Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Sparkassen Trojaner (https://www.trojaner-board.de/140742-sparkassen-trojaner.html)

littleyellow 31.08.2013 10:33
Sparkassen Trojaner
 
Hallo Trojaner Board,
vorweg, Danke dass es euch gibt!

Habe zunächst nach dem einloggen bei der Sparkasse eine Seite im perfekten Sparkassen Layout vorgefunden bei der zur Nutzung einer Demo Version die Eingabe einer TAN gefordert wurde. Die Siete hatte Rechtschreibfehler also habe ich Bull Guard über das System laufen lassen. Danach war Online Banking wieder möglich. Aber nur kurz.
Jetzt erscheint eine Seite nach dem Sparkassen Login mit dem Titel "Sicherhietskontrolle", "seit neuem haben wir neue Sicherheitsbestimmungen..." auch wird wieder die Eingabe einer TAN gefordert. Nichts anderes ist möglich.
Habe im Forum gelesen und AdwClean Installiert. Unten ist die txt. nach dem Neustart.
Ich hoffe sehr ihr könnt mir helfen!
Bitte sagt mir auch wie ich mich vor so einem Trojaner in Zukunft schützen kann.
Danke!!!

# AdwCleaner v3.001 - Report created 31/08/2013 at 10:40:56
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : BK Laptop - LAPTOP
# Running from : C:\Users\BK Laptop\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\BK Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda
Folder Deleted : C:\Users\BK Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\BK Laptop\Desktop\Ablage Start Setup\ALDI Talk.lnk
Shortcut Disinfected : C:\Users\BK Laptop\Desktop\Ablage Start Setup\Herzlich willkommen bei MEDIONmail.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\BK Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\BK Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\BK Laptop\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\BK Laptop\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\BK Laptop\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\BK Laptop\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\BK Laptop\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{5A95A9E0-59DD-4314-BD84-4D18CA83A0E2}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ieakfmpjhljbpbfpldjkddkjmmgjmgon
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB5DD777-1430-464C-8A6B-3A3E01A0F958}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB5DD777-1430-464C-8A6B-3A3E01A0F958}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_DEFAULT
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9827E58B-E7F7-4A86-9B1D-AF51CB8C0070}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9827E58B-E7F7-4A86-9B1D-AF51CB8C0070}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_UPDATES
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBA2C39A-E990-4BF4-B430-F8EB7154897A}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DBA2C39A-E990-4BF4-B430-F8EB7154897A}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0ED4931-A500-4721-A1F6-3CED8B671672}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F0ED4931-A500-4721-A1F6-3CED8B671672}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NTRedirect]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [PC Speed Maximizer]
Key Deleted : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB
Key Deleted : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB.1
Key Deleted : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy
Key Deleted : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PricePeep.DLL
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\I
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho
Key Deleted : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader11477[1]_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader11477[1]_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader45786_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader45786_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader73410_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader73410_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2316C625-B487-4410-A1A5-FF040B65245F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F443A627-5009-4323-9C1D-7FD598D0D712}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2316C625-B487-4410-A1A5-FF040B65245F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F443A627-5009-4323-9C1D-7FD598D0D712}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2316C625-B487-4410-A1A5-FF040B65245F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F443A627-5009-4323-9C1D-7FD598D0D712}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2316C625-B487-4410-A1A5-FF040B65245F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F443A627-5009-4323-9C1D-7FD598D0D712}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EA582743-9076-4178-9AA6-7393FDF4D5CE}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : HKCU\Software\Alexa Internet
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Complitly
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\lyrixeeker
Key Deleted : HKCU\Software\AppDataLow\Software\pdfforge
Key Deleted : HKCU\Software\AppDataLow\Software\PricePeep
Key Deleted : HKLM\Software\Amazon Browser Bar
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\incredibar.com
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\pdfforge
Key Deleted : HKLM\Software\qvo6Software
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\SimplyGen
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Uncompressor
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Bar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OpenIt Open It!
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl
Product Deleted : Ask Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]

-\\ Mozilla Firefox v23.0 (en-US)

[ File : C:\Users\BK Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\m9hfxld3.default\prefs.js ]

Line Deleted : user_pref("browser.newtab.url", "hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000BEVT-00A0RT0_WD-WXH1A10K6047K6047&ts=1377937618");
Line Deleted : user_pref("browser.search.defaultenginename", "qvo6");
Line Deleted : user_pref("browser.search.order.1", "qvo6");
Line Deleted : user_pref("browser.search.selectedEngine", "qvo6");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000BEVT-00A0RT0_WD-WXH1A10K6047K6047&ts=1377937618");
Line Deleted : user_pref("extensions.enabledAddons", "%7B60364604-8b4c-42f4-a2ca-a76ca7b61b37%7D:7.0,ffxtlbr%40metacrawler.com:1.6.0,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0");
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"fe_9.0@nokia.com\":{\"descriptor\":\"C:\\\\Program Files\\\\Nokia\\\\Nokia Suite\\\\Connectors\\\\Bookmarks Connect[...]
Line Deleted : user_pref("extensions.irmcrawler.aflt", "ironmc2");
Line Deleted : user_pref("extensions.irmcrawler.cd", "2XzuyEtN2Y1L1QzutC0CyE0B0DyCyCyCtBtCyCzzyEtC0DyCtN0D0Tzu0CyCtDzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu");
Line Deleted : user_pref("extensions.irmcrawler.cr", "492817975");
Line Deleted : user_pref("extensions.irmcrawler.firstrun", false);
Line Deleted : user_pref("extensions.irmcrawler.instlRef", "");
Line Deleted : user_pref("extensions.metacrawler.aflt", "ironmc2");
Line Deleted : user_pref("extensions.metacrawler.appId", "{0FA5C13C-4EDA-488A-A8EB-B84CD7395A79}");
Line Deleted : user_pref("extensions.metacrawler.cd", "2XzuyEtN2Y1L1QzutC0CyE0B0DyCyCyCtBtCyCzzyEtC0DyCtN0D0Tzu0CyCtDzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu");
Line Deleted : user_pref("extensions.metacrawler.cntry", "DE");
Line Deleted : user_pref("extensions.metacrawler.cr", "492817975");
Line Deleted : user_pref("extensions.metacrawler.dfltLng", "");
Line Deleted : user_pref("extensions.metacrawler.dfltSrch", true);
Line Deleted : user_pref("extensions.metacrawler.dnsErr", true);
Line Deleted : user_pref("extensions.metacrawler.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128 ,182856[...]
Line Deleted : user_pref("extensions.metacrawler.excTlbr", false);
Line Deleted : user_pref("extensions.metacrawler.hdrMd5", "1BCD67E8BF27A5B43A5C14C4C526FFB2");
Line Deleted : user_pref("extensions.metacrawler.hmpg", true);
Line Deleted : user_pref("extensions.metacrawler.hmpgUrl", "hxxp://i.search.metacrawler.com/?f=1&a=ironmc2&cd=2XzuyEtN2Y1L1QzutC0CyE0B0DyCyCyCtBtCyCzzyEtC0DyCtN0D0Tzu0CyCtDzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu&cr=492[...]
Line Deleted : user_pref("extensions.metacrawler.id", "1C4BD666216841D6");
Line Deleted : user_pref("extensions.metacrawler.instlDay", "15948");
Line Deleted : user_pref("extensions.metacrawler.instlRef", "");
Line Deleted : user_pref("extensions.metacrawler.lastB", "hxxp://i.search.metacrawler.com/?f=1&a=ironmc2&cd=2XzuyEtN2Y1L1QzutC0CyE0B0DyCyCyCtBtCyCzzyEtC0DyCtN0D0Tzu0CyCtDzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu&cr=49281[...]
Line Deleted : user_pref("extensions.metacrawler.lastVrsnTs", "1.8.19.010:24:26");
Line Deleted : user_pref("extensions.metacrawler.newTabUrl", "hxxp://i.search.metacrawler.com/?f=2&a=ironmc2&cd=2XzuyEtN2Y1L1QzutC0CyE0B0DyCyCyCtBtCyCzzyEtC0DyCtN0D0Tzu0CyCtDzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu&cr=4[...]
Line Deleted : user_pref("extensions.metacrawler.prdct", "metacrawler");
Line Deleted : user_pref("extensions.metacrawler.prtnrId", "metaCrawler");
Line Deleted : user_pref("extensions.metacrawler.sg", "none");
Line Deleted : user_pref("extensions.metacrawler.srchPrvdr", "metaCrawler");
Line Deleted : user_pref("extensions.metacrawler.tlbrId", "base");
Line Deleted : user_pref("extensions.metacrawler.tlbrSrchUrl", "hxxp://i.search.metacrawler.com/?f=3&a=ironmc2&cd=2XzuyEtN2Y1L1QzutC0CyE0B0DyCyCyCtBtCyCzzyEtC0DyCtN0D0Tzu0CyCtDzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu&cr[...]
Line Deleted : user_pref("extensions.metacrawler.vrsn", "1.8.19.0");
Line Deleted : user_pref("extensions.metacrawler.vrsni", "1.8.19.0");
Line Deleted : user_pref("extensions.metacrawler_i.hmpg", true);
Line Deleted : user_pref("extensions.metacrawler_i.newTab", false);
Line Deleted : user_pref("extensions.metacrawler_i.smplGrp", "none");
Line Deleted : user_pref("extensions.metacrawler_i.vrsnTs", "1.8.19.010:24:26");

-\\ Google Chrome v29.0.1547.62

[ File : C:\Users\BK Laptop\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : search_url
Deleted : keyword
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [41532 octets] - [31/08/2013 10:38:32]
AdwCleaner[R1].txt - [37128 octets] - [31/08/2013 10:40:07]
AdwCleaner[S0].txt - [5042 octets] - [31/08/2013 10:39:20]
AdwCleaner[S1].txt - [34119 octets] - [31/08/2013 10:40:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [34180 octets] ##########

schrauber 31.08.2013 10:40
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


littleyellow 01.09.2013 10:01
Hi Schrauber,
32Bit System FRST geladen. Hier sind die Files zuerst FRST.txt:
Danke für die prompte Antwort Gestern:-)


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-09-2013
Ran by BK Laptop (administrator) on LAPTOP on 01-09-2013 10:05:49
Running from C:\Users\BK Laptop\Downloads
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WButton.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
(Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
() C:\Users\BK Laptop\AppData\Roaming\Raes\hewia.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files\StarMoney 7.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(X10) C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotkeyApp] - C:\Program Files\Launch Manager\HotkeyApp.exe [200704 2009-12-14] (Wistron)
HKLM\...\Run: [LMgrVolOSD] - C:\Program Files\Launch Manager\OSD.exe [348960 2009-12-11] (Wistron Corp.)
HKLM\...\Run: [Wbutton] - C:\Program Files\Launch Manager\Wbutton.exe [413696 2010-01-13] (Wistron Corp.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2009-12-11] (Synaptics Incorporated)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8522272 2010-03-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [678432 2010-03-02] (Realtek Semiconductor)
HKLM\...\Run: [NeroFilterCheck] - C:\Windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ArcSoft Connection Service] - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [BullGuardUpdate2] - c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe [1879392 2013-08-27] (BullGuard Ltd.)
HKLM\...\Run: [BullGuard] - c:\program files\bullguard ltd\bullguard\BullGuard.exe [852832 2013-08-27] (BullGuard Ltd.)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-05-07] (Google Inc.)
HKCU\...\Run: [] -  [x]
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1083264 2012-01-10] (Nokia)
HKCU\...\Run: [orpa.exe] - "C:\Users\BK Laptop\AppData\Roaming\Doon\orpa.exe" [x]
HKCU\...\Run: [Akobyn] - "C:\Users\BK Laptop\AppData\Roaming\Ovvai\akobyn.exe" [x]
HKCU\...\Run: [Ipxo] - "C:\Users\BK Laptop\AppData\Roaming\Udlef\ipxo.exe" [x]
HKCU\...\Run: [Viytk] - C:\Users\BK Laptop\AppData\Roaming\Raes\hewia.exe [326001 2011-07-11] ()
HKCU\...\Run: [IExplorer Util] - C:\Users\BK Laptop\AppData\Roaming\ie_util.exe [x]
HKU\Default\...\RunOnce: [MEDION] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [ 2009-10-23] ()
HKU\Default User\...\RunOnce: [MEDION] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [ 2009-10-23] ()
Startup: C:\Users\BK Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p07_serp_ie_de_display?ie=UTF8&tagbase=bds-p07&tag=bds-p07-serp-de-ie-21&tbrId=v1_abb-channel-7_7115d577af5a4f38aa05ae901f0f0935_30_46_20130831_DE_ie_ds_&query={searchTerms}
SearchScopes: HKCU - {0D1DBC81-CB9B-489C-9839-5D506D242DC2} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
SearchScopes: HKCU - {1365AAEC-E4D4-4A26-B5E4-35FB20C00831} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p07_serp_ie_de_display?ie=UTF8&tagbase=bds-p07&tag=bds-p07-serp-de-ie-21&tbrId=v1_abb-channel-7_7115d577af5a4f38aa05ae901f0f0935_30_46_20130831_DE_ie_ds_&query={searchTerms}
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Lyrics Seeker - {6930d07b-da43-46d4-aa20-1f6f958d14fe} - C:\Program Files\LyricsSeeker\131.dll (Lyrics Seeker)
BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\BK Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\m9hfxld3.default
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/MycameraPlugin - C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\BK Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\m9hfxld3.default\searchplugins\metaCrawler.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\qvo6.xml
FF Extension: metacrawler.com - C:\Users\BK Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\m9hfxld3.default\Extensions\ffxtlbr@metacrawler.com
FF Extension: No Name - C:\Users\BK Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\m9hfxld3.default\Extensions\{60364604-8b4c-42f4-a2ca-a76ca7b61b37}
FF HKLM\...\Firefox\Extensions: [fe_9.0@nokia.com] C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
FF Extension: Firefox Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
FF HKLM\...\Firefox\Extensions: [antiphishing@bullguard] c:\program files\bullguard ltd\bullguard\Antiphishing\FF\antiphishing@bullguard\
FF Extension: BullGuard Safe Browsing - c:\program files\bullguard ltd\bullguard\Antiphishing\FF\antiphishing@bullguard\
FF HKLM\...\Thunderbird\Extensions: [te_9.0@nokia.com] C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF HKCU\...\Firefox\Extensions: [{0ce6ac61-48e9-426f-9268-6f1e8ece06da}] C:\Program Files\LyricsSeeker\131.xpi
FF Extension: No Name - C:\Program Files\LyricsSeeker\131.xpi

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup:                "urls_to_restore_on_startup": [
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.180.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U18) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NPCIG.dll) - C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\BK Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM\...\Chrome\Extension: [lgoiojnjnacbjngolldkokokgpcjbgjj] - C:\Program Files\LyricsSeeker\131.crx

========================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 BsBackup; C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll [560992 2013-08-27] (BullGuard Ltd.)
R2 BsBhvScan; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [376736 2013-08-27] (BullGuard Ltd.)
R2 BsFileScan; c:\program files\bullguard ltd\bullguard\BsFileScan.dll [307552 2013-08-27] (BullGuard Ltd.)
R2 BsFire; c:\program files\bullguard ltd\bullguard\BsFire.dll [478048 2013-08-27] (BullGuard Ltd.)
R2 BsMailProxy; c:\program files\bullguard ltd\bullguard\BsMailProxy\BsMailProxy.dll [495456 2013-08-27] (BullGuard Ltd.)
R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll [261472 2013-08-27] (BullGuard Ltd.)
R2 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [212832 2013-08-27] (BullGuard Ltd.)
R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [288096 2013-08-27] (BullGuard Ltd.)
S2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2010-02-10] ()
R2 StarMoney 7.0 OnlineUpdate; C:\Program Files\StarMoney 7.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [554160 2011-11-08] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118560 2009-10-22] (Wistron Corp.)
R2 x10nets; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [20480 2009-11-07] (X10)
S2 Update WebConnect; "C:\Program Files\WebConnect\updateWebConnect.exe" [x]

