGtCyCtAzztG0A0EtDtDtG0EtD0BtBtGtCyC0F0A0CtD0A0AtAyBtB0B2Q&cr=687468405&ir=
Gelöscht [Startup_urls] : hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD4F79A21-7465-46DE-A457-C0A42C3CC60E&SSPV=
Gelöscht [Homepage] : hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD4F79A21-7465-46DE-A457-C0A42C3CC60E&SSPV=
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb

*************************

AdwCleaner[R0].txt - [34810 octets] - [04/05/2014 13:58:12]
AdwCleaner[S0].txt - [28443 octets] - [04/05/2014 13:59:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [28504 octets] ##########
         

Alt 04.05.2014, 14:20   #8
M-K-D-B
/// TB-Ausbilder
 
entferne sweetpage - Standard

entferne sweetpage



fehlen noch MBAM und JRT.
__________________
Gruß
M-K-D-B



Das Trojaner-Board unterstützen

Alt 04.05.2014, 17:03   #9
Kawey
 
entferne sweetpage - Standard

entferne sweetpage



kommt gleich, hatte verstanden, alles nacheinander. MBAM hat jetzt schon reichlich gefunden und braucht noch `n Moment.
Schritt 3 und 4 in result ebenfalls anhängen?
Vielen Dank schon mal für die Arbeit! L.G.kawey

Hallo Mathias,
hoffentlich sind alle Anweisungen korrrekt durchgeführt?
Ich gehe davon aus, diese Prgs öfter mal azuwenden.
Vielen Dank nochmal für die gute Führung.
Kawey



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014
Ran by Kawey (administrator) on KAWEY-PC on 04-05-2014 16:50:49
Running from C:\Users\Kawey\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-03-08] (Synaptics Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-09] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2568023682-207481756-3843068466-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-2568023682-207481756-3843068466-1000\...\MountPoints2: {e5ab1670-7892-11e3-a6cb-3c970eac15f9} - E:\AutoRun.exe
IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\bootstrap.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hpwucli.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\imfrmwrk.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\open energymanagement.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp:///
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://de.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id}
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{84A47CCA-2016-4EB2-9976-DDB4A782B000}: [NameServer]62.109.121.2 62.109.121.1

FireFox:
========
FF ProfilePath: C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\searchplugins\ixquick-https.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Kawey\AppData\Roaming\Mozilla\Firefox\Profiles\73f0idua.default-1398406683013\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-06]

