ratzeman | 24.02.2014 19:51 | FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-02-2014 02
Ran by champ (administrator) on CHAMP-PC on 24-02-2014 19:39:14
Running from C:\Users\champ\Downloads
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(ArcSoft, Inc.) C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\system32\srvany.exe
() C:\Windows\KMService.exe
(Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Motorola) C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Secunia) C:\Program Files\Secunia\PSI\PSIA.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost VPN\Service.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [] - [X]
HKLM\...\Run: [C:\Windows\system32\V0520Ext.ax] - C:\Windows\system32\RegSvr32.exe /s C:\Windows\system32\V0520Ext.ax
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9874024 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] - C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3405618477-4029139554-1616172553-1000\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5625624 2014-01-17] (SUPERAntiSpyware)
HKU\S-1-5-21-3405618477-4029139554-1616172553-1000\...\Run: [MMAgent] - C:\Program Files\Mobile Master\MMAgent.exe [1412080 2013-11-07] (Jumping Bytes)
HKU\S-1-5-21-3405618477-4029139554-1616172553-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3405618477-4029139554-1616172553-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3405618477-4029139554-1616172553-1000\...\MountPoints2: D - D:\DVDMenu.exe
HKU\S-1-5-21-3405618477-4029139554-1616172553-1000\...\MountPoints2: {2ce476a2-e218-11e1-ae32-5404a6b6fd35} - N:\LaunchU3.exe -a
HKU\S-1-5-21-3405618477-4029139554-1616172553-1000\...\MountPoints2: {31b354c0-e6b9-11e1-9cda-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3405618477-4029139554-1616172553-1000\...\MountPoints2: {5e6e3f0a-3931-11e2-836f-5404a6b6fd35} - "G:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3405618477-4029139554-1616172553-1000\...\MountPoints2: {ca1e7bc0-ec5b-11e1-9226-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3405618477-4029139554-1616172553-1000\...\MountPoints2: {e12f158d-9700-11e3-be50-5404a6b6fd35} - N:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-21-3405618477-4029139554-1616172553-1000\...\MountPoints2: {e63c88cc-b968-11e2-9a6c-5404a6b6fd35} - G:\auvisio.exe
HKU\S-1-5-21-3405618477-4029139554-1616172553-1003\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3405618477-4029139554-1616172553-1003\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3405618477-4029139554-1616172553-1003\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3405618477-4029139554-1616172553-1003\...\MountPoints2: {31b354c0-e6b9-11e1-9cda-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3405618477-4029139554-1616172553-1003\...\MountPoints2: {ca1e7bc0-ec5b-11e1-9226-806e6f6e6963} - E:\Autorun.exe
AppInit_DLLs: c:\progra~3\networ~1\networ~1.dll => C:\ProgramData\Network Acceleration\NetworkAcceleration.dll [4417536 2013-12-29] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3405618477-4029139554-1616172553-1003\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3405618477-4029139554-1616172553-1002\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB79261F7FA76CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM - (No Name) - {5786d022-540e-4699-b350-b4be0ae94b79} - No File
URLSearchHook: HKLM - WhiteSmoke New Toolbar - {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files\WhiteSmoke_New\prxtbWhit.dll (Conduit Ltd.)
