Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Einmal kurz durchchecken

Einmal kurz durchchecken


Plagegeister aller Art und deren Bekämpfung: Einmal kurz durchchecken

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.07.2015, 21:15   #1
DarkorbitSup
 
Einmal kurz durchchecken - Standard

ok ;)


Wieso muss SpyHunter gecleant werden?
Das is doch kein Virus

FRST :
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-07-2015
Ran by Marcel (administrator) on TSCHILLER123 on 10-07-2015 13:10:51
Running from C:\Users\Marcel\Desktop
Loaded Profiles: Marcel (Available Profiles: Marcel & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(BitTorrent Inc.) C:\Users\Marcel\AppData\Roaming\uTorrent\uTorrent.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Worm] => wscript.exe //B "C:\Users\Marcel\AppData\Local\Temp\Worm.VBS.Dunihi.W.vbs" <===== ATTENTION
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [43871968 2015-06-26] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\...\Run: [Worm] => wscript.exe //B "C:\Users\Marcel\AppData\Local\Temp\Worm.VBS.Dunihi.W.vbs" <===== ATTENTION
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\...\Run: [uTorrent] => C:\Users\Marcel\AppData\Roaming\uTorrent\uTorrent.exe [1998432 2015-05-12] (BitTorrent Inc.)
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\...\Policies\system: [EnableLUA] 0
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
BootExecute: autocheck autochk *  
AlternateShell: 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-2810977045-1315894760-386528613-1000] => :80
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-06-11] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-06-11] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Hosts: 127.0.0.1	localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A7EBB1DE-C35B-475A-A7D0-64D00582BCEC}: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Bing 
FF Homepage: about:home
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-14] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-06-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-06-11] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-13] (Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF user.js: detected! => C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\user.js [2015-05-13]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-05-15]
FF Extension: MEGA - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\Extensions\firefox@mega.co.nz.xpi [2015-05-16]
FF Extension: Adblock Plus - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-15]
FF Extension: Greasemonkey - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-07-10]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Marcel\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [822904 2015-06-16] (BlueStack Systems, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-09] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-09] (Dropbox, Inc.)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5821952 2015-05-11] (Broadcom Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-27] (Advanced Micro Devices, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-05-14] (Glarysoft Ltd)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2013-11-18] ()
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2015-05-13] (Oracle Corporation)
S3 atillk64; \??\C:\Program Files (x86)\ATI Technologies\AMD GPU Clock Tool\atillk64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-10 13:10 - 2015-07-10 13:11 - 00011703 _____ C:\Users\Marcel\Desktop\FRST.txt
2015-07-10 13:10 - 2015-07-10 13:10 - 02112512 _____ (Farbar) C:\Users\Marcel\Desktop\FRST64.exe
2015-07-10 13:08 - 2015-07-10 13:08 - 00496128 _____ C:\Users\Marcel\Desktop\SpyHunterCleaner_1.04.exe
2015-07-10 12:33 - 2015-07-10 12:33 - 00000988 _____ C:\Users\Marcel\Desktop\Bandicam.lnk
2015-07-10 12:33 - 2015-07-10 12:33 - 00000988 _____ C:\Users\Administrator\Desktop\Bandicam.lnk
2015-07-10 12:33 - 2015-07-10 12:33 - 00000000 ____D C:\Users\Marcel\Documents\Bandicam
2015-07-10 12:33 - 2015-07-10 12:33 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\BANDISOFT
2015-07-10 12:33 - 2015-07-10 12:33 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2015-07-10 12:33 - 2015-07-10 12:33 - 00000000 ____D C:\Program Files (x86)\Bandicam
2015-07-10 09:39 - 2015-07-10 09:39 - 00000000 ____D C:\Users\Marcel\Desktop\SpyHunter 4.19.13.4482 Portable
2015-07-10 09:35 - 2015-07-10 10:06 - 00000000 ____D C:\Users\Marcel\Desktop\spyhunter
2015-07-10 09:31 - 2015-07-10 09:31 - 00002385 _____ C:\spyhunter.fix
2015-07-10 02:32 - 2015-07-10 02:32 - 00278344 _____ C:\Windows\Minidump\071015-9562-01.dmp
2015-07-10 01:23 - 2015-07-10 12:33 - 00000000 ____D C:\Users\Marcel\Desktop\Bandicam 2.2.3.804 Multilingual + Keymaker + 100% Working
2015-07-10 01:23 - 2015-07-10 01:23 - 00000000 ____D C:\Users\Marcel\Desktop\Essential Data Tools 2.8 + Keygen + 100% Working
2015-07-10 01:23 - 2015-07-10 01:23 - 00000000 ____D C:\Users\Marcel\Desktop\DocumentsRescue Pro 6.11 Build 1025 + Keygen + 100% Working