Chrome: 
=======
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchProvider: Conduit Search
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-27]
CHR Extension: (Google Drive) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-27]
CHR Extension: (YouTube) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-27]
CHR Extension: (Google-Suche) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-27]
CHR Extension: (Google Wallet) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-27]
CHR Extension: (Google Mail) - C:\Users\Kawey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-09]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-09] (AVAST Software)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [47416 2014-02-05] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2138936 2014-03-20] (TuneUp Software)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-09] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-09] ()
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20568 2009-12-22] (Devguru Co., Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3532160 2011-10-11] (Sonix Technology Co., Ltd.)
S3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2013-08-21] (MCCI Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
S3 AmUStor; system32\drivers\AmUStor.SYS [X]
S0 LHDmgr; System32\DRIVERS\LhdX64.sys [X]
S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X]
U2 TMAgent; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-04 16:48 - 2014-05-04 16:48 - 00001027 _____ () C:\Users\Kawey\Desktop\JRT.txt
2014-05-04 16:37 - 2014-05-04 16:37 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT(1).exe
2014-05-04 14:11 - 2014-05-04 16:22 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-04 14:10 - 2014-05-04 14:10 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-04 14:10 - 2014-05-04 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-04 14:10 - 2014-05-04 14:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-04 14:10 - 2014-05-04 14:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-04 14:10 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-04 14:10 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-04 14:10 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-04 14:07 - 2014-05-04 14:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kawey\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-04 14:00 - 2014-05-04 14:27 - 00039302 _____ () C:\Windows\PFRO.log
2014-05-04 13:58 - 2014-05-04 13:59 - 00000000 ____D () C:\AdwCleaner
2014-05-04 13:58 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-04 13:57 - 2014-05-04 13:57 - 01310621 _____ () C:\Users\Kawey\Downloads\adwcleaner.exe
2014-05-04 12:44 - 2014-05-04 12:44 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT.exe
2014-05-04 12:44 - 2014-05-04 12:44 - 00000000 ____D () C:\Windows\ERUNT
2014-05-04 12:39 - 2014-05-04 16:50 - 00012607 _____ () C:\Users\Kawey\Downloads\FRST.txt
2014-05-04 12:39 - 2014-05-04 16:50 - 00000000 ____D () C:\FRST
2014-05-04 12:39 - 2014-05-04 13:41 - 00018746 _____ () C:\Users\Kawey\Downloads\Addition.txt
2014-05-04 12:38 - 2014-05-04 12:38 - 02062336 _____ (Farbar) C:\Users\Kawey\Downloads\FRST64.exe
2014-05-04 12:38 - 2014-05-04 12:38 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(2).exe
2014-05-04 12:36 - 2014-05-04 12:36 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(1).exe
2014-05-04 12:35 - 2014-05-04 12:35 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST.exe
2014-05-03 21:55 - 2014-05-03 21:56 - 00008494 _____ () C:\Windows\DPINST.LOG
2014-05-03 21:54 - 2014-05-03 21:55 - 09020696 _____ (Hamrick Software) C:\Users\Kawey\Downloads\vuex6494(1).exe
2014-05-02 15:11 - 2014-05-02 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\Documents\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Local\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\TomTom
2014-05-02 15:10 - 2014-05-02 15:34 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2
2014-05-02 15:10 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2014-05-02 15:07 - 2014-05-02 15:07 - 00000000 ____D () C:\Program Files (x86)\TomTom DesktopSuite
2014-05-02 14:05 - 2014-05-04 14:29 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Nico Mak Computing
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-05-02 14:05 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-05-02 14:02 - 2014-05-02 14:02 - 04892480 _____ (WinZip International LLC ) C:\Users\Kawey\Downloads\wzmp_8.exe
2014-05-02 10:26 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-02 10:26 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-02 10:26 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-02 10:26 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-01 18:34 - 2014-05-01 19:10 - 00000000 ____D () C:\Users\Kawey\Documents\TCM
2014-04-30 21:50 - 2012-06-05 09:37 - 00256904 _____ (Trend Micro Inc.) C:\Windows\SysWOW64\Drivers\tmcomm.sys
2014-04-30 21:46 - 2014-04-30 21:46 - 02002944 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher.exe
2014-04-30 21:40 - 2014-05-01 12:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-30 19:10 - 2014-05-04 14:27 - 00001747 _____ () C:\Windows\setupact.log
2014-04-30 19:10 - 2014-04-30 19:10 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-30 12:33 - 2014-04-30 12:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 11:46 - 2014-04-30 11:46 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-30 11:45 - 2014-04-30 11:45 - 03671432 _____ (Piriform Ltd) C:\Users\Kawey\Downloads\ccsetup413_slim.exe
2014-04-30 11:00 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-30 11:00 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-29 17:04 - 2014-05-03 15:54 - 00000000 ____D () C:\Heilkunde
2014-04-28 10:13 - 2014-04-28 10:14 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE(1).exe
2014-04-28 09:32 - 2014-04-28 09:33 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE.exe
2014-04-27 11:22 - 2014-04-27 11:22 - 00000000 ____D () C:\ProgramData\IProt
2014-04-27 11:20 - 2014-04-27 11:20 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\ShenProfessional 3.1.lnk
2014-04-27 11:20 - 2014-04-27 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShenProfessional 3.1
2014-04-27 11:14 - 2014-04-27 11:20 - 00760333 _____ () C:\Program Files (x86)\ShenUnInstall.txt
2014-04-27 11:14 - 2014-04-27 11:20 - 00000000 ____D () C:\Program Files (x86)\ShenProfessional 3.1
2014-04-27 11:14 - 2014-03-12 17:39 - 00572448 _____ (Pantaray Research Ltd.) C:\Program Files (x86)\ShenUnInstall.exe
2014-04-27 11:14 - 2011-12-18 09:00 - 00012420 _____ () C:\Program Files (x86)\Deutsch.lng
2014-04-27 11:13 - 2014-04-27 11:20 - 00801542 _____ () C:\Program Files (x86)\Setup.log
2014-04-27 11:01 - 2014-04-27 11:08 - 197984521 _____ (shen.de) C:\Users\Kawey\Downloads\ShenProfessional-3-1.exe
2014-04-27 10:35 - 2014-04-27 10:35 - 00003088 _____ () C:\Windows\System32\Tasks\{6FFDF4FA-9810-4B47-9A34-C3807772493D}
2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\ProgramData\dvdfab
2014-04-25 14:30 - 2014-04-25 14:30 - 00001016 _____ () C:\Users\Kawey\Desktop\DVDFab 8 Qt.lnk
2014-04-25 14:28 - 2014-04-25 14:29 - 21323352 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab8230Qt.exe
2014-04-24 15:36 - 2014-04-24 15:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\Firefox - CHIP-Downloader.exe
2014-04-22 11:50 - 2014-04-22 11:50 - 00907018 _____ () C:\Users\Kawey\Downloads\adblockplus-2.5.1.zip
2014-04-22 11:50 - 2014-04-22 11:50 - 00000000 ____D () C:\Users\Kawey\Downloads\adblockplus-2.5.1
2014-04-22 11:48 - 2014-04-22 11:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\adblockplus-2.5.1 - CHIP-Downloader.exe
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\Documents\PcSetup
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 6
2014-04-21 18:48 - 2014-04-21 18:49 - 13312568 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab6218.exe
2014-04-21 18:08 - 2014-04-21 18:57 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab
2014-04-21 18:08 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab9
2014-04-21 17:47 - 2014-04-21 17:47 - 01672252 _____ () C:\Users\Kawey\Downloads\a-user-guide-of-dvdfab9.zip
2014-04-21 15:47 - 2014-04-21 15:47 - 00000000 _____ () C:\Users\Kawey\AppData\Roaming\CopyToGo.dat