URLSearchHook: HKCU - (No Name) - {5786d022-540e-4699-b350-b4be0ae94b79} - No File
URLSearchHook: HKCU - UsProvider Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
URLSearchHook: HKCU - WhiteSmoke New Toolbar - {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files\WhiteSmoke_New\prxtbWhit.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1383823104&from=cor&uid=HitachiXHCS5C1010CLA382_JC0950HX06PR8H06PR8HX
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.qone8.com/web/?type=ds&ts=1383823104&from=cor&uid=HitachiXHCS5C1010CLA382_JC0950HX06PR8H06PR8HX&q={searchTerms}
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=DE&userid=04218859-915e-4fc0-99b8-fe282763f94f&searchtype=ds&q={searchTerms}
SearchScopes: HKLM - {01bd49d7-c76b-4310-8beb-14d7e5f322c6} URL = hxxp://searchy.easylifeapp.com/?q={searchTerms}&pid=1348&src=ie2&r=2013/08/19&hid=1011549658&lg=EN&cc=GB
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.qone8.com/web/?type=ds&ts=1383823104&from=cor&uid=HitachiXHCS5C1010CLA382_JC0950HX06PR8H06PR8HX&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=DE&userid=04218859-915e-4fc0-99b8-fe282763f94f&searchtype=ds&q={searchTerms}
SearchScopes: HKCU - {01bd49d7-c76b-4310-8beb-14d7e5f322c6} URL = hxxp://searchy.easylifeapp.com/?q={searchTerms}&pid=1348&src=ie2&r=2013/08/19&hid=1011549658&lg=EN&cc=GB
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&affID=121845&tt=120613_adn&babsrc=SP_ss_Btisdt7&mntrId=BACD00FF832929A7
SearchScopes: HKCU - {261E15EC-8138-4062-A058-8431943524A1} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289847&CUI=UN32709176385343268&UM=2
SearchScopes: HKCU - {5B0A37B8-0CCA-452C-AD36-59F084CDAF70} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=DAEBCB6E-E36C-4A63-9331-50C9A5550AB0&apn_sauid=9C49258F-B2B6-4861-B146-34C3D7AFE089
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {5786D022-540E-4699-B350-B4BE0AE94B79} - No File
Toolbar: HKCU - WhiteSmoke New Toolbar - {739DF940-C5EE-4BAB-9D7E-270894AE687A} - C:\Program Files\WhiteSmoke_New\prxtbWhit.dll (Conduit Ltd.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0DE14902-7548-44E9-BC59-FA3539C2369E}: [NameServer]79.141.167.14,79.141.160.23
Tcpip\..\Interfaces\{7CE9DE5E-0F4B-422A-B0D8-40EA3BA96378}: [NameServer]79.141.167.14,79.141.160.23
FireFox:
========
FF ProfilePath: C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default
FF user.js: detected! => C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\user.js
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF Homepage: hxxp://www.handelsblatt.com/
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN13912262031534828&UM=2&q=
FF NetworkProxy: "backup.ftp", ""
FF NetworkProxy: "backup.ftp_port", 0
FF NetworkProxy: "backup.socks", ""
FF NetworkProxy: "backup.socks_port", 0
FF NetworkProxy: "backup.ssl", ""
FF NetworkProxy: "backup.ssl_port", 0
FF NetworkProxy: "ftp", "203.172.134.222"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "203.172.134.222"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "203.172.134.222"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "203.172.134.222"
FF NetworkProxy: "ssl_port", 8080
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\champ\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\searchplugins\googlede-pws.xml
FF SearchPlugin: C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: UTUbeNoAAds - C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\Extensions\dkwjoaom@uyuidjao.edu [2014-02-01]
FF Extension: RoaboSaver - C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\Extensions\oynnwj@vrjtb.net [2013-12-29]
FF Extension: EnJoyCoupon - C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\Extensions\zeiea2va@hjlw-zld.co.uk [2013-12-29]
FF Extension: WOT - C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-02-23]
FF Extension: DownloadHelper - C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-01-14]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\Extensions\adblockpopups@jessehakanen.net.xpi [2013-12-30]
FF Extension: anonymoX - C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\Extensions\client@anonymox.net.xpi [2013-12-31]
FF Extension: FireGloves - C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\Extensions\firegloves@fingerprint.pet-portal.eu.xpi [2014-02-12]
FF Extension: Webmail Ad Blocker - C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\Extensions\gmailnoads@mywebber.com.xpi [2013-12-29]
FF Extension: Bluhell Firewall - C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2013-12-31]
FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2014-01-23]
FF Extension: Adblock Plus - C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-30]
FF Extension: BetterPrivacy - C:\Users\champ\AppData\Roaming\Mozilla\Firefox\Profiles\h11x55ps.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-12-31]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-14]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-02-14]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-01-03]