2015-07-10 01:05 - 2015-07-10 01:05 - 00000000 ____D C:\Users\Marcel\Desktop\Stranded.Deep.Alpha.v0.03
2015-07-10 00:39 - 2015-07-10 09:39 - 00001837 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2015-07-10 00:39 - 2015-07-10 00:45 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\FileZilla
2015-07-10 00:39 - 2015-07-10 00:39 - 06483456 _____ (Tim Kosse) C:\Users\Marcel\Downloads\FileZilla_3.12.0.2_win64-setup.exe
2015-07-10 00:39 - 2015-07-10 00:39 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2015-07-10 00:37 - 2015-07-10 00:37 - 12665221 _____ C:\Users\Marcel\Downloads\filezilla312.zip
2015-07-09 21:29 - 2015-07-10 09:35 - 00000000 ____D C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2015-07-09 21:16 - 2015-07-09 21:16 - 00000000 _____ C:\autoexec.bat
2015-07-09 21:00 - 2015-07-09 21:00 - 00000000 ____D C:\Users\Marcel\.android
2015-07-09 20:09 - 2015-07-10 13:10 - 00000000 ___RD C:\Users\Marcel\Dropbox
2015-07-09 20:09 - 2015-07-09 20:09 - 00001226 _____ C:\Users\Marcel\Desktop\Dropbox.lnk
2015-07-09 20:07 - 2015-07-09 20:07 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Dropbox
2015-07-09 20:05 - 2015-07-10 13:10 - 00000000 ____D C:\Users\Marcel\AppData\Local\Dropbox
2015-07-09 20:05 - 2015-07-09 20:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-07-09 20:05 - 2015-07-09 20:05 - 00660960 _____ (Dropbox, Inc.) C:\Users\Marcel\Downloads\DropboxInstaller.exe
2015-07-09 20:05 - 2015-07-09 20:05 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-07-09 19:01 - 2015-07-09 21:33 - 00000000 ____D C:\Users\Marcel\Desktop\uTorrent.3.4.3.Build.40633.Stable
2015-07-09 18:21 - 2015-07-09 18:22 - 04869053 _____ C:\Users\Marcel\Downloads\TorrentGrabber_Setup.exe
2015-07-09 17:51 - 2015-07-09 17:52 - 00000042 _____ C:\Users\Marcel\Desktop\Neues Textdokument.txt
2015-07-09 16:47 - 2015-07-09 16:47 - 00181730 _____ C:\Users\Marcel\Downloads\cmen.zip
2015-07-09 16:36 - 2015-07-09 16:41 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Azureus
2015-07-09 16:36 - 2015-07-09 16:41 - 00000000 ____D C:\Program Files\Vuze
2015-07-09 16:36 - 2015-07-09 16:36 - 00000000 ____D C:\Users\Marcel\.swt
2015-07-09 16:35 - 2015-07-09 16:35 - 00072496 _____ (Azureus Software, Inc.) C:\Users\Marcel\Downloads\VuzeBittorrentClientInstaller.exe
2015-07-09 16:08 - 2015-07-09 16:08 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ESET
2015-07-09 16:08 - 2015-07-09 16:08 - 00000000 ____D C:\Users\Administrator\AppData\Local\ESET
2015-07-09 12:53 - 2015-07-09 12:53 - 04176437 _____ C:\Users\Marcel\Downloads\tdsskiller.zip
2015-07-09 12:53 - 2015-01-22 09:42 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Marcel\Desktop\TDSSKiller.exe
2015-06-27 20:35 - 2015-06-27 20:35 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\ESET
2015-06-27 20:16 - 2015-07-10 02:32 - 00000000 ____D C:\Windows\Minidump
2015-06-27 20:16 - 2015-06-27 20:16 - 00278344 _____ C:\Windows\Minidump\062715-8876-01.dmp
2015-06-27 20:15 - 2015-06-27 20:31 - 00000000 __SHD C:\Windows\SysWOW64\Application Services
2015-06-27 20:14 - 2015-06-27 20:14 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\32373FC0-3615-4443-845E-5D1D23278BBA
2015-06-27 20:14 - 2015-06-27 20:14 - 00000000 ____D C:\lang
2015-06-27 20:13 - 2015-06-27 20:13 - 00000000 ____H C:\Users\Marcel\AppData\Roaming\TSCHILLER123.glp
2015-06-27 20:03 - 2015-06-27 20:29 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Foldername
2015-06-27 18:15 - 2015-06-27 18:21 - 00000000 ____D C:\Users\Marcel\Desktop\HackPack
2015-06-27 17:37 - 2015-06-27 17:37 - 00000000 ____D C:\Users\Marcel\Documents\Remedy
2015-06-27 17:33 - 2015-06-27 17:33 - 00060056 _____ C:\Users\Marcel\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-27 17:28 - 2015-07-10 13:09 - 00078164 _____ C:\Windows\PFRO.log
2015-06-27 17:28 - 2015-07-10 13:09 - 00001008 _____ C:\Windows\setupact.log
2015-06-27 17:28 - 2015-06-27 17:28 - 00272560 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-27 17:28 - 2015-06-27 17:28 - 00000000 _____ C:\Windows\setuperr.log
2015-06-27 12:31 - 2015-06-27 12:38 - 00000356 _____ C:\Users\Marcel\AppData\Roaming\.foobillardrc
2015-06-27 11:22 - 2015-06-27 11:22 - 00008192 __RSH C:\BOOTSECT.BAK
2015-06-26 19:12 - 2015-06-27 12:28 - 00000000 ____D C:\Program Files (x86)\FooBillard
2015-06-26 19:12 - 2015-06-26 19:12 - 00000000 ____D C:\Program Files (x86)\TowerToppler
2015-06-26 19:07 - 2015-06-26 19:07 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\supertuxkart
2015-06-26 19:00 - 2015-06-26 19:00 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Pingus
2015-06-26 18:59 - 2015-06-27 11:34 - 00000000 ____D C:\Program Files (x86)\Energie Tycoon
2015-06-26 18:59 - 2015-06-26 18:59 - 00000000 ____D C:\Users\Marcel\Documents\OpenTTD
2015-06-26 18:55 - 2015-06-26 18:55 - 00000000 ____D C:\Users\Marcel\Documents\My Safes
2015-06-26 18:55 - 2015-06-26 18:55 - 00000000 ____D C:\Users\Marcel\AppData\Local\PasswordSafe
