Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: unerwünschte Programme / Adware? in der Taskleiste

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 20.06.2014, 09:31   #1
huubi
 
unerwünschte Programme / Adware? in der Taskleiste - Standard

unerwünschte Programme / Adware? in der Taskleiste



Hallo,

seit ein paar Wochen tauchen bei mir in der Taskleite immer wieder unerwünschte Programme. Ich habe sie bisher wenn möglich immer über den "normalen" Weg: Systemsteuerung > Funktionen und Programme installiert. Aber sie tauchen immer wieder auf, momentan habe ich wieder ein Programm mit dem Namen Search Protect in der Leiste welches ich nie "bewusst" installiert habe. Ich vermute dass ich mir was über Freeware eingefangen habe. Ich wäre sehr dankbar wenn mir jemand dabei helfen könnte das dauerhaft loszuwerden.

Viele Grüße,
Huubi

hier die logs:

PS. Ich kann das GMER log nicht in das Thema kopieren. Es lässt sich zwar aus dem Editor in ein neues Editor-Fenster kopieren aber nicht in das Forum?!

FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-06-2014
Ran by admin (administrator) on ADMIN-PC on 20-06-2014 09:18:09
Running from C:\Users\admin\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
(Barracuda Networks, Inc.) C:\Users\admin\AppData\Roaming\Copy\CopyAgent.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
( ) C:\Program Files (x86)\LockKey\LockKey.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Elaborate Bytes AG) C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe
(Dropbox, Inc.) C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(g10 Code GmbH) C:\Program Files (x86)\GNU\GnuPG\gpg-agent.exe
(VideoLAN) C:\Program Files (x86)\vlc-2.0.8-win32\vlc-2.0.8\vlc.exe
(PortableApps.com) F:\Programme\firefox\FirefoxPortable.exe
(Mozilla Corporation) F:\Programme\firefox\App\Firefox\firefox.exe
(Mozilla Corporation) F:\Programme\firefox\App\Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
() C:\Users\admin\Desktop\Defogger.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [517912 2013-02-15] (Acronis)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [564352 2012-03-01] (Conexant Systems, Inc.)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-28] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331_STI.EXE [548864 2011-11-24] (Vimicro)
HKLM-x32\...\Run: [LockKey] => C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-25] ( )
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3774312 2014-04-03] (AVAST Software)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [Copy] => C:\Users\admin\AppData\Roaming\Copy\CopyAgent.exe [15367312 2014-06-19] (Barracuda Networks, Inc.)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-07-30] (Microsoft Corporation)
HKU\S-1-5-21-2378397164-1797230875-1376580222-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759384 2013-07-08] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-2378397164-1797230875-1376580222-1000\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [6875136 2013-03-27] (FreeDownloadManager.ORG)
HKU\S-1-5-21-2378397164-1797230875-1376580222-1000\...\Run: [uTorrent] => C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe [1267536 2014-06-13] (BitTorrent Inc.)
HKU\S-1-5-21-2378397164-1797230875-1376580222-1000\...\Run: [Copy] => C:\Users\admin\AppData\Roaming\Copy\CopyAgent.exe [15367312 2014-06-19] (Barracuda Networks, Inc.)
HKU\S-1-5-21-2378397164-1797230875-1376580222-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2378397164-1797230875-1376580222-1000\...\MountPoints2: {194cb10c-d49a-11e3-9038-fd7fb0873176} - E:\start.exe -q2 course/tflash/Course.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [207680 2014-06-10] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [173888 2014-06-10] (Client Connect LTD)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\smartbar_3312014.exe.lnk
ShortcutTarget: smartbar_3312014.exe.lnk -> C:\Users\admin\AppData\Local\Temp\nsqBF9A.tmp\132\smartbar_3312014.exe (No File)

==================== Internet (Whitelisted) ====================

ProxyServer: controldec.com:3121
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uw4GigvFB13oDfsPU-0fo0C6mk5L_8a-GeDGTsH5uC10cResC6LgCf7CN94vMAYE7nHhD4s__9qCUznvC9TS0MqRhqZvUMKEWvmOvnjKCKzL9dN9zZVqx-enDcj6jJr6TfzzU6RPFec5cMlQXebEgPfmITWexyj3Hq6vhweghzqnDHHbUmsa4ViYCq0Q,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M416834A6-7ACE-4CF1-85C9-96E934FD0A10&SearchSource=55&CUI=&UM=5&UP=SP3453EEB9-0642-4A67-9C0F-E7AFACB798AE&SSPV=SP215A_sp_ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4FB5E0B89B8BCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uw4GigvFB13oDfsPU-0fo0C6mk5L_8a-GeDGTsH5uC10cResC6LgCf7CN94vMAYE7nHhD4s__9qCUznvC9TS0MqRhqZvUMKEWvmOvnjKCKzL9dN9zZVqx-enDcj6jJr6TfzzU6RPFec5cMlQXebEgPfmITWexyj3Hq6vhweghzqnDHHbUmsa4ViYCq0Q,,&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uw4GigvFB13oDfsPU-0fo0C6mk5L_8a-GeDGTsH5uC10cResC6LgCf7CN94vMAYE7nHhD4s__9qCUznvC9TS0MqRhqZvUMKEWvmOvnjKCKzL9dN9zZVqx-enDcj6jJr6TfzzU6RPFec5cMlQXebEgPfmITWexyj3Hq6vhweghzrUhQzkxulFvLaShMeA,,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uw4GigvFB13oDfsPU-0fo0C6mk5L_8a-GeDGTsH5uC10cResC6LgCf7CN94vMAYE7nHhD4s__9qCUznvC9TS0MqRhqZvUMKEWvmOvnjKCKzL9dN9zZVqx-enDcj6jJr6TfzzU6RPFec5cMlQXebEgPfmITWexyj3Hq6vhweghzrUhQzkxulFvLaShMeA,,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M416834A6-7ACE-4CF1-85C9-96E934FD0A10&SearchSource=58&CUI=&UM=5&UP=SP3453EEB9-0642-4A67-9C0F-E7AFACB798AE&q={searchTerms}&SSPV=SP215A_sp_ie
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uw4GigvFB13oDfsPU-0fo0C6mk5L_8a-GeDGTsH5uC10cResC6LgCf7CN94vMAYE7nHhD4s__9qCUznvC9TS0MqRhqZvUMKEWvmOvnjKCKzL9dN9zZVqx-enDcj6jJr6TfzzU6RPFec5cMlQXebEgPfmITWexyj3Hq6vhweghzqnDHHbUmsa4ViYCq0Q,,&q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M416834A6-7ACE-4CF1-85C9-96E934FD0A10&SearchSource=58&CUI=&UM=5&UP=SP3453EEB9-0642-4A67-9C0F-E7AFACB798AE&q={searchTerms}&SSPV=SP215A_sp_ie
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 activation.acronis.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

