| Durkadenz | 31.12.2013 12:48 |
Moin :)
So, beides durchlaufen lassen:
Zuerst der AdwCleaner Log:
AdwCleaner Logfile: Code:
# AdwCleaner v3.016 - Bericht erstellt am 31/12/2013 um 12:20:54
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Christian - SERENITY
# Gestartet von : C:\Users\Christian\Downloads\adwcleaner.exe
# Option : Loschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
[!] Ordner Geloscht : C:\ProgramData\BrowserProtect
Ordner Geloscht : C:\ProgramData\Premium
Ordner Geloscht : C:\ProgramData\Ticno
Ordner Geloscht : C:\Program Files (x86)\ICQ6Toolbar
Ordner Geloscht : C:\Program Files (x86)\Ticno
Ordner Geloscht : C:\Users\Christian\AppData\Local\PackageAware
Ordner Geloscht : C:\Users\CHRIST~1\AppData\Local\Temp\FoxTab
Ordner Geloscht : C:\Users\CHRIST~1\AppData\Local\Temp\multibar_un
Ordner Geloscht : C:\Users\CHRIST~1\AppData\Local\Temp\Smartbar
Ordner Geloscht : C:\Users\Christian\AppData\LocalLow\BabylonToolbar
Ordner Geloscht : C:\Users\Christian\AppData\Roaming\Babylon
Ordner Geloscht : C:\Users\Christian\AppData\Roaming\pdfforge
Ordner Geloscht : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\sn1cppd8.default\FoxTab
Ordner Geloscht : C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Datei Geloscht : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\sn1cppd8.default\invalidprefs.js
Datei Geloscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Datei Geloscht : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\sn1cppd8.default\searchplugins\babylon1.xml
Datei Geloscht : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\sn1cppd8.default\user.js
***** [ Verknupfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlussel Geloscht : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
Schlussel Geloscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Geloscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Wert Geloscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Schlussel Geloscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlussel Geloscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlussel Geloscht : HKLM\SOFTWARE\Classes\S
Schlussel Geloscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlussel Geloscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlussel Geloscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlussel Geloscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlussel Geloscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlussel Geloscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlussel Geloscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlussel Geloscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlussel Geloscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Schlussel Geloscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Schlussel Geloscht : HKCU\Software\5d0dd8bb23ebd14
Schlussel Geloscht : HKLM\SOFTWARE\5d0dd8bb23ebd14
Schlussel Geloscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_dev-c_RASAPI32
Schlussel Geloscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_dev-c_RASMANCS
Schlussel Geloscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_rocketdock_RASAPI32
Schlussel Geloscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_rocketdock_RASMANCS
Schlussel Geloscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlussel Geloscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlussel Geloscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlussel Geloscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlussel Geloscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlussel Geloscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlussel Geloscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlussel Geloscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlussel Geloscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlussel Geloscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlussel Geloscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlussel Geloscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlussel Geloscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Geloscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlussel Geloscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Wert Geloscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlussel Geloscht : HKCU\Software\1ClickDownload
Schlussel Geloscht : HKCU\Software\APN PIP
Schlussel Geloscht : HKCU\Software\BabylonToolbar
Schlussel Geloscht : HKCU\Software\DataMngr
[#] Schlussel Geloscht : HKCU\Software\DataMngr_Toolbar
Schlussel Geloscht : HKCU\Software\FLEXnet
Schlussel Geloscht : HKCU\Software\PIP
Schlussel Geloscht : HKCU\Software\Softonic
Schlussel Geloscht : HKCU\Software\Ticno Multibar
Schlussel Geloscht : HKCU\Software\YahooPartnerToolbar
Schlussel Geloscht : HKLM\Software\Babylon
Schlussel Geloscht : HKLM\Software\DataMngr
Schlussel Geloscht : HKLM\Software\ICQ\ICQToolbar
Schlussel Geloscht : HKLM\Software\PIP
Schlussel Geloscht : HKLM\Software\Ticno Multibar
Schlussel Geloscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
***** [ Browser ] *****
-\\ Internet Explorer v9.0.8112.16470
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\sn1cppd8.default\prefs.js ]
Zeile geloscht : user_pref("avg.install.userHPSettings", "hxxp://search.babylon.com/?affID=110184&tt=0113_3&babsrc=HP_ss&mntrId=663b62ae0000000000000026189bbce8");
Zeile geloscht : user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
Zeile geloscht : user_pref("extensions.BabylonToolbar.admin", false);
Zeile geloscht : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Zeile geloscht : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Zeile geloscht : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Zeile geloscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Zeile geloscht : user_pref("extensions.BabylonToolbar.excTlbr", false);
Zeile geloscht : user_pref("extensions.BabylonToolbar.id", "663b62ae0000000000000026189bbce8");
Zeile geloscht : user_pref("extensions.BabylonToolbar.instlDay", "15709");
Zeile geloscht : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Zeile geloscht : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Zeile geloscht : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Zeile geloscht : user_pref("extensions.BabylonToolbar.rvrt", "false");
Zeile geloscht : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Zeile geloscht : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=663b62ae0000000000000026189bbce8&q=");
Zeile geloscht : user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2");
Zeile geloscht : user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2");
Zeile geloscht : user_pref("extensions.BabylonToolbar_i.babExt", "");
Zeile geloscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110184&tt=0113_3");
Zeile geloscht : user_pref("extensions.BabylonToolbar_i.excTlbr", false);
Zeile geloscht : user_pref("extensions.BabylonToolbar_i.newTab", false);
Zeile geloscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Zeile geloscht : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Zeile geloscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.216:59:30");
-\\ Google Chrome v
[ Datei : C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Geloscht : homepage
Geloscht : icon_url
Geloscht : search_url
Geloscht : keyword
*************************
AdwCleaner[R0].txt - [11699 octets] - [31/12/2013 12:18:24]
AdwCleaner[R1].txt - [11696 octets] - [31/12/2013 12:20:24]
AdwCleaner[S0].txt - [494 octets] - [31/12/2013 12:19:25]
AdwCleaner[S1].txt - [9628 octets] - [31/12/2013 12:20:54]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [9688 octets] ##########
--- --- ---
Und hier der neue FRST LOG:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013 01
Ran by Christian (administrator) on SERENITY on 31-12-2013 12:42:36
Running from C:\Users\Christian\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(ArcSoft, Inc.) C:\Program Files (x86)\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Felix 'SniperBeamer' Geyer) C:\Program Files (x86)\Thunderbird-Tray\TBTray.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonTaskbar.exe
(TODO: <Company name>) C:\Program Files (x86)\VIA\VIAudioi\HDADeck\VIAJDS.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
(Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonUiAcc.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Monitor] - C:\Windows\PixArt\Pac207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWRISOVM.EXE] - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376 2011-11-15] (Power Software Ltd)
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] - C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini [334 2012-05-15] ()
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [VIAJDS] - C:\Program Files (x86)\VIA\VIAudioi\HDADeck\VIAJDS.exe [458752 2009-12-08] (TODO: <Company name>)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5123216 2012-06-08] (VIA)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [KeePass 2 PreLoad] - C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2010624 2013-07-20] (Dominik Reichl)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Christian\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-02-19] (Google Inc.)