2015-06-26 18:53 - 2015-06-26 18:54 - 00000000 ____D C:\Users\Marcel\AppData\Local\DesktopOK
2015-06-26 18:52 - 2015-06-26 18:54 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\BatteryBar
2015-06-26 18:51 - 2015-06-26 18:56 - 00000000 ____D C:\Program Files (x86)\RocketDock
2015-06-26 17:56 - 2015-07-10 13:09 - 00541428 _____ C:\Windows\WindowsUpdate.log
2015-06-26 14:43 - 2015-06-26 14:43 - 00000000 ____D C:\Users\Marcel\Desktop\Neue Welt-
2015-06-26 13:50 - 2015-06-26 13:50 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Abelssoft
2015-06-26 13:50 - 2015-06-26 13:50 - 00000000 ____D C:\Users\Marcel\AppData\Local\Abelssoft
2015-06-26 11:00 - 2015-06-26 13:50 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Don't Panic!
2015-06-25 17:35 - 2015-06-26 13:41 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\dvdcss
2015-06-25 17:26 - 2015-03-10 13:58 - 00949741 _____ C:\Users\Marcel\Desktop\MC Account Checker.jar
2015-06-25 15:29 - 2015-06-25 15:29 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\.technic
2015-06-24 08:15 - 2013-08-07 14:28 - 00401408 _____ C:\Program Files (x86)\wget.exe
2015-06-24 08:04 - 2015-06-24 08:05 - 00000000 ____D C:\Users\Marcel\Desktop\400.Android.Games.Collection [PAID APPS ONLY] - DroidIP
2015-06-24 07:26 - 2015-07-09 21:10 - 00000000 ___RD C:\Users\Marcel\Desktop\RAT Zeug
2015-06-16 01:28 - 2015-06-24 07:58 - 00000000 ____D C:\Users\Marcel\Desktop\Minecraft Cracking Tools
2015-06-15 08:36 - 2015-06-24 07:22 - 00000000 ____D C:\Users\Marcel\osc_files
2015-06-15 08:24 - 2015-07-10 13:10 - 00000000 ____D C:\FRST
2015-06-15 06:50 - 2015-06-16 01:44 - 00000000 __RHD C:\Users\Marcel\AppData\Roaming\Beta
2015-06-15 06:45 - 2015-06-15 06:45 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Cloud
2015-06-15 06:41 - 2015-06-15 06:41 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Cloud Net Beta
2015-06-13 06:21 - 2015-06-13 06:21 - 00000000 ____D C:\Users\Marcel\Tracing
2015-06-13 03:08 - 2015-06-26 07:55 - 00000000 ____D C:\Program Files (x86)\Icecream Screen Recorder
2015-06-13 03:07 - 2015-06-13 03:08 - 00000000 ____D C:\Users\Marcel\AppData\Local\LoiLo
2015-06-12 09:34 - 2015-06-27 18:35 - 00000000 ____D C:\Users\Marcel\AppData\Local\CrashDumps
2015-06-12 04:46 - 2015-06-12 04:46 - 00000000 ____D C:\Users\Marcel\Desktop\Is working
2015-06-11 10:46 - 2015-06-11 10:45 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-06-11 10:46 - 2015-06-11 10:45 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-06-11 10:46 - 2015-06-11 10:45 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-06-11 10:46 - 2015-06-11 10:45 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-06-11 10:45 - 2015-06-11 10:45 - 00000000 ____D C:\Program Files\Java
2015-06-11 10:31 - 2015-06-11 10:49 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\ftblauncher
2015-06-11 10:31 - 2015-06-11 10:47 - 00000000 ____D C:\Users\Marcel\AppData\Local\ftblauncher
2015-06-11 08:14 - 2015-06-11 08:14 - 00000000 ____D C:\Users\Marcel\Documents\Klei
2015-06-11 08:13 - 2015-06-11 08:13 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Az-Art
2015-06-11 08:09 - 2015-06-11 08:09 - 00001421 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-11 08:09 - 2015-06-11 08:09 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 ____D C:\Users\Administrator
2015-06-11 08:09 - 2009-07-13 21:54 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-11 08:09 - 2009-07-13 21:49 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-11 06:42 - 2015-06-11 06:42 - 00001047 _____ C:\Users\Marcel\Desktop\Terraria.exe.lnk
2015-06-11 06:24 - 2015-06-11 06:24 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\com.playsaurus.heroclicker
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\Documents\Colossal Order
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Steam
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Colossal Order
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\.mono
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\AppData\Local\Colossal Order
2015-06-10 22:55 - 2015-06-10 22:55 - 00000020 ___SH C:\Users\Marcel\ntuser.ini
2015-06-10 12:55 - 2015-06-10 12:55 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-10 10:21 - 2015-06-10 10:21 - 00016738 _____ C:\Windows\SysWOW64\CCCInstall_201506101021471022.log
2015-06-10 10:17 - 2015-06-10 10:17 - 00000000 ____D C:\Program Files (x86)\Counter-Strike Global Offensive
2015-06-10 07:32 - 2015-06-10 07:32 - 00000000 ____D C:\Program Files (x86)\Universal Extractor
2015-06-10 07:01 - 2015-06-10 07:01 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2015-06-10 05:34 - 2015-06-26 18:59 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-06-10 05:34 - 2015-06-10 06:20 - 00001030 _____ C:\Users\Marcel\Desktop\Left 4 Dead 2.lnk