FF HKLM\...\Thunderbird\Extensions: [{857610fe-b36c-47f2-b4fa-6b7affe0cf5a}] - C:\Program Files\Mobile Master\ext\1\
FF Extension: Mobile Master Add-In - C:\Program Files\Mobile Master\ext\1\ []
FF HKCU\...\Firefox\Extensions: [CaptureSaver@goldgingko.com] - C:\Program Files\CaptureSaver\Firefox
FF Extension: No Name - C:\Program Files\CaptureSaver\Firefox [2013-03-19]
FF HKCU\...\Firefox\Extensions: [SoundFrost@helper.com] - C:\Program Files\SoundFrost\SoundFrost.xpi
FF Extension: No Name - C:\Program Files\SoundFrost\SoundFrost.xpi [2013-05-20]
FF HKCU\...\Firefox\Extensions: [{cc0c97a8-6006-48ad-9052-d2c6bef85ca3}] - C:\Program Files\bLyrics\130.xpi
Chrome:
=======
CHR Extension: (EnJoyCoupon) - C:\Users\champ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahancjhngfcjfbkepnclnpohpghpceci [2013-12-29]
CHR Extension: (Delta Toolbar) - C:\Users\champ\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-07-16]
CHR Extension: (WhiteSmoke New) - C:\Users\champ\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi [2013-08-20]
CHR Extension: (Google Wallet) - C:\Users\champ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-20]
CHR Extension: (RoaboSaver) - C:\ProgramData\cdedlkjmogkfbhbnglhgnailmpanodem [2013-12-29]
CHR HKLM\...\Chrome\Extension: [cekcjpgehmohobmdiikfnopibipmgnml] - C:\Users\champ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ [2013-12-29]
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\champ\AppData\Roaming\BabSolution\CR\Delta.crx [2013-06-12]
CHR HKLM\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\champ\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-08-20]
CHR HKLM\...\Chrome\Extension: [okaclkhnjaebofijaabgiahinbajiekd] - C:\Program Files\bLyrics\130.crx [2013-08-20]
CHR HKCU\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\champ\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-08-20]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-07-11] (SUPERAntiSpyware.com)
S4 ACT2_Service; C:\Program Files\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [1421216 2011-08-22] ()
R2 ADExchange; C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43072 2012-03-19] (ArcSoft, Inc.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 CGVPNCliService; C:\Program Files\CyberGhost VPN\Service.exe [64112 2014-01-16] (CyberGhost S.R.L)
S4 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
R2 KMService; C:\Windows\system32\srvany.exe [8192 2003-04-18] ()
R2 Motorola Device Manager; C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14658848 2013-12-10] (NVIDIA Corporation)
R2 PST Service; C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1326176 2012-07-25] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [681056 2012-07-25] (Secunia)
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S4 SProtection; C:\Program Files\Common Files\Umbrella\umbrella.exe [2905408 2013-11-21] (Iminent)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
S4 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
==================== Drivers (Whitelisted) ====================
R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2012-09-26] (Protect Software GmbH)
R2 ACT2PM; C:\Program Files\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor32.sys [14648 2011-06-10] ()
R0 AiCharger; C:\Windows\System32\DRIVERS\AiCharger.sys [13440 2010-10-20] (ASUSTek Computer Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 CH341SER; C:\Windows\System32\Drivers\CH341SER.SYS [39696 2011-11-04] (www.winchiphead.com)
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [163616 2012-09-06] (Digiarty Software, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
R1 Ext2Fsd; C:\Windows\system32\Drivers\Ext2Fsd.sys [686872 2011-07-09] (www.ext2fsd.com)
R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [41912 2010-07-22] (FSPro Labs)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [50704 2009-10-20] (CACE Technologies, Inc.)
R3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [25712 2013-01-29] (Microsoft Corporation)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [62336 2010-12-10] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [141440 2010-12-10] (Renesas Electronics Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-05] (NVIDIA Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2010-05-20] (Windows (R) Codename Longhorn DDK provider)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam60.sys [35328 2010-05-20] (Realtek Corporation)
S3 RTVLANPT; C:\Windows\System32\DRIVERS\RtVlan60.sys [19968 2010-05-20] (Windows (R) Codename Longhorn DDK provider)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [436792 2012-08-14] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [31360 2013-02-08] (The OpenVPN Project)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [81232 2012-06-09] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IM.sys [452432 2012-06-09] (Paragon)
R1 Uim_Vim; C:\Windows\System32\Drivers\Uim_Vim.sys [283344 2012-06-09] (Paragon)
S3 V0520Vid; C:\Windows\System32\DRIVERS\V0520Vid.sys [244448 2011-09-02] (Creative Technology Ltd.)