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R1 AFW; C:\Windows\System32\DRIVERS\afw.sys [33888 2012-11-20] (Agnitum Ltd.)
R3 afwcore; C:\Windows\System32\DRIVERS\afwcore.sys [337504 2012-11-20] (Agnitum Ltd.)
R3 BdNet; C:\Windows\System32\drivers\BdNet.sys [27760 2012-10-04] (BullGuard Ltd.)
R1 BdSpy; C:\Windows\System32\drivers\BdSpy.sys [64624 2013-03-18] (BullGuard Ltd.)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
S3 GigasetGenericUSB; C:\Windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [786400 2009-08-13] (DiBcom SA)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [343456 2013-01-25] (BitDefender S.R.L.)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13720 2009-05-13] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2009-05-13] (X10 Wireless Technology, Inc.)
S3 cpuz132; \??\C:\Users\BKLAPT~1\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-01 10:04 - 2013-09-01 10:04 - 01085571 _____ (Farbar) C:\Users\BK Laptop\Downloads\FRST.exe
2013-09-01 10:01 - 2013-09-01 10:01 - 00015353 _____ C:\Users\BK Laptop\Downloads\un2jjcsH.htm
2013-09-01 09:31 - 2013-09-01 09:31 - 00000512 _____ C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2013-08-31 10:45 - 2013-08-31 10:47 - 00034261 _____ C:\Users\BK Laptop\Desktop\AdwCleaner[S1].txt
2013-08-31 10:37 - 2013-08-31 10:41 - 00000000 ____D C:\AdwCleaner
2013-08-31 10:36 - 2013-08-31 10:37 - 00994642 _____ C:\Users\BK Laptop\Downloads\adwcleaner.exe
2013-08-31 10:33 - 2013-08-31 10:33 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-31 10:26 - 2013-08-31 10:26 - 00714816 _____ C:\Users\BK Laptop\Downloads\ZipOpenerSetup(4).exe
2013-08-31 10:26 - 2013-08-31 10:26 - 00714816 _____ C:\Users\BK Laptop\Downloads\ZipOpenerSetup(3).exe
2013-08-31 10:26 - 2013-08-31 10:26 - 00714816 _____ C:\Users\BK Laptop\Downloads\ZipOpenerSetup(2).exe
2013-08-31 10:25 - 2013-08-31 10:25 - 00000000 ____D C:\Users\BKLAPT~1\AppData\Local\Macromedia
2013-08-31 10:24 - 2013-09-01 09:25 - 00000306 _____ C:\Windows\Tasks\MetaCrawler.job
2013-08-31 10:24 - 2013-08-31 10:24 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\MetaCrawler
2013-08-31 10:24 - 2013-08-31 10:24 - 00000000 ____D C:\Program Files\metaCrawler
2013-08-31 10:23 - 2013-08-31 10:23 - 00714816 _____ C:\Users\BK Laptop\Downloads\ZipOpenerSetup(1).exe
2013-08-31 10:22 - 2013-08-31 10:22 - 00714816 _____ C:\Users\BK Laptop\Downloads\ZipOpenerSetup.exe
2013-08-31 10:17 - 2013-09-01 09:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-31 10:17 - 2013-08-31 10:40 - 00001015 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-31 10:17 - 2013-08-31 10:17 - 00001083 _____ C:\Users\BK Laptop\Desktop\PC Speed Maximizer.lnk
2013-08-31 10:17 - 2013-08-31 10:17 - 00000000 ____D C:\Users\BKLAPT~1\AppData\Local\Mozilla
2013-08-31 10:17 - 2013-08-31 10:17 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Mozilla
2013-08-31 10:17 - 2013-08-31 10:17 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-31 10:16 - 2013-09-01 10:06 - 00000372 _____ C:\Windows\Tasks\Lyrics Seeker Update.job
2013-08-31 10:16 - 2013-08-31 10:16 - 00129536 _____ C:\Users\Public\AlexaNSISPlugin.5540.dll
2013-08-31 10:16 - 2013-08-31 10:16 - 00000000 ____D C:\Program Files\LyricsSeeker
2013-08-31 10:15 - 2013-08-31 10:15 - 00620688 _____ C:\Users\BK Laptop\Downloads\Firefox_Setup.exe
2013-08-31 10:04 - 2012-07-25 12:03 - 00017136 _____ C:\Windows\system32\sasnative32.exe
2013-08-31 10:03 - 2013-08-31 10:16 - 22404568 _____ (Mozilla) C:\Users\BK Laptop\Downloads\Firefox_Setup [1].exe
2013-08-31 10:01 - 2013-08-31 10:01 - 00001624 _____ C:\Users\Public\Desktop\iMesh.lnk
2013-08-28 21:16 - 2013-08-29 09:19 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Mobou
2013-08-28 21:16 - 2013-08-28 21:16 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Raes
2013-08-28 21:16 - 2013-08-28 21:16 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Eguqu
2013-08-27 07:14 - 2013-08-27 07:14 - 00000164 _____ C:\Users\BK Laptop\Desktop\BullGuard Online-Laufwerk.lnk
2013-08-27 07:13 - 2013-08-27 07:13 - 00113088 _____ (BullGuard Ltd.) C:\Windows\system32\BgGamingMonitor.dll
2013-08-27 07:13 - 2013-08-27 07:13 - 00060256 _____ (BullGuard Ltd.) C:\Windows\system32\BGLsp.dll
2013-08-27 07:10 - 2013-09-01 10:06 - 00000000 ____D C:\ProgramData\BullGuard
2013-08-27 07:10 - 2013-08-27 16:55 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\BullGuard
2013-08-27 07:10 - 2013-08-27 07:10 - 00001151 _____ C:\Users\Public\Desktop\BullGuard.lnk
2013-08-27 07:10 - 2013-08-27 07:10 - 00000000 ____D C:\Program Files\Common Files\BullGuard Ltd
2013-08-27 07:10 - 2013-08-27 07:10 - 00000000 ____D C:\Program Files\BullGuard Ltd
2013-08-27 07:00 - 2013-08-27 07:00 - 13732352 _____ C:\Users\Public\Desktop\Install BullGuard Internet Security.exe
2013-08-27 06:55 - 2013-08-27 06:54 - 00139371 _____ C:\Users\BK Laptop\Desktop\Computer#20130827054412000000001.bglog
2013-08-20 22:27 - 2013-08-20 22:27 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2013-08-18 17:12 - 2013-08-18 17:12 - 00121879 ____H C:\Users\BK Laptop\Desktop\ZbThumbnail.info
2013-08-18 17:12 - 2013-08-18 17:12 - 00007645 ____H C:\Users\BK Laptop\Documents\ZbThumbnail.info
2013-08-14 22:49 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 22:49 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 22:49 - 2013-07-26 05:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 22:49 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 22:49 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 22:49 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 22:49 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 22:49 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 22:35 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 22:35 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 22:35 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-14 22:35 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 22:35 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 22:35 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 22:35 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 22:35 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 22:35 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 22:35 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 22:35 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 22:35 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-09 08:18 - 2013-08-14 23:01 - 00000000 ____D C:\Windows\system32\MRT
2013-08-03 16:59 - 2013-08-03 16:59 - 00002174 _____ C:\Users\Public\Desktop\Google Earth.lnk

==================== One Month Modified Files and Folders =======

2013-09-01 10:06 - 2013-08-31 10:16 - 00000372 _____ C:\Windows\Tasks\Lyrics Seeker Update.job
2013-09-01 10:06 - 2013-08-27 07:10 - 00000000 ____D C:\ProgramData\BullGuard
2013-09-01 10:05 - 2013-09-01 10:05 - 00000000 ____D C:\FRST
2013-09-01 10:04 - 2013-09-01 10:04 - 01085571 _____ (Farbar) C:\Users\BK Laptop\Downloads\FRST.exe
2013-09-01 10:01 - 2013-09-01 10:01 - 00015353 _____ C:\Users\BK Laptop\Downloads\un2jjcsH.htm
2013-09-01 09:47 - 2010-05-07 19:34 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-01 09:38 - 2010-05-03 20:46 - 01528812 _____ C:\Windows\WindowsUpdate.log
2013-09-01 09:38 - 2009-07-14 06:34 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-01 09:38 - 2009-07-14 06:34 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-01 09:31 - 2013-09-01 09:31 - 00000512 _____ C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2013-09-01 09:31 - 2010-05-07 19:34 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-01 09:30 - 2010-05-08 19:49 - 00000664 _____ C:\Windows\system32\config\afw_hm.conf
2013-09-01 09:30 - 2010-05-08 19:49 - 00000004 _____ C:\Windows\system32\config\afw_db.conf
2013-09-01 09:29 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-01 09:29 - 2009-07-14 06:39 - 00122060 _____ C:\Windows\setupact.log
2013-09-01 09:27 - 2012-04-17 19:38 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-01 09:25 - 2013-08-31 10:24 - 00000306 _____ C:\Windows\Tasks\MetaCrawler.job
2013-09-01 09:20 - 2010-05-06 23:11 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Udlef
2013-09-01 09:18 - 2013-08-31 10:17 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-31 10:47 - 2013-08-31 10:45 - 00034261 _____ C:\Users\BK Laptop\Desktop\AdwCleaner[S1].txt
2013-08-31 10:46 - 2012-01-30 17:11 - 00000000 ____D C:\ProgramData\PC Suite
2013-08-31 10:41 - 2013-08-31 10:37 - 00000000 ____D C:\AdwCleaner
2013-08-31 10:40 - 2013-08-31 10:17 - 00001015 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-31 10:40 - 2010-07-15 20:26 - 00001252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-31 10:40 - 2010-05-03 20:47 - 00001164 _____ C:\Users\BK Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-31 10:37 - 2013-08-31 10:36 - 00994642 _____ C:\Users\BK Laptop\Downloads\adwcleaner.exe
2013-08-31 10:33 - 2013-08-31 10:33 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-31 10:26 - 2013-08-31 10:26 - 00714816 _____ C:\Users\BK Laptop\Downloads\ZipOpenerSetup(4).exe
2013-08-31 10:26 - 2013-08-31 10:26 - 00714816 _____ C:\Users\BK Laptop\Downloads\ZipOpenerSetup(3).exe
2013-08-31 10:26 - 2013-08-31 10:26 - 00714816 _____ C:\Users\BK Laptop\Downloads\ZipOpenerSetup(2).exe
2013-08-31 10:25 - 2013-08-31 10:25 - 00000000 ____D C:\Users\BKLAPT~1\AppData\Local\Macromedia
2013-08-31 10:24 - 2013-08-31 10:24 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\MetaCrawler
2013-08-31 10:24 - 2013-08-31 10:24 - 00000000 ____D C:\Program Files\metaCrawler
2013-08-31 10:23 - 2013-08-31 10:23 - 00714816 _____ C:\Users\BK Laptop\Downloads\ZipOpenerSetup(1).exe
2013-08-31 10:22 - 2013-08-31 10:22 - 00714816 _____ C:\Users\BK Laptop\Downloads\ZipOpenerSetup.exe
2013-08-31 10:17 - 2013-08-31 10:17 - 00001083 _____ C:\Users\BK Laptop\Desktop\PC Speed Maximizer.lnk
2013-08-31 10:17 - 2013-08-31 10:17 - 00000000 ____D C:\Users\BKLAPT~1\AppData\Local\Mozilla
2013-08-31 10:17 - 2013-08-31 10:17 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Mozilla
2013-08-31 10:17 - 2013-08-31 10:17 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-31 10:16 - 2013-08-31 10:16 - 00129536 _____ C:\Users\Public\AlexaNSISPlugin.5540.dll
2013-08-31 10:16 - 2013-08-31 10:16 - 00000000 ____D C:\Program Files\LyricsSeeker
2013-08-31 10:16 - 2013-08-31 10:03 - 22404568 _____ (Mozilla) C:\Users\BK Laptop\Downloads\Firefox_Setup [1].exe
2013-08-31 10:16 - 2010-10-09 21:36 - 00000000 ____D C:\Program Files\Amazon
2013-08-31 10:16 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2013-08-31 10:15 - 2013-08-31 10:15 - 00620688 _____ C:\Users\BK Laptop\Downloads\Firefox_Setup.exe
2013-08-31 10:15 - 2010-03-02 07:02 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-31 10:01 - 2013-08-31 10:01 - 00001624 _____ C:\Users\Public\Desktop\iMesh.lnk
2013-08-29 09:19 - 2013-08-28 21:16 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Mobou
2013-08-28 21:16 - 2013-08-28 21:16 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Raes
2013-08-28 21:16 - 2013-08-28 21:16 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Eguqu
2013-08-27 16:55 - 2013-08-27 07:10 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\BullGuard
2013-08-27 16:52 - 2010-03-02 08:06 - 00078350 _____ C:\Windows\PFRO.log
2013-08-27 16:21 - 2010-05-05 03:06 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Ovvai
2013-08-27 07:14 - 2013-08-27 07:14 - 00000164 _____ C:\Users\BK Laptop\Desktop\BullGuard Online-Laufwerk.lnk
2013-08-27 07:13 - 2013-08-27 07:13 - 00113088 _____ (BullGuard Ltd.) C:\Windows\system32\BgGamingMonitor.dll
2013-08-27 07:13 - 2013-08-27 07:13 - 00060256 _____ (BullGuard Ltd.) C:\Windows\system32\BGLsp.dll
2013-08-27 07:10 - 2013-08-27 07:10 - 00001151 _____ C:\Users\Public\Desktop\BullGuard.lnk
2013-08-27 07:10 - 2013-08-27 07:10 - 00000000 ____D C:\Program Files\Common Files\BullGuard Ltd
2013-08-27 07:10 - 2013-08-27 07:10 - 00000000 ____D C:\Program Files\BullGuard Ltd
2013-08-27 07:09 - 2010-05-20 21:17 - 00000000 ____D C:\Users\Administrator
2013-08-27 07:00 - 2013-08-27 07:00 - 13732352 _____ C:\Users\Public\Desktop\Install BullGuard Internet Security.exe
2013-08-27 06:54 - 2013-08-27 06:55 - 00139371 _____ C:\Users\BK Laptop\Desktop\Computer#20130827054412000000001.bglog
2013-08-20 22:27 - 2013-08-20 22:27 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2013-08-20 22:27 - 2012-04-17 19:38 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-20 22:27 - 2011-06-22 19:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-18 17:16 - 2011-11-24 20:39 - 00000000 ____D C:\Users\BK Laptop\Desktop\Kalender 2012
2013-08-18 17:16 - 2010-05-06 20:29 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\ZoomBrowser EX
2013-08-18 17:12 - 2013-08-18 17:12 - 00121879 ____H C:\Users\BK Laptop\Desktop\ZbThumbnail.info
2013-08-18 17:12 - 2013-08-18 17:12 - 00007645 ____H C:\Users\BK Laptop\Documents\ZbThumbnail.info
2013-08-18 17:12 - 2013-07-02 22:13 - 00000000 ____D C:\Users\BK Laptop\Desktop\Nexus
2013-08-18 17:12 - 2013-06-02 17:34 - 00000000 ____D C:\Users\BK Laptop\Desktop\Bilderablage
2013-08-18 17:12 - 2013-02-10 23:02 - 00000000 ____D C:\Users\BK Laptop\Desktop\Redeker
2013-08-18 17:12 - 2012-12-08 13:34 - 00000000 ____D C:\Users\BK Laptop\Desktop\Kalender 2013
2013-08-18 17:12 - 2012-09-08 20:11 - 00000000 ____D C:\Users\BK Laptop\Desktop\Einschulung
2013-08-18 17:12 - 2012-08-06 14:19 - 00000000 ____D C:\Users\BK Laptop\Desktop\Matthias
2013-08-18 17:12 - 2012-02-12 15:19 - 00006144 _____ C:\Users\BKLAPT~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-18 17:12 - 2011-10-09 12:04 - 00000000 ____D C:\Users\BK Laptop\Desktop\Fotos
2013-08-18 17:11 - 2010-05-20 21:41 - 00000000 ____D C:\_Merle
2013-08-17 09:23 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-17 09:15 - 2010-05-04 17:49 - 00000000 ____D C:\_Irena Jens
2013-08-15 16:27 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-14 23:01 - 2013-08-09 08:18 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 22:53 - 2010-03-02 08:25 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-03 16:59 - 2013-08-03 16:59 - 00002174 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-08-03 16:59 - 2010-05-07 19:34 - 00000000 ____D C:\Program Files\Google