2015-06-10 02:06 - 2015-06-01 12:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 02:06 - 2015-06-01 11:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 02:06 - 2015-05-27 07:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 02:06 - 2015-05-27 07:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 02:06 - 2015-05-25 10:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 02:06 - 2015-05-22 20:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 02:06 - 2015-05-22 20:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 02:06 - 2015-05-22 20:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 02:06 - 2015-05-22 20:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 02:06 - 2015-05-22 20:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 02:06 - 2015-05-22 20:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 02:06 - 2015-05-22 20:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 02:06 - 2015-05-22 20:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 02:06 - 2015-05-22 20:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 02:06 - 2015-05-22 20:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 02:06 - 2015-05-22 20:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 02:06 - 2015-05-22 20:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 02:06 - 2015-05-22 20:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 02:06 - 2015-05-22 19:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 02:06 - 2015-05-22 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 02:06 - 2015-05-22 19:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 02:06 - 2015-05-22 19:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 02:06 - 2015-05-22 19:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 02:06 - 2015-05-22 19:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 02:06 - 2015-05-22 19:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 02:06 - 2015-05-22 19:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 02:06 - 2015-05-22 19:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 02:06 - 2015-05-22 19:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 02:06 - 2015-05-22 19:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 02:06 - 2015-05-22 19:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 02:06 - 2015-05-22 19:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 02:06 - 2015-05-22 12:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 02:06 - 2015-05-22 12:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 02:06 - 2015-05-22 12:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 02:06 - 2015-05-22 12:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 02:06 - 2015-05-22 12:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 02:06 - 2015-05-22 12:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 02:06 - 2015-05-22 12:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 02:06 - 2015-05-22 11:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 02:06 - 2015-05-22 11:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 02:06 - 2015-05-22 11:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 02:06 - 2015-05-22 11:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 02:06 - 2015-05-22 11:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 02:06 - 2015-05-22 11:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 02:06 - 2015-05-22 11:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 02:06 - 2015-05-22 11:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 02:06 - 2015-05-22 11:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 02:06 - 2015-05-22 11:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 02:06 - 2015-05-22 11:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 02:06 - 2015-05-22 11:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 02:06 - 2015-05-22 11:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 02:06 - 2015-05-22 11:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 02:06 - 2015-05-22 11:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 02:06 - 2015-05-22 11:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 02:06 - 2015-05-22 11:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 02:06 - 2015-05-22 11:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 02:06 - 2015-05-22 11:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 02:06 - 2015-05-22 10:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 02:06 - 2015-05-22 10:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 02:06 - 2015-05-22 10:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 02:06 - 2015-05-22 10:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 02:06 - 2015-04-29 11:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 02:06 - 2015-04-29 11:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 02:06 - 2015-04-29 11:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 02:06 - 2015-04-29 11:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 02:06 - 2015-04-29 11:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 02:06 - 2015-04-29 11:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 02:06 - 2015-04-29 11:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 02:06 - 2015-04-29 11:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 02:06 - 2015-04-29 11:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 02:06 - 2015-04-29 11:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 02:06 - 2015-04-24 11:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 02:06 - 2015-04-24 10:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-10 13:10 - 2015-05-12 16:37 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\uTorrent