Chrome: 
=======
CHR HomePage: hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M416834A6-7ACE-4CF1-85C9-96E934FD0A10&SearchSource=55&CUI=&UM=5&UP=SP3453EEB9-0642-4A67-9C0F-E7AFACB798AE&SSPV=SP215A_sp_ch
CHR StartupUrls: "hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M416834A6-7ACE-4CF1-85C9-96E934FD0A10&SearchSource=55&CUI=&UM=5&UP=SP3453EEB9-0642-4A67-9C0F-E7AFACB798AE&SSPV=SP215A_sp_ch"
CHR DefaultSearchKeyword: trovi.search
CHR DefaultSearchProvider: Trovi search
CHR DefaultSearchURL: hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M416834A6-7ACE-4CF1-85C9-96E934FD0A10&SearchSource=58&CUI=&UM=5&UP=SP3453EEB9-0642-4A67-9C0F-E7AFACB798AE&q={searchTerms}&SSPV=SP215A_sp_ch
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-28]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-28]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-28]
CHR Extension: (Google-Suche) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-28]
CHR Extension: (Easy Youtube Video Downloader) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmknocfkgffdgekmfonabppnhdgmghem [2013-08-25]
CHR Extension: (avast! Online Security) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-07-29]
CHR Extension: (Scraper) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbigbapnjcgaffohmbkdlecaccepngjd [2014-06-15]
CHR Extension: (SelectorGadget) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhjhnkcfbdhnjickkkdbjoemdmbfginb [2014-04-22]
CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Google Mail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-28]
CHR Extension: (Extutil) - C:\Users\admin\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-06-16]
CHR Extension: (Managera) - C:\Users\admin\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-06-16]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-06-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-19]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-14] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-03-14] (AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-01] (Broadcom Corporation.)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2723648 2014-06-10] (Client Connect LTD)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-08-20] () [File not signed]
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32568 2013-08-22] (The OpenVPN Project)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
R2 postgresql-8.4; C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files (x86)/PostgreSQL/8.4/data" -w [X]