U3 av22wbhf; C:\Windows\system32\Drivers\av22wbhf.sys [0 ] (Elaborate Bytes AG)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-24 19:39 - 2014-02-24 19:40 - 00029111 _____ () C:\Users\champ\Downloads\FRST.txt
2014-02-24 19:38 - 2014-02-24 19:39 - 00000000 ____D () C:\FRST
2014-02-24 19:38 - 2014-02-24 19:38 - 01144320 _____ (Farbar) C:\Users\champ\Downloads\FRST.exe
2014-02-24 17:53 - 2014-02-24 17:53 - 00001087 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-24 17:53 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-24 17:52 - 2014-02-24 17:52 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\champ\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-23 18:27 - 2014-02-23 18:27 - 00000000 ____D () C:\Users\champ\AppData\Roaming\Malwarebytes
2014-02-23 18:26 - 2014-02-24 17:53 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-23 18:26 - 2014-02-23 18:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-23 14:15 - 2014-02-23 14:15 - 00294963 _____ () C:\Users\champ\Desktop\TURKvod_5.0_OE20_19_02_04_2.zip
2014-02-23 13:15 - 2014-02-23 13:15 - 00000000 ____D () C:\Users\champ\AppData\Roaming\Microsoft\Windows\Start Menu\Meine Dokumente\Documents\ArcSoft
2014-02-22 14:11 - 2014-02-22 14:11 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Wondershare
2014-02-21 23:27 - 2014-02-23 19:03 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-02-21 23:23 - 2014-02-23 21:16 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-02-21 23:23 - 2014-02-21 23:23 - 35955112 _____ (TuneUp Software) C:\Users\champ\Downloads\TuneUpUtilities2014_de-DE.exe
2014-02-21 13:18 - 2014-02-21 13:18 - 00000000 ____D () C:\Users\champ\Desktop\TURKvod
2014-02-21 12:27 - 2014-02-21 12:28 - 00000000 ____D () C:\Users\champ\AppData\Roaming\Microsoft\Windows\Start Menu\Meine Dokumente\Documents\Wondershare Video Editor
2014-02-20 22:44 - 2014-02-20 22:44 - 61134054 _____ () C:\Users\champ\Downloads\openatv-4.0-xpeedlx-20140220_usb.zip
2014-02-19 21:39 - 2014-02-19 21:39 - 00144790 _____ () C:\Users\champ\Downloads\bootloader-xpeed-lx1-751mhz-13.02.2014.zip
2014-02-16 19:40 - 2014-02-16 19:40 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Motorola Mobility
2014-02-16 18:53 - 2014-02-16 18:53 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\Motorola Mobility
2014-02-16 15:00 - 2014-02-16 15:00 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Motorola Mobility
2014-02-16 13:02 - 2014-02-16 13:02 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Motousbnet_01009.Wdf
2014-02-16 13:02 - 2014-02-16 13:02 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motfilt_01009.Wdf
2014-02-16 13:01 - 2014-02-16 13:01 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-02-16 13:01 - 2014-02-16 13:01 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motusbdevice_01009.Wdf
2014-02-16 13:01 - 2014-02-16 13:01 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motccgp_01009.Wdf
2014-02-16 13:01 - 2014-02-16 13:01 - 00000000 ____D () C:\Users\champ\AppData\Roaming\Motorola Mobility
2014-02-16 13:01 - 2014-02-16 13:01 - 00000000 ____D () C:\ProgramData\Motorola
2014-02-16 13:00 - 2014-02-16 13:01 - 00000000 ____D () C:\Program Files\Motorola Mobility
2014-02-16 13:00 - 2014-02-16 13:00 - 00000000 ____D () C:\Program Files\Motorola
2014-02-16 13:00 - 2014-02-16 13:00 - 00000000 ____D () C:\Program Files\Common Files\MSSoap
2014-02-16 12:58 - 2014-02-16 12:58 - 00000000 ____D () C:\Program Files\Common Files\Motorola Shared
2014-02-16 12:57 - 2014-02-16 12:57 - 00000000 ____D () C:\Users\champ\AppData\Roaming\Motorola
2014-02-16 12:53 - 2014-02-16 12:53 - 00000596 _____ () C:\Windows\PFRO.log
2014-02-16 11:00 - 2014-02-16 11:00 - 00001070 _____ () C:\Users\champ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
2014-02-16 11:00 - 2014-02-16 11:00 - 00000000 ____D () C:\Program Files\MediaInfo
2014-02-14 14:56 - 2014-02-14 14:58 - 00000000 ____D () C:\Users\champ\Desktop\Stimmung