2015-07-10 13:09 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-10 12:59 - 2015-05-15 19:29 - 00000000 ____D C:\Program Files\ESET
2015-07-10 11:58 - 2015-05-15 20:33 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\TeamViewer
2015-07-10 09:41 - 2009-07-13 21:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-10 09:41 - 2009-07-13 21:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-10 09:37 - 2011-04-12 00:43 - 00699342 _____ C:\Windows\system32\perfh007.dat
2015-07-10 09:37 - 2011-04-12 00:43 - 00149450 _____ C:\Windows\system32\perfc007.dat
2015-07-10 09:37 - 2009-07-13 22:13 - 00965480 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-10 00:59 - 2015-05-14 04:48 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-07-09 21:37 - 2015-05-26 10:13 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-07-09 21:15 - 2015-05-11 19:49 - 00000000 ____D C:\Users\Marcel
2015-07-09 17:30 - 2015-05-12 17:32 - 00000000 ____D C:\Users\Marcel\Documents\My Games
2015-07-09 16:09 - 2015-05-12 16:22 - 00000000 ____D C:\Program Files\Unlocker
2015-07-09 16:01 - 2015-05-15 19:44 - 00000000 ____D C:\Windows\pss
2015-06-27 21:15 - 2014-12-27 15:29 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\#REVOLUTION
2015-06-27 20:35 - 2015-05-15 19:33 - 00000000 ____D C:\Users\Marcel\AppData\Local\ESET
2015-06-27 20:29 - 2009-07-13 20:20 - 00000000 __RSD C:\Windows\Media
2015-06-27 20:16 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\Offline Web Pages
2015-06-27 20:14 - 2009-07-13 19:34 - 00000254 _____ C:\Windows\system.ini
2015-06-27 20:00 - 2011-04-12 00:54 - 00000000 ____D C:\Windows\CSC
2015-06-27 18:17 - 2015-05-23 06:41 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\vlc
2015-06-27 17:37 - 2015-05-23 05:52 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-26 11:17 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-26 10:57 - 2015-05-14 18:06 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2015-06-26 07:55 - 2015-05-14 18:23 - 00000000 ____D C:\Program Files\LoiLo
2015-06-26 07:49 - 2015-06-08 10:35 - 00000000 ___RD C:\Users\Marcel\Desktop\Passwörter oder sonstiges
2015-06-25 14:42 - 2015-05-13 20:03 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\.minecraft
2015-06-24 23:04 - 2015-06-09 06:51 - 00000000 ____D C:\Program Files\PeerBlock
2015-06-24 10:09 - 2015-05-23 04:19 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Notepad++
2015-06-24 07:45 - 2015-05-12 17:24 - 00000000 ____D C:\Program Files\WinRAR
2015-06-23 13:30 - 2010-11-20 20:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-16 01:23 - 2009-07-13 22:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-15 10:08 - 2015-05-29 09:10 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Skype
2015-06-13 07:05 - 2015-05-15 20:15 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-06-10 22:55 - 2009-07-13 22:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-10 12:49 - 2015-05-14 18:07 - 00001188 _____ C:\Users\Marcel\Desktop\Glary Utilities 5.lnk
2015-06-10 12:41 - 2015-05-12 17:11 - 00000000 ____D C:\Program Files (x86)\ESET Online Scanner
2015-06-10 12:41 - 2009-07-13 20:20 - 00000000 __RHD C:\Users\Default
2015-06-10 12:12 - 2015-05-29 09:09 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-10 12:12 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-06-10 12:10 - 2015-05-26 08:17 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-06-10 10:48 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-06-10 10:48 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\Setup
2015-06-10 10:48 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 10:21 - 2015-05-11 19:51 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-06-10 08:14 - 2015-05-17 09:48 - 00000000 __SHD C:\Users\Marcel\AppData\Local\EmieUserList
2015-06-10 08:14 - 2015-05-17 09:48 - 00000000 __SHD C:\Users\Marcel\AppData\Local\EmieSiteList
2015-06-10 08:14 - 2015-05-17 09:48 - 00000000 __SHD C:\Users\Marcel\AppData\Local\EmieBrowserModeList
2015-06-10 08:12 - 2015-06-09 06:51 - 00001782 _____ C:\Users\Marcel\Desktop\PeerBlock.lnk
2015-06-10 07:09 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\oobe
2015-06-10 07:01 - 2015-06-07 07:29 - 00000000 ____D C:\GOG Games
2015-06-10 03:03 - 2015-05-15 14:25 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 03:00 - 2015-05-15 14:25 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2015-06-24 08:15 - 2013-08-07 14:28 - 0401408 _____ () C:\Program Files (x86)\wget.exe
2015-06-27 12:31 - 2015-06-27 12:38 - 0000356 _____ () C:\Users\Marcel\AppData\Roaming\.foobillardrc
2015-06-27 20:13 - 2015-06-27 20:13 - 0000000 ____H () C:\Users\Marcel\AppData\Roaming\TSCHILLER123.glp