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-19] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-06-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-19] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-19] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-19] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-07-28] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-07-28] (Acronis)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106256 2013-07-04] (Oracle Corporation)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-07-28] (Acronis International GmbH)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [952832 2011-12-06] (Vimicro Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-20 07:50 - 2014-06-20 07:50 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Mozilla
2014-06-19 23:54 - 2014-06-19 23:54 - 00003708 _____ () C:\Users\admin\Desktop\countries_anbieterUrl_2014-06-19.csv
2014-06-19 23:10 - 2014-06-19 23:10 - 00016824 _____ () C:\Users\admin\Desktop\redirects_2014-06-19.txt
2014-06-19 22:23 - 2014-06-19 22:24 - 00000000 ____D () C:\Users\admin\Desktop\htneu
2014-06-19 22:04 - 2014-06-19 22:04 - 00001155 _____ () C:\Users\admin\Desktop\htacess
2014-06-19 21:45 - 2014-06-20 07:50 - 00020561 _____ () C:\Users\admin\Desktop\redirects.txt
2014-06-19 21:27 - 2014-06-19 21:26 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-19 21:26 - 2014-06-19 21:26 - 00380416 _____ () C:\Users\admin\Desktop\wgsg4m23.exe
2014-06-19 21:26 - 2014-06-19 21:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-19 21:25 - 2014-06-19 21:26 - 00027043 _____ () C:\Users\admin\Desktop\Addition.txt
2014-06-19 21:24 - 2014-06-20 09:18 - 00021476 _____ () C:\Users\admin\Desktop\FRST.txt
2014-06-19 21:24 - 2014-06-20 09:18 - 00000000 ____D () C:\FRST
2014-06-19 21:23 - 2014-06-20 09:17 - 00000472 _____ () C:\Users\admin\Desktop\defogger_disable.log
2014-06-19 21:23 - 2014-06-19 21:23 - 02082304 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-06-19 21:23 - 2014-06-19 21:23 - 00000000 _____ () C:\Users\admin\defogger_reenable
2014-06-19 21:22 - 2014-06-19 21:22 - 00050477 _____ () C:\Users\admin\Desktop\Defogger.exe
2014-06-19 21:13 - 2014-06-19 21:13 - 00000022 _____ () C:\Windows\S.dirmngr
2014-06-17 22:33 - 2014-06-18 01:13 - 00000000 ____D () C:\Users\admin\Downloads\racingfp
2014-06-17 22:32 - 2014-06-17 22:32 - 00339452 _____ () C:\Users\admin\Downloads\racingfp.rar
2014-06-17 20:13 - 2014-06-17 20:13 - 00007168 _____ () C:\Users\admin\Desktop\sample.xls
2014-06-17 20:09 - 2014-06-17 20:09 - 00009423 _____ () C:\Users\admin\Desktop\sample.ods
2014-06-16 17:36 - 2014-06-16 17:36 - 00000000 ____D () C:\Users\admin\AppData\Local\SearchProtect
2014-06-16 17:36 - 2014-06-16 17:36 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-06-16 17:34 - 2014-06-16 17:34 - 00000000 ____D () C:\Users\admin\AppData\Roaming\TuneUp Software
2014-06-16 17:34 - 2014-06-16 17:34 - 00000000 ____D () C:\Users\admin\AppData\Local\TuneUp Software
2014-06-16 17:33 - 2014-06-16 17:35 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-06-16 17:33 - 2014-06-16 17:33 - 00001243 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-06-16 17:33 - 2014-06-16 17:33 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-16 17:33 - 2014-06-16 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-06-16 17:32 - 2014-06-16 17:33 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-06-16 17:32 - 2014-06-16 17:32 - 00000000 ____D () C:\Users\admin\AppData\Roaming\OpenCandy
2014-06-16 17:31 - 2014-06-16 17:33 - 00000000 ____D () C:\Users\admin\AppData\Roaming\DVDVideoSoft
2014-06-15 14:53 - 2014-06-15 14:53 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-15 14:53 - 2014-06-15 14:53 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-15 14:53 - 2014-06-15 14:53 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-15 14:53 - 2014-06-15 14:53 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-15 14:53 - 2014-06-15 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-15 14:53 - 2014-06-15 14:53 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-14 16:27 - 2014-06-14 16:30 - 00000000 ____D () C:\Users\admin\Desktop\htaccess
2014-06-14 13:53 - 2014-06-19 22:13 - 00000104 _____ () C:\Users\admin\Desktop\.htaccess
2014-06-12 14:48 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 14:48 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 14:48 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 14:48 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 14:48 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 14:48 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 14:48 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 14:48 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 14:48 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 14:48 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 14:48 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 14:48 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 14:48 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 14:48 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 14:48 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 14:48 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 14:48 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 14:48 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 14:48 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 14:48 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 14:48 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 14:48 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 14:48 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 14:48 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 14:48 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 14:48 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 14:48 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 14:48 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 14:48 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 14:48 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 14:48 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 14:48 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 14:48 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 14:48 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 14:48 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 14:48 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 14:48 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 14:48 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 14:48 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 14:48 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 14:48 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 14:48 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 14:48 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 14:48 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 14:48 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 14:48 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 14:48 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 14:48 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 14:48 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 14:48 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 14:48 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 14:48 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 14:48 - 2014-05-08 11:32 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-12 14:48 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 14:48 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 14:48 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 14:48 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 14:48 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 14:48 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 14:48 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 14:48 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 14:48 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 14:48 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 14:48 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 14:48 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 14:47 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 14:47 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-11 22:06 - 2014-06-11 22:06 - 00195456 _____ () C:\Users\admin\Downloads\dedate.rar
2014-06-11 16:58 - 2014-06-11 16:58 - 00000257 _____ () C:\Users\admin\Desktop\redirect.php
2014-06-11 09:42 - 2014-06-11 09:57 - 00003454 _____ () C:\Users\admin\Desktop\qCleaner.php
2014-06-10 19:41 - 2014-06-10 19:46 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Apple Computer
2014-06-10 19:41 - 2014-06-10 19:41 - 00000000 ____D () C:\Users\admin\AppData\Local\Apple Computer
2014-06-10 19:40 - 2014-06-15 10:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-10 19:40 - 2014-06-10 19:40 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-06-10 19:40 - 2014-06-10 19:40 - 00000000 ____D () C:\Users\admin\AppData\Local\Apple
2014-06-10 19:40 - 2014-06-10 19:40 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-10 19:40 - 2014-06-10 19:40 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-10 19:39 - 2014-06-10 19:39 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-10 19:38 - 2014-06-10 19:40 - 00000000 ____D () C:\ProgramData\Apple
2014-06-09 20:44 - 2014-06-09 20:44 - 00000989 _____ () C:\Users\admin\Downloads\pgp-key.asc
2014-06-09 15:08 - 2014-06-10 19:25 - 00000000 ____D () C:\Users\admin\Downloads\Marc-Uwe Kling - Die Kaenguru-Offenbarung
2014-06-09 00:11 - 2014-06-09 00:11 - 00000000 ____D () C:\Users\admin\Desktop\scrape
2014-06-08 20:53 - 2014-06-05 00:09 - 00000000 ____D () C:\Users\admin\Downloads\The.Grand.Budapest.Hotel.2014.German.AC3D.BDRip.XviD-FiSTER
2014-06-08 12:28 - 2014-06-08 12:28 - 00000000 ____D () C:\Users\admin\Downloads\web2py_win
2014-06-08 12:27 - 2014-06-08 12:28 - 23268523 _____ () C:\Users\admin\Downloads\web2py_win.zip
2014-06-05 23:02 - 2014-06-05 23:02 - 00010180 _____ () C:\Users\admin\Downloads\hide-title.1.0.3.zip
2014-06-04 21:04 - 2014-06-04 21:05 - 28015743 _____ () C:\Users\admin\Downloads\wetransfer-9b0f1d.zip
2014-06-04 20:38 - 2014-06-04 20:38 - 00423725 _____ () C:\Users\admin\Downloads\wonderplugin-audio-free.zip
2014-06-01 18:57 - 2014-06-01 18:57 - 00002005 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2014-06-01 18:57 - 2014-06-01 18:57 - 00001949 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2014-06-01 18:57 - 2014-06-01 18:57 - 00001928 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-06-01 18:56 - 2014-06-08 20:37 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-05-29 23:52 - 2014-05-29 23:52 - 01150784 _____ () C:\Windows\Minidump\052914-92040-01.dmp
2014-05-29 23:50 - 2014-05-29 23:50 - 799967336 ____N () C:\Windows\MEMORY.DMP
2014-05-27 19:07 - 2014-06-19 21:00 - 00178681 _____ () C:\Users\admin\Documents\veganbodybuildingdiet.com.stk
2014-05-27 19:07 - 2014-06-19 21:00 - 00127256 _____ () C:\Users\admin\.ranktracker.properties
2014-05-27 17:49 - 2014-05-27 17:49 - 00098294 _____ () C:\Users\admin\Documents\veganbodybuildingdiet.com.wsa
2014-05-27 17:36 - 2014-06-02 12:11 - 00428517 _____ () C:\Users\admin\.websiteauditor.properties
2014-05-27 17:34 - 2014-06-02 12:11 - 00000000 ____D () C:\Users\admin\.websiteauditor
2014-05-27 17:34 - 2014-05-27 17:34 - 00006658 _____ () C:\Users\admin\Documents\untitled.bzz
2014-05-27 17:34 - 2014-05-27 17:34 - 00005061 _____ () C:\Users\admin\.buzzbundle.properties
2014-05-27 17:34 - 2014-05-27 17:34 - 00000000 ____D () C:\Users\admin\.buzzbundle
2014-05-27 17:25 - 2014-06-19 21:00 - 00000000 ____D () C:\Users\admin\.ranktracker
2014-05-27 17:24 - 2014-05-27 17:24 - 00002289 _____ () C:\Users\postgres\Desktop\BuzzBundle.lnk
2014-05-27 17:24 - 2014-05-27 17:24 - 00002289 _____ () C:\Users\Gast\Desktop\BuzzBundle.lnk
2014-05-27 17:24 - 2014-05-27 17:24 - 00002289 _____ () C:\Users\fsj\Desktop\BuzzBundle.lnk
2014-05-27 17:24 - 2014-05-27 17:24 - 00002289 _____ () C:\Users\admin\Desktop\BuzzBundle.lnk
2014-05-27 17:24 - 2014-05-27 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BuzzBundle
2014-05-27 17:23 - 2014-05-27 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link-AssistantCom
2014-05-27 17:23 - 2014-05-27 17:24 - 00000000 ____D () C:\Program Files (x86)\Link-AssistantCom
2014-05-27 17:23 - 2014-05-27 17:23 - 00002372 _____ () C:\Users\postgres\Desktop\WebSite Auditor.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002372 _____ () C:\Users\Gast\Desktop\WebSite Auditor.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002372 _____ () C:\Users\fsj\Desktop\WebSite Auditor.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002372 _____ () C:\Users\admin\Desktop\WebSite Auditor.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002343 _____ () C:\Users\postgres\Desktop\LinkAssistant.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002343 _____ () C:\Users\Gast\Desktop\LinkAssistant.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002343 _____ () C:\Users\fsj\Desktop\LinkAssistant.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002343 _____ () C:\Users\admin\Desktop\LinkAssistant.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002318 _____ () C:\Users\postgres\Desktop\SEO SpyGlass.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002318 _____ () C:\Users\postgres\Desktop\Rank Tracker.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002318 _____ () C:\Users\Gast\Desktop\SEO SpyGlass.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002318 _____ () C:\Users\Gast\Desktop\Rank Tracker.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002318 _____ () C:\Users\fsj\Desktop\SEO SpyGlass.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002318 _____ () C:\Users\fsj\Desktop\Rank Tracker.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002318 _____ () C:\Users\admin\Desktop\SEO SpyGlass.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002318 _____ () C:\Users\admin\Desktop\Rank Tracker.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00000000 ____D () C:\Users\admin\Downloads\seopowersuite-jre
2014-05-27 10:48 - 2014-05-27 10:51 - 00000000 ____D () C:\Python27
2014-05-27 10:48 - 2014-05-27 10:48 - 16674816 _____ () C:\Users\admin\Downloads\python-2.7.6.amd64.msi
2014-05-27 10:48 - 2014-05-27 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2014-05-22 17:54 - 2014-05-22 17:54 - 00000000 ____D () C:\Users\admin\Desktop\uploaded
2014-05-21 11:19 - 2014-05-21 11:19 - 00000259 _____ () C:\Users\admin\Downloads\9oiiqXGXhXB92Anif0Kv6sNjHK4.html
2014-05-21 11:10 - 2014-05-21 11:10 - 00000053 _____ () C:\Users\admin\Downloads\google4e2ddcfaf35cbd8e.html