2014-02-14 11:40 - 2014-02-14 11:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-13 12:05 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 12:05 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 12:05 - 2014-02-06 11:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 12:05 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 12:05 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 12:05 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 12:05 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 12:05 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 12:05 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 12:05 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 12:05 - 2014-02-06 10:47 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 12:05 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 12:05 - 2014-02-06 10:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 12:05 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 12:05 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 12:05 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 12:05 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 12:05 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 12:05 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 12:05 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 12:05 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 11:54 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 11:15 - 2014-02-24 19:16 - 00000292 _____ () C:\Windows\Tasks\Update Bonanza.job
2014-02-13 11:15 - 2014-02-13 11:15 - 00000000 ____D () C:\Users\champ\AppData\Roaming\UpdateBonanza
2014-02-13 10:43 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 10:43 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 10:43 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 10:43 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 10:43 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 10:43 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 10:43 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 10:43 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 10:43 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 10:43 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 10:43 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 10:43 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 10:43 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 10:43 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 09:41 - 2014-02-23 21:16 - 00000000 ____D () C:\Users\champ\Desktop\keys1
2014-02-10 16:09 - 2014-02-10 16:09 - 00000892 _____ () C:\Users\champ\Desktop\Hits 2014 - Verknüpfung.lnk
2014-02-05 15:14 - 2014-02-05 15:15 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\TeraCopy
2014-02-03 14:50 - 2014-02-03 15:18 - 00000000 ____D () C:\Users\Laura\Desktop\Konfi -Bilder
2014-02-03 10:07 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-02-03 10:07 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-03 10:07 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-03 10:07 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-03 10:06 - 2014-02-03 10:07 - 00005315 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-02-01 16:33 - 2014-02-01 16:33 - 00002494 __RSH () C:\ProgramData\ntuser.pol
2014-02-01 16:33 - 2014-02-01 16:33 - 00000000 ____D () C:\ProgramData\UTUbeNoAAds
2014-02-01 16:33 - 2014-02-01 16:33 - 00000000 ____D () C:\ProgramData\knglimfpcechcemlpckgopldlobbmnoc
2014-01-30 09:06 - 2014-01-30 09:08 - 00002268 _____ () C:\Windows\logboot_30.01.2014.tureg.log
2014-01-29 19:00 - 1999-01-18 11:28 - 00008880 _____ (Macromedia, Inc.) C:\Users\Laura\Desktop\LILLI.EXE
==================== One Month Modified Files and Folders =======
2014-02-24 19:40 - 2014-02-24 19:39 - 00029111 _____ () C:\Users\champ\Downloads\FRST.txt
2014-02-24 19:39 - 2014-02-24 19:38 - 00000000 ____D () C:\FRST
2014-02-24 19:38 - 2014-02-24 19:38 - 01144320 _____ (Farbar) C:\Users\champ\Downloads\FRST.exe
2014-02-24 19:31 - 2012-09-24 14:32 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\Skype
2014-02-24 19:16 - 2014-02-13 11:15 - 00000292 _____ () C:\Windows\Tasks\Update Bonanza.job
2014-02-24 19:15 - 2013-12-29 14:15 - 00000290 _____ () C:\Windows\Tasks\Bonanza.job
2014-02-24 19:06 - 2012-08-09 13:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-24 18:21 - 2013-09-20 11:25 - 00000000 ____D () C:\Users\champ\Desktop\Neuer Ordner
2014-02-24 17:55 - 2012-08-09 11:07 - 01339579 _____ () C:\Windows\WindowsUpdate.log