HKCU\...\Run: [LightShot] - C:\Users\Christian\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
MountPoints2: G - G:\AutoRun.exe
MountPoints2: I - I:\AutoRun.exe
MountPoints2: N - N:\AutoRun.exe
MountPoints2: P - P:\AutoRun.exe
MountPoints2: {00c06d96-0ffd-11e3-9047-0026189bbce8} - G:\AutoRun.exe
MountPoints2: {00c06da7-0ffd-11e3-9047-0026189bbce8} - I:\AutoRun.exe
MountPoints2: {7b0b37b1-8044-11e2-b239-0026189bbce8} - G:\AutoRun.exe
MountPoints2: {7b0b37c1-8044-11e2-b239-0026189bbce8} - G:\AutoRun.exe
MountPoints2: {7b0b37d0-8044-11e2-b239-0026189bbce8} - I:\AutoRun.exe
MountPoints2: {b9af0a03-a139-11e2-bd8f-0026189bbce8} - P:\AutoRun.exe
MountPoints2: {b9af0a18-a139-11e2-bd8f-0026189bbce8} - P:\AutoRun.exe
MountPoints2: {b9af0a30-a139-11e2-bd8f-0026189bbce8} - I:\AutoRun.exe
MountPoints2: {c090c0e4-19ea-11e3-837e-0026189bbce8} - I:\AutoRun.exe
MountPoints2: {d87a3563-a1ff-11e2-8443-0026189bbce8} - P:\AutoRun.exe
MountPoints2: {d87a3580-a1ff-11e2-8443-0026189bbce8} - G:\AutoRun.exe
MountPoints2: {d87a359f-a1ff-11e2-8443-0026189bbce8} - G:\AutoRun.exe
MountPoints2: {d87a35b2-a1ff-11e2-8443-0026189bbce8} - P:\AutoRun.exe
MountPoints2: {d87a35c1-a1ff-11e2-8443-0026189bbce8} - P:\AutoRun.exe
MountPoints2: {d87a35d1-a1ff-11e2-8443-0026189bbce8} - P:\AutoRun.exe
MountPoints2: {f9481e39-77a8-11e2-854d-0026189bbce8} - I:\AutoRun.exe
MountPoints2: {f9481e5f-77a8-11e2-854d-0026189bbce8} - I:\AutoRun.exe
MountPoints2: {fe8e0010-72b2-11e2-bcb8-0026189bbce8} - P:\AutoRun.exe
MountPoints2: {fe8e0020-72b2-11e2-bcb8-0026189bbce8} - P:\AutoRun.exe
MountPoints2: {fe8e0054-72b2-11e2-bcb8-0026189bbce8} - G:\AutoRun.exe
MountPoints2: {fe8e0063-72b2-11e2-bcb8-0026189bbce8} - G:\AutoRun.exe
AppInit_DLLs-x32: c:\progra~3\browse~1\261040~1.25\{c16c1~1\browse~1.dll [ ] ()
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
SSODL-x32: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3F90FCAF7AE9CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {F61253DD-9A2B-4E20-BA6F-E85A70E25BA7} URL = hxxp://search.daum.net/cgi-bin/nsp/search.cgi?w=tot&nil_ch=MSKR&q={searchTerms}
SearchScopes: HKCU - ëç÷Þb—ÍZÛ²��Ì,¾¾wD>Aà[�mW[¯¼¡>Õ§ŒÑèßOf�”ÓI¶åD‹È@]Èj����i�m-�� s»™’ URL =
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\..\Interfaces\{317A8E88-9FE3-420B-962A-9E9437D84357}: [NameServer]139.7.30.125 139.7.30.126
Tcpip\..\Interfaces\{C14D50A9-426C-41F4-A4AC-2736913AD760}: [NameServer]139.7.30.125 139.7.30.126
FireFox:
========
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\sn1cppd8.default
FF Homepage: https://www.google.de/
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/DTPlugin,version=10.3.1 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.3.1 - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0-git-20120212-0402 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Christian\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Christian\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Super Start - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\sn1cppd8.default\Extensions\superstart@enjoyfreeware.org
FF Extension: EPUBReader - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\sn1cppd8.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
FF Extension: Ghostery - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\sn1cppd8.default\Extensions\firefox@ghostery.com.xpi
FF Extension: Stealthy - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\sn1cppd8.default\Extensions\stealthyextension@gmail.com.xpi
FF Extension: NoScript - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\sn1cppd8.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Spamavert.com - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\sn1cppd8.default\Extensions\{8e9008b4-ec7c-4c2a-828e-007d5d2dad22}.xpi
FF Extension: ImTranslator - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\sn1cppd8.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
FF Extension: Easy YouTube Video Downloader - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\sn1cppd8.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: Adblock Plus - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\sn1cppd8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: BetterPrivacy - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\sn1cppd8.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.de/webhp?source=search_app"