==================== One Month Modified Files and Folders =======

2014-06-20 09:18 - 2014-06-19 21:24 - 00021476 _____ () C:\Users\admin\Desktop\FRST.txt
2014-06-20 09:18 - 2014-06-19 21:24 - 00000000 ____D () C:\FRST
2014-06-20 09:17 - 2014-06-19 21:23 - 00000472 _____ () C:\Users\admin\Desktop\defogger_disable.log
2014-06-20 09:14 - 2014-04-17 15:02 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Thunderbird
2014-06-20 09:11 - 2013-08-02 17:54 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Dropbox
2014-06-20 08:53 - 2013-11-17 20:47 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Copy
2014-06-20 08:42 - 2013-08-25 14:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-20 08:41 - 2013-07-28 16:08 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-20 07:50 - 2014-06-20 07:50 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Mozilla
2014-06-20 07:50 - 2014-06-19 21:45 - 00020561 _____ () C:\Users\admin\Desktop\redirects.txt
2014-06-20 07:50 - 2013-11-06 18:07 - 00000000 ____D () C:\Users\admin\AppData\Local\Mozilla
2014-06-20 07:50 - 2013-08-09 08:15 - 00000000 ____D () C:\Users\admin\AppData\Roaming\FileZilla
2014-06-20 03:15 - 2013-07-28 15:57 - 01627174 _____ () C:\Windows\WindowsUpdate.log
2014-06-20 02:40 - 2013-07-28 16:08 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-19 23:54 - 2014-06-19 23:54 - 00003708 _____ () C:\Users\admin\Desktop\countries_anbieterUrl_2014-06-19.csv
2014-06-19 23:10 - 2014-06-19 23:10 - 00016824 _____ () C:\Users\admin\Desktop\redirects_2014-06-19.txt
2014-06-19 22:24 - 2014-06-19 22:23 - 00000000 ____D () C:\Users\admin\Desktop\htneu
2014-06-19 22:13 - 2014-06-14 13:53 - 00000104 _____ () C:\Users\admin\Desktop\.htaccess
2014-06-19 22:06 - 2014-02-13 15:01 - 00001212 _____ () C:\Users\admin\Desktop\htacess.txt
2014-06-19 22:04 - 2014-06-19 22:04 - 00001155 _____ () C:\Users\admin\Desktop\htacess
2014-06-19 21:42 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\admin\AppData\Roaming\gnupg
2014-06-19 21:27 - 2014-03-14 18:30 - 00001952 _____ () C:\Users\Public\Desktop\avast! Premier.lnk
2014-06-19 21:27 - 2014-03-14 18:29 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-19 21:27 - 2014-03-14 18:29 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-19 21:27 - 2014-03-14 18:29 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-19 21:27 - 2014-03-14 18:29 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-19 21:26 - 2014-06-19 21:27 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-19 21:26 - 2014-06-19 21:26 - 00380416 _____ () C:\Users\admin\Desktop\wgsg4m23.exe
2014-06-19 21:26 - 2014-06-19 21:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-19 21:26 - 2014-06-19 21:25 - 00027043 _____ () C:\Users\admin\Desktop\Addition.txt
2014-06-19 21:26 - 2014-03-14 18:29 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1403206028215
2014-06-19 21:26 - 2014-03-14 18:29 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1403206028215
2014-06-19 21:26 - 2014-03-14 18:29 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-19 21:26 - 2014-03-14 18:29 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-19 21:26 - 2014-03-14 18:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-19 21:26 - 2014-03-14 18:29 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1403206028215
2014-06-19 21:26 - 2014-03-14 18:29 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-19 21:26 - 2014-03-14 18:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-19 21:26 - 2014-03-14 18:29 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-06-19 21:23 - 2014-06-19 21:23 - 02082304 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-06-19 21:23 - 2014-06-19 21:23 - 00000000 _____ () C:\Users\admin\defogger_reenable
2014-06-19 21:23 - 2013-07-28 16:00 - 00000000 ____D () C:\Users\admin
2014-06-19 21:22 - 2014-06-19 21:22 - 00050477 _____ () C:\Users\admin\Desktop\Defogger.exe
2014-06-19 21:21 - 2009-07-14 06:45 - 00026304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-19 21:21 - 2009-07-14 06:45 - 00026304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-19 21:15 - 2014-05-02 23:27 - 00000000 ____D () C:\Users\admin\AppData\Roaming\DropboxMaster
2014-06-19 21:15 - 2013-08-29 19:53 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Skype
2014-06-19 21:15 - 2013-08-10 09:46 - 00000000 ____D () C:\Users\admin\AppData\Roaming\uTorrent
2014-06-19 21:15 - 2013-08-02 17:57 - 00000000 ___RD () C:\Users\admin\Dropbox
2014-06-19 21:13 - 2014-06-19 21:13 - 00000022 _____ () C:\Windows\S.dirmngr
2014-06-19 21:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-19 21:13 - 2009-07-14 06:51 - 00047132 _____ () C:\Windows\setupact.log
2014-06-19 21:12 - 2013-08-03 08:14 - 00000000 ____D () C:\Program Files\WinRAR
2014-06-19 21:12 - 2013-07-28 16:14 - 00872152 _____ () C:\Windows\PFRO.log
2014-06-19 21:00 - 2014-05-27 19:07 - 00178681 _____ () C:\Users\admin\Documents\veganbodybuildingdiet.com.stk
2014-06-19 21:00 - 2014-05-27 19:07 - 00127256 _____ () C:\Users\admin\.ranktracker.properties
2014-06-19 21:00 - 2014-05-27 17:25 - 00000000 ____D () C:\Users\admin\.ranktracker
2014-06-19 08:58 - 2013-08-08 09:51 - 00000000 ____D () C:\Users\admin\AppData\Roaming\vlc
2014-06-18 16:02 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-06-18 16:02 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-06-18 16:02 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-18 06:56 - 2013-08-08 10:23 - 00000000 ____D () C:\Users\admin\.VirtualBox
2014-06-18 01:13 - 2014-06-17 22:33 - 00000000 ____D () C:\Users\admin\Downloads\racingfp
2014-06-17 22:32 - 2014-06-17 22:32 - 00339452 _____ () C:\Users\admin\Downloads\racingfp.rar
2014-06-17 20:34 - 2014-03-11 10:49 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-17 20:34 - 2013-08-29 19:52 - 00000000 ____D () C:\ProgramData\Skype
2014-06-17 20:13 - 2014-06-17 20:13 - 00007168 _____ () C:\Users\admin\Desktop\sample.xls
2014-06-17 20:09 - 2014-06-17 20:09 - 00009423 _____ () C:\Users\admin\Desktop\sample.ods
2014-06-16 17:37 - 2013-11-17 09:18 - 00000000 ____D () C:\Program Files (x86)\PPV Sniper
2014-06-16 17:36 - 2014-06-16 17:36 - 00000000 ____D () C:\Users\admin\AppData\Local\SearchProtect
2014-06-16 17:36 - 2014-06-16 17:36 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-06-16 17:35 - 2014-06-16 17:33 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-06-16 17:34 - 2014-06-16 17:34 - 00000000 ____D () C:\Users\admin\AppData\Roaming\TuneUp Software
2014-06-16 17:34 - 2014-06-16 17:34 - 00000000 ____D () C:\Users\admin\AppData\Local\TuneUp Software
2014-06-16 17:33 - 2014-06-16 17:33 - 00001243 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-06-16 17:33 - 2014-06-16 17:33 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-16 17:33 - 2014-06-16 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-06-16 17:33 - 2014-06-16 17:32 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-06-16 17:33 - 2014-06-16 17:31 - 00000000 ____D () C:\Users\admin\AppData\Roaming\DVDVideoSoft
2014-06-16 17:32 - 2014-06-16 17:32 - 00000000 ____D () C:\Users\admin\AppData\Roaming\OpenCandy
2014-06-15 23:43 - 2013-07-31 12:00 - 00002006 ____H () C:\Users\admin\Documents\Default.rdp
2014-06-15 14:53 - 2014-06-15 14:53 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-15 14:53 - 2014-06-15 14:53 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-15 14:53 - 2014-06-15 14:53 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-15 14:53 - 2014-06-15 14:53 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-15 14:53 - 2014-06-15 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-15 14:53 - 2014-06-15 14:53 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-15 10:50 - 2014-06-10 19:40 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-14 19:25 - 2013-10-19 14:35 - 00000000 ____D () C:\Users\admin\AppData\Local\PokerStars.EU
2014-06-14 19:23 - 2014-02-07 17:15 - 00000000 ____D () C:\Users\admin\AppData\Local\PokerStars.NET
2014-06-14 19:23 - 2014-02-07 17:15 - 00000000 ____D () C:\Program Files (x86)\PokerStars.NET
2014-06-14 16:30 - 2014-06-14 16:27 - 00000000 ____D () C:\Users\admin\Desktop\htaccess
2014-06-14 03:14 - 2013-08-03 08:14 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-06-14 03:14 - 2013-08-03 08:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-06-13 07:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-13 06:16 - 2013-08-25 14:49 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-13 06:16 - 2013-08-25 14:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-13 06:16 - 2013-08-25 14:49 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-13 03:04 - 2013-08-14 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 03:01 - 2013-07-28 22:12 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-13 03:00 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 08:18 - 2013-08-28 13:10 - 00000000 ____D () C:\Users\admin\AppData\Local\CrashDumps
2014-06-11 22:06 - 2014-06-11 22:06 - 00195456 _____ () C:\Users\admin\Downloads\dedate.rar
2014-06-11 16:58 - 2014-06-11 16:58 - 00000257 _____ () C:\Users\admin\Desktop\redirect.php
2014-06-11 09:57 - 2014-06-11 09:42 - 00003454 _____ () C:\Users\admin\Desktop\qCleaner.php
2014-06-10 20:32 - 2013-10-19 14:35 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-06-10 19:46 - 2014-06-10 19:41 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Apple Computer
2014-06-10 19:41 - 2014-06-10 19:41 - 00000000 ____D () C:\Users\admin\AppData\Local\Apple Computer
2014-06-10 19:40 - 2014-06-10 19:40 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-06-10 19:40 - 2014-06-10 19:40 - 00000000 ____D () C:\Users\admin\AppData\Local\Apple