2014-02-24 17:53 - 2014-02-24 17:53 - 00001087 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-24 17:53 - 2014-02-23 18:26 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-24 17:52 - 2014-02-24 17:52 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\champ\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-24 16:55 - 2009-07-14 05:34 - 00041488 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-24 16:55 - 2009-07-14 05:34 - 00041488 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-24 16:50 - 2014-01-12 15:50 - 00033870 _____ () C:\Windows\setupact.log
2014-02-24 16:50 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-24 10:15 - 2014-01-08 11:15 - 00000142 _____ () C:\Users\champ\AppData\Roaming\WB.CFG
2014-02-23 23:19 - 2012-12-25 12:54 - 00000000 ___RD () C:\Users\champ\Desktop\Dreambox
2014-02-23 23:06 - 2012-08-09 13:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-23 23:06 - 2012-08-09 13:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-23 22:55 - 2013-02-05 19:14 - 00000000 ____D () C:\Users\champ\AppData\Local\CrashDumps
2014-02-23 21:24 - 2013-12-29 11:40 - 00000000 ____D () C:\ProgramData\Network Acceleration
2014-02-23 21:19 - 2012-08-09 11:15 - 00000000 ____D () C:\Users\champ
2014-02-23 21:16 - 2014-02-21 23:23 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-02-23 21:16 - 2014-02-11 09:41 - 00000000 ____D () C:\Users\champ\Desktop\keys1
2014-02-23 21:16 - 2013-12-05 17:36 - 00000000 ____D () C:\Users\champ\Desktop\ChanSort_2013-11-24
2014-02-23 21:16 - 2013-08-02 15:30 - 00000000 ____D () C:\Program Files\Iminent
2014-02-23 21:16 - 2013-01-22 11:56 - 00000000 ____D () C:\Users\champ\AppData\Local\Downloaded Installations
2014-02-23 21:16 - 2012-09-11 14:14 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Skype
2014-02-23 21:16 - 2012-09-11 12:03 - 00000000 ___RD () C:\Users\champ\Desktop\System
2014-02-23 21:16 - 2012-08-25 08:58 - 00000000 ____D () C:\Users\champ\AppData\Roaming\Mp3tag
2014-02-23 21:16 - 2012-08-19 20:00 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-23 21:16 - 2012-08-17 15:35 - 00000000 ____D () C:\ProgramData\Skype
2014-02-23 21:16 - 2012-08-16 11:14 - 00000000 ____D () C:\Users\Dana
2014-02-23 21:16 - 2012-08-13 12:34 - 00000000 ____D () C:\Users\Laura
2014-02-23 21:16 - 2012-08-13 12:31 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-23 21:16 - 2012-08-11 19:59 - 00000000 ____D () C:\Users\Larissa
2014-02-23 21:16 - 2012-08-11 18:56 - 00000000 __SHD () C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2014-02-23 21:16 - 2012-08-11 18:39 - 00000000 ____D () C:\Users\champ\AppData\Roaming\BOM
2014-02-23 21:16 - 2012-08-09 11:30 - 00000000 ____D () C:\Users\champ\AppData\Local\Microsoft Help
2014-02-23 21:16 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\Performance
2014-02-23 21:16 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-02-23 21:16 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2014-02-23 21:15 - 2012-08-14 22:36 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-02-23 21:14 - 2012-08-19 19:59 - 00000000 ____D () C:\ProgramData\Apple
2014-02-23 21:14 - 2012-08-17 15:35 - 00000000 ___RD () C:\Program Files\Skype
2014-02-23 21:13 - 2012-09-12 18:08 - 00000000 ___HD () C:\BJPrinter
2014-02-23 21:13 - 2012-08-13 12:29 - 00000000 ____D () C:\NVIDIA
2014-02-23 19:03 - 2014-02-21 23:27 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-02-23 19:03 - 2009-07-14 09:56 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-23 18:27 - 2014-02-23 18:27 - 00000000 ____D () C:\Users\champ\AppData\Roaming\Malwarebytes
2014-02-23 18:26 - 2014-02-23 18:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-23 16:54 - 2014-01-23 10:37 - 00000600 _____ () C:\Users\champ\AppData\Roaming\winscp.rnd
2014-02-23 14:45 - 2014-01-12 16:02 - 00636928 ___SH () C:\Users\Larissa\Thumbs.db
2014-02-23 14:15 - 2014-02-23 14:15 - 00294963 _____ () C:\Users\champ\Desktop\TURKvod_5.0_OE20_19_02_04_2.zip
2014-02-23 13:15 - 2014-02-23 13:15 - 00000000 ____D () C:\Users\champ\AppData\Roaming\Microsoft\Windows\Start Menu\Meine Dokumente\Documents\ArcSoft
2014-02-22 14:19 - 2012-12-04 17:02 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\TuneUp Software
2014-02-22 14:11 - 2014-02-22 14:11 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Wondershare