2014-04-21 15:29 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-04-21 15:29 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-04-21 15:29 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-04-21 15:29 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-04-21 15:29 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-04-21 15:29 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-04-21 15:29 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-04-21 15:29 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-04-21 15:29 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-04-21 15:29 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-04-21 15:29 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-04-21 15:29 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-04-21 15:29 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-04-21 15:29 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-04-21 15:11 - 2014-04-21 15:23 - 322746776 _____ (Corel) C:\Users\Kawey\Downloads\KEYDC6PLMLPC.exe
2014-04-21 13:48 - 2014-04-21 13:57 - 00000125 ___SH () C:\ProgramData\.zreglib
2014-04-21 13:45 - 2014-04-21 14:47 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-04-21 13:45 - 2014-04-21 14:46 - 00000000 ____D () C:\ProgramData\SlySoft
2014-04-21 13:45 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-04-21 13:43 - 2014-04-21 13:44 - 10873088 _____ () C:\Users\Kawey\Downloads\SetupAnyDVD7460.exe
2014-04-21 13:43 - 2014-04-21 13:44 - 05185720 _____ () C:\Users\Kawey\Downloads\SetupCloneDVD2930Slysoft.exe
2014-04-21 12:30 - 2014-04-21 14:48 - 00000000 ____D () C:\ProgramData\Freemake
2014-04-21 12:30 - 2014-04-21 14:48 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-04-21 12:27 - 2014-04-21 12:27 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Kawey\Downloads\FreemakeVideoConverterSetup.exe
2014-04-21 11:30 - 2014-04-21 11:30 - 13833720 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab7070.exe
2014-04-20 20:01 - 2014-04-20 20:01 - 00000000 ____D () C:\Users\Kawey\AppData\Local\com
2014-04-20 19:54 - 2014-04-20 19:54 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\30183
2014-04-20 19:42 - 2014-04-20 19:42 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\DVDFab
2014-04-20 19:07 - 2014-04-25 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt
2014-04-20 19:07 - 2014-04-25 14:30 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 Qt
2014-04-20 19:02 - 2014-04-20 19:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\EuroTrade A.L. Ltd
2014-04-20 16:03 - 2014-04-20 16:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(7).exe
2014-04-20 00:37 - 2014-04-20 00:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\137
2014-04-19 23:53 - 2014-04-19 23:53 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(6).exe
2014-04-19 20:36 - 2014-04-19 20:36 - 00033947 _____ () C:\Users\Kawey\Downloads\anleitung.htm
2014-04-19 14:06 - 2014-04-19 14:06 - 13888037 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_i686-Win_GUI.exe
2014-04-18 19:16 - 2014-05-02 15:39 - 00000066 _____ () C:\Users\Kawey\AppData\default.pls
2014-04-18 18:43 - 2014-04-18 18:43 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\9130
2014-04-18 18:02 - 2014-04-19 21:46 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\HandBrake
2014-04-18 18:01 - 2014-04-18 18:01 - 14298467 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe
2014-04-18 17:16 - 2014-04-18 17:19 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140(1).exe
2014-04-18 12:57 - 2014-04-20 17:35 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8
2014-04-17 23:52 - 2014-04-21 18:52 - 00000034 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.log
2014-04-17 23:51 - 2014-04-21 18:52 - 00099384 _____ () C:\Users\Kawey\AppData\Roaming\inst.exe
2014-04-17 23:51 - 2014-04-21 18:52 - 00082816 _____ (VSO Software) C:\Users\Kawey\AppData\Roaming\pcouffin.sys
2014-04-17 23:51 - 2014-04-21 18:52 - 00007859 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.cat
2014-04-17 23:51 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Vso
2014-04-17 23:51 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys
2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieUserList
2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieSiteList
2014-04-17 21:37 - 2014-04-17 21:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\23260
2014-04-17 21:15 - 2014-04-17 21:15 - 02170880 _____ () C:\Users\Kawey\Downloads\ffmpeg15.exe
2014-04-17 21:15 - 2014-04-17 21:15 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\NCH Software
2014-04-17 20:57 - 2014-04-17 21:04 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-04-17 20:57 - 2014-04-17 20:57 - 00817696 _____ (NCH Software) C:\Users\Kawey\Downloads\burnsetup.exe
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\NCH Software
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-04-17 20:20 - 2014-04-17 20:20 - 00000000 ____D () C:\ProgramData\vsosdk
2014-04-17 19:52 - 2014-04-21 18:08 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9
2014-04-17 19:39 - 2014-04-17 19:41 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140.exe
2014-04-16 18:32 - 2014-04-16 18:32 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup(1).exe
2014-04-16 18:27 - 2014-04-16 18:27 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup.exe
2014-04-10 00:23 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-10 00:23 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-10 00:22 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-10 00:22 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-10 00:22 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-10 00:22 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-10 00:22 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-10 00:22 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-10 00:22 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-10 00:22 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-10 00:22 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-10 00:22 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-10 00:22 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-10 00:22 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-10 00:22 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-10 00:22 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-10 00:22 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-10 00:22 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-10 00:22 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-10 00:22 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-10 00:22 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-10 00:22 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-10 00:22 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-10 00:22 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-10 00:22 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-10 00:22 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-10 00:22 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-10 00:22 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-10 00:22 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-10 00:22 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-10 00:22 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-10 00:22 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-10 00:22 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-10 00:22 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-10 00:22 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-10 00:22 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-10 00:22 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-10 00:22 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-10 00:22 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-10 00:22 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-10 00:22 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-10 00:22 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-10 00:22 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-10 00:22 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 11:13 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 11:13 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 11:13 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 11:13 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 11:13 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 11:13 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 11:13 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 11:13 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 11:13 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 11:13 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 11:13 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 11:13 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 11:13 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 11:13 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 11:13 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 11:13 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 11:13 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 11:09 - 2014-04-09 11:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