2014-06-10 19:40 - 2014-06-10 19:40 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-10 19:40 - 2014-06-10 19:40 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-10 19:40 - 2014-06-10 19:38 - 00000000 ____D () C:\ProgramData\Apple
2014-06-10 19:39 - 2014-06-10 19:39 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-10 19:25 - 2014-06-09 15:08 - 00000000 ____D () C:\Users\admin\Downloads\Marc-Uwe Kling - Die Kaenguru-Offenbarung
2014-06-09 20:58 - 2014-01-23 13:03 - 00000000 ____D () C:\Users\admin\AppData\Roaming\ExpressVPN
2014-06-09 20:44 - 2014-06-09 20:44 - 00000989 _____ () C:\Users\admin\Downloads\pgp-key.asc
2014-06-09 00:11 - 2014-06-09 00:11 - 00000000 ____D () C:\Users\admin\Desktop\scrape
2014-06-08 20:39 - 2013-08-03 08:08 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Binreader
2014-06-08 20:37 - 2014-06-01 18:56 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-06-08 12:28 - 2014-06-08 12:28 - 00000000 ____D () C:\Users\admin\Downloads\web2py_win
2014-06-08 12:28 - 2014-06-08 12:27 - 23268523 _____ () C:\Users\admin\Downloads\web2py_win.zip
2014-06-08 11:13 - 2014-06-12 14:47 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-12 14:47 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-05 23:02 - 2014-06-05 23:02 - 00010180 _____ () C:\Users\admin\Downloads\hide-title.1.0.3.zip
2014-06-05 00:09 - 2014-06-08 20:53 - 00000000 ____D () C:\Users\admin\Downloads\The.Grand.Budapest.Hotel.2014.German.AC3D.BDRip.XviD-FiSTER
2014-06-04 21:05 - 2014-06-04 21:04 - 28015743 _____ () C:\Users\admin\Downloads\wetransfer-9b0f1d.zip
2014-06-04 20:38 - 2014-06-04 20:38 - 00423725 _____ () C:\Users\admin\Downloads\wonderplugin-audio-free.zip
2014-06-03 20:00 - 2014-03-06 20:11 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-03 20:00 - 2014-03-06 20:11 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-06-02 16:06 - 2009-07-14 07:08 - 00031878 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-02 12:11 - 2014-05-27 17:36 - 00428517 _____ () C:\Users\admin\.websiteauditor.properties
2014-06-02 12:11 - 2014-05-27 17:34 - 00000000 ____D () C:\Users\admin\.websiteauditor
2014-06-01 18:57 - 2014-06-01 18:57 - 00002005 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2014-06-01 18:57 - 2014-06-01 18:57 - 00001949 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2014-06-01 18:57 - 2014-06-01 18:57 - 00001928 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-05-30 12:21 - 2014-06-12 14:48 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-12 14:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-12 14:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-12 14:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-12 14:48 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-12 14:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-12 14:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-12 14:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-12 14:48 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-12 14:48 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-12 14:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-12 14:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-12 14:48 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-12 14:48 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-12 14:48 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-12 14:48 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-12 14:48 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-12 14:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-12 14:48 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-12 14:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-12 14:48 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-12 14:48 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-12 14:48 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-12 14:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-12 14:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-12 14:48 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-12 14:48 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-12 14:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-12 14:48 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-12 14:48 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-12 14:48 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-12 14:48 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-12 14:48 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-12 14:48 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-12 14:48 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-12 14:48 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-12 14:48 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-12 14:48 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-12 14:48 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-12 14:48 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-12 14:48 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-12 14:48 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-12 14:48 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-12 14:48 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-12 14:48 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-12 14:48 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-12 14:48 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-12 14:48 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-12 14:48 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-12 14:48 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-12 14:48 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-12 14:48 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-29 23:52 - 2014-05-29 23:52 - 01150784 _____ () C:\Windows\Minidump\052914-92040-01.dmp
2014-05-29 23:52 - 2013-10-31 07:42 - 00000000 ____D () C:\Windows\Minidump
2014-05-29 23:50 - 2014-05-29 23:50 - 799967336 ____N () C:\Windows\MEMORY.DMP
2014-05-27 23:10 - 2013-08-02 17:56 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-27 17:49 - 2014-05-27 17:49 - 00098294 _____ () C:\Users\admin\Documents\veganbodybuildingdiet.com.wsa
2014-05-27 17:34 - 2014-05-27 17:34 - 00006658 _____ () C:\Users\admin\Documents\untitled.bzz
2014-05-27 17:34 - 2014-05-27 17:34 - 00005061 _____ () C:\Users\admin\.buzzbundle.properties
2014-05-27 17:34 - 2014-05-27 17:34 - 00000000 ____D () C:\Users\admin\.buzzbundle
2014-05-27 17:24 - 2014-05-27 17:24 - 00002289 _____ () C:\Users\postgres\Desktop\BuzzBundle.lnk
2014-05-27 17:24 - 2014-05-27 17:24 - 00002289 _____ () C:\Users\Gast\Desktop\BuzzBundle.lnk
2014-05-27 17:24 - 2014-05-27 17:24 - 00002289 _____ () C:\Users\fsj\Desktop\BuzzBundle.lnk
2014-05-27 17:24 - 2014-05-27 17:24 - 00002289 _____ () C:\Users\admin\Desktop\BuzzBundle.lnk
2014-05-27 17:24 - 2014-05-27 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BuzzBundle
2014-05-27 17:24 - 2014-05-27 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link-AssistantCom
2014-05-27 17:24 - 2014-05-27 17:23 - 00000000 ____D () C:\Program Files (x86)\Link-AssistantCom
2014-05-27 17:23 - 2014-05-27 17:23 - 00002372 _____ () C:\Users\postgres\Desktop\WebSite Auditor.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002372 _____ () C:\Users\Gast\Desktop\WebSite Auditor.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002372 _____ () C:\Users\fsj\Desktop\WebSite Auditor.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002372 _____ () C:\Users\admin\Desktop\WebSite Auditor.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002343 _____ () C:\Users\postgres\Desktop\LinkAssistant.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002343 _____ () C:\Users\Gast\Desktop\LinkAssistant.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002343 _____ () C:\Users\fsj\Desktop\LinkAssistant.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002343 _____ () C:\Users\admin\Desktop\LinkAssistant.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002318 _____ () C:\Users\postgres\Desktop\SEO SpyGlass.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002318 _____ () C:\Users\postgres\Desktop\Rank Tracker.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002318 _____ () C:\Users\Gast\Desktop\SEO SpyGlass.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002318 _____ () C:\Users\Gast\Desktop\Rank Tracker.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002318 _____ () C:\Users\fsj\Desktop\SEO SpyGlass.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002318 _____ () C:\Users\fsj\Desktop\Rank Tracker.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002318 _____ () C:\Users\admin\Desktop\SEO SpyGlass.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00002318 _____ () C:\Users\admin\Desktop\Rank Tracker.lnk
2014-05-27 17:23 - 2014-05-27 17:23 - 00000000 ____D () C:\Users\admin\Downloads\seopowersuite-jre
2014-05-27 10:51 - 2014-05-27 10:48 - 00000000 ____D () C:\Python27
2014-05-27 10:48 - 2014-05-27 10:48 - 16674816 _____ () C:\Users\admin\Downloads\python-2.7.6.amd64.msi
2014-05-27 10:48 - 2014-05-27 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2014-05-22 17:54 - 2014-05-22 17:54 - 00000000 ____D () C:\Users\admin\Desktop\uploaded
2014-05-22 17:45 - 2013-09-19 07:26 - 00000000 ____D () C:\Users\admin\Downloads\ppvguru
2014-05-21 11:19 - 2014-05-21 11:19 - 00000259 _____ () C:\Users\admin\Downloads\9oiiqXGXhXB92Anif0Kv6sNjHK4.html
2014-05-21 11:10 - 2014-05-21 11:10 - 00000053 _____ () C:\Users\admin\Downloads\google4e2ddcfaf35cbd8e.html

Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\admin\AppData\Local\Temp\BackupSetup.exe
C:\Users\admin\AppData\Local\Temp\Checkupdate.exe
C:\Users\admin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpudt506.dll
C:\Users\admin\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\admin\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\admin\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\admin\AppData\Local\Temp\FreemakeVideoConverter_4.0.3.4.exe
C:\Users\admin\AppData\Local\Temp\gcapi_dll.dll
C:\Users\admin\AppData\Local\Temp\gtapi_signed.dll
C:\Users\admin\AppData\Local\Temp\JDSetup130461150851952923.exe
C:\Users\admin\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\admin\AppData\Local\Temp\mconduitinstaller.exe
C:\Users\admin\AppData\Local\Temp\nsoD18B.exe
C:\Users\admin\AppData\Local\Temp\nst8D66.exe
C:\Users\admin\AppData\Local\Temp\nstCAA7.exe
C:\Users\admin\AppData\Local\Temp\nsy88A4.exe
C:\Users\admin\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\admin\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\admin\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\admin\AppData\Local\Temp\Upgrade.exe
C:\Users\admin\AppData\Local\Temp\vcredist_x64.exe
C:\Users\admin\AppData\Local\Temp\VirtualRouterPlusSetup.exe
C:\Users\admin\AppData\Local\Temp\xmlUpdater.exe
C:\Users\admin\AppData\Local\Temp\_is5D4C.exe
C:\Users\admin\AppData\Local\Temp\_is9980.exe
C:\Users\admin\AppData\Local\Temp\_isB99F.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 19:00