CHR DefaultSearchProvider: Search the web (Babylon)
CHR DefaultSearchURL: Google
CHR DefaultNewTabURL:
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Christian\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Christian\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Christian\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Screen Capture Plugin) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.3.4_0\plugins/screen_capture.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (TVU Web Player for FireFox) - C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
CHR Plugin: (Google Update) - C:\Users\Christian\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Extension: (YouTube) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0
CHR Extension: (Google Search) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Search Assistant ) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfelndikbdcohbdimnhdhhokfljdidgn\2.0.0
CHR Extension: (K-ON!) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijlppfhlfgamaofmpafjpibhdmmcbde\3_0
CHR Extension: (Google Wallet) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
==================== Services (Whitelisted) =================
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-07-04] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-27] (Avira Operations GmbH & Co. KG)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 NitroDriverReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [341312 2011-09-24] (Nitro PDF Software)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2012-12-19] (Nitro PDF Software)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [624856 2012-04-06] (Pandora.TV)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-03-05] ()
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 uCamMonitor; C:\Program Files (x86)\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
==================== Drivers (Whitelisted) ====================
S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2008-04-24] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-27] (Avira Operations GmbH & Co. KG)
S3 BEHRINGER_2902; C:\Windows\System32\Drivers\BUSB2902.sys [460864 2009-10-30] (BEHRINGER)
S3 BEHRINGER_2902; C:\Windows\SysWow64\Drivers\BUSB2902.sys [340480 2007-11-06] (BEHRINGER)
S3 BUSB_AUDIO_WDM; C:\Windows\System32\drivers\busbwdm.sys [49728 2009-10-30] (BEHRINGER)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-31] (DT Soft Ltd)
R3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [212992 2013-08-28] (Huawei Technologies Co., Ltd.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S4 sptd; \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-31 12:40 - 2013-12-31 12:40 - 00000000 ____D C:\Users\Christian\Downloads\FRST-OlderVersion
2013-12-31 12:28 - 2013-12-31 12:28 - 00009776 _____ C:\Users\Christian\Desktop\AdwCleaner[S1].txt
2013-12-31 12:18 - 2013-12-31 12:23 - 00000000 ____D C:\AdwCleaner
2013-12-31 12:13 - 2013-12-31 12:17 - 01233962 _____ C:\Users\Christian\Downloads\adwcleaner.exe
2013-12-31 12:06 - 2013-12-31 12:06 - 00003224 _____ C:\Windows\System32\Tasks\{6B2257FC-F255-4CA7-97DB-6E1651C07B91}
2013-12-30 20:04 - 2013-12-30 22:15 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-12-30 19:49 - 2013-12-30 21:48 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-30 19:48 - 2013-12-30 22:52 - 00000000 ____D C:\Users\Christian\Desktop\mbar
2013-12-30 19:03 - 2013-12-30 19:47 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Christian\Downloads\mbar-1.07.0.1008.exe
2013-12-29 13:13 - 2013-12-29 13:13 - 00053845 _____ C:\Users\Christian\Desktop\FRST_2.txt
2013-12-29 12:49 - 2013-12-29 12:49 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-29 12:01 - 2013-12-29 12:05 - 01048400 _____ C:\Users\Christian\Downloads\tdsskiller(3).exe
2013-12-28 12:12 - 2013-12-28 12:21 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Christian\Downloads\TDSSKiller19.exe
2013-12-28 12:03 - 2013-12-28 12:06 - 01048400 _____ C:\Users\Christian\Downloads\tdsskiller(2).exe
2013-12-28 11:59 - 2013-12-28 12:02 - 01048400 _____ C:\Users\Christian\Downloads\tdsskiller(1).exe
2013-12-28 11:55 - 2013-12-28 11:58 - 01048400 _____ C:\Users\Christian\Downloads\tdsskiller.exe