Files to move or delete:
====================
C:\Users\BKLAPT~1\AppData\Local\Temp\7z.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\AMPing.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\BackupSetup.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\BgCSDetect.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\FlashPlayerUpdate02.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\InstallManager_BAB_BAB.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\MgxVistaTools.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\mpengine.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\Quarantine.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\{6719AA8F-6763-465B-A6B8-060DAC469AFB}-21.0.1180.79_21.0.1180.75_chrome_updater.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\~WKS04TEMP\launcher.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\~WKS04TEMP\setuplng.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\~WKS04TEMP\setups.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\~WKS04TEMP\unregwtr.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\{D5878294-C113-43c5-A24F-FC333C52015A}\NokiaSuite2Installer.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\VSDEEDC.tmp\DotNetFX\dotnetchk.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\Temp1_Scan2PDF_1_7.zip\Scan2PDF\Scan2PDF.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\Temp1_Nordsee_11_8.zip\ms_setup.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\PIKO-MASTER-CONTROL-INSTALL-1.0.2009.034\setup.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\PIKO-MASTER-CONTROL-INSTALL-1.0.2009.034\DotNetFX\dotnetfx.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\PIKO-MASTER-CONTROL-INSTALL-1.0.2009.034\DotNetFX\instmsia.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\PIKO-MASTER-CONTROL-INSTALL-1.0.2009.034\DotNetFX\langpack.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\PIKO-MASTER-CONTROL-INSTALL-1.0.2009.034\DotNetFX\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\ISSetup.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\mfc90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\mfc90u.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\msvcp90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\msvcr90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\Run_Setup.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\setup.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\_setup.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\VideoUtility\ISSetup.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\VideoUtility\setup.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\VideoUtility\_setup.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\USBDriver\XP\setup.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\USBDriver\Vista\setup.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\TapeUtility\ISSetup.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\TapeUtility\setup.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\TapeUtility\_setup.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\Shared2\ISSetup.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\Shared2\setup.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\Shared2\_setup.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\PMBCore\ISSetup.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\PMBCore\setup.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\PMBCore\_setup.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\Music Transfer\ISSetup.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\Music Transfer\setup.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\Music Transfer\_setup.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\DirectX\DSETUP.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\DirectX\dsetup32.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\pftDB8C.tmp\DirectX\DXSETUP.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\nskD78E.tmp\BgInstallAssist.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\nskD78E.tmp\BgWsc.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\nskD78E.tmp\Gui.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\nskD78E.tmp\nsExec.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\nskD78E.tmp\System.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\nskD78E.tmp\UserInfo.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\nskB658.tmp\BgInstallAssist.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\nskB658.tmp\ButtClick.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\nskB658.tmp\Gui.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\nskB658.tmp\nsDialogs.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\nskB658.tmp\nsExec.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\nskB658.tmp\System.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\nskB658.tmp\UserInfo.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\nsd53D7.tmp\FindProcDLL.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\nsd53D7.tmp\InstallOptions.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\nsd53D7.tmp\SkinnedControls.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\nsd53D7.tmp\System.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\NERO1005926\ipclog.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\NERO1005926\setupx.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\NERO1005926\unit_app_75\Toolbar.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\Jgl_Rt\jesterrun0.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\is357113909\1129461_Setup.EXE
C:\Users\BKLAPT~1\AppData\Local\Temp\is357113909\977962_Setup.EXE
C:\Users\BKLAPT~1\AppData\Local\Temp\is357113909\chrome_logic.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\is357113909\cor_ar_201381417179_qvo6.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\is357113909\OpenItSetup.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\is357113909\OptimizerPro.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\is357113909\uninstaller.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\is357113909\wajam_download.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\is357113909\wajam_validate.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\is357113909\WebConnect.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\is1293846689\FoxtabAcPro.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\is1293846689\IncrediBarAD_2.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\is1293846689\IWantThisAD_ROW.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\is1293846689\MyBabylonTB.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\is1275519350\1412407_Setup.EXE
C:\Users\BKLAPT~1\AppData\Local\Temp\is1275519350\1412676_Setup.EXE
C:\Users\BKLAPT~1\AppData\Local\Temp\is1275519350\1412851_Setup.EXE
C:\Users\BKLAPT~1\AppData\Local\Temp\is1275519350\489316_Setup.EXE
C:\Users\BKLAPT~1\AppData\Local\Temp\is1275519350\489400_Setup.EXE
C:\Users\BKLAPT~1\AppData\Local\Temp\is1275519350\489641_Setup.EXE
C:\Users\BKLAPT~1\AppData\Local\Temp\is1275519350\DeltaTB.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\is1275519350\distro-amzn-ironsource-rs-2.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\is1275519350\rcpsetup_adppi_adppi.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\is1275519350\wajam_validate.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\EC23.dir\InstallFlashPlayer.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\EB0A.dir\InstallFlashPlayer.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\D440.dir\InstallFlashPlayer.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\C429.dir\InstallFlashPlayer.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\C2D2.dir\InstallFlashPlayer.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\hpzids01.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\hpzids40.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\HPZstub.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\Setup.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\CCC_Uninstaller.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\FixErr1714.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\hpqrrx08.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\trk\WindowsXP-KB822603-x86-TRK.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\sve\WindowsXP-KB822603-x86-SVE.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\rus\WindowsXP-KB822603-x86-RUS.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\ptb\WindowsXP-KB822603-x86-ptb.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\plk\WindowsXP-KB822603-x86-PLK.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\nob\WindowsXP-KB822603-x86-NOR.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\nld\WindowsXP-KB822603-x86-NLD.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\kor\WindowsXP-KB822603-x86-KOR.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\jpn\WindowsXP-KB822603-x86-jpn.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\ita\WindowsXP-KB822603-x86-ITA.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\hun\WindowsXP-KB822603-x86-HUN.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\fra\WindowsXP-KB822603-x86-fra.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\fin\WindowsXP-KB822603-x86-FIN.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\esn\WindowsXP-KB822603-x86-esn.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\enu\WindowsXP-KB822603-x86-enu.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\ell\WindowsXP-KB822603-x86-ELL.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\deu\WindowsXP-KB822603-x86-DEU.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\dan\WindowsXP-KB822603-x86-DAN.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\csy\WindowsXP-KB822603-x86-CSY.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\cht\WindowsXP-KB822603-x86-CHT.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\util\ccc\chs\WindowsXP-KB822603-x86-CHS.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\BlockSysUserInstall.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\difxapi.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPCommunication.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPeDiag.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPeSupport.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\hpqbhp01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPScripting.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZarp01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZcdl01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZchk01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZdui01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZdui40.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\hpzfwx01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZgat01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZmsi01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZnop01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\hpznui01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZnui40.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\hpznuiprn01.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\hpznuiprn40.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZpnp01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZpnp40.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZprl01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZprl40.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZpsc01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZpsl01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZrcn01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZrcv01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZrein01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZscr01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZscr40.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZshl01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZshl40.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZSWP01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZtim01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZwis01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZwrp01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\HPZwup01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\InstallMetrics.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\InternetUtil.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\msxml3.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\msxml3a.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\msxml3r.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\RDVCoinstFix.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\RenameAutorun.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\RulesEngine.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\TwainFix.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\usbready.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\yahoo\ytb_7.2.2.0_1.5.4_mail_bts_pub_uber_rev_setup_2008.11.25.01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\yahoo\y_hp_intl_detect.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\x64\difxapi.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\wis\Win2K_XP\instmsi.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx86\atl90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx86\hpqNwDr01.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx86\hpzscb01.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx86\hpzscbi0SmrtK.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx86\hpzscbi1BPDUSB.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx86\hpzscbi257usw.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx86\hpzscbi259Nop.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx86\hpzscbi2Snmp.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx86\mfc90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx86\mfc90u.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx86\mfcm90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx86\mfcm90u.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx86\msvcm90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx86\msvcp90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx86\msvcr90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx64\atl90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx64\hpqNwDr40.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx64\hpzscb01.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx64\hpzscbi0SmrtK.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx64\hpzscbi1BPDUSB.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx64\hpzscbi257usw.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx64\hpzscbi259Nop.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx64\hpzscbi2Snmp.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx64\mfc90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx64\mfc90u.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx64\mfcm90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx64\mfcm90u.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx64\msvcm90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx64\msvcp90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\setup\networkx64\msvcr90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\drivers\scanner\x64\hpotiop1.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\drivers\scanner\x64\hpotscl1.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\drivers\scanner\x64\hpovst01.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\drivers\scanner\x64\hpowiav1.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\drivers\scanner\x64\hpowiax1.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\drivers\scanner\x32\hpotiop1.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\drivers\scanner\x32\hpotpusd.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\drivers\scanner\x32\hpotscl1.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\drivers\scanner\x32\hpovst01.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\drivers\scanner\x32\hpowiav1.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS71B0\drivers\scanner\x32\hpowiax1.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\hpzids01.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\hpzids40.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\hpzsetup.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\HPZstub.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\Setup.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\CCC_Uninstaller.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\FixErr1714.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\hpqrrx08.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\trk\WindowsXP-KB822603-x86-TRK.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\sve\WindowsXP-KB822603-x86-SVE.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\rus\WindowsXP-KB822603-x86-RUS.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\ptb\WindowsXP-KB822603-x86-ptb.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\plk\WindowsXP-KB822603-x86-PLK.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\nob\WindowsXP-KB822603-x86-NOR.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\nld\WindowsXP-KB822603-x86-NLD.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\kor\WindowsXP-KB822603-x86-KOR.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\jpn\WindowsXP-KB822603-x86-jpn.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\ita\WindowsXP-KB822603-x86-ITA.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\hun\WindowsXP-KB822603-x86-HUN.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\fra\WindowsXP-KB822603-x86-fra.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\fin\WindowsXP-KB822603-x86-FIN.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\esn\WindowsXP-KB822603-x86-esn.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\enu\WindowsXP-KB822603-x86-enu.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\ell\WindowsXP-KB822603-x86-ELL.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\deu\WindowsXP-KB822603-x86-DEU.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\dan\WindowsXP-KB822603-x86-DAN.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\csy\WindowsXP-KB822603-x86-CSY.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\cht\WindowsXP-KB822603-x86-CHT.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\util\ccc\chs\WindowsXP-KB822603-x86-CHS.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\BlockSysUserInstall.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\difxapi.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPCommunication.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPeDiag.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPeSupport.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\hpqbhp01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPScripting.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZarp01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZcdl01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZchk01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZdui01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZdui40.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\hpzfwx01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZgat01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZmsi01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZnop01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\hpznui01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZnui40.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\hpznuiprn01.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\hpznuiprn40.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZpnp01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZpnp40.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZprl01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZprl40.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZpsc01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZpsl01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZrcn01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZrcv01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZrein01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZscr01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZscr40.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZshl01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZshl40.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZSWP01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZtim01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZwis01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZwrp01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\HPZwup01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\InstallMetrics.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\InternetUtil.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\msxml3.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\msxml3a.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\msxml3r.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\RDVCoinstFix.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\RenameAutorun.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\RulesEngine.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\TwainFix.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\usbready.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\yahoo\ytb_7.2.2.0_1.5.4_mail_bts_pub_uber_rev_setup_2008.11.25.01.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\yahoo\y_hp_intl_detect.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\x64\difxapi.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\wis\Win2K_XP\instmsi.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx86\atl90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx86\hpqNwDr01.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx86\hpzscb01.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx86\hpzscbi0SmrtK.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx86\hpzscbi1BPDUSB.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx86\hpzscbi257usw.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx86\hpzscbi259Nop.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx86\hpzscbi2Snmp.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx86\mfc90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx86\mfc90u.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx86\mfcm90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx86\mfcm90u.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx86\msvcm90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx86\msvcp90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx86\msvcr90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx64\atl90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx64\hpqNwDr40.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx64\hpzscb01.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx64\hpzscbi0SmrtK.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx64\hpzscbi1BPDUSB.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx64\hpzscbi257usw.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx64\hpzscbi259Nop.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx64\hpzscbi2Snmp.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx64\mfc90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx64\mfc90u.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx64\mfcm90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx64\mfcm90u.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx64\msvcm90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx64\msvcp90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\setup\networkx64\msvcr90.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\drivers\scanner\x64\hpotiop1.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\drivers\scanner\x64\hpotscl1.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\drivers\scanner\x64\hpovst01.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\drivers\scanner\x64\hpowiav1.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\drivers\scanner\x64\hpowiax1.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\drivers\scanner\x32\hpotiop1.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\drivers\scanner\x32\hpotpusd.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\drivers\scanner\x32\hpotscl1.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\drivers\scanner\x32\hpovst01.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\drivers\scanner\x32\hpowiav1.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\7zS7060\drivers\scanner\x32\hpowiax1.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\703.dir\InstallFlashPlayer.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\4F67.dir\InstallFlashPlayer.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\4F.dir\InstallFlashPlayer.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\312C7729-BAB0-7891-9A54-7B1217360EB0\IECookieLow.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\312C7729-BAB0-7891-9A54-7B1217360EB0\Latest\BabMaint.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\312C7729-BAB0-7891-9A54-7B1217360EB0\Latest\BExternal.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\312C7729-BAB0-7891-9A54-7B1217360EB0\Latest\BUSolForMontiera.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\312C7729-BAB0-7891-9A54-7B1217360EB0\Latest\BUSolution.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\312C7729-BAB0-7891-9A54-7B1217360EB0\Latest\ccp.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\312C7729-BAB0-7891-9A54-7B1217360EB0\Latest\ChromeToolbarSetup.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\312C7729-BAB0-7891-9A54-7B1217360EB0\Latest\CrxInstaller.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\312C7729-BAB0-7891-9A54-7B1217360EB0\Latest\enhancedNT.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\312C7729-BAB0-7891-9A54-7B1217360EB0\Latest\GUninstaller.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\312C7729-BAB0-7891-9A54-7B1217360EB0\Latest\IECookieLow.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\312C7729-BAB0-7891-9A54-7B1217360EB0\Latest\IEHelper.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\312C7729-BAB0-7891-9A54-7B1217360EB0\Latest\MntrDLLInstall.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\312C7729-BAB0-7891-9A54-7B1217360EB0\Latest\MyDeltaTB.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\312C7729-BAB0-7891-9A54-7B1217360EB0\Latest\Setup.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\312C7729-BAB0-7891-9A54-7B1217360EB0\Latest\sqlite3.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\2274193E-BAB0-7891-BA33-E1DD4DCEA006\BExternal.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\2274193E-BAB0-7891-BA33-E1DD4DCEA006\IECookieLow.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\2274193E-BAB0-7891-BA33-E1DD4DCEA006\MyBabylonTB.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\2274193E-BAB0-7891-BA33-E1DD4DCEA006\Setup.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\2274193E-BAB0-7891-BA33-E1DD4DCEA006\sqlite3.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\1ED6.dir\InstallFlashPlayer.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\._msigeplugin52\GoogleEarth.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\._msigeplugin52\program files\Google\Google Earth\plugin\earthps.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\._msigeplugin52\program files\Google\Google Earth\plugin\geplugin.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\._msigeplugin52\program files\Google\Google Earth\plugin\ge_expat.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\._msigeplugin52\program files\Google\Google Earth\plugin\googleearth_free.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\._msigeplugin52\program files\Google\Google Earth\plugin\msvcp80.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\._msigeplugin52\program files\Google\Google Earth\plugin\msvcr80.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\._msigeplugin52\program files\Google\Google Earth\plugin\npgeplugin.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\._msigeplugin52\program files\Google\Google Earth\plugin\plugin_ax.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\._msige52\GoogleEarth.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\._msige52\program files\Google\Google Earth\plugin\earthps.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\._msige52\program files\Google\Google Earth\plugin\geplugin.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\._msige52\program files\Google\Google Earth\plugin\ge_expat.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\._msige52\program files\Google\Google Earth\plugin\googleearth_free.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\._msige52\program files\Google\Google Earth\plugin\msvcp80.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\._msige52\program files\Google\Google Earth\plugin\msvcr80.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\._msige52\program files\Google\Google Earth\plugin\npgeplugin.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\._msige52\program files\Google\Google Earth\plugin\plugin_ax.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\._msige52\program files\Google\Google Earth\client\earthflashsol.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\._msige52\program files\Google\Google Earth\client\earthps.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\._msige52\program files\Google\Google Earth\client\ge_expat.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\._msige52\program files\Google\Google Earth\client\googleearth.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\._msige52\program files\Google\Google Earth\client\googleearth_free.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\._msige52\program files\Google\Google Earth\client\gpsbabel.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\._msige52\program files\Google\Google Earth\client\msvcp80.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\._msige52\program files\Google\Google Earth\client\msvcr80.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-04-24 14:50

==================== End Of Log ============================
--- --- ---


und die additional.txt:
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-09-2013
Ran by BK Laptop at 2013-09-01 10:07:48
Running from C:\Users\BK Laptop\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

32 Bit HP CIO Components Installer (Version: 6.1.1)
AAVUpdateManager (Version: 18.00.0000)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
Advertising Center (Version: 0.0.0.2)
AIO_CDB_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.421.000)
ALDI Foto Service (Version: 4.5.14.203)
Aldi Foto Service 4.6 (Version: 4.6)
ALDI NORD Bestellsoftware 4.12.2 (Version: 4.12.2)
ALDI Nord Foto Manager Free (Version: 6.0.1.491)
Aldi Nord Fotoservice 2.7
ALDI Nord Online Druck Service (Version: 4.5.1.0)
ALDI Nord Online Druck Service 4.6 (Version: 4.6)
Amazon MP3-Downloader 1.0.17 (Version: 1.0.17)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ArcSoft MediaImpression 2 (Version: 2.0.19.1063)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.23)
AudibleManager (Version: 2009094768.48.56.3935466)
Audiograbber 1.83 SE  (Version: 1.83 SE )
Audiograbber MP3-Plugin (Version: 1.0)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
BullGuard (Version: 13.0)
Canon G.726 WMP-Decoder (Version: 1.1.0.4)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.7.2.11)
Canon Internet Library for ZoomBrowser EX (Version: 1.6.3.9)
Canon MOV Decoder (Version: 1.5.0.7)
Canon MOV Encoder (Version: 1.3.1.3)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.4.1.9)
Canon RAW Image Task for ZoomBrowser EX (Version: 2.6.0.13)
Canon RemoteCapture Task for ZoomBrowser EX (Version: 1.7.0.8)
Canon Utilities CameraWindow (Version: 7.4.0.7)
Canon Utilities CameraWindow DC 8 (Version: 8.1.0.11)
Canon Utilities MyCamera (Version: 7.3.0.5)
Canon Utilities PhotoStitch (Version: 3.1.19.43)
Canon Utilities ZoomBrowser EX (Version: 6.5.1.15)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.3.0.4)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000)
CorelDRAW Essentials 4
CorelDRAW Essentials 4 - Content (Version: 4.0)
CorelDRAW Essentials 4 - Draw (Version: 4.0)
CorelDRAW Essentials 4 - Filters (Version: 4.0)
CorelDRAW Essentials 4 - ICA (Version: 4.0)
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0)
CorelDRAW Essentials 4 - Lang BR (Version: 4.0)
CorelDRAW Essentials 4 - Lang DE (Version: 4.0)
CorelDRAW Essentials 4 - Lang EN (Version: 4.0)
CorelDRAW Essentials 4 - Lang ES (Version: 4.0)
CorelDRAW Essentials 4 - Lang FR (Version: 4.0)
CorelDRAW Essentials 4 - Lang IT (Version: 4.0)
CorelDRAW Essentials 4 - Lang NL (Version: 4.0)
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0)
CorelDRAW Essentials 4 - Windows Shell Extension
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1)
CorelDRAW Essentials 4 (Version: 4.0)
CyberLink LabelPrint (Version: 2.5.2602)
CyberLink MediaShow (Version: 5.0.1410a)
CyberLink PhotoNow (Version: 1.1.6904)
CyberLink Power2Go (Version: 6.1.3602c)
CyberLink PowerDirector (Version: 8.0.2522)
CyberLink PowerDVD 9 (Version: 9.0.2519.00)
CyberLink PowerDVD Copy (Version: 1.5.1306)
CyberLink PowerProducer (Version: 5.0.2.2326)
CyberLink YouCam (Version: 3.0.2609)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
ElsterFormular (Version: 11.5.0.4546)
ElsterFormular für Privatanwender und Unternehmer (Version: 12.2.0.6412k)
ElsterFormular für Unternehmer (Version: 12.0.0.5880u)
Firebird SQL Server - MAGIX Edition (Version: 2.1.27.0)
Free M4a to MP3 Converter 6.1
Garmin BaseCamp (Version: 3.3.2)
Garmin Communicator Plugin (Version: 3.0.1)
Garmin MapSource (Version: 6.16.3)
Garmin Training Center (Version: 3.6.5)
Garmin USB Drivers (Version: 2.3.0.0)
Garmin WebUpdater (Version: 2.5.5)
Gigaset QuickSync (Version: 7.1.0841.3)
Google Chrome (Version: 29.0.1547.62)
Google Earth (Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4413.1752)
Google Update Helper (Version: 1.3.21.153)
GPBaseService2 (Version: 130.0.371.000)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Solution Center 13.0 (Version: 13.0)
HPPhotoGadget (Version: 130.0.282.000)
HPProductAssistant (Version: 130.0.371.000)
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.2092)
Intel(R) Management Engine Components (Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (Version: 9.5.0.1037)
Intel(R) TV Wizard
Internet-TV für Windows Media Center (Version: 4.2.2.0)
iTunes (Version: 11.0.2.26)
Java Auto Updater (Version: 2.0.1.2)
Java(TM) 6 Update 18 (Version: 6.0.180)
Junk Mail filter update (Version: 14.0.8089.726)
K-Lite Codec Pack 4.0.0 (Full) (Version: 4.0.0)
Launch Manager V1.5.0.8 (Version: 1.5.0.8)
Leap Free MP3 to M4A AAC Converter 5.0
Lyrics Seeker
MEDION Fotos auf CD & DVD SE Nord (Version: 8.0.3.4)
Medion Home Cinema (Version: 8.0.1318)
metaCrawler
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft AutoRoute v11.0 (Version: 11.00.18.1900)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Live Add-in 1.4 (Version: 2.0.3008.0)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Picture It! Foto Premium 9 (Version: 9.0.0.0000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [DEU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 07.03.0512)
Microsoft Works (Version: 9.7.0621)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
Mozilla Firefox 23.0.1 (x86 en-US) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyPC Backup  (Version: )
Nero ControlCenter (Version: 9.0.0.1)
Nero Installer (Version: 4.4.9.0)
Nero Media Player
Nero OEM
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.31.100)
NeroVision Express 2
neroxml (Version: 1.0.0)
Network (Version: 130.0.572.000)
Nokia Connectivity Cable Driver (Version: 7.1.69.0)
Nokia Suite (Version: 3.3.86.0)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PC Connectivity Solution (Version: 11.5.29.0)
PC Speed Maximizer v3.1 (Version: 3.1)
PDFCreator (Version: 1.2.0)
pdfforge Toolbar v1.1.2 (Version: 1.1.2)
PIKO Master Control V2.0 v1.0.2.0 (Version: 1.0.2.0)
PIKO-Master-Control (Version: 1.0.43)
PlayReady PC Runtime x86 (Version: 1.3.0)
Ravensburger tiptoi
Realtek High Definition Audio Driver (Version: 6.0.1.6057)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30101)
REALTEK Wireless LAN Driver (Version: 1.00.0145)
Rossmann Fotowelt Software 4.9 (Version: 4.9)
Runtime (Version: 1.00.0000)
Scan (Version: 13.0.0.0)
Scan2PDF 1.6
Setup-Start von Microsoft Works 2004
Skype™ 6.3 (Version: 6.3.105)
SolutionCenter (Version: 130.0.373.000)
Sony MHS Camera Driver
StarMoney (Version: 1.0)
StarMoney (Version: 2.0)
StarMoney 6.0 S-Edition (Version: 6.0)
StarMoney 7.0 S-Edition (Version: 7.0)
Steuer-Spar-Erklärung 2011 (Version: 16.06)
Steuer-Spar-Erklärung 2012 (Version: 17.12)
Steuer-Spar-Erklärung 2013 (Version: 18.08)
Synaptics Pointing Device Driver (Version: 14.0.19.0)
Toolbox (Version: 130.0.648.000)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Zip Opener
WebConnect 3.0.0 (Version: 3.0.0)
WebReg (Version: 130.0.132.017)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Fotogalerie (Version: 14.0.8081.709)
Windows Live ID-Anmelde-Assistent (Version: 6.500.3146.0)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
Windows Media Center Add-in for Silverlight (Version: 4.7.2.0)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
X10 Hardware(TM)
 