==================== End Of Log ============================
         
--- --- ---


Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-06-2014
Ran by admin at 2014-06-19 21:25:29
Running from C:\Users\admin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31395 - BitTorrent Inc.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
AccessToCSV (HKLM-x32\...\{033F6F4A-040B-42AE-B4B0-34E1344CFB51}) (Version: 1.0.0.0 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
ALF-BanCo 5 (HKLM-x32\...\Alf-BanCo5_is1) (Version: 5.3.4 - ALF AG)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.9.9 - Atheros Communications Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2004761854.48.56.9309554 - Audible, Inc.)
Avast License by ZeNiX [2014-01-11] (HKLM-x32\...\Avast_2050_ZeNiX [2014-01-11]_is1) (Version:  - )
avast! Premier (HKLM-x32\...\Avast) (Version: 9.0.2013 - Avast Software)
Binreader (HKLM-x32\...\{3D47B2C0-8748-4450-99AE-0746A5A74C8E}) (Version: 1.0.0 - Binreader)
Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version:  - ) <==== ATTENTION
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.34.0 - Conexant)
Copy (HKLM\...\{92AA1305-04A1-4931-9B08-52FF52B171AE}) (Version: 1.37.546.0 - Barracuda Networks, Inc.)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
ExpressVPN v3.416 (HKLM-x32\...\ExpressVPN) (Version: v3.416 - )
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.0.6.722 - Foxit Corporation)
Free Download Manager 3.9.2 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Free YouTube Download version 3.2.39.604 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.39.604 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Gpg4win (2.2.0) (HKLM-x32\...\GPG4Win) (Version: 2.2.0 - The Gpg4win Project)
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version:  - )
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2656 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Iso2God v1.3.6 (HKLM-x32\...\{AB95979D-85EF-484A-9805-EB28E676E201}_is1) (Version:  - Team 360h)
Ivacy Monitor (HKCU\...\Ivacy Monitor) (Version: 2.1.3.255 - Ivacy.com)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.11.1206.1 - Vimicro)
Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
LockKey (HKLM-x32\...\InstallShield_{AF192694-4B15-4AC1-92F3-1B02E98C08BD}) (Version: 1.38.1.2 - Lenovo)
LockKey (x32 Version: 1.38.1.2 - Lenovo) Hidden
MFC RunTime files (x32 Version: 1.0.0 - Extensoft) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.3 - Notepad++ Team)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.3-I003  (HKLM-x32\...\OpenVPN) (Version: 2.3-I003 - )
Oracle VM VirtualBox 4.2.16 (HKLM\...\{4CC3444D-7279-4E83-984F-18E9A7B2E803}) (Version: 4.2.16 - Oracle Corporation)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.7 - )
pidgin-otr 4.0.0-1 (HKLM-x32\...\pidgin-otr) (Version: 4.0.0-1 - Cypherpunks CA)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
PokerStars.net (HKLM-x32\...\PokerStars.net) (Version:  - PokerStars.net)
PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
Python 2.7.6 (64-bit) (HKLM\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E3}) (Version: 2.7.6150 - Python Software Foundation)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7601.39016 - Realtek Semiconductor Corp.)
Sandboxie 4.04 (64-bit) (HKLM\...\Sandboxie) (Version: 4.04 - Sandboxie Holdings, LLC)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.15.0.270 - Client Connect LTD) <==== ATTENTION
SEO PowerSuite (HKLM-x32\...\seopowersuite) (Version:  - )
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
Technitium MAC Address Changer v6.0.4 (HKLM-x32\...\TMACv6.0) (Version: 6.0.4 - Technitium)
TeXnicCenter Version 2.0 Beta 2 (HKLM\...\TeXnicCenter_is1) (Version: 2.0 Beta 2 - The TeXnicCenter Team)
True Image 2013 (HKLM-x32\...\{4AA75223-6CBF-46F4-8EE4-7BF0591089F7}Visible) (Version: 16.0.6514 - Acronis)
True Image 2013 (x32 Version: 16.0.6514 - Acronis) Hidden
True Image 2013 Plus Pack (HKLM-x32\...\{1547FF3D-F82F-46AE-819B-78C7BB3D53EC}) (Version: 16.0.6514 - Acronis)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
William Hill Poker (HKCU\...\William Hill Poker) (Version:  - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
WinHTTrack Website Copier 3.47-27 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.47.27 - HTTrack)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Wireshark 1.10.2 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.2 - The Wireshark developer community, hxxp://www.wireshark.org)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-28 18:17 - 00000860 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.acronis.com

==================== Scheduled Tasks (whitelisted) =============

Task: {014D41A6-AE0E-4E7D-A08E-ADFBF1037706} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-13] (Adobe Systems Incorporated)
Task: {06B6B384-0A85-4E74-9266-76C7EBC19587} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-28] (Google Inc.)
Task: {7F59F3DE-D9E3-440E-B181-D0EEAFA81CCB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-14] (AVAST Software)
Task: {BCFD51F2-E8F0-4DE0-A9DA-E4DEE41AF216} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-28] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-08-20 12:04 - 2013-08-20 12:04 - 00218112 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2013-11-17 20:47 - 2014-06-11 22:44 - 08212480 _____ () C:\Users\admin\AppData\Roaming\Copy\overlay\Brt.dll
2013-03-27 22:39 - 2013-03-27 22:39 - 00021824 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\x64\ti_managers_proxy_stub.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-07-28 16:10 - 2012-02-17 18:21 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-19 16:39 - 2014-06-19 01:37 - 02092544 _____ () C:\Users\admin\AppData\Roaming\Copy\Gui.dll
2013-09-19 16:55 - 2014-06-19 01:37 - 08212480 _____ () C:\Users\admin\AppData\Roaming\Copy\Brt.dll
2013-12-11 21:47 - 2014-06-19 01:37 - 09202688 _____ () C:\Users\admin\AppData\Roaming\Copy\AgentSync.dll
2013-09-19 16:41 - 2014-06-19 01:37 - 05325312 _____ () C:\Users\admin\AppData\Roaming\Copy\CloudSync.dll
2014-06-19 21:22 - 2014-06-19 21:22 - 00050477 _____ () C:\Users\admin\Desktop\Defogger.exe
2014-03-14 18:40 - 2014-01-14 12:10 - 00692224 _____ () C:\Program Files\AVAST Software\Avast\VERSION.dll
2014-06-19 20:06 - 2014-06-19 18:13 - 02783232 _____ () C:\Program Files\AVAST Software\Avast\defs\14061901\algo.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-20 11:59 - 2013-08-20 11:59 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2013-08-20 11:56 - 2013-08-20 11:56 - 00037888 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2013-08-20 11:54 - 2013-08-20 11:54 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2013-08-20 11:58 - 2013-08-20 11:58 - 00069632 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2013-08-20 11:59 - 2013-08-20 11:59 - 00628224 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-11.dll
2013-10-23 17:58 - 2011-01-28 07:15 - 00172032 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\LIBPQ.dll
2013-10-23 17:58 - 2009-02-12 21:01 - 00976384 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\libxml2.dll
2013-10-23 17:58 - 2005-07-20 12:48 - 00059904 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\zlib1.dll
2013-08-22 16:24 - 2013-01-11 03:22 - 03547136 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll
2013-03-28 00:37 - 2013-03-28 00:37 - 13627872 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2013-01-10 13:43 - 2013-01-10 13:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2014-03-14 18:29 - 2014-03-14 18:29 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-14 18:40 - 2014-01-14 12:10 - 00692224 _____ () C:\Program Files\AVAST Software\Avast\version.DLL
2014-06-19 21:15 - 2014-06-19 21:15 - 00043008 _____ () c:\users\admin\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpudt506.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\libcef.dll
2013-03-27 22:09 - 2013-03-27 22:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-06-19 21:16 - 2014-06-19 21:16 - 00029696 _____ () C:\Users\admin\AppData\Local\Temp\nsgA6EA.tmp\registry.dll
2014-06-19 21:16 - 2014-06-19 21:16 - 00008704 _____ () C:\Users\admin\AppData\Local\Temp\nsgA6EA.tmp\newadvsplash.dll
2014-06-19 21:16 - 2014-06-19 21:16 - 00011264 _____ () C:\Users\admin\AppData\Local\Temp\nsgA6EA.tmp\System.dll
2014-02-18 23:26 - 2014-06-11 09:56 - 03852912 _____ () F:\Programme\firefox\App\firefox\mozjs.dll
2013-08-22 16:24 - 2013-01-11 03:17 - 00105984 _____ () C:\Program Files (x86)\Free Download Manager\fdmumsp.dll
2014-02-28 20:17 - 2014-02-28 20:17 - 01020928 _____ () F:\Programme\firefox\Data\profile\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2013-03-27 22:36 - 2013-03-27 22:36 - 00021312 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/19/2014 09:13:35 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-06-19 21:13:35 CESTFATAL:  the database system is starting up

Error: (06/15/2014 00:55:34 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={ACA111CF-7A7A-491A-8EB8-6F975E422BF3}: Der Benutzer "admin-pc\admin" hat eine Verbindung mit dem Namen "Ivacy Monitor VPN" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 691.