2013-12-27 20:23 - 2013-12-27 20:23 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Malwarebytes
2013-12-27 10:57 - 2013-12-27 10:57 - 00033205 _____ C:\Users\Christian\Desktop\Gmer.txt
2013-12-27 10:39 - 2013-12-27 10:41 - 00377856 _____ C:\Users\Christian\Downloads\gmer_2.1.19163.exe
2013-12-27 10:35 - 2013-12-27 10:35 - 00053850 _____ C:\Users\Christian\Desktop\Addition.txt
2013-12-27 10:35 - 2013-12-27 10:35 - 00051341 _____ C:\Users\Christian\Desktop\FRST.txt
2013-12-27 10:33 - 2013-12-27 10:34 - 00053850 _____ C:\Users\Christian\Downloads\Addition.txt
2013-12-27 10:29 - 2013-12-31 12:42 - 00024126 _____ C:\Users\Christian\Downloads\FRST.txt
2013-12-27 10:29 - 2013-12-31 12:40 - 00000000 ____D C:\FRST
2013-12-27 10:20 - 2013-12-31 12:40 - 01931302 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2013-12-27 10:13 - 2013-12-27 10:13 - 00000660 _____ C:\Users\Christian\Downloads\defogger_disable.log
2013-12-27 10:13 - 2013-12-27 10:13 - 00000188 _____ C:\Users\Christian\defogger_reenable
2013-12-27 10:12 - 2013-12-27 10:12 - 00050477 _____ C:\Users\Christian\Downloads\Defogger.exe
2013-12-27 04:16 - 2013-12-27 11:47 - 00012056 _____ C:\Users\Christian\Desktop\Ereignisse.txt
2013-12-26 22:24 - 2013-12-26 22:24 - 00037348 _____ C:\Users\Christian\Downloads\colors_of_autumn.zip
2013-12-26 22:23 - 2013-12-26 22:23 - 00095742 _____ C:\Users\Christian\Downloads\lovely_excuse.zip
2013-12-26 22:23 - 2013-12-26 22:23 - 00019571 _____ C:\Users\Christian\Downloads\the_quick.zip
2013-12-26 22:20 - 2013-12-26 22:20 - 00032855 _____ C:\Users\Christian\Downloads\the_blue_oasis.zip
2013-12-26 22:09 - 2013-12-26 22:12 - 00110523 _____ C:\Users\Christian\Downloads\vtks_inked.zip
2013-12-26 22:08 - 2013-12-26 22:11 - 00429375 _____ C:\Users\Christian\Downloads\basterds.zip
2013-12-26 22:08 - 2013-12-26 22:08 - 00050419 _____ C:\Users\Christian\Downloads\from_where_you_are.zip
2013-12-26 22:08 - 2013-12-26 22:08 - 00025583 _____ C:\Users\Christian\Downloads\beginning_yoga.zip
2013-12-26 22:07 - 2013-12-26 22:08 - 00025090 _____ C:\Users\Christian\Downloads\lasting_love.zip
2013-12-26 22:06 - 2013-12-26 22:07 - 00122938 _____ C:\Users\Christian\Downloads\praying_angel.zip
2013-12-26 22:06 - 2013-12-26 22:07 - 00120623 _____ C:\Users\Christian\Downloads\a_brush_no.zip
2013-12-26 22:06 - 2013-12-26 22:06 - 00047131 _____ C:\Users\Christian\Downloads\leap_of_faith.zip
2013-12-26 22:06 - 2013-12-26 22:06 - 00014544 _____ C:\Users\Christian\Downloads\beginning_of_summer.zip
2013-12-26 22:05 - 2013-12-26 22:05 - 00018277 _____ C:\Users\Christian\Downloads\da_streets.zip
2013-12-26 21:35 - 2013-12-26 21:35 - 00094223 _____ C:\Users\Christian\Downloads\skinny_jeans.zip
2013-12-26 21:35 - 2013-12-26 21:35 - 00058703 _____ C:\Users\Christian\Downloads\nkotb_fever.zip
2013-12-26 21:35 - 2013-12-26 21:35 - 00047466 _____ C:\Users\Christian\Downloads\manga_temple.zip
2013-12-26 21:34 - 2013-12-26 21:34 - 00041602 _____ C:\Users\Christian\Downloads\international_playboy.zip
2013-12-26 21:34 - 2013-12-26 21:34 - 00035947 _____ C:\Users\Christian\Downloads\creator_credits.zip
2013-12-26 21:33 - 2013-12-26 21:33 - 00048371 _____ C:\Users\Christian\Downloads\blowhole.zip
2013-12-26 21:33 - 2013-12-26 21:33 - 00044382 _____ C:\Users\Christian\Downloads\zud_juice.zip
2013-12-26 21:32 - 2013-12-26 21:34 - 00255162 _____ C:\Users\Christian\Downloads\fish_fingers.zip
2013-12-26 21:32 - 2013-12-26 21:34 - 00142667 _____ C:\Users\Christian\Downloads\minya_nouvelle.zip
2013-12-26 21:32 - 2013-12-26 21:32 - 00089325 _____ C:\Users\Christian\Downloads\mandroid.zip
2013-12-26 21:32 - 2013-12-26 21:32 - 00026950 _____ C:\Users\Christian\Downloads\eight_years_later.zip
2013-12-26 21:27 - 2013-12-26 21:28 - 00045280 _____ C:\Users\Christian\Downloads\candy_stripe.zip
2013-12-26 21:24 - 2013-12-26 21:28 - 00285121 _____ C:\Users\Christian\Downloads\childs_play.zip
2013-12-26 21:24 - 2013-12-26 21:24 - 00040598 _____ C:\Users\Christian\Downloads\brown_bear_funk.zip
2013-12-26 21:24 - 2013-12-26 21:24 - 00023739 _____ C:\Users\Christian\Downloads\bottle_rocket.zip
2013-12-26 21:23 - 2013-12-26 21:23 - 00025439 _____ C:\Users\Christian\Downloads\blam_blam.zip
2013-12-26 21:23 - 2013-12-26 21:23 - 00022391 _____ C:\Users\Christian\Downloads\black_boys_on_mopeds.zip