==================== Restore Points  =========================

16-07-2013 19:49:17 Windows-Sicherung
28-07-2013 19:47:19 Windows Update
29-07-2013 06:51:17 Windows-Sicherung
02-08-2013 16:10:27 Windows Update
05-08-2013 11:13:49 Windows-Sicherung
06-08-2013 09:09:22 Windows Update
09-08-2013 06:12:33 Windows Update
11-08-2013 17:37:33 Windows-Sicherung
13-08-2013 14:39:56 Windows Update
14-08-2013 20:48:45 Windows Update
18-08-2013 17:00:22 Windows-Sicherung
20-08-2013 18:51:22 Windows Update
25-08-2013 17:40:54 Windows-Sicherung
27-08-2013 10:01:35 Windows Update
28-08-2013 19:22:59 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {017B0D99-6C6E-4CBF-B4FD-9300AE7859AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-07] (Google Inc.)
Task: {081CF4AB-BE70-4620-ACA3-5E8C1BD6A4F6} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {2DEB9824-9792-4751-9EC2-BFD68C42742C} - System32\Tasks\MetaCrawler => C:\Users\BKLAPT~1\AppData\Roaming\METACR~1\UPDATE~1\UPDATE~1.EXE [2013-08-31] ()
Task: {3103BC26-B05B-40DA-9C4F-FEE0E54475BE} - System32\Tasks\RegClean Pro => C:\Program Files\RegClean Pro\RegCleanPro.exe No File
Task: {361B190E-CB32-4E85-B581-DA0BA11B3701} - System32\Tasks\{FED5AC4B-6D34-48B7-8C63-FD8ADBF1EFFF} => C:\Program Files\PIKO Master Control V2.0\PIKOMasterControl2.exe [2009-09-02] (KOSTAL Solar Electric GmbH)
Task: {49831603-F131-48B5-9F52-605FDF19464F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: {76C061EB-9F79-4CDD-99C2-FD364C5C0527} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {7AB6B3EC-54AF-4D05-9B14-133CF763F5AC} - System32\Tasks\Lyrics Seeker Update => C:\Program Files\LyricsSeeker\Lupdate.exe [2013-08-29] ()
Task: {9456AC69-C42E-491A-A380-82A5B357FF4F} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {A55542EF-56F3-48FB-80DA-548DB4BE0E35} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-20] (Microsoft Corporation)
Task: {BCB82CD8-4584-4FE4-9318-EFF7B3755C3E} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation)
Task: {C39225D9-DB51-4F61-836E-3B3FB07845A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-07] (Google Inc.)
Task: {D90DE9FF-D2A7-4CCB-9067-9ECB6D45822A} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {EB4421ED-699C-4DA3-9375-314CD936379C} - System32\Tasks\Advanced System Protector => C:\Program Files\RegClean Pro\SystweakASP.exe No File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Lyrics Seeker Update.job => C:\Program Files\LyricsSeeker\Lupdate.exe
Task: C:\Windows\Tasks\MetaCrawler.job => C:\Users\BKLAPT~1\AppData\Roaming\METACR~1\UPDATE~1\UPDATE~1.EXE

==================== Loaded Modules (whitelisted) =============

2013-08-27 07:13 - 2013-08-27 07:13 - 00113088 _____ (BullGuard Ltd.) C:\Windows\system32\BgGamingMonitor.dll
2010-03-12 13:07 - 2010-08-25 20:23 - 04411904 _____ (Intel Corporation) C:\Windows\system32\igd10umd32.dll
2013-08-27 07:13 - 2013-08-27 07:13 - 00097120 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\spamfilter\LittleHook.dll
2009-07-14 01:22 - 2009-07-14 03:15 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\fdproxy.dll
2013-05-20 10:51 - 2013-05-20 10:51 - 00053600 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll
2011-06-11 01:58 - 2011-06-11 01:58 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\MSVCR100.dll
2011-08-30 23:05 - 2011-08-30 23:05 - 00121704 _____ (Apple Inc.) C:\Program Files\Bonjour\mdnsNSP.dll
2011-05-25 21:18 - 2010-11-20 14:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\SPPC.DLL
2011-05-25 21:18 - 2010-11-20 14:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\SHUNIMPL.DLL
2001-02-14 21:45 - 2001-02-14 21:45 - 01318912 _____ (Microsoft Corporation) C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
2001-01-22 03:25 - 2001-01-22 03:25 - 00086016 _____ (Microsoft Corporation) C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\pkmws.dll
2009-07-14 01:43 - 2009-07-14 03:15 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\HLINK.dll
2009-07-14 01:53 - 2009-07-14 03:16 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\NetworkItemFactory.dll
2009-07-14 01:53 - 2009-07-14 03:15 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\dtsh.dll
2009-07-14 01:53 - 2009-07-14 03:15 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2013-08-27 07:13 - 2013-08-27 07:13 - 00320352 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BackupShellNamespace.dll
2012-06-26 11:32 - 2012-06-26 11:32 - 00979808 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Program Files\BullGuard Ltd\BullGuard\LIBEAY32.dll
2011-06-11 01:58 - 2011-06-11 01:58 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\MSVCP100.dll
2013-05-23 14:16 - 2013-05-23 14:16 - 00182624 _____ (The cURL library, hxxp://curl.haxx.se/) C:\Program Files\BullGuard Ltd\BullGuard\libcurl.dll
2012-06-26 11:32 - 2012-06-26 11:32 - 00234336 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Program Files\BullGuard Ltd\BullGuard\SSLEAY32.dll
2012-06-26 11:32 - 2012-06-26 11:32 - 00073568 _____ () C:\Program Files\BullGuard Ltd\BullGuard\zlib1.dll
2013-04-11 12:41 - 2013-04-11 12:41 - 00557408 _____ () C:\Program Files\BullGuard Ltd\BullGuard\LibXml2.dll
2012-12-03 17:22 - 2012-12-03 17:22 - 00025216 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\de\BackupShellNamespaceRes.dll
2001-02-12 04:01 - 2001-02-12 04:01 - 00053248 _____ (Microsoft Corporation) C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\1031\nsextint.dll
2009-07-14 01:22 - 2009-07-14 03:15 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\FunDisc.dll
2009-07-14 01:53 - 2009-07-14 03:15 - 00081920 _____ (Microsoft Corporation) C:\Windows\System32\fdwcn.dll
2009-07-14 01:53 - 2009-07-14 03:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\wcnapi.dll
2009-07-14 01:22 - 2009-07-14 03:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\fdWNet.dll
2009-07-14 01:37 - 2009-07-14 03:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\dfscli.dll
2012-08-25 19:14 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2010-03-02 07:35 - 2009-10-22 17:58 - 00211232 _____ (Wistron Corp.) C:\Program Files\Launch Manager\KBHOOK.dll
2010-03-02 07:00 - 2009-12-11 05:23 - 00173352 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2010-03-02 07:00 - 2009-12-11 05:23 - 00161064 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2009-11-02 15:17 - 2009-11-02 15:17 - 00509224 ____N (Microsoft Corporation) C:\Program Files\CyberLink\Power2Go\MSVCP71.dll
2009-11-02 15:17 - 2009-11-02 15:17 - 00353576 ____N (Microsoft Corporation) C:\Program Files\CyberLink\Power2Go\MSVCR71.dll
2009-11-02 15:20 - 2009-11-02 15:20 - 00619816 ____N () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2011-05-25 21:19 - 2010-11-20 14:21 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2011-05-25 21:18 - 2010-11-20 14:08 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.dll
2009-11-02 15:23 - 2009-11-02 15:23 - 00013096 ____N () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2010-03-02 07:22 - 2010-03-02 15:18 - 00141856 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM\RtkCfg.dll
2010-03-08 13:56 - 2010-03-02 15:18 - 02649120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2010-03-12 13:07 - 2010-08-25 19:59 - 00094720 _____ (Intel Corporation) C:\Windows\System32\hccutils.DLL
2013-08-27 07:13 - 2013-08-27 07:13 - 00113088 _____ (BullGuard Ltd.) C:\Windows\System32\BgGamingMonitor.dll
2010-03-12 13:07 - 2010-08-25 19:59 - 00057344 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2010-08-25 20:02 - 2010-08-25 20:02 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2012-07-05 20:24 - 2010-10-27 19:17 - 00408128 _____ (ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Bin\ArcCon.dll
2013-02-20 12:35 - 2013-02-20 12:35 - 00148808 _____ (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01079184 _____ (Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00053648 _____ (Open Source Software community project) C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00124816 _____ (Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00043408 _____ (Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01292136 _____ (The ICU Project) C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00923496 _____ (The ICU Project) C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 16303976 _____ (The ICU Project) C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00075664 _____ (Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
2013-02-20 13:16 - 2013-02-20 13:16 - 00041800 _____ (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.Resources\de.lproj\iTunesHelperLocalized.DLL
2013-02-20 12:35 - 2013-02-20 12:35 - 00040264 _____ (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
2012-12-21 16:27 - 2012-12-21 16:27 - 01449648 _____ (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 02463632 _____ (Apple, Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00456592 _____ (Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-30 23:05 - 2011-08-30 23:05 - 00073064 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll
2011-06-11 01:58 - 2011-06-11 01:58 - 04422992 _____ (Microsoft Corporation) C:\Windows\system32\mfc100u.dll
2011-06-11 01:58 - 2011-06-11 01:58 - 00064336 _____ (Microsoft Corporation) C:\Windows\system32\MFC100DEU.DLL
2013-04-03 13:58 - 2013-04-03 13:58 - 00022144 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\res\de\BullGuardRes.dll
2013-05-20 10:51 - 2013-05-20 10:51 - 01075552 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\Gui.dll
2013-08-27 07:13 - 2013-08-27 07:13 - 00703328 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\plugins\BpAntivirus.dll
2013-01-24 17:28 - 2013-01-24 17:28 - 00094848 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\res\de\BpAntivirusRes.dll
2013-08-27 07:13 - 2013-08-27 07:13 - 00989536 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\plugins\BpBackup.dll
2013-04-03 13:37 - 2013-04-03 13:37 - 00077952 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\de\BpBackupRes.dll
2013-08-27 07:13 - 2013-08-27 07:13 - 00679264 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\plugins\BpFirewall.dll
2013-04-03 15:31 - 2013-04-03 15:31 - 00077952 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\res\de\BpFirewallRes.dll
2013-08-27 07:13 - 2013-08-27 07:13 - 00423776 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\plugins\BpGaming.dll
2012-10-15 10:05 - 2012-10-15 10:05 - 00022656 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\res\de\BpGamingRes.dll
2013-08-27 07:13 - 2013-08-27 07:13 - 00205664 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\plugins\BpInspector.dll
2012-10-23 12:08 - 2012-10-23 12:08 - 00015488 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\de\BpInspectorRes.dll
2013-08-27 07:13 - 2013-08-27 07:13 - 00119136 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\plugins\BpMain.dll
2013-01-14 16:00 - 2013-01-14 16:00 - 00030848 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\de\BpMainRes.dll
2013-08-27 07:13 - 2013-08-27 07:13 - 00425824 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\plugins\BpParentalControl.dll
2012-09-12 17:46 - 2012-09-12 17:46 - 00026752 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\res\de\BpParentalControlRes.dll
2013-08-27 07:13 - 2013-08-27 07:13 - 00527712 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\plugins\BpSpamfilter.dll
2012-08-17 19:14 - 2012-08-17 19:14 - 00017024 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\res\de\BpSpamfilterRes.dll
2013-08-27 07:13 - 2013-08-27 07:13 - 00789344 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\Spamfilter\SFMailEngine.dll
2011-05-25 21:18 - 2010-11-20 14:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\MAPI32.dll
2013-05-23 14:16 - 2013-05-23 14:16 - 00482656 _____ () C:\Program Files\BullGuard Ltd\BullGuard\SQLite.dll
2013-08-27 07:13 - 2013-08-27 07:13 - 00877920 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\plugins\BpTuneUp.dll
2013-02-14 11:05 - 2013-02-14 11:05 - 00030848 _____ (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\res\de\BpTuneUpRes.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 08172928 _____ () C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 02288512 _____ () C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00919936 _____ () C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
2012-01-10 19:35 - 2012-01-10 19:35 - 01081216 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\Dal.dll
2012-01-10 19:35 - 2012-01-10 19:35 - 00880000 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\CommonUtilities.dll
2012-01-10 19:35 - 2012-01-10 19:35 - 00055680 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\MMSParser.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00346496 _____ () C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
2012-01-10 19:38 - 2012-01-10 19:38 - 00709504 _____ (Nokia Corporation) C:\Program Files\Nokia\Nokia Suite\nossu2dm.dll
2012-01-10 19:35 - 2012-01-10 19:35 - 00942976 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\CommonWidgets.dll
2012-01-10 19:38 - 2012-01-10 19:38 - 00596864 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\WidgetLibrary.dll
2012-01-10 19:38 - 2012-01-10 19:38 - 03260800 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\styles\Style.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00032640 _____ () C:\Program Files\Nokia\Nokia Suite\imageformats\qgif4.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00034688 _____ () C:\Program Files\Nokia\Nokia Suite\imageformats\qico4.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00202624 _____ () C:\Program Files\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2012-01-10 19:35 - 2012-01-10 19:35 - 02522496 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\DAL\Service.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00196480 _____ () C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
2011-05-25 21:18 - 2010-11-20 14:21 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\WMDRMSDK.DLL
2012-01-10 19:38 - 2012-01-10 19:38 - 00050048 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\TrayIcon.dll
2012-01-10 19:35 - 2012-01-10 19:35 - 00189824 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\CDC.DLL
2012-01-10 19:37 - 2012-01-10 19:37 - 01226112 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\dashboard.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 02252672 _____ () C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 01294208 _____ () C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 02557312 _____ () C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
2012-01-10 19:38 - 2012-01-10 19:38 - 00095104 _____ () C:\Program Files\Nokia\Nokia Suite\qjson.dll
2012-01-10 19:38 - 2012-01-10 19:38 - 00165248 _____ () C:\Program Files\Nokia\Nokia Suite\QxtWeb.dll
2012-01-10 19:38 - 2012-01-10 19:38 - 00384896 _____ () C:\Program Files\Nokia\Nokia Suite\QxtCore.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 10843520 _____ () C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
2012-01-10 19:38 - 2012-01-10 19:38 - 00272768 _____ () C:\Program Files\Nokia\Nokia Suite\phonon4.dll
2012-01-10 19:35 - 2012-01-10 19:35 - 01352576 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\DAL\Pccs.dll
2012-01-04 14:31 - 2012-01-04 14:31 - 00661544 _____ (Nokia.) C:\Program Files\PC Connectivity Solution\ConnAPI.dll
2012-01-04 14:31 - 2012-01-04 14:31 - 00205352 _____ (Nokia) C:\Program Files\PC Connectivity Solution\ConfServer.dll
2012-01-04 14:32 - 2012-01-04 14:32 - 00265256 _____ (Nokia) C:\Program Files\PC Connectivity Solution\PCCS_ABAPI.dll
2012-01-04 14:31 - 2012-01-04 14:31 - 01485352 _____ (Nokia) C:\Program Files\PC Connectivity Solution\DAAPI.dll
2012-01-10 19:35 - 2012-01-10 19:35 - 00357760 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\DAL\NossuService.dll
2012-01-10 19:38 - 2012-01-10 19:38 - 01127808 _____ (Nokia Corporation) C:\Program Files\Nokia\Nokia Suite\nossu2fn.dll
2012-01-10 19:35 - 2012-01-10 19:35 - 00506240 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\DAL\NokiaService.dll
2012-01-10 19:38 - 2012-01-10 19:38 - 00423808 _____ () C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
2012-01-10 19:38 - 2012-01-10 19:38 - 00058240 _____ () C:\Program Files\Nokia\Nokia Suite\securestorage.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 00388480 _____ () C:\Program Files\Nokia\Nokia Suite\OviShareLib.dll
2012-01-10 19:35 - 2012-01-10 19:35 - 00405376 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\DAL\MapsService.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 01037696 _____ () C:\Program Files\Nokia\Nokia Suite\Maps Service API.dll
2012-01-10 19:35 - 2012-01-10 19:35 - 00654208 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\DAL\Sync.dll
2011-12-21 12:11 - 2011-12-21 12:11 - 00325120 _____ (Nokia Corporation.) C:\Program Files\Nokia\Nokia Suite\syncRuntimeAPI.dll
2011-12-21 12:10 - 2011-12-21 12:10 - 00942080 _____ (Nokia Corporation.) C:\Program Files\Nokia\Nokia Suite\ilsyncEx.dll
2011-12-21 12:09 - 2011-12-21 12:09 - 00056832 _____ (Nokia Corporation.) C:\Program Files\Nokia\Nokia Suite\Attendees.dll
2011-12-21 12:09 - 2011-12-21 12:09 - 01061888 _____ (Nokia Corporation.) C:\Program Files\Nokia\Nokia Suite\recipients.dll
2011-12-21 12:09 - 2011-12-21 12:09 - 00069120 _____ (Nokia Corporation.) C:\Program Files\Nokia\Nokia Suite\PTATTACH.dll
2011-12-21 12:10 - 2011-12-21 12:10 - 00599040 _____ (Nokia Corporation.) C:\Program Files\Nokia\Nokia Suite\iltif32.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 02914176 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\MDataStore.dll
2012-01-10 19:38 - 2012-01-10 19:38 - 00253312 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\UI-QML_Library.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 00437632 _____ () C:\Program Files\Nokia\Nokia Suite\NService.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 00459136 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\MEvent.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 00850304 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\MItems.dll
2012-01-05 16:58 - 2012-01-05 16:58 - 01145344 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Program Files\Nokia\Nokia Suite\libeay32.DLL
2012-01-10 19:37 - 2012-01-10 19:37 - 00380288 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\carousel.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 01371008 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\contacts.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 00196480 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\BringYourStuff.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 01962880 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\Photos.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 01531776 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\Messages.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00422272 _____ () C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 04954496 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\Music.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00517504 _____ () C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00682880 _____ () C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 00993152 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\maps.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 02190208 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\SoftwareUpdater.dll
2012-01-10 19:35 - 2012-01-10 19:35 - 00758656 _____ () C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 00214400 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\ApplicationInstaller.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 00702336 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\BackUp.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 00924544 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\caresuite.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 00865152 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\ConnectToInternet.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 00294272 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\customerfeedback.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 00589696 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\FirstTimeUse.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00627584 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\NokiaAccount.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 00141184 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\nps.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00510848 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\PIM.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00208256 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\Settings.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00066944 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\plugins\WhatsNew.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 01131904 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\MThumbnailService.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 02141056 _____ (Nokia) C:\Program Files\Nokia\Nokia Suite\MItemPlugins.dll
2012-01-05 17:00 - 2012-01-05 17:00 - 00112640 _____ () C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll
2010-08-25 20:28 - 2010-08-25 20:28 - 00571904 _____ (Intel Corporation) C:\Windows\system32\igdumdx32.dll
2010-08-25 20:31 - 2010-08-25 20:31 - 04967424 _____ (Intel Corporation) C:\Windows\system32\igdumd32.dll
2011-07-21 10:01 - 2011-07-21 10:01 - 03443608 _____ (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\1031\ONINTL.DLL
2013-08-31 10:33 - 2013-08-31 10:33 - 03551640 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2011-05-25 21:19 - 2010-11-20 14:21 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\IEUI.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-05-30 20:23 - 2013-05-30 20:23 - 00629248 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-08-29 08:35 - 2013-08-29 08:35 - 00145920 _____ (Lyrics Seeker) C:\Program Files\LyricsSeeker\131.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-08-20 22:06 - 2013-08-20 22:06 - 16230792 ____R (Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\Flash32_11_8_800_94.ocx
2010-02-28 02:13 - 2010-02-28 02:13 - 00049024 _____ (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
2009-07-14 01:27 - 2009-07-14 03:16 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\uiautomationcore.dll
2011-05-25 21:19 - 2010-11-20 14:21 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\T2EMBED.DLL
2009-07-14 01:25 - 2009-07-14 03:09 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\oleaccrc.dll
2013-08-20 22:06 - 2013-08-20 22:06 - 00479112 _____ (Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.dll

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\Users\BK Laptop\Desktop\piko 8.3.url:favicon
AlternateDataStreams: C:\Users\BK Laptop\Documents\Herrenabend.eml:OECustomProperty
AlternateDataStreams: C:\Users\BK Laptop\Documents\Thumbs.db:encryptable

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/01/2013 09:22:53 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db96c5
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000c385b
ID des fehlerhaften Prozesses: 0x1250
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (09/01/2013 09:22:48 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db96c5
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000c385b
ID des fehlerhaften Prozesses: 0xe48
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (09/01/2013 09:22:43 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db96c5
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000c385b
ID des fehlerhaften Prozesses: 0x1788
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (09/01/2013 09:22:33 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db96c5
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000c385b
ID des fehlerhaften Prozesses: 0x180
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (09/01/2013 09:22:28 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db96c5
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000c385b
ID des fehlerhaften Prozesses: 0x11f8
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (09/01/2013 09:22:23 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db96c5
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000c385b
ID des fehlerhaften Prozesses: 0x15b4
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (09/01/2013 09:22:13 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db96c5
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000c385b
ID des fehlerhaften Prozesses: 0x14ac
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (09/01/2013 09:22:07 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db96c5
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000c385b
ID des fehlerhaften Prozesses: 0xb90
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (09/01/2013 09:22:04 AM) (Source: ESENT) (User: )
Description: wlmail (6008) WindowsLiveMail0: Fehler -1032 (0xfffffbf8) beim Öffnen von Protokolldatei C:\Users\BK Laptop\AppData\Local\Microsoft\Windows Live Mail\edb.log.