==================== One Month Modified Files and Folders =======

2014-05-04 16:50 - 2014-05-04 12:39 - 00012607 _____ () C:\Users\Kawey\Downloads\FRST.txt
2014-05-04 16:50 - 2014-05-04 12:39 - 00000000 ____D () C:\FRST
2014-05-04 16:49 - 2013-10-15 22:37 - 00000000 ____D () C:\PC
2014-05-04 16:48 - 2014-05-04 16:48 - 00001027 _____ () C:\Users\Kawey\Desktop\JRT.txt
2014-05-04 16:37 - 2014-05-04 16:37 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT(1).exe
2014-05-04 16:22 - 2014-05-04 14:11 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-04 16:04 - 2013-10-14 18:16 - 01268546 _____ () C:\Windows\WindowsUpdate.log
2014-05-04 15:58 - 2014-02-02 21:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-04 14:35 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-04 14:35 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-04 14:29 - 2014-05-02 14:05 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-05-04 14:27 - 2014-05-04 14:00 - 00039302 _____ () C:\Windows\PFRO.log
2014-05-04 14:27 - 2014-04-30 19:10 - 00001747 _____ () C:\Windows\setupact.log
2014-05-04 14:27 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-05-04 14:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-04 14:26 - 2014-04-03 23:14 - 00000000 ____D () C:\ProgramData\WPM
2014-05-04 14:10 - 2014-05-04 14:10 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-04 14:10 - 2014-05-04 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-04 14:10 - 2014-05-04 14:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-04 14:10 - 2014-05-04 14:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-04 14:07 - 2014-05-04 14:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kawey\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-04 13:59 - 2014-05-04 13:58 - 00000000 ____D () C:\AdwCleaner
2014-05-04 13:59 - 2014-04-03 23:13 - 00000977 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-04 13:57 - 2014-05-04 13:57 - 01310621 _____ () C:\Users\Kawey\Downloads\adwcleaner.exe
2014-05-04 13:41 - 2014-05-04 12:39 - 00018746 _____ () C:\Users\Kawey\Downloads\Addition.txt
2014-05-04 12:44 - 2014-05-04 12:44 - 01016261 _____ (Thisisu) C:\Users\Kawey\Downloads\JRT.exe
2014-05-04 12:44 - 2014-05-04 12:44 - 00000000 ____D () C:\Windows\ERUNT
2014-05-04 12:38 - 2014-05-04 12:38 - 02062336 _____ (Farbar) C:\Users\Kawey\Downloads\FRST64.exe
2014-05-04 12:38 - 2014-05-04 12:38 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(2).exe
2014-05-04 12:36 - 2014-05-04 12:36 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST(1).exe
2014-05-04 12:35 - 2014-05-04 12:35 - 01050624 _____ (Farbar) C:\Users\Kawey\Downloads\FRST.exe
2014-05-03 23:08 - 2014-02-06 20:14 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Deployment
2014-05-03 21:56 - 2014-05-03 21:55 - 00008494 _____ () C:\Windows\DPINST.LOG
2014-05-03 21:55 - 2014-05-03 21:54 - 09020696 _____ (Hamrick Software) C:\Users\Kawey\Downloads\vuex6494(1).exe
2014-05-03 21:55 - 2014-03-05 19:34 - 00000977 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
2014-05-03 21:09 - 2013-10-16 23:53 - 00000000 ____D () C:\ARBEIT &  BEWERBUNGEN
2014-05-03 15:54 - 2014-04-29 17:04 - 00000000 ____D () C:\Heilkunde
2014-05-03 15:54 - 2014-01-14 09:26 - 00000000 ____D () C:\Gesundheit
2014-05-02 15:39 - 2014-04-18 19:16 - 00000066 _____ () C:\Users\Kawey\AppData\default.pls
2014-05-02 15:34 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-05-02 15:34 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2
2014-05-02 15:30 - 2013-10-25 19:28 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Downloaded Installations
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\Documents\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\Users\Kawey\AppData\Local\TomTom
2014-05-02 15:11 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\TomTom
2014-05-02 15:10 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2014-05-02 15:07 - 2014-05-02 15:07 - 00000000 ____D () C:\Program Files (x86)\TomTom DesktopSuite
2014-05-02 15:01 - 2013-10-15 04:09 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-05-02 15:01 - 2013-10-15 04:09 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-05-02 15:01 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Nico Mak Computing
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-05-02 14:05 - 2014-05-02 14:05 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-05-02 14:02 - 2014-05-02 14:02 - 04892480 _____ (WinZip International LLC ) C:\Users\Kawey\Downloads\wzmp_8.exe
2014-05-01 19:10 - 2014-05-01 18:34 - 00000000 ____D () C:\Users\Kawey\Documents\TCM
2014-05-01 18:17 - 2013-10-14 20:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-01 12:39 - 2014-04-30 21:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-30 22:16 - 2014-02-02 00:47 - 00102725 _____ () C:\Users\Kawey\AppData\Local\ars.cache
2014-04-30 21:46 - 2014-04-30 21:46 - 02002944 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher.exe