2013-12-26 21:22 - 2013-12-26 21:22 - 00094590 _____ C:\Users\Christian\Downloads\acme_secret_agent.zip
2013-12-26 21:22 - 2013-12-26 21:22 - 00055656 _____ C:\Users\Christian\Downloads\anime_ace.zip
2013-12-26 21:20 - 2013-12-26 21:21 - 00073281 _____ C:\Users\Christian\Downloads\achilles.zip
2013-12-23 09:58 - 2013-12-23 16:08 - 106512568 _____ C:\Windows\SysWOW64\藽嬴–
2013-12-23 09:54 - 2013-12-23 10:12 - 00001822 _____ C:\Users\Christian\Desktop\Beschreibungen_aS.txt
2013-12-22 23:49 - 2013-12-22 23:49 - 00000000 ____D C:\Users\Christian\Downloads\31_Degrees_Celsius_[lililicious]
2013-12-22 23:43 - 2013-12-22 23:49 - 03506155 _____ C:\Users\Christian\Downloads\31_Degrees_Celsius_[lililicious].zip
2013-12-22 10:48 - 2013-12-22 10:50 - 00000000 ____D C:\Users\Christian\Desktop\Bilder_aS_Profil
2013-12-18 03:59 - 2013-12-18 03:59 - 00181083 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_04Uhr00_Final_v2.xlsm
2013-12-18 03:38 - 2013-12-18 03:54 - 00181073 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_03Uhr30_v2.xlsm
2013-12-18 03:13 - 2013-12-18 03:13 - 00004172 _____ C:\Users\Christian\Desktop\Wenn_DANN_Formeln.txt
2013-12-18 02:25 - 2013-12-18 03:03 - 00186431 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_02Uhr30_v2.xlsm
2013-12-18 02:11 - 2013-12-18 02:18 - 00184676 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_02Uhr00_v2.xlsm
2013-12-18 02:04 - 2013-12-18 02:04 - 00183765 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_02Uhr00.xlsm
2013-12-18 01:27 - 2013-12-18 01:44 - 00187441 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_01Uhr30.xlsm
2013-12-18 00:58 - 2013-12-18 00:58 - 00183247 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_01Uhr00.xlsm
2013-12-18 00:28 - 2013-12-18 00:28 - 00182185 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_00Uhr30.xlsm
2013-12-18 00:01 - 2013-12-18 00:20 - 00181437 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_00Uhr00.xlsm
2013-12-17 22:33 - 2013-12-17 22:33 - 00000000 _____ C:\Users\Christian\Desktop\Neues Textdokument.txt
2013-12-17 21:16 - 2013-12-17 23:51 - 00180663 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_21Uhr15.xlsm
2013-12-17 20:57 - 2013-12-17 21:03 - 00184068 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU.xlsm
2013-12-16 20:10 - 2013-12-16 20:10 - 00024012 _____ C:\Users\Christian\Desktop\Kopie von Kurosakitest.xlsm
2013-12-16 20:08 - 2013-12-16 17:20 - 00182787 _____ C:\Users\Christian\Desktop\Entscheidungshilfe_Tier-1_test2GANDALF_2.xlsm
2013-12-16 20:08 - 2013-12-16 17:20 - 00182787 _____ C:\Users\Christian\Desktop\Entscheidungshilfe_Tier-1_test2GANDALF.xlsm
2013-12-15 19:06 - 2013-12-15 19:06 - 00014918 _____ C:\Users\Christian\Desktop\Kopie von Kurosakitest-2.xlsm
2013-12-14 13:35 - 2013-12-14 13:35 - 00068096 _____ C:\Users\Christian\Desktop\Kopie von BeispielUserForms.xls
2013-12-11 19:29 - 2012-08-09 11:40 - 00031232 _____ C:\Users\Christian\Desktop\test.xls
2013-12-09 21:21 - 2013-12-09 21:23 - 00780800 _____ C:\Users\Christian\Downloads\2007-2010_windows_7_vor_update.zip
2013-12-08 15:42 - 2013-12-08 15:48 - 01616864 _____ C:\Users\Christian\Downloads\[Payapaya]_Yurika_no_Campus_Life_Chapter_1.zip
2013-12-05 22:18 - 2013-12-05 22:24 - 03542704 _____ C:\Users\Christian\Downloads\Shoujo_Sect_-_Volume_01_Chapter_01_[otenba](1).zip
2013-12-05 22:14 - 2013-12-05 22:18 - 02275256 _____ C:\Users\Christian\Downloads\Shoujo_Sect_-_Volume_01_Chapter_01_[otenba].zip
2013-12-05 08:59 - 2013-12-10 16:28 - 00000000 ____D C:\Users\Christian\Desktop\rivat
2013-12-03 21:16 - 2013-12-31 09:15 - 00000000 ____D C:\Users\Christian\Desktop\dj
2013-12-01 10:59 - 2013-12-08 21:36 - 00317339 _____ C:\Users\Christian\Desktop\Mangaliste_2.xlsm
==================== One Month Modified Files and Folders =======
2013-12-31 12:43 - 2013-12-27 10:29 - 00024126 _____ C:\Users\Christian\Downloads\FRST.txt
2013-12-31 12:42 - 2012-02-19 22:17 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-794549961-1181347935-302815916-1001UA.job
2013-12-31 12:40 - 2013-12-31 12:40 - 00000000 ____D C:\Users\Christian\Downloads\FRST-OlderVersion
2013-12-31 12:40 - 2013-12-27 10:29 - 00000000 ____D C:\FRST
2013-12-31 12:40 - 2013-12-27 10:20 - 01931302 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2013-12-31 12:33 - 2009-07-14 05:45 - 00015152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-31 12:33 - 2009-07-14 05:45 - 00015152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-31 12:31 - 2009-07-14 18:58 - 01309514 _____ C:\Windows\system32\perfh007.dat