Error: (09/01/2013 09:22:04 AM) (Source: ESENT) (User: )
Description: wlmail (6008) WindowsLiveMail0: Versuch, Datei "C:\Users\BK Laptop\AppData\Local\Microsoft\Windows Live Mail\edb.log" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.


System errors:
=============
Error: (09/01/2013 09:35:39 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde nicht richtig gestartet.

Error: (09/01/2013 09:30:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update WebConnect" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/01/2013 09:30:35 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "FABS - Helping agent for MAGIX media database" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (09/01/2013 09:30:35 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst FABS - Helping agent for MAGIX media database erreicht.

Error: (09/01/2013 09:25:13 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde nicht richtig gestartet.

Error: (09/01/2013 09:19:40 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update WebConnect" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/01/2013 09:19:38 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎31.‎08.‎2013 um 11:42:34 unerwartet heruntergefahren.

Error: (08/31/2013 11:03:28 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde nicht richtig gestartet.

Error: (08/31/2013 10:58:56 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update WebConnect" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (08/31/2013 10:58:30 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "FABS - Helping agent for MAGIX media database" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053


Microsoft Office Sessions:
=========================
Error: (09/01/2013 09:22:53 AM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d6727a7ntdll.dll6.1.7601.1820551db96c5c0000374000c385b125001cea6e411e2289bC:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll505ceb99-12d7-11e3-ac1a-00262df4aad5

Error: (09/01/2013 09:22:48 AM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d6727a7ntdll.dll6.1.7601.1820551db96c5c0000374000c385be4801cea6e40e8b9e18C:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll4d4e1983-12d7-11e3-ac1a-00262df4aad5

Error: (09/01/2013 09:22:43 AM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d6727a7ntdll.dll6.1.7601.1820551db96c5c0000374000c385b178801cea6e40a9771b6C:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll4a3e35f8-12d7-11e3-ac1a-00262df4aad5

Error: (09/01/2013 09:22:33 AM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d6727a7ntdll.dll6.1.7601.1820551db96c5c0000374000c385b18001cea6e4048f0389C:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll443bbb52-12d7-11e3-ac1a-00262df4aad5

Error: (09/01/2013 09:22:28 AM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d6727a7ntdll.dll6.1.7601.1820551db96c5c0000374000c385b11f801cea6e401e18cbfC:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll41317d2c-12d7-11e3-ac1a-00262df4aad5

Error: (09/01/2013 09:22:23 AM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d6727a7ntdll.dll6.1.7601.1820551db96c5c0000374000c385b15b401cea6e3fdc05c45C:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll3e2cbd5c-12d7-11e3-ac1a-00262df4aad5

Error: (09/01/2013 09:22:13 AM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d6727a7ntdll.dll6.1.7601.1820551db96c5c0000374000c385b14ac01cea6e3f9786958C:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll3822a178-12d7-11e3-ac1a-00262df4aad5

Error: (09/01/2013 09:22:07 AM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d6727a7ntdll.dll6.1.7601.1820551db96c5c0000374000c385bb9001cea6e3f6a0ada1C:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll3503a285-12d7-11e3-ac1a-00262df4aad5

Error: (09/01/2013 09:22:04 AM) (Source: ESENT)(User: )
Description: wlmail6008WindowsLiveMail0: C:\Users\BK Laptop\AppData\Local\Microsoft\Windows Live Mail\edb.log-1032 (0xfffffbf8)

Error: (09/01/2013 09:22:04 AM) (Source: ESENT)(User: )
Description: wlmail6008WindowsLiveMail0: C:\Users\BK Laptop\AppData\Local\Microsoft\Windows Live Mail\edb.log-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.


==================== Memory info ===========================

Percentage of memory in use: 48%
Total physical RAM: 3510.6 MB
Available physical RAM: 1793.98 MB
Total Pagefile: 7019.49 MB
Available Pagefile: 5096.65 MB
Total Virtual: 2047.88 MB
Available Virtual: 1883 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:424.66 GB) (Free:137.75 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:13.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 0F036060)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=425 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================

schrauber 01.09.2013 12:48
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

littleyellow 01.09.2013 13:56
Hi Schrauber,
hier ist das logfile von Combofix:

Code:
ComboFix 13-08-31.01 - BK Laptop 01.09.2013  14:33:48.1.4 - x86
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3511.1964 [GMT 2:00]
ausgeführt von:: c:\users\BK Laptop\Desktop\ComboFix.exe
AV: BullGuard Antivirus *Disabled/Outdated* {C3CCAC61-52F7-A056-1860-6406566E2578}
FW: BullGuard Firewall *Disabled* {FBF72D44-1898-A10E-333F-CD33A8BD6203}
SP: BullGuard Antispyware *Disabled/Outdated* {78AD4D85-74CD-AFD8-22D0-5F742DE96FC5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\prefs.js
c:\users\BK Laptop\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
c:\users\BK Laptop\AppData\Roaming\Microsoft\Windows\Recent\Übungsheft 3 für Merle.url
c:\users\BK Laptop\AppData\Roaming\Raes
c:\users\BK Laptop\AppData\Roaming\Raes\hewia.exe
c:\users\Public\AlexaNSISPlugin.5540.dll
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-08-01 bis 2013-09-01  ))))))))))))))))))))))))))))))
.
.
2013-09-01 12:48 . 2013-09-01 12:48        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-09-01 08:05 . 2013-09-01 08:05        --------        d-----w-        C:\FRST
2013-08-31 08:37 . 2013-08-31 08:41        --------        d-----w-        C:\AdwCleaner
2013-08-31 08:25 . 2013-08-31 08:25        --------        d-----w-        c:\users\BK Laptop\AppData\Local\Macromedia
2013-08-31 08:24 . 2013-08-31 08:24        --------        d-----w-        c:\users\BK Laptop\AppData\Roaming\MetaCrawler
2013-08-31 08:24 . 2013-08-31 08:24        --------        d-----w-        c:\users\BK Laptop\AppData\Local\Programs
2013-08-31 08:24 . 2013-08-31 08:24        --------        d-----w-        c:\program files\metaCrawler
2013-08-31 08:17 . 2013-08-31 08:17        --------        d-----w-        c:\users\BK Laptop\AppData\Local\Mozilla
2013-08-31 08:17 . 2013-09-01 07:18        --------        d-----w-        c:\program files\Mozilla Maintenance Service
2013-08-31 08:16 . 2013-08-31 08:16        --------        d-----w-        c:\program files\LyricsSeeker
2013-08-31 08:04 . 2012-07-25 10:03        17136        ----a-w-        c:\windows\system32\sasnative32.exe
2013-08-30 20:23 . 2013-08-30 20:23        60872        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{6C14BA3E-31BF-472B-B989-CE0425F7C013}\offreg.dll
2013-08-30 06:32 . 2013-08-06 07:28        7166848        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{6C14BA3E-31BF-472B-B989-CE0425F7C013}\mpengine.dll
2013-08-28 19:16 . 2013-08-29 07:19        --------        d-----w-        c:\users\BK Laptop\AppData\Roaming\Mobou
2013-08-28 19:16 . 2013-08-28 19:16        --------        d-----w-        c:\users\BK Laptop\AppData\Roaming\Eguqu
2013-08-27 05:13 . 2013-08-27 05:13        113088        ----a-w-        c:\windows\system32\BgGamingMonitor.dll
2013-08-27 05:13 . 2013-08-27 05:13        60256        ----a-w-        c:\windows\system32\BGLsp.dll
2013-08-27 05:10 . 2013-08-27 14:55        --------        d-----w-        c:\users\BK Laptop\AppData\Roaming\BullGuard
2013-08-27 05:10 . 2013-09-01 12:48        --------        d-----w-        c:\programdata\BullGuard
2013-08-27 05:10 . 2013-08-27 05:10        --------        d-----w-        c:\program files\Common Files\BullGuard Ltd
2013-08-27 05:10 . 2013-08-27 05:10        --------        d-----w-        c:\program files\BullGuard Ltd
2013-08-20 20:27 . 2013-08-20 20:27        17737608        ----a-w-        c:\windows\system32\FlashPlayerInstaller.exe
2013-08-14 20:35 . 2013-07-09 04:50        652800        ----a-w-        c:\windows\system32\rpcrt4.dll
2013-08-14 20:35 . 2013-07-09 05:03        3913664        ----a-w-        c:\windows\system32\ntoskrnl.exe
2013-08-14 20:35 . 2013-07-06 05:05        1293760        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2013-08-14 20:35 . 2013-07-09 05:03        3968960        ----a-w-        c:\windows\system32\ntkrnlpa.exe
2013-08-14 20:35 . 2013-07-09 04:53        1289096        ----a-w-        c:\windows\system32\ntdll.dll
2013-08-14 20:35 . 2013-07-09 04:52        175104        ----a-w-        c:\windows\system32\wintrust.dll
2013-08-14 20:35 . 2013-07-09 04:46        140288        ----a-w-        c:\windows\system32\cryptsvc.dll
2013-08-14 20:35 . 2013-07-09 04:46        1166848        ----a-w-        c:\windows\system32\crypt32.dll
2013-08-14 20:35 . 2013-07-09 04:46        103936        ----a-w-        c:\windows\system32\cryptnet.dll
2013-08-14 20:35 . 2013-07-25 08:57        1620992        ----a-w-        c:\windows\system32\WMVDECOD.DLL
2013-08-14 20:35 . 2013-07-19 01:41        2048        ----a-w-        c:\windows\system32\tzres.dll
2013-08-14 20:35 . 2013-06-15 03:38        31232        ----a-w-        c:\windows\system32\drivers\tssecsrv.sys
2013-08-09 06:18 . 2013-08-14 21:01        --------        d-----w-        c:\windows\system32\MRT
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-20 20:27 . 2012-04-17 17:38        692104        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2013-08-20 20:27 . 2011-06-22 17:34        71048        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-05 03:05 . 2013-07-10 17:57        2347520        ----a-w-        c:\windows\system32\win32k.sys
2013-06-04 04:53 . 2013-07-10 17:57        509440        ----a-w-        c:\windows\system32\qedit.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{6930d07b-da43-46d4-aa20-1f6f958d14fe}]
2013-08-29 06:35        145920        ----a-w-        c:\program files\LyricsSeeker\131.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-07 39408]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-01-10 1083264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2009-12-14 200704]
"LMgrVolOSD"="c:\program files\Launch Manager\OSD.exe" [2009-12-11 348960]
"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2010-01-13 413696]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-12-11 1594664]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-03-02 8522272]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RtHDVBg.exe" [2010-03-02 678432]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"BullGuardUpdate2"="c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe" [2013-08-27 1879392]
.
c:\users\BK Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-1-8 228448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]
@="Service"
.
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-02-28 161384]
R2 Update WebConnect;Update WebConnect;c:\program files\WebConnect\updateWebConnect.exe [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 GigasetGenericUSB;GigasetGenericUSB;c:\windows\system32\DRIVERS\GigasetGenericUSB.sys [2009-02-20 44032]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-31 171520]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S1 AFW;Agnitum Firewall Driver;c:\windows\system32\DRIVERS\afw.sys [2012-11-20 33888]
S1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [2013-03-18 64624]
S1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\DRIVERS\NSKernel.sys [2012-06-26 216136]
S1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\DRIVERS\NSNetmon.sys [2012-06-26 20040]
S2 AAV UpdateService;AAV UpdateService;c:\program files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [2008-10-24 128296]
S2 BsBackup;BullGuard backup service;c:\windows\System32\SvcHost.exe [2009-07-14 20992]
S2 BsBhvScan;BullGuard behavioural detection service;c:\program files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [2013-08-27 376736]
S2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe [2009-07-14 20992]
S2 BsFire;BullGuard firewall service;c:\windows\System32\SvcHost.exe [2009-07-14 20992]
S2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe [2009-07-14 20992]
S2 BsMain;BullGuard main service;c:\windows\System32\SvcHost.exe [2009-07-14 20992]
S2 BsScanner;BullGuard scanning service;c:\program files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [2013-08-27 212832]
S2 BsUpdate;BullGuard update service;c:\program files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2013-08-27 288096]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
S2 StarMoney 7.0 OnlineUpdate;StarMoney 7.0 OnlineUpdate;c:\program files\StarMoney 7.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [2011-11-08 554160]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-10 2320920]
S3 afwcore;afwcore;c:\windows\system32\DRIVERS\afwcore.sys [2012-11-20 337504]
S3 BdNet;BdNet;c:\windows\system32\drivers\BdNet.sys [2012-10-04 27760]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 132352]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-01-08 232448]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2009-12-22 65576]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-01-19 996896]
S3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [2009-10-22 118560]
S3 X10Hid;X10 Hid Device;c:\windows\System32\Drivers\x10hid.sys [2009-05-13 13720]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12        REG_MULTI_SZ          Pml Driver HPZ12 Net Driver HPZ12
HPService        REG_MULTI_SZ          HPSLPSVC
hpdevmgmt        REG_MULTI_SZ          hpqcxs08
BullGuard_Main        REG_MULTI_SZ          BsMain
BullGuard        REG_MULTI_SZ          BsFileScan BsFire
BullGuard_Proxy        REG_MULTI_SZ          BsMailProxy
BullGuard_Backup        REG_MULTI_SZ          BsBackup
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-28 16:34        1177552        ----a-w-        c:\program files\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-09-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 20:27]
.
2013-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-07 17:34]
.
2013-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-07 17:34]
.
2013-09-01 c:\windows\Tasks\Lyrics Seeker Update.job
- c:\program files\LyricsSeeker\Lupdate.exe [2013-08-29 06:35]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
TCP: DhcpNameServer = 192.168.1.1
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
FF - ProfilePath - c:\users\BK Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\m9hfxld3.default\
FF - prefs.js: keyword.URL -
FF - ExtSQL: 2013-08-27 07:10; antiphishing@bullguard; c:\program files\bullguard ltd\bullguard\Antiphishing\FF\antiphishing@bullguard
FF - ExtSQL: 2013-08-31 10:16; {0ce6ac61-48e9-426f-9268-6f1e8ece06da}; c:\program files\LyricsSeeker\131.xpi
FF - ExtSQL: 2013-08-31 10:24; {60364604-8b4c-42f4-a2ca-a76ca7b61b37}; c:\users\BK Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\m9hfxld3.default\extensions\{60364604-8b4c-42f4-a2ca-a76ca7b61b37}
FF - ExtSQL: 2013-08-31 10:24; ffxtlbr@metacrawler.com; c:\users\BK Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\m9hfxld3.default\extensions\ffxtlbr@metacrawler.com
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-orpa.exe - c:\users\BK Laptop\AppData\Roaming\Doon\orpa.exe
HKCU-Run-Akobyn - c:\users\BK Laptop\AppData\Roaming\Ovvai\akobyn.exe
HKCU-Run-Ipxo - c:\users\BK Laptop\AppData\Roaming\Udlef\ipxo.exe
HKCU-Run-Viytk - c:\users\BK Laptop\AppData\Roaming\Raes\hewia.exe
AddRemove-MyPC Backup - c:\program files\MyPC Backup\uninst.exe
AddRemove-PC Speed Maximizer_is1 - c:\program files\PC Speed Maximizer\unins000.exe
AddRemove-WebConnect - c:\program files\WebConnect\WebConnectuninstall.exe
AddRemove-DSite - c:\users\BKLAPT~1\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-09-01  14:51:47
ComboFix-quarantined-files.txt  2013-09-01 12:51
.
Vor Suchlauf: 16 Verzeichnis(se), 149.666.791.424 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 155.068.215.296 Bytes frei
.
- - End Of File - - 52DDFED9F1F27A72350011B8908557F7
8A1C59E4DFEF87510470928550466632

schrauber 01.09.2013 16:55
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

littleyellow 01.09.2013 20:44
Hallo Schrauber,
habe meine Hausaufgaben erledigt:-) hier sind die Files in der Reihenfolge wie gefordert
- mbam-log
- adw
- JRT
- FRT

Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.01.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16660
BK Laptop :: LAPTOP [Administrator]