Some files in TEMP:
====================
C:\Users\Marcel\AppData\Local\Temp\bassmod.dll
C:\Users\Marcel\AppData\Local\Temp\bdfilters.dll
C:\Users\Marcel\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Marcel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp87jbuq.dll
C:\Users\Marcel\AppData\Local\Temp\EsgInstallerx64Stub.exe
C:\Users\Marcel\AppData\Local\Temp\USkinDLL.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-10 01:55

==================== End of log ============================
Addition : [CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:09-07-2015
Ran by Marcel at 2015-07-10 13:13:04
Running from C:\Users\Marcel\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2810977045-1315894760-386528613-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-2810977045-1315894760-386528613-501 - Limited - Disabled)
Marcel (S-1-5-21-2810977045-1315894760-386528613-1000 - Administrator - Enabled) => C:\Users\Marcel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2810977045-1315894760-386528613-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Alan Wake's American Nightmare (HKLM-x32\...\Steam App 202750) (Version:  - Remedy Entertainment)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.2.3.804 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.4239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{79809712-A577-4B8C-A9FC-51945690C7DC}) (Version: 0.9.30.4239 - BlueStack Systems, Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.97 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.29 - Dropbox, Inc.) Hidden
FileZilla Client 3.12.0 (HKLM-x32\...\FileZilla Client) (Version: 3.12.0 - Tim Kosse)
Free Video to MP3 Converter version 5.0.58.415 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.58.505 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.58.505 - DVDVideoSoft Ltd.)
Glary Utilities 5.25 (HKLM-x32\...\Glary Utilities 5) (Version: 5.25.0.44 - Glarysoft Ltd)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
PeerBlock 1.1+ (r677) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.677 - PeerBlock, LLC)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.02 - Qualcomm Atheros)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Steam App 286940) (Version:  - )
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.0.0.1 - GOG.com)
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