2014-04-30 19:10 - 2014-04-30 19:10 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-30 12:33 - 2014-04-30 12:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 12:06 - 2013-11-04 00:19 - 00000000 ____D () C:\SpaKa
2014-04-30 11:47 - 2013-11-05 12:59 - 00000000 ____D () C:\Windows\Minidump
2014-04-30 11:47 - 2013-10-15 04:12 - 00000000 ____D () C:\Windows\Panther
2014-04-30 11:46 - 2014-04-30 11:46 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-04-30 11:46 - 2014-04-30 11:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-30 11:45 - 2014-04-30 11:45 - 03671432 _____ (Piriform Ltd) C:\Users\Kawey\Downloads\ccsetup413_slim.exe
2014-04-29 18:58 - 2014-02-02 21:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 18:58 - 2013-10-15 23:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 18:58 - 2013-10-15 23:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 17:11 - 2013-10-14 18:31 - 00000000 ____D () C:\Users\Kawey\AppData\Local\VirtualStore
2014-04-29 16:01 - 2014-05-02 10:26 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 15:40 - 2014-05-02 10:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 15:14 - 2014-02-06 00:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-29 14:48 - 2014-05-02 10:26 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-02 10:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-28 10:14 - 2014-04-28 10:13 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE(1).exe
2014-04-28 09:33 - 2014-04-28 09:32 - 27878824 _____ (TuneUp Software) C:\Users\Kawey\Downloads\TuneUpUtilities2014_de-DE.exe
2014-04-27 11:22 - 2014-04-27 11:22 - 00000000 ____D () C:\ProgramData\IProt
2014-04-27 11:20 - 2014-04-27 11:20 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\ShenProfessional 3.1.lnk
2014-04-27 11:20 - 2014-04-27 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShenProfessional 3.1
2014-04-27 11:20 - 2014-04-27 11:14 - 00760333 _____ () C:\Program Files (x86)\ShenUnInstall.txt
2014-04-27 11:20 - 2014-04-27 11:14 - 00000000 ____D () C:\Program Files (x86)\ShenProfessional 3.1
2014-04-27 11:20 - 2014-04-27 11:13 - 00801542 _____ () C:\Program Files (x86)\Setup.log
2014-04-27 11:08 - 2014-04-27 11:01 - 197984521 _____ (shen.de) C:\Users\Kawey\Downloads\ShenProfessional-3-1.exe
2014-04-27 10:35 - 2014-04-27 10:35 - 00003088 _____ () C:\Windows\System32\Tasks\{6FFDF4FA-9810-4B47-9A34-C3807772493D}
2014-04-26 17:54 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-25 18:58 - 2014-04-25 18:58 - 00000000 ____D () C:\ProgramData\dvdfab
2014-04-25 14:30 - 2014-04-25 14:30 - 00001016 _____ () C:\Users\Kawey\Desktop\DVDFab 8 Qt.lnk
2014-04-25 14:30 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt
2014-04-25 14:30 - 2014-04-20 19:07 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8 Qt
2014-04-25 14:29 - 2014-04-25 14:28 - 21323352 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab8230Qt.exe
2014-04-24 16:15 - 2014-03-29 17:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-24 16:15 - 2014-03-14 14:47 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-24 15:36 - 2014-04-24 15:36 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\Firefox - CHIP-Downloader.exe
2014-04-22 11:50 - 2014-04-22 11:50 - 00907018 _____ () C:\Users\Kawey\Downloads\adblockplus-2.5.1.zip
2014-04-22 11:50 - 2014-04-22 11:50 - 00000000 ____D () C:\Users\Kawey\Downloads\adblockplus-2.5.1
2014-04-22 11:48 - 2014-04-22 11:48 - 00613200 _____ (Chip Digital GmbH) C:\Users\Kawey\Downloads\adblockplus-2.5.1 - CHIP-Downloader.exe
2014-04-21 18:57 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Users\Kawey\Documents\PcSetup
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6
2014-04-21 18:52 - 2014-04-21 18:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 6
2014-04-21 18:52 - 2014-04-17 23:52 - 00000034 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.log
2014-04-21 18:52 - 2014-04-17 23:51 - 00099384 _____ () C:\Users\Kawey\AppData\Roaming\inst.exe
2014-04-21 18:52 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Users\Kawey\AppData\Roaming\pcouffin.sys
2014-04-21 18:52 - 2014-04-17 23:51 - 00007859 _____ () C:\Users\Kawey\AppData\Roaming\pcouffin.cat
2014-04-21 18:52 - 2014-04-17 23:51 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\Vso
2014-04-21 18:49 - 2014-04-21 18:48 - 13312568 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab6218.exe
2014-04-21 18:08 - 2014-04-21 18:08 - 00000000 ____D () C:\Users\Kawey\Documents\DVDFab9
2014-04-21 18:08 - 2014-04-17 19:52 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9
2014-04-21 17:47 - 2014-04-21 17:47 - 01672252 _____ () C:\Users\Kawey\Downloads\a-user-guide-of-dvdfab9.zip
2014-04-21 15:55 - 2013-10-14 19:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-21 15:47 - 2014-04-21 15:47 - 00000000 _____ () C:\Users\Kawey\AppData\Roaming\CopyToGo.dat
2014-04-21 15:23 - 2014-04-21 15:11 - 322746776 _____ (Corel) C:\Users\Kawey\Downloads\KEYDC6PLMLPC.exe