Schutz: Aktiviert

01.09.2013 20:42:24
mbam-log-2013-09-01 (20-42-24).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 241056
Laufzeit: 20 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 9
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\WEBCONNECT (PUP.Optional.WebConnect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6930d07b-da43-46d4-aa20-1f6f958d14fe} (PUP.Optional.LyricsAd.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{6930d07b-da43-46d4-aa20-1f6f958d14fe} (PUP.Optional.LyricsAd.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{c2c5ddc8-f36c-409c-be88-82877cf2bd5e} (PUP.Optional.LyricsAd.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{8cc11d95-3a0f-4d4b-a84c-09aa441e369e} (PUP.Optional.LyricsAd.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6930D07B-DA43-46D4-AA20-1F6F958D14FE} (PUP.Optional.LyricsAd.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6930D07B-DA43-46D4-AA20-1F6F958D14FE} (PUP.Optional.LyricsAd.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 1
HKCU\Software\WebConnect|iid (PUP.Optional.WebConnect.A) -> Daten: def_WebConnect -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 6
C:\Users\BK Laptop\Downloads\ZipOpenerSetup(1).exe (PUP.Optional.InstallCore) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\BK Laptop\Downloads\ZipOpenerSetup(2).exe (PUP.Optional.InstallCore) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\BK Laptop\Downloads\ZipOpenerSetup(3).exe (PUP.Optional.InstallCore) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\BK Laptop\Downloads\ZipOpenerSetup(4).exe (PUP.Optional.InstallCore) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\BK Laptop\Downloads\ZipOpenerSetup.exe (PUP.Optional.InstallCore) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\LyricsSeeker\131.dll (PUP.Optional.LyricsAd.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Code:
# AdwCleaner v3.001 - Report created 01/09/2013 at 21:18:33
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : BK Laptop - LAPTOP
# Running from : C:\Users\BK Laptop\Downloads\adwcleaner(1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\qvo6.xml
File Deleted : C:\Program Files\Mozilla Firefox\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\AppDataLow\Software\lyrixeeker

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660


-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\BK Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\m9hfxld3.default\prefs.js ]

Line Deleted : user_pref("extensions.enabledAddons", "%7B60364604-8b4c-42f4-a2ca-a76ca7b61b37%7D:7.0,ffxtlbr%40metacrawler.com:1.6.0,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1");
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"fe_9.0@nokia.com\":{\"descriptor\":\"C:\\\\Program Files\\\\Nokia\\\\Nokia Suite\\\\Connectors\\\\Bookmarks Connect[...]
Line Deleted : user_pref("extensions.irmcrawler.firstrun", false);
Line Deleted : user_pref("extensions.metacrawler.cntry", "DE");
Line Deleted : user_pref("extensions.metacrawler.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,182856[...]
Line Deleted : user_pref("extensions.metacrawler.hdrMd5", "");
Line Deleted : user_pref("extensions.metacrawler.lastB", "chrome://branding/locale/browserconfig.properties");
Line Deleted : user_pref("extensions.metacrawler.lastVrsnTs", "");
Line Deleted : user_pref("extensions.metacrawler.sg", "{smplGrp}");

-\\ Google Chrome v29.0.1547.62

[ File : C:\Users\BK Laptop\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [41532 octets] - [31/08/2013 10:38:32]
AdwCleaner[R1].txt - [37128 octets] - [31/08/2013 10:40:07]
AdwCleaner[R2].txt - [2403 octets] - [01/09/2013 21:17:25]
AdwCleaner[S0].txt - [5042 octets] - [31/08/2013 10:39:20]
AdwCleaner[S1].txt - [34261 octets] - [31/08/2013 10:40:56]
AdwCleaner[S2].txt - [2348 octets] - [01/09/2013 21:18:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2408 octets] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.6 (08.30.2013:1)
OS: Windows 7 Home Premium x86
Ran by BK Laptop on 01.09.2013 at 21:26:05,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\pc speed maximizer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\taskhost_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\taskhost_RASMANCS



~~~ Files

Successfully deleted: [File] C:\Windows\System32\Tasks\Lyrics Seeker Update
Successfully deleted: [File] C:\Windows\Tasks\Lyrics Seeker Update.job



~~~ Folders

Successfully deleted: [Folder] "C:\Users\BK Laptop\AppData\Roaming\metacrawler"
Successfully deleted: [Folder] "C:\Program Files\metacrawler"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [File] C:\Users\BK Laptop\AppData\Roaming\mozilla\firefox\profiles\m9hfxld3.default\searchplugins\metacrawler.xml
Emptied folder: C:\Users\BK Laptop\AppData\Roaming\mozilla\firefox\profiles\m9hfxld3.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.09.2013 at 21:30:16,25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-09-2013
Ran by BK Laptop (administrator) on LAPTOP on 01-09-2013 21:33:55
Running from C:\Users\BK Laptop\Downloads
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WButton.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(X10) C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\BK Laptop\Downloads\FRST(1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotkeyApp] - C:\Program Files\Launch Manager\HotkeyApp.exe [200704 2009-12-14] (Wistron)
HKLM\...\Run: [LMgrVolOSD] - C:\Program Files\Launch Manager\OSD.exe [348960 2009-12-11] (Wistron Corp.)
HKLM\...\Run: [Wbutton] - C:\Program Files\Launch Manager\Wbutton.exe [413696 2010-01-13] (Wistron Corp.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2009-12-11] (Synaptics Incorporated)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8522272 2010-03-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [678432 2010-03-02] (Realtek Semiconductor)
HKLM\...\Run: [NeroFilterCheck] - C:\Windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ArcSoft Connection Service] - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [BullGuardUpdate2] - c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe [1879392 2013-08-27] (BullGuard Ltd.)
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-05-07] (Google Inc.)
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1083264 2012-01-10] (Nokia)
HKCU\...\Run: [Viytk] - "C:\Users\BK Laptop\AppData\Roaming\Raes\hewia.exe" [x]
HKCU\...\Policies\Explorer: [NoDrives] 0
HKU\Default\...\RunOnce: [MEDION] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [ 2009-10-23] ()
HKU\Default User\...\RunOnce: [MEDION] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [ 2009-10-23] ()
Startup: C:\Users\BK Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0D1DBC81-CB9B-489C-9839-5D506D242DC2} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
SearchScopes: HKCU - {1365AAEC-E4D4-4A26-B5E4-35FB20C00831} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p07_serp_ie_de_display?ie=UTF8&tagbase=bds-p07&tag=bds-p07-serp-de-ie-21&tbrId=v1_abb-channel-7_7115d577af5a4f38aa05ae901f0f0935_30_46_20130831_DE_ie_ds_&query={searchTerms}
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\BK Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\m9hfxld3.default
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/MycameraPlugin - C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
FF Extension: metacrawler.com - C:\Users\BK Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\m9hfxld3.default\Extensions\ffxtlbr@metacrawler.com
FF Extension: No Name - C:\Users\BK Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\m9hfxld3.default\Extensions\{60364604-8b4c-42f4-a2ca-a76ca7b61b37}
FF HKLM\...\Firefox\Extensions: [fe_9.0@nokia.com] C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
FF Extension: Firefox Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
FF HKLM\...\Thunderbird\Extensions: [te_9.0@nokia.com] C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF HKCU\...\Firefox\Extensions: [{0ce6ac61-48e9-426f-9268-6f1e8ece06da}] C:\Program Files\LyricsSeeker\131.xpi
FF Extension: No Name - C:\Program Files\LyricsSeeker\131.xpi

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup:                "urls_to_restore_on_startup": [
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.180.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U18) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NPCIG.dll) - C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\BK Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM\...\Chrome\Extension: [lgoiojnjnacbjngolldkokokgpcjbgjj] - C:\Program Files\LyricsSeeker\131.crx

========================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 BsBackup; C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll [560992 2013-08-27] (BullGuard Ltd.)
R2 BsBhvScan; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [376736 2013-08-27] (BullGuard Ltd.)
R2 BsFileScan; c:\program files\bullguard ltd\bullguard\BsFileScan.dll [307552 2013-08-27] (BullGuard Ltd.)
R2 BsFire; c:\program files\bullguard ltd\bullguard\BsFire.dll [478048 2013-08-27] (BullGuard Ltd.)
R2 BsMailProxy; c:\program files\bullguard ltd\bullguard\BsMailProxy\BsMailProxy.dll [495456 2013-08-27] (BullGuard Ltd.)
R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll [261472 2013-08-27] (BullGuard Ltd.)
R2 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [212832 2013-08-27] (BullGuard Ltd.)
R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [288096 2013-08-27] (BullGuard Ltd.)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2010-02-10] ()
S2 StarMoney 7.0 OnlineUpdate; C:\Program Files\StarMoney 7.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [554160 2011-11-08] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118560 2009-10-22] (Wistron Corp.)
R2 x10nets; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [20480 2009-11-07] (X10)
S2 Update WebConnect; "C:\Program Files\WebConnect\updateWebConnect.exe" [x]

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R1 AFW; C:\Windows\System32\DRIVERS\afw.sys [33888 2012-11-20] (Agnitum Ltd.)
R3 afwcore; C:\Windows\System32\DRIVERS\afwcore.sys [337504 2012-11-20] (Agnitum Ltd.)
R3 BdNet; C:\Windows\System32\drivers\BdNet.sys [27760 2012-10-04] (BullGuard Ltd.)
R1 BdSpy; C:\Windows\System32\drivers\BdSpy.sys [64624 2013-03-18] (BullGuard Ltd.)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
S3 GigasetGenericUSB; C:\Windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [786400 2009-08-13] (DiBcom SA)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [343456 2013-01-25] (BitDefender S.R.L.)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13720 2009-05-13] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2009-05-13] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\BKLAPT~1\AppData\Local\Temp\catchme.sys [x]
S3 cpuz132; \??\C:\Users\BKLAPT~1\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-01 21:30 - 2013-09-01 21:30 - 00001851 _____ C:\Users\BK Laptop\Desktop\JRT.txt
2013-09-01 21:26 - 2013-09-01 21:26 - 00000000 ____D C:\Windows\ERUNT
2013-09-01 21:25 - 2013-09-01 21:25 - 01027511 _____ (Thisisu) C:\Users\BK Laptop\Downloads\JRT.exe
2013-09-01 21:23 - 2013-09-01 21:23 - 00002488 _____ C:\Users\BK Laptop\Desktop\AdwCleaner[S2].txt
2013-09-01 21:22 - 2013-09-01 21:22 - 00000512 _____ C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2013-09-01 21:16 - 2013-09-01 21:16 - 00994642 _____ C:\Users\BK Laptop\Downloads\adwcleaner(1).exe
2013-09-01 20:38 - 2013-09-01 20:38 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Malwarebytes
2013-09-01 20:37 - 2013-09-01 20:37 - 00001075 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-01 20:37 - 2013-09-01 20:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-01 20:37 - 2013-09-01 20:37 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-01 20:37 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-01 20:34 - 2013-09-01 20:35 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\BK Laptop\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-01 14:51 - 2013-09-01 14:51 - 00015270 _____ C:\ComboFix.txt
2013-09-01 14:31 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-01 14:31 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-01 14:31 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-01 14:31 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-01 14:31 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-01 14:31 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-01 14:31 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-01 14:31 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-01 14:30 - 2013-09-01 14:51 - 00000000 ____D C:\Qoobox
2013-09-01 14:30 - 2013-09-01 14:50 - 00000000 ____D C:\Windows\erdnt
2013-09-01 14:29 - 2013-09-01 14:29 - 05115930 ____R (Swearware) C:\Users\BK Laptop\Desktop\ComboFix.exe
2013-09-01 10:07 - 2013-09-01 10:08 - 00049569 _____ C:\Users\BK Laptop\Downloads\Addition.txt
2013-09-01 10:05 - 2013-09-01 10:05 - 00000000 ____D C:\FRST
2013-09-01 10:04 - 2013-09-01 10:04 - 01085571 _____ (Farbar) C:\Users\BK Laptop\Downloads\FRST.exe
2013-09-01 10:01 - 2013-09-01 10:01 - 00015353 _____ C:\Users\BK Laptop\Downloads\un2jjcsH.htm
2013-08-31 10:45 - 2013-08-31 10:47 - 00034261 _____ C:\Users\BK Laptop\Desktop\AdwCleaner[S1].txt
2013-08-31 10:37 - 2013-09-01 21:18 - 00000000 ____D C:\AdwCleaner
2013-08-31 10:36 - 2013-08-31 10:37 - 00994642 _____ C:\Users\BK Laptop\Downloads\adwcleaner.exe
2013-08-31 10:33 - 2013-09-01 21:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-31 10:25 - 2013-08-31 10:25 - 00000000 ____D C:\Users\BKLAPT~1\AppData\Local\Macromedia
2013-08-31 10:17 - 2013-09-01 09:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-31 10:17 - 2013-08-31 10:40 - 00001015 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-31 10:17 - 2013-08-31 10:17 - 00001083 _____ C:\Users\BK Laptop\Desktop\PC Speed Maximizer.lnk
2013-08-31 10:17 - 2013-08-31 10:17 - 00000000 ____D C:\Users\BKLAPT~1\AppData\Local\Mozilla
2013-08-31 10:17 - 2013-08-31 10:17 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Mozilla
2013-08-31 10:17 - 2013-08-31 10:17 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-31 10:16 - 2013-09-01 21:20 - 00000372 _____ C:\Windows\Tasks\Lyrics Seeker Update.job
2013-08-31 10:16 - 2013-09-01 21:04 - 00000000 ____D C:\Program Files\LyricsSeeker
2013-08-31 10:15 - 2013-08-31 10:15 - 00620688 _____ C:\Users\BK Laptop\Downloads\Firefox_Setup.exe
2013-08-31 10:04 - 2012-07-25 12:03 - 00017136 _____ C:\Windows\system32\sasnative32.exe
2013-08-31 10:03 - 2013-08-31 10:16 - 22404568 _____ (Mozilla) C:\Users\BK Laptop\Downloads\Firefox_Setup [1].exe
2013-08-31 10:01 - 2013-08-31 10:01 - 00001624 _____ C:\Users\Public\Desktop\iMesh.lnk
2013-08-28 21:16 - 2013-08-29 09:19 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Mobou
2013-08-28 21:16 - 2013-08-28 21:16 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Eguqu
2013-08-27 07:14 - 2013-08-27 07:14 - 00000164 _____ C:\Users\BK Laptop\Desktop\BullGuard Online-Laufwerk.lnk
2013-08-27 07:13 - 2013-08-27 07:13 - 00113088 _____ (BullGuard Ltd.) C:\Windows\system32\BgGamingMonitor.dll
2013-08-27 07:13 - 2013-08-27 07:13 - 00060256 _____ (BullGuard Ltd.) C:\Windows\system32\BGLsp.dll
2013-08-27 07:10 - 2013-09-01 21:33 - 00000000 ____D C:\ProgramData\BullGuard
2013-08-27 07:10 - 2013-08-27 16:55 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\BullGuard
2013-08-27 07:10 - 2013-08-27 07:10 - 00001151 _____ C:\Users\Public\Desktop\BullGuard.lnk
2013-08-27 07:10 - 2013-08-27 07:10 - 00000000 ____D C:\Program Files\Common Files\BullGuard Ltd
2013-08-27 07:10 - 2013-08-27 07:10 - 00000000 ____D C:\Program Files\BullGuard Ltd
2013-08-27 07:00 - 2013-08-27 07:00 - 13732352 _____ C:\Users\Public\Desktop\Install BullGuard Internet Security.exe
2013-08-27 06:55 - 2013-08-27 06:54 - 00139371 _____ C:\Users\BK Laptop\Desktop\Computer#20130827054412000000001.bglog
2013-08-20 22:27 - 2013-08-20 22:27 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2013-08-18 17:12 - 2013-08-18 17:12 - 00121879 ____H C:\Users\BK Laptop\Desktop\ZbThumbnail.info
2013-08-18 17:12 - 2013-08-18 17:12 - 00007645 ____H C:\Users\BK Laptop\Documents\ZbThumbnail.info
2013-08-14 22:49 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 22:49 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 22:49 - 2013-07-26 05:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 22:49 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 22:49 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 22:49 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 22:49 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 22:49 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 22:35 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 22:35 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 22:35 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-14 22:35 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 22:35 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 22:35 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 22:35 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 22:35 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 22:35 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 22:35 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 22:35 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 22:35 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-09 08:18 - 2013-08-14 23:01 - 00000000 ____D C:\Windows\system32\MRT
2013-08-03 16:59 - 2013-08-03 16:59 - 00002174 _____ C:\Users\Public\Desktop\Google Earth.lnk