10-07-2015 09:35:00 Removed SpyHunter

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2015-06-10 12:39 - 00000768 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {B531456E-3FCD-4D08-8D3D-8E5D2EA9820F} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-08 06:07 - 2015-07-08 06:07 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2010-07-14 21:44 - 2010-07-14 21:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2015-04-15 13:13 - 2015-04-15 13:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-05-23 09:11 - 2009-12-23 17:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-07-10 13:10 - 2015-07-10 13:10 - 00043008 _____ () c:\users\marcel\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp87jbuq.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00750080 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00047616 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00865280 _____ () C:\Program Files (x86)\Dropbox\Client\plugins\platforms\qwindows.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00200704 _____ () C:\Program Files (x86)\Dropbox\Client\plugins\imageformats\qjpeg.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00010240 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00726016 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00010240 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2810977045-1315894760-386528613-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E4FD5A1E-A3F7-4CE0-AC7E-C0ED0C95C22E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4979CA39-5DF3-4E38-A674-DCF6A8E4EAF4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{00851861-AF57-4437-BB2C-4D54A53A0FF7}] => (Allow) C:\Users\Marcel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1A6C1CF2-16FC-4FC9-A6DA-C1A82588BF15}] => (Allow) C:\Users\Marcel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{1E85229A-88B0-4D41-8D39-C4CC55EC9664}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{B4B7DDAA-476C-415C-92F7-68F70F58095E}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{D1FBC41C-47FA-4C16-A601-3DDE966B9371}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8CA0F89F-B83C-4E9F-89DD-0F7A6E221841}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{F4EF3336-A813-4B83-BDB6-B2AA88ECE367}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe
FirewallRules: [UDP Query User{46F434D9-DC23-4239-A38B-2335252A2AB7}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe
FirewallRules: [{ECCE2D40-FE2E-4E40-82BA-596B23F869E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E63E7D81-9799-4483-870D-6B145079F583}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C4E200C3-A8A4-44C1-A592-3066DACD100E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BFC78A42-738C-4AB9-8F30-E76194B4551F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A6390810-7AAD-46E9-B04D-F8B8A8034729}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A26439AE-DD0F-4DB4-A476-A08677B4C448}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CD7A39EA-E7A9-4FB5-85A6-596F8ED7E607}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5633E093-A841-4025-8C65-294CF57BF154}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{53EEED36-F459-4FC1-B0AD-783FE2B9C5DD}] => (Allow) D:\Steam yolomode\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{C950E02C-EDF8-460E-85F5-2B6FD36733FF}] => (Allow) D:\Steam yolomode\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{CB76EE55-02A0-49A8-B91E-93FF647ACDB5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DF0B06EA-4136-46E2-AA11-84BC94942AF9}] => (Allow) D:\Steam yolomode\steamapps\common\SKILL\Binaries\Win32\sf2.exe
FirewallRules: [{737C03E7-A52A-43DA-8A14-0DAB39E85AC1}] => (Allow) D:\Steam yolomode\steamapps\common\SKILL\Binaries\Win32\sf2.exe
FirewallRules: [{34A3D606-9E97-4BE5-BC3F-2C50CD4B31D8}] => (Allow) D:\Steam yolomode\steamapps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe
FirewallRules: [{28F01107-508A-476C-94FE-11F3A7997272}] => (Allow) D:\Steam yolomode\steamapps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe

==================== Faulty Device Manager Devices =============

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/10/2015 01:11:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 01:07:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (07/10/2015 09:35:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 02:34:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 00:17:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 00:51:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 00:43:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 09:39:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 05:31:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 04:15:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/10/2015 09:33:10 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎10.‎07.‎2015 um 09:32:21 unerwartet heruntergefahren.

Error: (07/10/2015 02:32:58 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000050 (0xfffffa8048e4f190, 0x0000000000000000, 0xfffff800034ab9c5, 0x0000000000000005)C:\Windows\MEMORY.DMP071015-9562-01

Error: (07/10/2015 02:32:56 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎10.‎07.‎2015 um 02:31:38 unerwartet heruntergefahren.

Error: (07/10/2015 01:59:19 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (07/09/2015 00:50:01 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎09.‎07.‎2015 um 12:48:42 unerwartet heruntergefahren.

Error: (07/09/2015 00:41:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎09.‎07.‎2015 um 12:40:57 unerwartet heruntergefahren.

Error: (07/09/2015 09:37:20 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎09.‎07.‎2015 um 21:36:15 unerwartet heruntergefahren.