2013-12-31 12:31 - 2009-07-14 18:58 - 00704580 _____ C:\Windows\system32\perfc007.dat
2013-12-31 12:31 - 2009-07-14 06:13 - 00006666 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-31 12:28 - 2013-12-31 12:28 - 00009776 _____ C:\Users\Christian\Desktop\AdwCleaner[S1].txt
2013-12-31 12:25 - 2012-02-12 18:12 - 00275674 _____ C:\Windows\PFRO.log
2013-12-31 12:25 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-31 12:25 - 2009-07-14 05:51 - 13995031 _____ C:\Windows\setupact.log
2013-12-31 12:24 - 2012-02-12 11:50 - 01741070 _____ C:\Windows\WindowsUpdate.log
2013-12-31 12:23 - 2013-12-31 12:18 - 00000000 ____D C:\AdwCleaner
2013-12-31 12:19 - 2012-02-18 13:25 - 00000000 ____D C:\ProgramData\ICQ
2013-12-31 12:17 - 2013-12-31 12:13 - 01233962 _____ C:\Users\Christian\Downloads\adwcleaner.exe
2013-12-31 12:06 - 2013-12-31 12:06 - 00003224 _____ C:\Windows\System32\Tasks\{6B2257FC-F255-4CA7-97DB-6E1651C07B91}
2013-12-31 11:53 - 2012-02-19 23:39 - 00000396 _____ C:\Windows\Tasks\update-S-1-5-21-794549961-1181347935-302815916-1001.job
2013-12-31 11:45 - 2012-03-31 15:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-31 11:16 - 2012-02-19 23:39 - 00000396 _____ C:\Windows\Tasks\update-sys.job
2013-12-31 09:27 - 2012-02-17 16:18 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Winamp
2013-12-31 09:15 - 2013-12-03 21:16 - 00000000 ____D C:\Users\Christian\Desktop\dj
2013-12-30 22:52 - 2013-12-30 19:48 - 00000000 ____D C:\Users\Christian\Desktop\mbar
2013-12-30 22:15 - 2013-12-30 20:04 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-12-30 21:48 - 2013-12-30 19:49 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-30 21:45 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\addins
2013-12-30 21:42 - 2012-02-19 22:17 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-794549961-1181347935-302815916-1001Core.job
2013-12-30 19:47 - 2013-12-30 19:03 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Christian\Downloads\mbar-1.07.0.1008.exe
2013-12-29 18:01 - 2012-04-07 09:08 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Nitro PDF
2013-12-29 13:13 - 2013-12-29 13:13 - 00053845 _____ C:\Users\Christian\Desktop\FRST_2.txt
2013-12-29 12:49 - 2013-12-29 12:49 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-29 12:05 - 2013-12-29 12:01 - 01048400 _____ C:\Users\Christian\Downloads\tdsskiller(3).exe
2013-12-28 12:21 - 2013-12-28 12:12 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Christian\Downloads\TDSSKiller19.exe
2013-12-28 12:06 - 2013-12-28 12:03 - 01048400 _____ C:\Users\Christian\Downloads\tdsskiller(2).exe
2013-12-28 12:02 - 2013-12-28 11:59 - 01048400 _____ C:\Users\Christian\Downloads\tdsskiller(1).exe
2013-12-28 11:58 - 2013-12-28 11:55 - 01048400 _____ C:\Users\Christian\Downloads\tdsskiller.exe
2013-12-27 22:13 - 2012-02-13 00:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-27 20:23 - 2013-12-27 20:23 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Malwarebytes
2013-12-27 11:47 - 2013-12-27 04:16 - 00012056 _____ C:\Users\Christian\Desktop\Ereignisse.txt
2013-12-27 10:57 - 2013-12-27 10:57 - 00033205 _____ C:\Users\Christian\Desktop\Gmer.txt
2013-12-27 10:41 - 2013-12-27 10:39 - 00377856 _____ C:\Users\Christian\Downloads\gmer_2.1.19163.exe
2013-12-27 10:35 - 2013-12-27 10:35 - 00053850 _____ C:\Users\Christian\Desktop\Addition.txt
2013-12-27 10:35 - 2013-12-27 10:35 - 00051341 _____ C:\Users\Christian\Desktop\FRST.txt
2013-12-27 10:34 - 2013-12-27 10:33 - 00053850 _____ C:\Users\Christian\Downloads\Addition.txt
2013-12-27 10:13 - 2013-12-27 10:13 - 00000660 _____ C:\Users\Christian\Downloads\defogger_disable.log
2013-12-27 10:13 - 2013-12-27 10:13 - 00000188 _____ C:\Users\Christian\defogger_reenable
2013-12-27 10:13 - 2012-02-12 11:55 - 00000000 ____D C:\Users\Christian
2013-12-27 10:12 - 2013-12-27 10:12 - 00050477 _____ C:\Users\Christian\Downloads\Defogger.exe
2013-12-27 01:57 - 2013-06-28 21:12 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-27 01:57 - 2013-06-28 21:12 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-27 01:57 - 2013-06-28 21:12 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-27 01:57 - 2013-06-28 21:12 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-12-26 22:24 - 2013-12-26 22:24 - 00037348 _____ C:\Users\Christian\Downloads\colors_of_autumn.zip