2014-04-21 14:48 - 2014-04-21 12:30 - 00000000 ____D () C:\ProgramData\Freemake
2014-04-21 14:48 - 2014-04-21 12:30 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-04-21 14:47 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-04-21 14:46 - 2014-04-21 13:45 - 00000000 ____D () C:\ProgramData\SlySoft
2014-04-21 13:57 - 2014-04-21 13:48 - 00000125 ___SH () C:\ProgramData\.zreglib
2014-04-21 13:45 - 2014-04-21 13:45 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-04-21 13:44 - 2014-04-21 13:43 - 10873088 _____ () C:\Users\Kawey\Downloads\SetupAnyDVD7460.exe
2014-04-21 13:44 - 2014-04-21 13:43 - 05185720 _____ () C:\Users\Kawey\Downloads\SetupCloneDVD2930Slysoft.exe
2014-04-21 12:27 - 2014-04-21 12:27 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Kawey\Downloads\FreemakeVideoConverterSetup.exe
2014-04-21 12:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-21 11:30 - 2014-04-21 11:30 - 13833720 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab7070.exe
2014-04-20 20:01 - 2014-04-20 20:01 - 00000000 ____D () C:\Users\Kawey\AppData\Local\com
2014-04-20 19:54 - 2014-04-20 19:54 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\30183
2014-04-20 19:42 - 2014-04-20 19:42 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\DVDFab
2014-04-20 19:02 - 2014-04-20 19:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\EuroTrade A.L. Ltd
2014-04-20 17:35 - 2014-04-18 12:57 - 00000000 ____D () C:\Program Files (x86)\DVDFab 8
2014-04-20 16:22 - 2014-02-02 00:47 - 00294540 _____ () C:\Users\Kawey\AppData\Local\census.cache
2014-04-20 16:03 - 2014-04-20 16:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(7).exe
2014-04-20 00:37 - 2014-04-20 00:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\137
2014-04-19 23:53 - 2014-04-19 23:53 - 02405664 _____ (Trend Micro Inc.) C:\Users\Kawey\Downloads\HousecallLauncher64(6).exe
2014-04-19 21:46 - 2014-04-18 18:02 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\HandBrake
2014-04-19 20:36 - 2014-04-19 20:36 - 00033947 _____ () C:\Users\Kawey\Downloads\anleitung.htm
2014-04-19 14:06 - 2014-04-19 14:06 - 13888037 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_i686-Win_GUI.exe
2014-04-18 18:43 - 2014-04-18 18:43 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\9130
2014-04-18 18:01 - 2014-04-18 18:01 - 14298467 _____ () C:\Users\Kawey\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe
2014-04-18 17:19 - 2014-04-18 17:16 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140(1).exe
2014-04-18 00:00 - 2013-10-14 20:26 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-04-17 23:51 - 2014-04-17 23:51 - 00082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys
2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieUserList
2014-04-17 23:45 - 2014-04-17 23:45 - 00000000 __SHD () C:\Users\Kawey\AppData\Local\EmieSiteList
2014-04-17 21:37 - 2014-04-17 21:37 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\23260
2014-04-17 21:15 - 2014-04-17 21:15 - 02170880 _____ () C:\Users\Kawey\Downloads\ffmpeg15.exe
2014-04-17 21:15 - 2014-04-17 21:15 - 00000000 ____D () C:\Users\Kawey\AppData\Roaming\NCH Software
2014-04-17 21:04 - 2014-04-17 20:57 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-04-17 20:57 - 2014-04-17 20:57 - 00817696 _____ (NCH Software) C:\Users\Kawey\Downloads\burnsetup.exe
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\NCH Software
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme
2014-04-17 20:57 - 2014-04-17 20:57 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-04-17 20:20 - 2014-04-17 20:20 - 00000000 ____D () C:\ProgramData\vsosdk
2014-04-17 19:41 - 2014-04-17 19:39 - 45464368 _____ (Fengtao Software Inc. ) C:\Users\Kawey\Downloads\DVDFab9140.exe
2014-04-16 18:32 - 2014-04-16 18:32 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup(1).exe
2014-04-16 18:31 - 2013-10-15 21:52 - 00000000 ____D () C:\Users\Kawey\AppData\Local\Adobe
2014-04-16 18:27 - 2014-04-16 18:27 - 01026264 _____ () C:\Users\Kawey\Downloads\Setup.exe
2014-04-15 16:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-14 04:24 - 2014-04-30 11:00 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-04-30 11:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-10 13:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-10 00:22 - 2013-10-22 19:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 00:20 - 2013-10-22 19:13 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 23:41 - 2013-12-27 20:39 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-09 11:09 - 2014-04-09 11:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-09 11:09 - 2014-02-06 00:16 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-09 11:09 - 2014-02-06 00:16 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-09 11:09 - 2014-02-06 00:16 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-04 11:15 - 2013-10-15 21:55 - 00000000 ____D () C:\Program Files (x86)\Adobe