Error: (07/09/2015 07:08:30 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (07/09/2015 04:12:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Driver Foundation - Benutzermodus-Treiberframework" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/09/2015 04:12:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Automatische WLAN-Konfiguration" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (07/10/2015 01:11:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 01:07:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Program Files (x86)\ESET Online Scanner\ESETSmartInstaller.exe

Error: (07/10/2015 09:35:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 02:34:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 00:17:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 00:51:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 00:43:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 09:39:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 05:31:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 04:15:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2015-05-19 08:05:54.323
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-19 08:05:54.276
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-19 07:46:15.679
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-19 07:46:15.632
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-19 07:45:11.615
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-19 07:45:11.568
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-19 07:45:11.521
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-19 07:45:11.474
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz
Percentage of memory in use: 56%
Total physical RAM: 3766.68 MB
Available physical RAM: 1626.23 MB
Total Virtual: 7531.57 MB
Available Virtual: 5724.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:50 GB) (Free:10.47 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Lokaler Datenträger1) (Fixed) (Total:61.79 GB) (Free:3.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 1559283B)
Partition 1: (Not Active) - (Size=61.8 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=50 GB) - (Type=07 NTFS)

==================== End of log ============================
--- --- ---

Alt 10.07.2015, 21:43   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Einmal kurz durchchecken - Standard

Einmal kurz durchchecken


Zitat:
Zitat von DarkorbitSup Beitrag anzeigen
Wieso muss SpyHunter gecleant werden?
Das is doch kein Virus
Nein kein Virus. Aber...google mal danach.

Schritt 1



Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
ATTFilter
CloseProcesses:
HKLM\...\Run: [Worm] => wscript.exe //B "C:\Users\Marcel\AppData\Local\Temp\Worm.VBS.Dunihi.W.vbs" 
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\...\Run: [Worm] => wscript.exe //B "C:\Users\Marcel\AppData\Local\Temp\Worm.VBS.Dunihi.W.vbs" 
ProxyServer: [S-1-5-21-2810977045-1315894760-386528613-1000] => :80
2015-07-10 09:39 - 2015-07-10 09:39 - 00000000 ____D C:\Users\Marcel\Desktop\SpyHunter 4.19.13.4482 Portable
2015-07-10 09:35 - 2015-07-10 10:06 - 00000000 ____D C:\Users\Marcel\Desktop\spyhunter
2015-07-10 09:31 - 2015-07-10 09:31 - 00002385 _____ C:\spyhunter.fix
AlternateDataStreams: C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
AlternateShell: 
EmptyTemp:
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Fix-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.

Nach dem Reboot:

Schritt 2



Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs.
__________________

__________________
Antwort

Themen zu Einmal kurz durchchecken
compu, computer, durchchecken, runter


« Asiatischer SuperTrojaner | Bitdefender hat 369 passwortgeschütze Archive gefunden! Nicht scanbar »


Ähnliche Themen: Einmal kurz durchchecken


  1. Kurz durchchecken erbeten
    Log-Analyse und Auswertung - 24.07.2015 (5)
  2. 2 Mal selbes pogramm auf Pc (einmal 64 bit einmal normal)
    Alles rund um Windows - 21.02.2011 (2)
  3. Einfach mal durchchecken
    Mülltonne - 11.10.2008 (0)
  4. Bitte mal durchchecken...
    Log-Analyse und Auswertung - 05.08.2008 (9)
  5. HJT log File durchchecken
    Log-Analyse und Auswertung - 14.07.2008 (12)
  6. Bitte durchchecken! WMP spinnt!
    Log-Analyse und Auswertung - 27.10.2007 (2)
  7. Bitte durchchecken
    Mülltonne - 23.10.2007 (0)
  8. Einmal kurz vorstellen. Kriege keine Verbindung per Wlan + Lan!
    Netzwerk und Hardware - 31.08.2007 (4)
  9. HiJackTHis-Log - bitte durchchecken
    Mülltonne - 03.05.2007 (0)
  10. Bitte mal durchchecken!!!
    Mülltonne - 16.10.2006 (1)
  11. Bitte mal durchchecken
    Log-Analyse und Auswertung - 09.10.2006 (8)
  12. Bitte durchchecken
    Log-Analyse und Auswertung - 08.10.2006 (9)
  13. HJT - bitte einmal durchchecken
    Mülltonne - 31.05.2006 (1)
  14. bitte durchchecken
    Log-Analyse und Auswertung - 17.03.2006 (4)
  15. Mein Log, bitte durchchecken
    Log-Analyse und Auswertung - 23.11.2004 (12)
  16. Durchchecken Bitte
    Log-Analyse und Auswertung - 11.10.2004 (3)
  17. Datei durchchecken
    Archiv - 12.01.2003 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Einmal kurz durchchecken - Wieso muss SpyHunter gecleant werden? Das is doch kein Virus FRST : Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-07-2015 Ran by Marcel - Einmal kurz durchchecken...
Archiv
Du betrachtest: Einmal kurz durchchecken auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131