2013-12-26 22:23 - 2013-12-26 22:23 - 00095742 _____ C:\Users\Christian\Downloads\lovely_excuse.zip
2013-12-26 22:23 - 2013-12-26 22:23 - 00019571 _____ C:\Users\Christian\Downloads\the_quick.zip
2013-12-26 22:20 - 2013-12-26 22:20 - 00032855 _____ C:\Users\Christian\Downloads\the_blue_oasis.zip
2013-12-26 22:12 - 2013-12-26 22:09 - 00110523 _____ C:\Users\Christian\Downloads\vtks_inked.zip
2013-12-26 22:11 - 2013-12-26 22:08 - 00429375 _____ C:\Users\Christian\Downloads\basterds.zip
2013-12-26 22:08 - 2013-12-26 22:08 - 00050419 _____ C:\Users\Christian\Downloads\from_where_you_are.zip
2013-12-26 22:08 - 2013-12-26 22:08 - 00025583 _____ C:\Users\Christian\Downloads\beginning_yoga.zip
2013-12-26 22:08 - 2013-12-26 22:07 - 00025090 _____ C:\Users\Christian\Downloads\lasting_love.zip
2013-12-26 22:07 - 2013-12-26 22:06 - 00122938 _____ C:\Users\Christian\Downloads\praying_angel.zip
2013-12-26 22:07 - 2013-12-26 22:06 - 00120623 _____ C:\Users\Christian\Downloads\a_brush_no.zip
2013-12-26 22:06 - 2013-12-26 22:06 - 00047131 _____ C:\Users\Christian\Downloads\leap_of_faith.zip
2013-12-26 22:06 - 2013-12-26 22:06 - 00014544 _____ C:\Users\Christian\Downloads\beginning_of_summer.zip
2013-12-26 22:05 - 2013-12-26 22:05 - 00018277 _____ C:\Users\Christian\Downloads\da_streets.zip
2013-12-26 21:35 - 2013-12-26 21:35 - 00094223 _____ C:\Users\Christian\Downloads\skinny_jeans.zip
2013-12-26 21:35 - 2013-12-26 21:35 - 00058703 _____ C:\Users\Christian\Downloads\nkotb_fever.zip
2013-12-26 21:35 - 2013-12-26 21:35 - 00047466 _____ C:\Users\Christian\Downloads\manga_temple.zip
2013-12-26 21:34 - 2013-12-26 21:34 - 00041602 _____ C:\Users\Christian\Downloads\international_playboy.zip
2013-12-26 21:34 - 2013-12-26 21:34 - 00035947 _____ C:\Users\Christian\Downloads\creator_credits.zip
2013-12-26 21:34 - 2013-12-26 21:32 - 00255162 _____ C:\Users\Christian\Downloads\fish_fingers.zip
2013-12-26 21:34 - 2013-12-26 21:32 - 00142667 _____ C:\Users\Christian\Downloads\minya_nouvelle.zip
2013-12-26 21:33 - 2013-12-26 21:33 - 00048371 _____ C:\Users\Christian\Downloads\blowhole.zip
2013-12-26 21:33 - 2013-12-26 21:33 - 00044382 _____ C:\Users\Christian\Downloads\zud_juice.zip
2013-12-26 21:32 - 2013-12-26 21:32 - 00089325 _____ C:\Users\Christian\Downloads\mandroid.zip
2013-12-26 21:32 - 2013-12-26 21:32 - 00026950 _____ C:\Users\Christian\Downloads\eight_years_later.zip
2013-12-26 21:28 - 2013-12-26 21:27 - 00045280 _____ C:\Users\Christian\Downloads\candy_stripe.zip
2013-12-26 21:28 - 2013-12-26 21:24 - 00285121 _____ C:\Users\Christian\Downloads\childs_play.zip
2013-12-26 21:24 - 2013-12-26 21:24 - 00040598 _____ C:\Users\Christian\Downloads\brown_bear_funk.zip
2013-12-26 21:24 - 2013-12-26 21:24 - 00023739 _____ C:\Users\Christian\Downloads\bottle_rocket.zip
2013-12-26 21:23 - 2013-12-26 21:23 - 00025439 _____ C:\Users\Christian\Downloads\blam_blam.zip
2013-12-26 21:23 - 2013-12-26 21:23 - 00022391 _____ C:\Users\Christian\Downloads\black_boys_on_mopeds.zip
2013-12-26 21:22 - 2013-12-26 21:22 - 00094590 _____ C:\Users\Christian\Downloads\acme_secret_agent.zip
2013-12-26 21:22 - 2013-12-26 21:22 - 00055656 _____ C:\Users\Christian\Downloads\anime_ace.zip
2013-12-26 21:21 - 2013-12-26 21:20 - 00073281 _____ C:\Users\Christian\Downloads\achilles.zip
2013-12-24 00:04 - 2012-05-20 19:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-23 16:08 - 2013-12-23 09:58 - 106512568 _____ C:\Windows\SysWOW64\藽嬴–
2013-12-23 10:12 - 2013-12-23 09:54 - 00001822 _____ C:\Users\Christian\Desktop\Beschreibungen_aS.txt
2013-12-23 09:40 - 2012-12-07 18:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-22 23:49 - 2013-12-22 23:49 - 00000000 ____D C:\Users\Christian\Downloads\31_Degrees_Celsius_[lililicious]
2013-12-22 23:49 - 2013-12-22 23:43 - 03506155 _____ C:\Users\Christian\Downloads\31_Degrees_Celsius_[lililicious].zip
2013-12-22 10:50 - 2013-12-22 10:48 - 00000000 ____D C:\Users\Christian\Desktop\Bilder_aS_Profil
2013-12-20 11:30 - 2012-02-19 13:28 - 00000000 ____D C:\Users\Christian\AppData\Roaming\vlc
2013-12-19 15:51 - 2012-08-19 15:53 - 00000000 ____D C:\Program Files (x86)\osu!