Some content of TEMP:
====================
C:\Users\Kawey\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-22 15:23

==================== End Of Log ============================
         
--- --- ---

--- --- ---
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2014
Ran by Kawey at 2014-05-04 16:51:24
Running from C:\Users\Kawey\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
DVDFab 6.2.1.8 (31/12/2009) (HKLM-x32\...\DVDFab 6_is1) (Version: - Fengtao Software Inc.)
DVDFab 8.2.3.0 (21/12/2013) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version: - Fengtao Software Inc.)
HP Deskjet 1000 J110 series - Grundlegende Software für das Gerät (HKLM\...\{CED47C99-8892-4956-BCA7-CC3123531371}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
Intel PROSet Wireless (Version: - ) Hidden
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
ShenProfessional 3.1 (HKLM-x32\...\ShenProfessional 3.1) (Version: 3.1 - ShenProfessional)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.3.0 - Synaptics Incorporated)
TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
VueScan x64 (HKLM\...\VueScan x64) (Version: - )
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.10798 - WinZip International LLC)
Zattoo Live TV (HKCU\...\6d7aa3e3bf931c56) (Version: 1.0.0.33 - Zattoo Europa AG)

==================== Restore Points =========================

19-04-2014 22:07:05 Windows Update
20-04-2014 17:58:52 Uniblue SpeedUpMyPC installation
21-04-2014 13:29:11 DirectX wurde installiert
21-04-2014 13:30:39 Installiert DVD Copy
21-04-2014 13:50:01 Konfiguriert DVD Copy
23-04-2014 09:09:39 Windows Update
29-04-2014 11:11:50 Windows Update
30-04-2014 10:33:17 Windows Update
02-05-2014 08:26:19 Windows Update
02-05-2014 13:34:05 Installed TomTom HOME.
03-05-2014 19:55:53 Gerätetreiber-Paketinstallation: Hamrick Software Bildverarbeitungsgeräte

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {064CD96A-E037-4F69-9002-2A33D2D0D4BF} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Task: {15140370-AF7C-457A-97C3-ACB5DAEA7741} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28] (Hewlett-Packard)
Task: {2713F8E2-8311-487D-95EC-E4FCBB37EA29} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-09] (AVAST Software)
Task: {4C7F1864-B354-4ADC-B52F-640D174023B9} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-03-20] (TuneUp Software)
Task: {525F893F-C78A-4CAA-82F9-8CF218586A52} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2013-07-15] (Nico Mak Computing)
Task: {5A619D2B-62EB-48B4-8D47-524DD44DAE59} - \b8e2dbf6-f651-4529-84b2-6113f5365cc5-2 No Task File <==== ATTENTION
Task: {5C454E41-A1AD-458A-9457-82221CA45541} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {6BCCE080-ACD7-44FB-9A1C-4D20B1BEFE05} - \Advanced System Protector No Task File <==== ATTENTION
Task: {8BD63277-C514-4E5E-8D92-891CED161CC6} - \b8e2dbf6-f651-4529-84b2-6113f5365cc5-3 No Task File <==== ATTENTION
Task: {90F53596-3544-4868-9410-A2DAEEDAE1E4} - \MySearchDial No Task File <==== ATTENTION
Task: {B23CA7B7-CDBE-4463-8F5B-C935EBFEB070} - \b8e2dbf6-f651-4529-84b2-6113f5365cc5-4 No Task File <==== ATTENTION
Task: {C216408D-9926-4951-B17C-675E25B1BDA9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {C8797928-0C3A-4480-9CB8-40ED80E39856} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {D547AED2-0141-4A70-A155-720283360C5A} - \b8e2dbf6-f651-4529-84b2-6113f5365cc5-5 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-03-20 15:44 - 2014-03-20 15:44 - 00675640 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2013-12-13 13:20 - 2013-12-13 13:20 - 03359600 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-05-04 11:16 - 2014-05-04 11:16 - 02252800 _____ () C:\Program Files\AVAST Software\Avast\defs\14050400\algo.dll
2014-05-02 14:05 - 2013-02-28 16:53 - 00886272 _____ () C:\Program Files (x86)\WinZip Malware Protector\System.Data.SQLite.dll
2014-05-02 14:05 - 2013-07-15 16:53 - 01717936 _____ () C:\Program Files (x86)\WinZip Malware Protector\aspsys.dll
2014-02-06 00:15 - 2014-02-06 00:15 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-30 21:40 - 2014-04-30 21:40 - 03019888 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-04-30 21:40 - 2014-04-30 21:40 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-04-30 21:40 - 2014-04-30 21:40 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-03-29 17:53 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 46%
Total physical RAM: 3941.41 MB
Available physical RAM: 2094.66 MB
Total Pagefile: 7881.01 MB
Available Pagefile: 5890.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:298.09 GB) (Free:243.12 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: C3FFC3FF)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End Of Log ============================ Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Scan Date: 04.05.2014
Scan Time: 16:27:30
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.05.04.05
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Kawey