==================== One Month Modified Files and Folders =======

2013-09-01 21:33 - 2013-09-01 21:33 - 01085571 _____ (Farbar) C:\Users\BK Laptop\Downloads\FRST(1).exe
2013-09-01 21:33 - 2013-08-27 07:10 - 00000000 ____D C:\ProgramData\BullGuard
2013-09-01 21:32 - 2009-07-14 06:34 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-01 21:32 - 2009-07-14 06:34 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-01 21:30 - 2013-09-01 21:30 - 00001851 _____ C:\Users\BK Laptop\Desktop\JRT.txt
2013-09-01 21:27 - 2012-04-17 19:38 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-01 21:26 - 2013-09-01 21:26 - 00000000 ____D C:\Windows\ERUNT
2013-09-01 21:25 - 2013-09-01 21:25 - 01027511 _____ (Thisisu) C:\Users\BK Laptop\Downloads\JRT.exe
2013-09-01 21:23 - 2013-09-01 21:23 - 00002488 _____ C:\Users\BK Laptop\Desktop\AdwCleaner[S2].txt
2013-09-01 21:22 - 2013-09-01 21:22 - 00000512 _____ C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2013-09-01 21:20 - 2013-08-31 10:16 - 00000372 _____ C:\Windows\Tasks\Lyrics Seeker Update.job
2013-09-01 21:20 - 2010-05-08 19:49 - 00000664 _____ C:\Windows\system32\config\afw_hm.conf
2013-09-01 21:20 - 2010-05-08 19:49 - 00000004 _____ C:\Windows\system32\config\afw_db.conf
2013-09-01 21:20 - 2010-05-07 19:34 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-01 21:20 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-01 21:20 - 2009-07-14 06:39 - 00122172 _____ C:\Windows\setupact.log
2013-09-01 21:18 - 2013-08-31 10:37 - 00000000 ____D C:\AdwCleaner
2013-09-01 21:18 - 2013-08-31 10:33 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-01 21:18 - 2010-05-03 20:46 - 01599016 _____ C:\Windows\WindowsUpdate.log
2013-09-01 21:16 - 2013-09-01 21:16 - 00994642 _____ C:\Users\BK Laptop\Downloads\adwcleaner(1).exe
2013-09-01 21:10 - 2010-05-04 22:13 - 00000000 ____D C:\Windows\Msagent
2013-09-01 21:10 - 2010-03-02 08:06 - 00080304 _____ C:\Windows\PFRO.log
2013-09-01 21:04 - 2013-08-31 10:16 - 00000000 ____D C:\Program Files\LyricsSeeker
2013-09-01 20:47 - 2010-05-07 19:34 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-01 20:38 - 2013-09-01 20:38 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Malwarebytes
2013-09-01 20:37 - 2013-09-01 20:37 - 00001075 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-01 20:37 - 2013-09-01 20:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-01 20:37 - 2013-09-01 20:37 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-01 20:35 - 2013-09-01 20:34 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\BK Laptop\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-01 20:29 - 2010-03-02 07:02 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-01 14:51 - 2013-09-01 14:51 - 00015270 _____ C:\ComboFix.txt
2013-09-01 14:51 - 2013-09-01 14:30 - 00000000 ____D C:\Qoobox
2013-09-01 14:51 - 2010-05-20 21:17 - 00000000 ____D C:\Users\Administrator
2013-09-01 14:51 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default
2013-09-01 14:51 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2013-09-01 14:50 - 2013-09-01 14:30 - 00000000 ____D C:\Windows\erdnt
2013-09-01 14:48 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2013-09-01 14:29 - 2013-09-01 14:29 - 05115930 ____R (Swearware) C:\Users\BK Laptop\Desktop\ComboFix.exe
2013-09-01 10:08 - 2013-09-01 10:07 - 00049569 _____ C:\Users\BK Laptop\Downloads\Addition.txt
2013-09-01 10:05 - 2013-09-01 10:05 - 00000000 ____D C:\FRST
2013-09-01 10:04 - 2013-09-01 10:04 - 01085571 _____ (Farbar) C:\Users\BK Laptop\Downloads\FRST.exe
2013-09-01 10:01 - 2013-09-01 10:01 - 00015353 _____ C:\Users\BK Laptop\Downloads\un2jjcsH.htm
2013-09-01 09:20 - 2010-05-06 23:11 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Udlef
2013-09-01 09:18 - 2013-08-31 10:17 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-31 10:47 - 2013-08-31 10:45 - 00034261 _____ C:\Users\BK Laptop\Desktop\AdwCleaner[S1].txt
2013-08-31 10:46 - 2012-01-30 17:11 - 00000000 ____D C:\ProgramData\PC Suite
2013-08-31 10:40 - 2013-08-31 10:17 - 00001015 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-31 10:40 - 2010-07-15 20:26 - 00001252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-31 10:40 - 2010-05-03 20:47 - 00001164 _____ C:\Users\BK Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-31 10:37 - 2013-08-31 10:36 - 00994642 _____ C:\Users\BK Laptop\Downloads\adwcleaner.exe
2013-08-31 10:25 - 2013-08-31 10:25 - 00000000 ____D C:\Users\BKLAPT~1\AppData\Local\Macromedia
2013-08-31 10:17 - 2013-08-31 10:17 - 00001083 _____ C:\Users\BK Laptop\Desktop\PC Speed Maximizer.lnk
2013-08-31 10:17 - 2013-08-31 10:17 - 00000000 ____D C:\Users\BKLAPT~1\AppData\Local\Mozilla
2013-08-31 10:17 - 2013-08-31 10:17 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Mozilla
2013-08-31 10:17 - 2013-08-31 10:17 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-31 10:16 - 2013-08-31 10:03 - 22404568 _____ (Mozilla) C:\Users\BK Laptop\Downloads\Firefox_Setup [1].exe
2013-08-31 10:16 - 2010-10-09 21:36 - 00000000 ____D C:\Program Files\Amazon
2013-08-31 10:15 - 2013-08-31 10:15 - 00620688 _____ C:\Users\BK Laptop\Downloads\Firefox_Setup.exe
2013-08-31 10:01 - 2013-08-31 10:01 - 00001624 _____ C:\Users\Public\Desktop\iMesh.lnk
2013-08-29 09:19 - 2013-08-28 21:16 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Mobou
2013-08-28 21:16 - 2013-08-28 21:16 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Eguqu
2013-08-27 16:55 - 2013-08-27 07:10 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\BullGuard
2013-08-27 16:21 - 2010-05-05 03:06 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Ovvai
2013-08-27 07:14 - 2013-08-27 07:14 - 00000164 _____ C:\Users\BK Laptop\Desktop\BullGuard Online-Laufwerk.lnk
2013-08-27 07:13 - 2013-08-27 07:13 - 00113088 _____ (BullGuard Ltd.) C:\Windows\system32\BgGamingMonitor.dll
2013-08-27 07:13 - 2013-08-27 07:13 - 00060256 _____ (BullGuard Ltd.) C:\Windows\system32\BGLsp.dll
2013-08-27 07:10 - 2013-08-27 07:10 - 00001151 _____ C:\Users\Public\Desktop\BullGuard.lnk
2013-08-27 07:10 - 2013-08-27 07:10 - 00000000 ____D C:\Program Files\Common Files\BullGuard Ltd
2013-08-27 07:10 - 2013-08-27 07:10 - 00000000 ____D C:\Program Files\BullGuard Ltd
2013-08-27 07:00 - 2013-08-27 07:00 - 13732352 _____ C:\Users\Public\Desktop\Install BullGuard Internet Security.exe
2013-08-27 06:54 - 2013-08-27 06:55 - 00139371 _____ C:\Users\BK Laptop\Desktop\Computer#20130827054412000000001.bglog
2013-08-20 22:27 - 2013-08-20 22:27 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2013-08-20 22:27 - 2012-04-17 19:38 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-20 22:27 - 2011-06-22 19:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-18 17:16 - 2011-11-24 20:39 - 00000000 ____D C:\Users\BK Laptop\Desktop\Kalender 2012
2013-08-18 17:16 - 2010-05-06 20:29 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\ZoomBrowser EX
2013-08-18 17:12 - 2013-08-18 17:12 - 00121879 ____H C:\Users\BK Laptop\Desktop\ZbThumbnail.info
2013-08-18 17:12 - 2013-08-18 17:12 - 00007645 ____H C:\Users\BK Laptop\Documents\ZbThumbnail.info
2013-08-18 17:12 - 2013-07-02 22:13 - 00000000 ____D C:\Users\BK Laptop\Desktop\Nexus
2013-08-18 17:12 - 2013-06-02 17:34 - 00000000 ____D C:\Users\BK Laptop\Desktop\Bilderablage
2013-08-18 17:12 - 2013-02-10 23:02 - 00000000 ____D C:\Users\BK Laptop\Desktop\Redeker
2013-08-18 17:12 - 2012-12-08 13:34 - 00000000 ____D C:\Users\BK Laptop\Desktop\Kalender 2013
2013-08-18 17:12 - 2012-09-08 20:11 - 00000000 ____D C:\Users\BK Laptop\Desktop\Einschulung
2013-08-18 17:12 - 2012-08-06 14:19 - 00000000 ____D C:\Users\BK Laptop\Desktop\Matthias
2013-08-18 17:12 - 2012-02-12 15:19 - 00006144 _____ C:\Users\BKLAPT~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-18 17:12 - 2011-10-09 12:04 - 00000000 ____D C:\Users\BK Laptop\Desktop\Fotos
2013-08-18 17:11 - 2010-05-20 21:41 - 00000000 ____D C:\_Merle
2013-08-17 09:23 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-17 09:15 - 2010-05-04 17:49 - 00000000 ____D C:\_Irena Jens
2013-08-15 16:27 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-14 23:01 - 2013-08-09 08:18 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 22:53 - 2010-03-02 08:25 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-03 16:59 - 2013-08-03 16:59 - 00002174 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-08-03 16:59 - 2010-05-07 19:34 - 00000000 ____D C:\Program Files\Google

Files to move or delete:
====================
C:\Users\BKLAPT~1\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\Quarantine.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-04-24 14:50

==================== End Of Log ============================
--- --- ---

schrauber 02.09.2013 08:03

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

littleyellow 03.09.2013 04:56
Guten Morgen Schrauber,
Probleme mit den Anweisungen oder Scans gar nicht. Alles super Präzise beschrieben. Sehr gut!! Der Rechner läuft dabei stabil. Der Scan mit Eset hat 7h gedaeuert, ohne Komplikationen. Habe die Sparkassen Seite noch nicht weiter ausprobiert. Nicht bevor wir hier fertig sind, oder?
Bin die Woche über immer erst abends am Rechner (oder ganz früh bei langem ESET scan:-). Daher meine lange Antwortzeit. Bin dankbar für die Hilfe!
Hier die Files:
- ESET
- Security Check
- frisches FRST (nach FRST Update)
Danke Grüße littleyellow

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3cb0af0fdab2a1438bb9b60f38037df5
# engine=14986
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-03 12:18:54
# local_time=2013-09-03 02:18:54 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=4609 16776573 60 46 25724 37464376 0 0
# compatibility_mode=5893 16776573 100 94 273298 129798725 0 0
# scanned=657551
# found=14
# cleaned=0
# scan_time=25229
sh=C871F2F22BE62631F3C01F91378419D32AFFA8E8 ft=1 fh=1495b2591e0e47a0 vn="a variant of Win32/SpeedingUpMyPC application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\optimizer pro\OptimizerPro.exe.vir"
sh=4FAB3A74998DB9D6724EA1E66505244ABE0F18CF ft=1 fh=310ddac3797b6da7 vn="a variant of Win32/Adware.SpeedingUpMyPC.C application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\optimizer pro\OptProSmartScan.exe.vir"
sh=17587773B36FA3CD9E91B321E000CDE9E648FBB1 ft=1 fh=8b92853eb28b2ae0 vn="a variant of Win32/SpeedingUpMyPC application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\PC Speed Maximizer\PCSpeedMaximizer.exe.vir"
sh=009C9F4599EFAE0A6026489C95724B249BAD8C43 ft=1 fh=4285fbb026762dc2 vn="a variant of Win32/Adware.SpeedingUpMyPC.C application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\PC Speed Maximizer\SPMSmartScan.exe.vir"
sh=78D6DAEC210E7E6B79EFAA9B4E3ECF7490ADB5C6 ft=1 fh=6a0183d18c718ab8 vn="a variant of Win32/Injector.ALXK trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\BK Laptop\AppData\Roaming\Raes\hewia.exe.vir"
sh=2FC4E7EDCEC7CB52D3E3AFE65C3D6A82C8DBB441 ft=0 fh=0000000000000000 vn="HTML/Iframe.B.Gen virus" ac=I fn="C:\Users\BK Laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\96MH3K34\banners[1].htm"
sh=0D4096D1D1DD7F3847C4AB934A04918D0B5D6C39 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2013-2465.Q trojan" ac=I fn="C:\Users\BK Laptop\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\63e604a-7547512d"
sh=385701E378B2D8C92DE346E6A53AA96DBF67D1D4 ft=0 fh=0000000000000000 vn="Java/Exploit.Agent.PJX trojan" ac=I fn="C:\Users\BK Laptop\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\29cd4be9-65b32a27"
sh=75CC37CFEC0D52A151F5516AEB5B46983F027C0C ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\BK Laptop\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3e1d7bb2-3b7c1133"
sh=385701E378B2D8C92DE346E6A53AA96DBF67D1D4 ft=0 fh=0000000000000000 vn="Java/Exploit.Agent.PJX trojan" ac=I fn="C:\Users\BK Laptop\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\58b1c87b-3bc79f62"
sh=0284A90424FAD31387BB750D8355E896ED5AF32A ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="D:\LAPTOP\Backup Set 2013-07-16 214838\Backup Files 2013-08-25 194015\Backup files 1.zip"
sh=B531E7F023DC0559A856D5C5722C5C7E83ED3574 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="D:\LAPTOP\Backup Set 2013-07-16 214838\Backup Files 2013-09-01 202640\Backup files 1.zip"
sh=512B34E6AB67BA0FB63023AB8A2B4349B3FE5561 ft=0 fh=0000000000000000 vn="a variant of Win32/Injector.ALXK trojan" ac=I fn="D:\LAPTOP\Backup Set 2013-07-16 214838\Backup Files 2013-09-01 202640\Backup files 5.zip"
sh=A55D639EAFF7B983322B8F1BD5D406C974312045 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="D:\LAPTOP\Backup Set 2013-07-16 214838\Backup Files 2013-09-01 202640\Backup files 6.zip"
Code:
Results of screen317's Security Check version 0.99.72 
 Windows 7 Service Pack 1 x86 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
BullGuard Antivirus 
 Antivirus out of date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 Java(TM) 6 Update 18 
 Java version out of Date!
 Adobe Flash Player        11.8.800.94 
 Adobe Reader 10.1.7 Adobe Reader out of Date! 
 Mozilla Firefox (23.0.1)
 Google Chrome 29.0.1547.57 
 Google Chrome 29.0.1547.62 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-09-2013
Ran by BK Laptop (administrator) on LAPTOP on 03-09-2013 05:40:56
Running from C:\Users\BK Laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZP7209P
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WButton.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(X10) C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Contacts\wlcomm.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotkeyApp] - C:\Program Files\Launch Manager\HotkeyApp.exe [200704 2009-12-14] (Wistron)
HKLM\...\Run: [LMgrVolOSD] - C:\Program Files\Launch Manager\OSD.exe [348960 2009-12-11] (Wistron Corp.)
HKLM\...\Run: [Wbutton] - C:\Program Files\Launch Manager\Wbutton.exe [413696 2010-01-13] (Wistron Corp.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2009-12-11] (Synaptics Incorporated)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8522272 2010-03-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [678432 2010-03-02] (Realtek Semiconductor)
HKLM\...\Run: [NeroFilterCheck] - C:\Windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ArcSoft Connection Service] - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [BullGuardUpdate2] - c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe [1879392 2013-08-27] (BullGuard Ltd.)
HKLM\...\Run: [BullGuard] - c:\program files\bullguard ltd\bullguard\BullGuard.exe [852832 2013-08-27] (BullGuard Ltd.)
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-05-07] (Google Inc.)
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1083264 2012-01-10] (Nokia)
HKCU\...\Run: [Viytk] - "C:\Users\BK Laptop\AppData\Roaming\Raes\hewia.exe" [x]
HKCU\...\Policies\Explorer: [NoDrives] 0
HKU\Default\...\RunOnce: [MEDION] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [ 2009-10-23] ()
HKU\Default User\...\RunOnce: [MEDION] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [ 2009-10-23] ()
Startup: C:\Users\BK Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p07_serp_ie_de_display?ie=UTF8&tagbase=bds-p07&tag=bds-p07-serp-de-ie-21&tbrId=v1_abb-channel-7_7115d577af5a4f38aa05ae901f0f0935_30_46_20130831_DE_ie_ds_&query={searchTerms}
SearchScopes: HKCU - {0D1DBC81-CB9B-489C-9839-5D506D242DC2} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
SearchScopes: HKCU - {1365AAEC-E4D4-4A26-B5E4-35FB20C00831} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p07_serp_ie_de_display?ie=UTF8&tagbase=bds-p07&tag=bds-p07-serp-de-ie-21&tbrId=v1_abb-channel-7_7115d577af5a4f38aa05ae901f0f0935_30_46_20130831_DE_ie_ds_&query={searchTerms}
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\BK Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\m9hfxld3.default
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/MycameraPlugin - C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
FF Extension: metacrawler.com - C:\Users\BK Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\m9hfxld3.default\Extensions\ffxtlbr@metacrawler.com
FF Extension: No Name - C:\Users\BK Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\m9hfxld3.default\Extensions\{60364604-8b4c-42f4-a2ca-a76ca7b61b37}
FF HKLM\...\Firefox\Extensions: [fe_9.0@nokia.com] C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
FF Extension: Firefox Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
FF HKLM\...\Firefox\Extensions: [antiphishing@bullguard] c:\program files\bullguard ltd\bullguard\Antiphishing\FF\antiphishing@bullguard\
FF Extension: BullGuard Safe Browsing - c:\program files\bullguard ltd\bullguard\Antiphishing\FF\antiphishing@bullguard\
FF HKLM\...\Thunderbird\Extensions: [te_9.0@nokia.com] C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF HKCU\...\Firefox\Extensions: [{0ce6ac61-48e9-426f-9268-6f1e8ece06da}] C:\Program Files\LyricsSeeker\131.xpi
FF Extension: No Name - C:\Program Files\LyricsSeeker\131.xpi

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup:                "urls_to_restore_on_startup": [
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.180.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U18) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NPCIG.dll) - C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\BK Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM\...\Chrome\Extension: [lgoiojnjnacbjngolldkokokgpcjbgjj] - C:\Program Files\LyricsSeeker\131.crx

========================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 BsBackup; C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll [560992 2013-08-27] (BullGuard Ltd.)
R2 BsBhvScan; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [376736 2013-08-27] (BullGuard Ltd.)
R2 BsFileScan; c:\program files\bullguard ltd\bullguard\BsFileScan.dll [307552 2013-08-27] (BullGuard Ltd.)
R2 BsFire; c:\program files\bullguard ltd\bullguard\BsFire.dll [478048 2013-08-27] (BullGuard Ltd.)
R2 BsMailProxy; c:\program files\bullguard ltd\bullguard\BsMailProxy\BsMailProxy.dll [495456 2013-08-27] (BullGuard Ltd.)
R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll [261472 2013-08-27] (BullGuard Ltd.)
R2 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [212832 2013-08-27] (BullGuard Ltd.)
R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [288096 2013-08-27] (BullGuard Ltd.)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2010-02-10] ()
S2 StarMoney 7.0 OnlineUpdate; C:\Program Files\StarMoney 7.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [554160 2011-11-08] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118560 2009-10-22] (Wistron Corp.)
R2 x10nets; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [20480 2009-11-07] (X10)
S2 Update WebConnect; "C:\Program Files\WebConnect\updateWebConnect.exe" [x]