2013-12-19 15:05 - 2013-08-08 15:08 - 00000000 ____D C:\Users\Christian\AppData\Roaming\KeePass
2013-12-18 03:59 - 2013-12-18 03:59 - 00181083 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_04Uhr00_Final_v2.xlsm
2013-12-18 03:54 - 2013-12-18 03:38 - 00181073 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_03Uhr30_v2.xlsm
2013-12-18 03:13 - 2013-12-18 03:13 - 00004172 _____ C:\Users\Christian\Desktop\Wenn_DANN_Formeln.txt
2013-12-18 03:03 - 2013-12-18 02:25 - 00186431 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_02Uhr30_v2.xlsm
2013-12-18 02:18 - 2013-12-18 02:11 - 00184676 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_02Uhr00_v2.xlsm
2013-12-18 02:04 - 2013-12-18 02:04 - 00183765 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_02Uhr00.xlsm
2013-12-18 01:44 - 2013-12-18 01:27 - 00187441 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_01Uhr30.xlsm
2013-12-18 00:58 - 2013-12-18 00:58 - 00183247 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_01Uhr00.xlsm
2013-12-18 00:28 - 2013-12-18 00:28 - 00182185 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_00Uhr30.xlsm
2013-12-18 00:20 - 2013-12-18 00:01 - 00181437 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_00Uhr00.xlsm
2013-12-17 23:51 - 2013-12-17 21:16 - 00180663 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU_21Uhr15.xlsm
2013-12-17 22:33 - 2013-12-17 22:33 - 00000000 _____ C:\Users\Christian\Desktop\Neues Textdokument.txt
2013-12-17 21:03 - 2013-12-17 20:57 - 00184068 _____ C:\Users\Christian\Desktop\ENTSCHEIDUNG_TIER1_NEU.xlsm
2013-12-16 20:10 - 2013-12-16 20:10 - 00024012 _____ C:\Users\Christian\Desktop\Kopie von Kurosakitest.xlsm
2013-12-16 17:20 - 2013-12-16 20:08 - 00182787 _____ C:\Users\Christian\Desktop\Entscheidungshilfe_Tier-1_test2GANDALF_2.xlsm
2013-12-16 17:20 - 2013-12-16 20:08 - 00182787 _____ C:\Users\Christian\Desktop\Entscheidungshilfe_Tier-1_test2GANDALF.xlsm
2013-12-15 19:06 - 2013-12-15 19:06 - 00014918 _____ C:\Users\Christian\Desktop\Kopie von Kurosakitest-2.xlsm
2013-12-14 13:35 - 2013-12-14 13:35 - 00068096 _____ C:\Users\Christian\Desktop\Kopie von BeispielUserForms.xls
2013-12-11 20:27 - 2012-10-23 09:41 - 00000000 ____D C:\Users\Christian\Documents\Calibre Bibliothek
2013-12-10 16:28 - 2013-12-05 08:59 - 00000000 ____D C:\Users\Christian\Desktop\rivat
2013-12-09 21:23 - 2013-12-09 21:21 - 00780800 _____ C:\Users\Christian\Downloads\2007-2010_windows_7_vor_update.zip
2013-12-08 21:36 - 2013-12-01 10:59 - 00317339 _____ C:\Users\Christian\Desktop\Mangaliste_2.xlsm
2013-12-08 15:48 - 2013-12-08 15:42 - 01616864 _____ C:\Users\Christian\Downloads\[Payapaya]_Yurika_no_Campus_Life_Chapter_1.zip
2013-12-05 22:24 - 2013-12-05 22:18 - 03542704 _____ C:\Users\Christian\Downloads\Shoujo_Sect_-_Volume_01_Chapter_01_[otenba](1).zip
2013-12-05 22:18 - 2013-12-05 22:14 - 02275256 _____ C:\Users\Christian\Downloads\Shoujo_Sect_-_Volume_01_Chapter_01_[otenba].zip
2013-12-03 21:37 - 2012-02-19 22:17 - 00004114 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-794549961-1181347935-302815916-1001UA
2013-12-03 21:37 - 2012-02-19 22:17 - 00003718 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-794549961-1181347935-302815916-1001Core
Some content of TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\12-6-legacy_vista_win7_64_dd_ccc_whql.exe
C:\Users\Christian\AppData\Local\Temp\AskSLib.dll
C:\Users\Christian\AppData\Local\Temp\avgnt.exe
C:\Users\Christian\AppData\Local\Temp\binkw32.dll
C:\Users\Christian\AppData\Local\Temp\d2l_Install.exe
C:\Users\Christian\AppData\Local\Temp\DTLite4454-0315.exe
C:\Users\Christian\AppData\Local\Temp\IcqUpdater.exe
C:\Users\Christian\AppData\Local\Temp\installerdll28338860.dll
C:\Users\Christian\AppData\Local\Temp\jna4221618882833569241.dll
C:\Users\Christian\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Christian\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Christian\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Christian\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Christian\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Christian\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Christian\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Christian\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Christian\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Christian\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Christian\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Christian\AppData\Local\Temp\KMP_3.3.0.33.exe
C:\Users\Christian\AppData\Local\Temp\KMP_3.4.0.59.exe
C:\Users\Christian\AppData\Local\Temp\KMP_3.5.0.77.exe
C:\Users\Christian\AppData\Local\Temp\KMP_3.6.0.87.exe
C:\Users\Christian\AppData\Local\Temp\KMP_3.7.0.109.exe
C:\Users\Christian\AppData\Local\Temp\KMP_3.7.0.113.exe
C:\Users\Christian\AppData\Local\Temp\ose00000.exe
C:\Users\Christian\AppData\Local\Temp\PIPInstaller_PTV_.exe
C:\Users\Christian\AppData\Local\Temp\pyl3DB.tmp.exe
C:\Users\Christian\AppData\Local\Temp\Quarantine.exe
C:\Users\Christian\AppData\Local\Temp\RESTART.exe
C:\Users\Christian\AppData\Local\Temp\set0000.exe
C:\Users\Christian\AppData\Local\Temp\set0001.exe
C:\Users\Christian\AppData\Local\Temp\set0002.exe
C:\Users\Christian\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Christian\AppData\Local\Temp\sonarinst.exe
C:\Users\Christian\AppData\Local\Temp\tmp2338.exe
C:\Users\Christian\AppData\Local\Temp\tmp5C42.exe
C:\Users\Christian\AppData\Local\Temp\tmp5CCF.exe
C:\Users\Christian\AppData\Local\Temp\tmp6834.exe
C:\Users\Christian\AppData\Local\Temp\tmp8880.exe
C:\Users\Christian\AppData\Local\Temp\tmpA997.exe
C:\Users\Christian\AppData\Local\Temp\tmpD95D.exe
C:\Users\Christian\AppData\Local\Temp\tmpDDE0.exe
C:\Users\Christian\AppData\Local\Temp\tmpE168.exe
C:\Users\Christian\AppData\Local\Temp\tmpE8E7.exe
C:\Users\Christian\AppData\Local\Temp\tmpFC78.exe
C:\Users\Christian\AppData\Local\Temp\uninst1.exe
C:\Users\Christian\AppData\Local\Temp\ydetect.exe
C:\Users\Christian\AppData\Local\Temp\_isACF3.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-30 00:57
==================== End Of Log ============================
--- --- ---
--- --- --- |
Malwarebytes Anti-Malware 