2014-02-22 11:34 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-02-21 23:39 - 2012-08-19 20:00 - 00000000 ____D () C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2014-02-21 23:23 - 2014-02-21 23:23 - 35955112 _____ (TuneUp Software) C:\Users\champ\Downloads\TuneUpUtilities2014_de-DE.exe
2014-02-21 23:13 - 2012-08-13 16:12 - 00000000 ____D () C:\Users\champ\AppData\Roaming\vlc
2014-02-21 23:12 - 2012-08-09 13:18 - 00000000 ____D () C:\Users\champ\AppData\Local\Windows Live
2014-02-21 13:18 - 2014-02-21 13:18 - 00000000 ____D () C:\Users\champ\Desktop\TURKvod
2014-02-21 12:28 - 2014-02-21 12:27 - 00000000 ____D () C:\Users\champ\AppData\Roaming\Microsoft\Windows\Start Menu\Meine Dokumente\Documents\Wondershare Video Editor
2014-02-20 22:47 - 2009-11-10 19:44 - 01621244 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-20 22:44 - 2014-02-20 22:44 - 61134054 _____ () C:\Users\champ\Downloads\openatv-4.0-xpeedlx-20140220_usb.zip
2014-02-20 21:38 - 2013-06-10 17:30 - 00000000 ____D () C:\openat
2014-02-20 15:56 - 2013-09-04 17:04 - 00000000 ____D () C:\Users\Dana\AppData\Local\CrashDumps
2014-02-19 21:39 - 2014-02-19 21:39 - 00144790 _____ () C:\Users\champ\Downloads\bootloader-xpeed-lx1-751mhz-13.02.2014.zip
2014-02-16 19:40 - 2014-02-16 19:40 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Motorola Mobility
2014-02-16 19:40 - 2012-08-13 12:34 - 00000000 ____D () C:\Users\Laura\AppData\Local\VirtualStore
2014-02-16 18:53 - 2014-02-16 18:53 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\Motorola Mobility
2014-02-16 18:53 - 2012-08-16 11:14 - 00000000 ____D () C:\Users\Dana\AppData\Local\VirtualStore
2014-02-16 18:03 - 2012-08-19 15:51 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Skype
2014-02-16 15:00 - 2014-02-16 15:00 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Motorola Mobility
2014-02-16 13:02 - 2014-02-16 13:02 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Motousbnet_01009.Wdf
2014-02-16 13:02 - 2014-02-16 13:02 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motfilt_01009.Wdf
2014-02-16 13:01 - 2014-02-16 13:01 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-02-16 13:01 - 2014-02-16 13:01 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motusbdevice_01009.Wdf
2014-02-16 13:01 - 2014-02-16 13:01 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motccgp_01009.Wdf
2014-02-16 13:01 - 2014-02-16 13:01 - 00000000 ____D () C:\Users\champ\AppData\Roaming\Motorola Mobility
2014-02-16 13:01 - 2014-02-16 13:01 - 00000000 ____D () C:\ProgramData\Motorola
2014-02-16 13:01 - 2014-02-16 13:00 - 00000000 ____D () C:\Program Files\Motorola Mobility
2014-02-16 13:00 - 2014-02-16 13:00 - 00000000 ____D () C:\Program Files\Motorola
2014-02-16 13:00 - 2014-02-16 13:00 - 00000000 ____D () C:\Program Files\Common Files\MSSoap
2014-02-16 12:58 - 2014-02-16 12:58 - 00000000 ____D () C:\Program Files\Common Files\Motorola Shared
2014-02-16 12:58 - 2012-08-19 16:59 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-02-16 12:57 - 2014-02-16 12:57 - 00000000 ____D () C:\Users\champ\AppData\Roaming\Motorola
2014-02-16 12:53 - 2014-02-16 12:53 - 00000596 _____ () C:\Windows\PFRO.log
2014-02-16 11:00 - 2014-02-16 11:00 - 00001070 _____ () C:\Users\champ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
2014-02-16 11:00 - 2014-02-16 11:00 - 00000000 ____D () C:\Program Files\MediaInfo
2014-02-15 13:06 - 2012-08-09 13:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-14 14:58 - 2014-02-14 14:56 - 00000000 ____D () C:\Users\champ\Desktop\Stimmung
2014-02-14 11:40 - 2014-02-14 11:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-14 08:44 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-02-13 14:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-13 12:07 - 2012-08-09 11:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-13 12:02 - 2013-08-20 00:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-13 11:59 - 2009-10-14 03:21 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-13 11:54 - 2009-07-14 03:04 - 00000639 _____ () C:\Windows\win.ini
2014-02-13 11:53 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-02-13 11:15 - 2014-02-13 11:15 - 00000000 ____D () C:\Users\champ\AppData\Roaming\UpdateBonanza
2014-02-11 09:25 - 2009-07-14 05:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-10 16:09 - 2014-02-10 16:09 - 00000892 _____ () C:\Users\champ\Desktop\Hits 2014 - Verknüpfung.lnk