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R1 AFW; C:\Windows\System32\DRIVERS\afw.sys [33888 2012-11-20] (Agnitum Ltd.)
R3 afwcore; C:\Windows\System32\DRIVERS\afwcore.sys [337504 2012-11-20] (Agnitum Ltd.)
R3 BdNet; C:\Windows\System32\drivers\BdNet.sys [27760 2012-10-04] (BullGuard Ltd.)
R1 BdSpy; C:\Windows\System32\drivers\BdSpy.sys [64624 2013-03-18] (BullGuard Ltd.)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
S3 GigasetGenericUSB; C:\Windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [786400 2009-08-13] (DiBcom SA)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [343456 2013-01-25] (BitDefender S.R.L.)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13720 2009-05-13] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2009-05-13] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\BKLAPT~1\AppData\Local\Temp\catchme.sys [x]
S3 cpuz132; \??\C:\Users\BKLAPT~1\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-03 05:31 - 2013-09-03 05:31 - 00891115 _____ C:\Users\BK Laptop\Downloads\SecurityCheck.exe
2013-09-02 19:13 - 2013-09-02 19:13 - 02347384 _____ (ESET) C:\Users\BK Laptop\Downloads\esetsmartinstaller_enu.exe
2013-09-02 19:13 - 2013-09-02 19:13 - 00000000 ____D C:\Program Files\ESET
2013-09-02 19:01 - 2013-09-02 19:01 - 00000512 _____ C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2013-09-01 21:35 - 2013-09-01 21:35 - 00037632 _____ C:\Users\BK Laptop\Downloads\FRST.txt
2013-09-01 21:35 - 2013-09-01 21:35 - 00037632 _____ C:\Users\BK Laptop\Desktop\FRST.txt
2013-09-01 21:30 - 2013-09-01 21:30 - 00001851 _____ C:\Users\BK Laptop\Desktop\JRT.txt
2013-09-01 21:26 - 2013-09-01 21:26 - 00000000 ____D C:\Windows\ERUNT
2013-09-01 21:25 - 2013-09-01 21:25 - 01027511 _____ (Thisisu) C:\Users\BK Laptop\Downloads\JRT.exe
2013-09-01 21:23 - 2013-09-01 21:23 - 00002488 _____ C:\Users\BK Laptop\Desktop\AdwCleaner[S2].txt
2013-09-01 21:16 - 2013-09-01 21:16 - 00994642 _____ C:\Users\BK Laptop\Downloads\adwcleaner(1).exe
2013-09-01 20:38 - 2013-09-01 20:38 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Malwarebytes
2013-09-01 20:37 - 2013-09-01 20:37 - 00001075 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-01 20:37 - 2013-09-01 20:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-01 20:37 - 2013-09-01 20:37 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-01 20:37 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-01 20:34 - 2013-09-01 20:35 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\BK Laptop\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-01 14:51 - 2013-09-01 14:51 - 00015270 _____ C:\ComboFix.txt
2013-09-01 14:31 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-01 14:31 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-01 14:31 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-01 14:31 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-01 14:31 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-01 14:31 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-01 14:31 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-01 14:31 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-01 14:30 - 2013-09-01 14:51 - 00000000 ____D C:\Qoobox
2013-09-01 14:30 - 2013-09-01 14:50 - 00000000 ____D C:\Windows\erdnt
2013-09-01 14:29 - 2013-09-01 14:29 - 05115930 ____R (Swearware) C:\Users\BK Laptop\Desktop\ComboFix.exe
2013-09-01 10:07 - 2013-09-01 10:08 - 00049569 _____ C:\Users\BK Laptop\Downloads\Addition.txt
2013-09-01 10:05 - 2013-09-01 10:05 - 00000000 ____D C:\FRST
2013-09-01 10:04 - 2013-09-01 10:04 - 01085571 _____ (Farbar) C:\Users\BK Laptop\Downloads\FRST.exe
2013-09-01 10:01 - 2013-09-01 10:01 - 00015353 _____ C:\Users\BK Laptop\Downloads\un2jjcsH.htm
2013-08-31 10:45 - 2013-08-31 10:47 - 00034261 _____ C:\Users\BK Laptop\Desktop\AdwCleaner[S1].txt
2013-08-31 10:37 - 2013-09-01 21:18 - 00000000 ____D C:\AdwCleaner
2013-08-31 10:36 - 2013-08-31 10:37 - 00994642 _____ C:\Users\BK Laptop\Downloads\adwcleaner.exe
2013-08-31 10:33 - 2013-09-01 21:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-31 10:25 - 2013-08-31 10:25 - 00000000 ____D C:\Users\BKLAPT~1\AppData\Local\Macromedia
2013-08-31 10:17 - 2013-09-01 09:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-31 10:17 - 2013-08-31 10:40 - 00001015 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-31 10:17 - 2013-08-31 10:17 - 00001083 _____ C:\Users\BK Laptop\Desktop\PC Speed Maximizer.lnk
2013-08-31 10:17 - 2013-08-31 10:17 - 00000000 ____D C:\Users\BKLAPT~1\AppData\Local\Mozilla
2013-08-31 10:17 - 2013-08-31 10:17 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Mozilla
2013-08-31 10:17 - 2013-08-31 10:17 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-31 10:16 - 2013-09-02 18:59 - 00000372 _____ C:\Windows\Tasks\Lyrics Seeker Update.job
2013-08-31 10:16 - 2013-09-01 21:04 - 00000000 ____D C:\Program Files\LyricsSeeker
2013-08-31 10:15 - 2013-08-31 10:15 - 00620688 _____ C:\Users\BK Laptop\Downloads\Firefox_Setup.exe
2013-08-31 10:04 - 2012-07-25 12:03 - 00017136 _____ C:\Windows\system32\sasnative32.exe
2013-08-31 10:03 - 2013-08-31 10:16 - 22404568 _____ (Mozilla) C:\Users\BK Laptop\Downloads\Firefox_Setup [1].exe
2013-08-31 10:01 - 2013-08-31 10:01 - 00001624 _____ C:\Users\Public\Desktop\iMesh.lnk
2013-08-28 21:16 - 2013-08-29 09:19 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Mobou
2013-08-28 21:16 - 2013-08-28 21:16 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Eguqu
2013-08-27 07:14 - 2013-08-27 07:14 - 00000164 _____ C:\Users\BK Laptop\Desktop\BullGuard Online-Laufwerk.lnk
2013-08-27 07:13 - 2013-08-27 07:13 - 00113088 _____ (BullGuard Ltd.) C:\Windows\system32\BgGamingMonitor.dll
2013-08-27 07:13 - 2013-08-27 07:13 - 00060256 _____ (BullGuard Ltd.) C:\Windows\system32\BGLsp.dll
2013-08-27 07:10 - 2013-09-03 05:41 - 00000000 ____D C:\ProgramData\BullGuard
2013-08-27 07:10 - 2013-08-27 16:55 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\BullGuard
2013-08-27 07:10 - 2013-08-27 07:10 - 00001151 _____ C:\Users\Public\Desktop\BullGuard.lnk
2013-08-27 07:10 - 2013-08-27 07:10 - 00000000 ____D C:\Program Files\Common Files\BullGuard Ltd
2013-08-27 07:10 - 2013-08-27 07:10 - 00000000 ____D C:\Program Files\BullGuard Ltd
2013-08-27 07:00 - 2013-08-27 07:00 - 13732352 _____ C:\Users\Public\Desktop\Install BullGuard Internet Security.exe
2013-08-27 06:55 - 2013-08-27 06:54 - 00139371 _____ C:\Users\BK Laptop\Desktop\Computer#20130827054412000000001.bglog
2013-08-20 22:27 - 2013-08-20 22:27 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2013-08-18 17:12 - 2013-08-18 17:12 - 00121879 ____H C:\Users\BK Laptop\Desktop\ZbThumbnail.info
2013-08-18 17:12 - 2013-08-18 17:12 - 00007645 ____H C:\Users\BK Laptop\Documents\ZbThumbnail.info
2013-08-14 22:49 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 22:49 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 22:49 - 2013-07-26 05:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 22:49 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 22:49 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 22:49 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 22:49 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 22:49 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 22:49 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 22:35 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 22:35 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 22:35 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-14 22:35 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 22:35 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 22:35 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 22:35 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 22:35 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 22:35 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 22:35 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 22:35 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 22:35 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-09 08:18 - 2013-08-14 23:01 - 00000000 ____D C:\Windows\system32\MRT

==================== One Month Modified Files and Folders =======

2013-09-03 05:38 - 2013-09-03 05:38 - 00001103 _____ C:\Users\BK Laptop\Desktop\checkup.txt
2013-09-03 05:31 - 2013-09-03 05:31 - 00891115 _____ C:\Users\BK Laptop\Downloads\SecurityCheck.exe
2013-09-03 05:27 - 2012-04-17 19:38 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-03 04:50 - 2010-05-03 20:46 - 01666885 _____ C:\Windows\WindowsUpdate.log
2013-09-03 04:47 - 2010-05-07 19:34 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-02 22:13 - 2009-07-14 06:34 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-02 22:13 - 2009-07-14 06:34 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-02 21:47 - 2010-05-07 19:34 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-02 19:18 - 2010-03-02 07:02 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-02 19:13 - 2013-09-02 19:13 - 02347384 _____ (ESET) C:\Users\BK Laptop\Downloads\esetsmartinstaller_enu.exe
2013-09-02 19:13 - 2013-09-02 19:13 - 00000000 ____D C:\Program Files\ESET
2013-09-02 19:03 - 2010-05-08 19:49 - 00000620 _____ C:\Windows\system32\config\afw_hm.conf
2013-09-02 19:03 - 2010-05-08 19:49 - 00000004 _____ C:\Windows\system32\config\afw_db.conf
2013-09-02 19:01 - 2013-09-02 19:01 - 00000512 _____ C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2013-09-02 18:59 - 2013-08-31 10:16 - 00000372 _____ C:\Windows\Tasks\Lyrics Seeker Update.job
2013-09-02 18:59 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-02 18:59 - 2009-07-14 06:39 - 00122228 _____ C:\Windows\setupact.log
2013-09-01 21:35 - 2013-09-01 21:35 - 00037632 _____ C:\Users\BK Laptop\Downloads\FRST.txt
2013-09-01 21:35 - 2013-09-01 21:35 - 00037632 _____ C:\Users\BK Laptop\Desktop\FRST.txt
2013-09-01 21:30 - 2013-09-01 21:30 - 00001851 _____ C:\Users\BK Laptop\Desktop\JRT.txt
2013-09-01 21:26 - 2013-09-01 21:26 - 00000000 ____D C:\Windows\ERUNT
2013-09-01 21:25 - 2013-09-01 21:25 - 01027511 _____ (Thisisu) C:\Users\BK Laptop\Downloads\JRT.exe
2013-09-01 21:23 - 2013-09-01 21:23 - 00002488 _____ C:\Users\BK Laptop\Desktop\AdwCleaner[S2].txt
2013-09-01 21:18 - 2013-08-31 10:37 - 00000000 ____D C:\AdwCleaner
2013-09-01 21:18 - 2013-08-31 10:33 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-01 21:16 - 2013-09-01 21:16 - 00994642 _____ C:\Users\BK Laptop\Downloads\adwcleaner(1).exe
2013-09-01 21:10 - 2010-05-04 22:13 - 00000000 ____D C:\Windows\Msagent
2013-09-01 21:10 - 2010-03-02 08:06 - 00080304 _____ C:\Windows\PFRO.log
2013-09-01 21:04 - 2013-08-31 10:16 - 00000000 ____D C:\Program Files\LyricsSeeker
2013-09-01 20:38 - 2013-09-01 20:38 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Malwarebytes
2013-09-01 20:37 - 2013-09-01 20:37 - 00001075 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-01 20:37 - 2013-09-01 20:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-01 20:37 - 2013-09-01 20:37 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-01 20:35 - 2013-09-01 20:34 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\BK Laptop\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-01 14:51 - 2013-09-01 14:51 - 00015270 _____ C:\ComboFix.txt
2013-09-01 14:51 - 2013-09-01 14:30 - 00000000 ____D C:\Qoobox
2013-09-01 14:51 - 2010-05-20 21:17 - 00000000 ____D C:\Users\Administrator
2013-09-01 14:51 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default
2013-09-01 14:51 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2013-09-01 14:50 - 2013-09-01 14:30 - 00000000 ____D C:\Windows\erdnt
2013-09-01 14:48 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2013-09-01 14:29 - 2013-09-01 14:29 - 05115930 ____R (Swearware) C:\Users\BK Laptop\Desktop\ComboFix.exe
2013-09-01 10:08 - 2013-09-01 10:07 - 00049569 _____ C:\Users\BK Laptop\Downloads\Addition.txt
2013-09-01 10:05 - 2013-09-01 10:05 - 00000000 ____D C:\FRST
2013-09-01 10:04 - 2013-09-01 10:04 - 01085571 _____ (Farbar) C:\Users\BK Laptop\Downloads\FRST.exe
2013-09-01 10:01 - 2013-09-01 10:01 - 00015353 _____ C:\Users\BK Laptop\Downloads\un2jjcsH.htm
2013-09-01 09:20 - 2010-05-06 23:11 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Udlef
2013-09-01 09:18 - 2013-08-31 10:17 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-31 10:47 - 2013-08-31 10:45 - 00034261 _____ C:\Users\BK Laptop\Desktop\AdwCleaner[S1].txt
2013-08-31 10:46 - 2012-01-30 17:11 - 00000000 ____D C:\ProgramData\PC Suite
2013-08-31 10:40 - 2013-08-31 10:17 - 00001015 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-31 10:40 - 2010-07-15 20:26 - 00001252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-31 10:40 - 2010-05-03 20:47 - 00001164 _____ C:\Users\BK Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-31 10:37 - 2013-08-31 10:36 - 00994642 _____ C:\Users\BK Laptop\Downloads\adwcleaner.exe
2013-08-31 10:25 - 2013-08-31 10:25 - 00000000 ____D C:\Users\BKLAPT~1\AppData\Local\Macromedia
2013-08-31 10:17 - 2013-08-31 10:17 - 00001083 _____ C:\Users\BK Laptop\Desktop\PC Speed Maximizer.lnk
2013-08-31 10:17 - 2013-08-31 10:17 - 00000000 ____D C:\Users\BKLAPT~1\AppData\Local\Mozilla
2013-08-31 10:17 - 2013-08-31 10:17 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Mozilla
2013-08-31 10:17 - 2013-08-31 10:17 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-31 10:16 - 2013-08-31 10:03 - 22404568 _____ (Mozilla) C:\Users\BK Laptop\Downloads\Firefox_Setup [1].exe
2013-08-31 10:16 - 2010-10-09 21:36 - 00000000 ____D C:\Program Files\Amazon
2013-08-31 10:15 - 2013-08-31 10:15 - 00620688 _____ C:\Users\BK Laptop\Downloads\Firefox_Setup.exe
2013-08-31 10:01 - 2013-08-31 10:01 - 00001624 _____ C:\Users\Public\Desktop\iMesh.lnk
2013-08-29 09:19 - 2013-08-28 21:16 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Mobou
2013-08-28 21:16 - 2013-08-28 21:16 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Eguqu
2013-08-27 16:55 - 2013-08-27 07:10 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\BullGuard
2013-08-27 16:21 - 2010-05-05 03:06 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\Ovvai
2013-08-27 07:14 - 2013-08-27 07:14 - 00000164 _____ C:\Users\BK Laptop\Desktop\BullGuard Online-Laufwerk.lnk
2013-08-27 07:13 - 2013-08-27 07:13 - 00113088 _____ (BullGuard Ltd.) C:\Windows\system32\BgGamingMonitor.dll
2013-08-27 07:13 - 2013-08-27 07:13 - 00060256 _____ (BullGuard Ltd.) C:\Windows\system32\BGLsp.dll
2013-08-27 07:10 - 2013-08-27 07:10 - 00001151 _____ C:\Users\Public\Desktop\BullGuard.lnk
2013-08-27 07:10 - 2013-08-27 07:10 - 00000000 ____D C:\Program Files\Common Files\BullGuard Ltd
2013-08-27 07:10 - 2013-08-27 07:10 - 00000000 ____D C:\Program Files\BullGuard Ltd
2013-08-27 07:00 - 2013-08-27 07:00 - 13732352 _____ C:\Users\Public\Desktop\Install BullGuard Internet Security.exe
2013-08-27 06:54 - 2013-08-27 06:55 - 00139371 _____ C:\Users\BK Laptop\Desktop\Computer#20130827054412000000001.bglog
2013-08-20 22:27 - 2013-08-20 22:27 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2013-08-20 22:27 - 2012-04-17 19:38 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-20 22:27 - 2011-06-22 19:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-18 17:16 - 2011-11-24 20:39 - 00000000 ____D C:\Users\BK Laptop\Desktop\Kalender 2012
2013-08-18 17:16 - 2010-05-06 20:29 - 00000000 ____D C:\Users\BK Laptop\AppData\Roaming\ZoomBrowser EX
2013-08-18 17:12 - 2013-08-18 17:12 - 00121879 ____H C:\Users\BK Laptop\Desktop\ZbThumbnail.info
2013-08-18 17:12 - 2013-08-18 17:12 - 00007645 ____H C:\Users\BK Laptop\Documents\ZbThumbnail.info
2013-08-18 17:12 - 2013-07-02 22:13 - 00000000 ____D C:\Users\BK Laptop\Desktop\Nexus
2013-08-18 17:12 - 2013-06-02 17:34 - 00000000 ____D C:\Users\BK Laptop\Desktop\Bilderablage
2013-08-18 17:12 - 2013-02-10 23:02 - 00000000 ____D C:\Users\BK Laptop\Desktop\Redeker
2013-08-18 17:12 - 2012-12-08 13:34 - 00000000 ____D C:\Users\BK Laptop\Desktop\Kalender 2013
2013-08-18 17:12 - 2012-09-08 20:11 - 00000000 ____D C:\Users\BK Laptop\Desktop\Einschulung
2013-08-18 17:12 - 2012-08-06 14:19 - 00000000 ____D C:\Users\BK Laptop\Desktop\Matthias
2013-08-18 17:12 - 2012-02-12 15:19 - 00006144 _____ C:\Users\BKLAPT~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-18 17:12 - 2011-10-09 12:04 - 00000000 ____D C:\Users\BK Laptop\Desktop\Fotos
2013-08-18 17:11 - 2010-05-20 21:41 - 00000000 ____D C:\_Merle
2013-08-17 09:23 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-17 09:15 - 2010-05-04 17:49 - 00000000 ____D C:\_Irena Jens
2013-08-15 16:27 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-14 23:01 - 2013-08-09 08:18 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 22:53 - 2010-03-02 08:25 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Files to move or delete:
====================
C:\Users\BKLAPT~1\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\BKLAPT~1\AppData\Local\Temp\Quarantine.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\RarSFX0\SecurityCheck\Objlist.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\RarSFX0\SecurityCheck\runprocesses.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\RarSFX0\SecurityCheck\uninstalllist.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\cmdinfo.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\nircmdc.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\sed.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\swreg.exe
C:\Users\BKLAPT~1\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-04-24 14:50

==================== End Of Log ============================
--- --- ---

schrauber 03.09.2013 08:20
Java und Adobe updaten. die 4 letzten Funde in ESET, die Backups, bitte manuell löschen.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.


Passwörter und Zugänge ändern.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKCU\...\Run: [Viytk] - "C:\Users\BK Laptop\AppData\Roaming\Raes\hewia.exe" [x]
C:\Users\BK Laptop\AppData\Roaming\Raes
S2 Update WebConnect; "C:\Program Files\WebConnect\updateWebConnect.exe" [x]

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Rechner testen :)

littleyellow 03.09.2013 21:48
Hallo Schrauber,
ich bin beeindruckt!
1.) Sparkasse funktioniert wieder:-)
2.) Rechner läuft geschmeidiger, schneller, stabiler den je.
3.) freu mich, vielen dank => Spende folgt:-)

Wie kann ich mich in Zukunft vor solchen Pannen am besten Schützen? und was war das genau?

Hier das FRST Fixlog
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-09-2013 03
Ran by BK Laptop at 2013-09-03 22:26:54 Run:1
Running from C:\Users\BK Laptop\Downloads
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKCU\...\Run: [Viytk] - "C:\Users\BK Laptop\AppData\Roaming\Raes\hewia.exe" [x]
C:\Users\BK Laptop\AppData\Roaming\Raes
S2 Update WebConnect; "C:\Program Files\WebConnect\updateWebConnect.exe" [x]
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Viytk => Value deleted successfully.
"C:\Users\BK Laptop\AppData\Roaming\Raes" => File/Directory not found.
Update WebConnect => Service deleted successfully.

==== End of Fixlog ====

schrauber 04.09.2013 09:03
Malware und Adware.

Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

littleyellow 04.09.2013 20:46
Hallo Schrauber,
danke, danke, danke alles super!
Keine weiteren Fragen, weil alles gut beschrieben und funktioniert.
So hat die PC Reparatur am Ende sogar noch Spass gemacht und ich habe eine Menge gelernt:-)
Viele Grüße u. wie gesagt Spende folgt.
littleyellow

schrauber 05.09.2013 08:38
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:00 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131