Scan Type: Hyper Scan
Result: Completed
Objects Scanned: 202342
Time Elapsed: 5 min, 1 sec

Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Kawey on 04.05.2014 at 16:38:18,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411411162}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Kawey\AppData\Roaming\mozilla\firefox\profiles\73f0idua.default-1398406683013\minidumps [8 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.05.2014 at 16:48:46,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[/CODE]

Alt 05.05.2014, 14:56   #10
M-K-D-B
/// TB-Ausbilder
 
entferne sweetpage - Standard

entferne sweetpage



Zitat:
Zitat von Kawey Beitrag anzeigen
MBAM hat jetzt schon reichlich gefunden und braucht noch `n Moment.
Du schreibst, MBAM hat viel gefunden, aber die Logdatei, die du mir davon gepostet hast, ist leer (ohne Funde)... wie das?
__________________
Gruß
M-K-D-B



Das Trojaner-Board unterstützen

Alt 05.05.2014, 22:31   #11
Kawey
 
entferne sweetpage - Standard

entferne sweetpage



Hallo Mathias, bevor ich die Resultate von MBAM in den Editor dokumentieren konnte, fuhr der PC auch schon runter; beim nächsten Mal war alles sauber. Ich habe alle PRG aufgerufen und durchgeführt, die Logdateien auf den Weg gebracht. Alles sieht sehr gut aus und funktioniert störungsfrei. Vielen Dank für die Hilfe; Donation folgt.
L. G. Kawey

Alt 06.05.2014, 14:22   #12
M-K-D-B
/// TB-Ausbilder
 
entferne sweetpage - Standard

entferne sweetpage



Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.
__________________
Gruß
M-K-D-B



Das Trojaner-Board unterstützen

Antwort

Themen zu entferne sweetpage
aufforderung, bereinige, bereinigen, browser, entferne, erschein, erscheint, gefunde, help, jedesmal, mediaplayer, nervige, nicht möglich, suche, sweetpage, sweetpage entfernen, treiber



Ähnliche Themen: entferne sweetpage


  1. Probleme mit Adware/Malware (sweetpage)
    Plagegeister aller Art und deren Bekämpfung - 11.11.2014 (12)
  2. Sweetpage hat netbook verlangsamt
    Plagegeister aller Art und deren Bekämpfung - 03.08.2014 (3)
  3. Sweetpage Virus
    Log-Analyse und Auswertung - 22.07.2014 (11)
  4. grün unterstrichene Worte/superfish/sweetpage
    Plagegeister aller Art und deren Bekämpfung - 20.07.2014 (7)
  5. Verschiedene Ergebnisse mit MAM (hauptsächlich Sweetpage)
    Plagegeister aller Art und deren Bekämpfung - 06.07.2014 (7)
  6. Windows 7 - Google Chrome - SweetPage
    Log-Analyse und Auswertung - 02.07.2014 (7)
  7. Sweetpage und mehrere Funde von MBAM und ESET
    Log-Analyse und Auswertung - 29.06.2014 (23)
  8. Vorbeugende Maßnahmen gegen Sweetpage / Mysearch u.ä.
    Antiviren-, Firewall- und andere Schutzprogramme - 03.06.2014 (13)
  9. Windows 8 nachdem (PUP.Optional.SweetPage.A) behoben ist, Fund von PUP.Optional.IePluginServiceA
    Log-Analyse und Auswertung - 15.05.2014 (19)
  10. Windows 8 (PUP.Optional.SweetPage.A) und andere Bedrohungen
    Log-Analyse und Auswertung - 11.05.2014 (11)
  11. Plagegeister: Superfish & Sweetpage
    Plagegeister aller Art und deren Bekämpfung - 17.02.2014 (3)
  12. Wie entferne ich Qvo6
    Plagegeister aller Art und deren Bekämpfung - 20.11.2013 (11)
  13. Wie entferne ich Iminent?
    Plagegeister aller Art und deren Bekämpfung - 24.08.2013 (9)
  14. GVU 2.07 Trojaner entferne
    Plagegeister aller Art und deren Bekämpfung - 26.10.2012 (8)
  15. trojaner am PC wie entferne ich Ihn?
    Plagegeister aller Art und deren Bekämpfung - 30.07.2012 (3)
  16. Wie entferne ich Virtumonde
    Plagegeister aller Art und deren Bekämpfung - 14.05.2008 (13)
  17. Wie entferne ich...
    Plagegeister aller Art und deren Bekämpfung - 08.09.2005 (4)

Zum Thema entferne sweetpage - auf der Suche nach einem Treiber für die Kodak-Camera hab ich den Treiber nicht gefunden. Dafür erscheint jedesmal die SweetPage, nervige Aufforderung, den PC zu bereinigen und den Browser und - entferne sweetpage...
Archiv
Du betrachtest: entferne sweetpage auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.