2014-02-09 20:41 - 2012-10-17 22:05 - 00000000 ____D () C:\Users\champ\AppData\Local\Canon Easy-PhotoPrint EX
2014-02-06 11:38 - 2014-02-13 12:05 - 17103872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 11:20 - 2014-02-13 12:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 11:19 - 2014-02-13 12:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 11:01 - 2014-02-13 12:05 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 11:00 - 2014-02-13 12:05 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 12:05 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 10:52 - 2014-02-13 12:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 12:05 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 10:49 - 2014-02-13 12:05 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 10:47 - 2014-02-13 12:05 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 10:47 - 2014-02-13 12:05 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 10:46 - 2014-02-13 12:05 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 10:34 - 2014-02-13 12:05 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 10:25 - 2014-02-13 12:05 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 10:25 - 2014-02-13 12:05 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 10:13 - 2014-02-13 12:05 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 12:05 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 12:05 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 09:41 - 2014-02-13 12:05 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 09:36 - 2014-02-13 12:05 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:34 - 2014-02-13 12:05 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-05 15:15 - 2014-02-05 15:14 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\TeraCopy
2014-02-03 15:18 - 2014-02-03 14:50 - 00000000 ____D () C:\Users\Laura\Desktop\Konfi -Bilder
2014-02-03 14:50 - 2013-11-15 13:35 - 00000000 ____D () C:\Users\Laura\Desktop\Frankreich
2014-02-03 14:21 - 2014-01-02 19:24 - 00000000 ____D () C:\Users\champ\Desktop\Fotos
2014-02-03 10:07 - 2014-02-03 10:06 - 00005315 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-02-03 10:07 - 2013-10-28 15:12 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-03 10:07 - 2012-09-07 21:59 - 00000000 ____D () C:\Program Files\Java
2014-02-01 16:33 - 2014-02-01 16:33 - 00002494 __RSH () C:\ProgramData\ntuser.pol
2014-02-01 16:33 - 2014-02-01 16:33 - 00000000 ____D () C:\ProgramData\UTUbeNoAAds
2014-02-01 16:33 - 2014-02-01 16:33 - 00000000 ____D () C:\ProgramData\knglimfpcechcemlpckgopldlobbmnoc
2014-02-01 16:33 - 2013-12-29 23:19 - 00000000 ____D () C:\ProgramData\2aec3377e51bfc14
2014-01-30 09:08 - 2014-01-30 09:06 - 00002268 _____ () C:\Windows\logboot_30.01.2014.tureg.log
2014-01-30 09:08 - 2009-07-14 03:03 - 62914560 _____ () C:\Windows\system32\config\SOFTWARE_tureg_old
2014-01-30 09:08 - 2009-07-14 03:03 - 27787264 _____ () C:\Windows\system32\config\SYSTEM_tureg_old
2014-01-30 09:08 - 2009-07-14 03:03 - 00262144 _____ () C:\Windows\system32\config\SECURITY_tureg_old
2014-01-29 22:16 - 2009-07-14 03:03 - 00524288 _____ () C:\Windows\system32\config\DEFAULT_tureg_old
2014-01-29 22:16 - 2009-07-14 03:03 - 00262144 _____ () C:\Windows\system32\config\SAM_tureg_old
Some content of TEMP:
====================
C:\Users\champ\AppData\Local\Temp\avgnt.exe
C:\Users\champ\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\champ\AppData\Local\Temp\MotoCast_Installer_2.0405.exe
C:\Users\champ\AppData\Local\Temp\Uni000.exe
C:\Users\champ\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\Dana\AppData\Local\Temp\AskSLib.dll
C:\Users\Dana\AppData\Local\Temp\avgnt.exe
C:\Users\Dana\AppData\Local\Temp\MediaSync.exe
C:\Users\Dana\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Larissa\AppData\Local\Temp\AskSLib.dll
C:\Users\Larissa\AppData\Local\Temp\avgnt.exe
C:\Users\Larissa\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Laura\AppData\Local\Temp\AskSLib.dll
C:\Users\Laura\AppData\Local\Temp\avgnt.exe
C:\Users\Laura\AppData\Local\Temp\i4jdel0.exe
C:\Users\Laura\AppData\Local\Temp\MediaSync.exe
C:\Users\Laura\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-19 22:28
==================== End Of Log ============================ --- --- ---
--- --- ---
Hoffentlich stimmt es so ?! |