Error: (06/15/2014 00:55:23 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={2522EF5B-1AC8-45A6-8C56-5FF30E4DFDAB}: Der Benutzer "admin-pc\admin" hat eine Verbindung mit dem Namen "Ivacy Monitor VPN" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 691.

Error: (06/15/2014 00:55:14 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={0E09F19D-3633-47FB-B08E-5FAFC8648B1D}: Der Benutzer "admin-pc\admin" hat eine Verbindung mit dem Namen "Ivacy Monitor VPN" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.

Error: (06/13/2014 07:20:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4041

Error: (06/13/2014 07:20:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4041

Error: (06/13/2014 07:20:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/13/2014 07:20:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3042

Error: (06/13/2014 07:20:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3042

Error: (06/13/2014 07:20:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (06/16/2014 10:30:36 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{146FAFF1-48AE-46F6-A6C3-DBD9DCA818BD}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (06/16/2014 08:03:15 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{146FAFF1-48AE-46F6-A6C3-DBD9DCA818BD}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (06/16/2014 07:51:14 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{146FAFF1-48AE-46F6-A6C3-DBD9DCA818BD}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (06/16/2014 07:27:05 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{146FAFF1-48AE-46F6-A6C3-DBD9DCA818BD}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (06/16/2014 07:18:04 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{146FAFF1-48AE-46F6-A6C3-DBD9DCA818BD}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (06/16/2014 06:29:58 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{146FAFF1-48AE-46F6-A6C3-DBD9DCA818BD}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (06/16/2014 06:26:57 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{146FAFF1-48AE-46F6-A6C3-DBD9DCA818BD}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (06/16/2014 04:53:38 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{146FAFF1-48AE-46F6-A6C3-DBD9DCA818BD}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (06/16/2014 03:20:29 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{146FAFF1-48AE-46F6-A6C3-DBD9DCA818BD}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (06/16/2014 03:02:27 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{146FAFF1-48AE-46F6-A6C3-DBD9DCA818BD}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.


Microsoft Office Sessions:
=========================
Error: (06/19/2014 09:13:35 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-06-19 21:13:35 CESTFATAL:  the database system is starting up

Error: (06/15/2014 00:55:34 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {ACA111CF-7A7A-491A-8EB8-6F975E422BF3}admin-pc\adminIvacy Monitor VPN691

Error: (06/15/2014 00:55:23 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {2522EF5B-1AC8-45A6-8C56-5FF30E4DFDAB}admin-pc\adminIvacy Monitor VPN691

Error: (06/15/2014 00:55:14 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {0E09F19D-3633-47FB-B08E-5FAFC8648B1D}admin-pc\adminIvacy Monitor VPN0

Error: (06/13/2014 07:20:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4041

Error: (06/13/2014 07:20:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4041

Error: (06/13/2014 07:20:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/13/2014 07:20:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3042

Error: (06/13/2014 07:20:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3042

Error: (06/13/2014 07:20:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info =========================== 

Percentage of memory in use: 29%
Total physical RAM: 8092.36 MB
Available physical RAM: 5689.55 MB
Total Pagefile: 16182.9 MB
Available Pagefile: 13602.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:84.63 GB) (Free:0.79 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive f: (Daten) (Fixed) (Total:381.13 GB) (Free:182.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 11229228)
Partition 1: (Active) - (Size=85 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=381 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Geändert von huubi (20.06.2014 um 09:33 Uhr) Grund: GMER

Alt 20.06.2014, 12:55   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
unerwünschte Programme / Adware? in der Taskleiste - Standard

unerwünschte Programme / Adware? in der Taskleiste



Hallo und

Ist das ein gewerblich genutztes System?

Und dann haben wir noch ne unschöne Sache im Log:
Zitat:
127.0.0.1 activation.acronis.com
Das nennt man Hosts-Datei-Hack. Üblicherweise für gecrackte Programme erforderlich.

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________

__________________

Antwort

Themen zu unerwünschte Programme / Adware? in der Taskleiste
adobe, adware, adware?, antivirus, association, avast, bonjour, cpu, defender, downloader, dvdvideosoft ltd., error, fehler, firefox, flash player, forum?, free download, ftp, homepage, mozilla, registry, scan, security, services.exe, software, svchost.exe, taskleiste, temp, usb, vcredist, windows



Ähnliche Themen: unerwünschte Programme / Adware? in der Taskleiste


  1. 9 Viren bzw. unerwünschte Programme wurden gefunden
    Log-Analyse und Auswertung - 08.09.2015 (23)
  2. Malwarebytes findet potenziell unerwünschte Programme
    Plagegeister aller Art und deren Bekämpfung - 12.08.2015 (31)
  3. Windows 7: Malware Gefunden und unerwünschte Programme
    Log-Analyse und Auswertung - 28.07.2015 (10)
  4. Windows7 unerwünschte Programme SlimCleanerPlus
    Plagegeister aller Art und deren Bekämpfung - 16.07.2015 (11)
  5. 11 Viren bzw. unerwünschte Programme wurden gefunden !
    Log-Analyse und Auswertung - 27.12.2014 (21)
  6. PC friert ein, Maus noch bewegbar, Programme und Taskleiste reagieren nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 28.08.2014 (3)
  7. Windows 7 Pro: Unerwünschte Programme in der Taskleiste
    Log-Analyse und Auswertung - 08.08.2014 (5)
  8. Hab mir Adware Bettersurf Win32 eingefangen, eine Adware die unerwünschte Werbungen im Browser aufzeigt, siehe Beschreibung
    Log-Analyse und Auswertung - 10.03.2014 (1)
  9. Verdacht auf unerwünschte Programme
    Plagegeister aller Art und deren Bekämpfung - 14.07.2013 (53)
  10. 40 Viren/unerwünschte Programme von Free Avira gefunden
    Plagegeister aller Art und deren Bekämpfung - 25.03.2013 (31)
  11. Avira meldet 2 unerwünschte Programme
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (3)
  12. Habe Viren, unerwünschte Programme und Banner :(
    Plagegeister aller Art und deren Bekämpfung - 14.07.2011 (7)
  13. AviraAntiVirPersonal hat 7 Viren oder unerwünschte Programme gefunden
    Antiviren-, Firewall- und andere Schutzprogramme - 30.09.2010 (10)
  14. Taskleiste friert ein, Programme bleiben hängen.
    Plagegeister aller Art und deren Bekämpfung - 22.10.2009 (24)
  15. Unerwünschte Weiterleitungen, Programme nicht ausführbar etc.
    Log-Analyse und Auswertung - 20.07.2009 (1)
  16. Adware, schwarzer Bildschirm + keine Taskleiste mehr
    Plagegeister aller Art und deren Bekämpfung - 11.06.2005 (3)
  17. Programme im Startmenü und rechts unten un der Taskleiste werden nicht mehr angezeigt
    Log-Analyse und Auswertung - 01.02.2005 (4)

Zum Thema unerwünschte Programme / Adware? in der Taskleiste - Hallo, seit ein paar Wochen tauchen bei mir in der Taskleite immer wieder unerwünschte Programme. Ich habe sie bisher wenn möglich immer über den "normalen" Weg: Systemsteuerung > Funktionen und - unerwünschte Programme / Adware? in der Taskleiste...
Archiv
Du betrachtest: unerwünschte Programme / Adware? in der Taskleiste auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.