Hallo Timo,
vielen Dank für die schnelle Antwort und Hilfe!
Ich habe alle Schritte nacheinander durchgeführt. Nur Schritt 3 hat irgendwie nicht funktioniert, obwohl ich mein Antivirus-Programm deaktiviert habe. Es hat so ausgesehen, als wäre der Scan durchgeführt worden. Es ergab sich aber kein Logfile dazu..
Anbei die anderen Logfiles.. Code:
# AdwCleaner v3.210 - Bericht erstellt am 19/05/2014 um 21:35:24
# Aktualisiert 19/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Zümrüt - ZÜMRÜT-PC
# Gestartet von : C:\Users\Zümrüt\Downloads\adwcleaner_3.210.exe
# Option : Suchen
***** [ Dienste ] *****
Dienst Gefunden : IBUpdaterService
Dienst Gefunden : LPTSystemUpdater
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Users\M.A.K\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage
Datei Gefunden : C:\Users\M.A.K\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal
Datei Gefunden : C:\Users\M.A.K\daemonprocess.txt
Datei Gefunden : C:\Users\ZMRT~1\AppData\Local\Temp\uninstaller.exe
Datei Gefunden : C:\Users\Zümrüt\daemonprocess.txt
Datei Gefunden : C:\Windows\System32\dmwu.exe
Datei Gefunden : C:\Windows\System32\ImhxxpComm.dll
Datei Gefunden : C:\Windows\System32\roboot64.exe
Datei Gefunden : C:\Windows\System32\Tasks\PC Performer_DEFAULT
Datei Gefunden : C:\Windows\System32\Tasks\PC Performer_UPDATES
Datei Gefunden : C:\Windows\Tasks\PC Performer_DEFAULT.job
Datei Gefunden : C:\Windows\Tasks\PC Performer_UPDATES.job
Ordner Gefunden : C:\Program Files (x86)\LPT
Ordner Gefunden : C:\Program Files (x86)\SmartTweak
Ordner Gefunden : C:\Program Files (x86)\Speed Test 127
Ordner Gefunden : C:\ProgramData\ParetoLogic
Ordner Gefunden : C:\ProgramData\RegClean
Ordner Gefunden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Ordner Gefunden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Ordner Gefunden : C:\Users\Gast\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\Gast\AppData\LocalLow\SweetIM
Ordner Gefunden : C:\Users\M.A.K\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Ordner Gefunden : C:\Users\M.A.K\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Ordner Gefunden : C:\Users\M.A.K\AppData\Local\SearchProtect
Ordner Gefunden : C:\Users\M.A.K\AppData\Local\Software
Ordner Gefunden : C:\Users\M.A.K\AppData\Local\Yandex
Ordner Gefunden : C:\Users\M.A.K\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\M.A.K\AppData\LocalLow\SweetIM
Ordner Gefunden : C:\Users\M.A.K\AppData\LocalLow\Yandex
Ordner Gefunden : C:\Users\M.A.K\AppData\Roaming\PerformerSoft
Ordner Gefunden : C:\Users\M.A.K\AppData\Roaming\Systweak
Ordner Gefunden : C:\Users\M.A.K\AppData\Roaming\Yandex
Ordner Gefunden : C:\Users\ZMRT~1\AppData\Local\Temp\Smartbar
Ordner Gefunden : C:\Users\Zümrüt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Ordner Gefunden : C:\Users\Zümrüt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Ordner Gefunden : C:\Users\Zümrüt\AppData\Local\LPT
Ordner Gefunden : C:\Users\Zümrüt\AppData\Local\Mobogenie
Ordner Gefunden : C:\Users\Zümrüt\AppData\Local\SearchProtect
Ordner Gefunden : C:\Users\Zümrüt\AppData\Local\Smartbar
Ordner Gefunden : C:\Users\Zümrüt\AppData\Local\Software
Ordner Gefunden : C:\Users\Zümrüt\AppData\LocalLow\Smartbar
Ordner Gefunden : C:\Users\Zümrüt\AppData\Roaming\DriverCure
Ordner Gefunden : C:\Users\Zümrüt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Ordner Gefunden : C:\Users\Zümrüt\AppData\Roaming\ParetoLogic
Ordner Gefunden : C:\Users\Zümrüt\AppData\Roaming\PerformerSoft
Ordner Gefunden : C:\Users\Zümrüt\AppData\Roaming\Systweak
Ordner Gefunden : C:\Windows\System32\ljkb
Ordner Gefunden : C:\Windows\SysWOW64\ARFC
Ordner Gefunden : C:\Windows\SysWOW64\jmdp
Ordner Gefunden : C:\Windows\SysWOW64\WNLT
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Schlüssel Gefunden : HKCU\Software\IM
Schlüssel Gefunden : HKCU\Software\ImInstaller
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gefunden : HKCU\Software\ParetoLogic
Schlüssel Gefunden : HKCU\Software\PerformerSoft
Schlüssel Gefunden : HKCU\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\smartbarbackup
Schlüssel Gefunden : HKCU\Software\smartbarlog
Schlüssel Gefunden : HKCU\Software\smarttweak
Schlüssel Gefunden : HKCU\Software\systweak
Schlüssel Gefunden : HKCU\Software\WNLT
Schlüssel Gefunden : [x64] HKCU\Software\IM
Schlüssel Gefunden : [x64] HKCU\Software\ImInstaller
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : [x64] HKCU\Software\ParetoLogic
Schlüssel Gefunden : [x64] HKCU\Software\PerformerSoft
Schlüssel Gefunden : [x64] HKCU\Software\SmartBar
Schlüssel Gefunden : [x64] HKCU\Software\smartbarbackup
Schlüssel Gefunden : [x64] HKCU\Software\smartbarlog
Schlüssel Gefunden : [x64] HKCU\Software\smarttweak
Schlüssel Gefunden : [x64] HKCU\Software\systweak
Schlüssel Gefunden : [x64] HKCU\Software\WNLT
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E09EF104-3849-47F4-B005-A120558F3FEF}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FB61B649-3FC8-4754-89A2-501456130AB5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Speed Test 127.BackgroundHostObject
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Speed Test 127.BackgroundHostObject.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Speed Test 127.Navbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Speed Test 127.Navbar.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Speed Test 127.ScriptHostObject
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Speed Test 127.ScriptHostObject.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Speed Test 127.Tool
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Speed Test 127.Tool.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{3013E03D-89D5-4580-8560-DB198297CC29}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{53FDCCB0-2404-4274-9002-5A3A1FD40426}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{B69509B5-4A90-4433-A2DE-BE439F6581F2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{F2F1AE7C-149B-46D3-9498-12572C7AFE11}
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Schlüssel Gefunden : HKLM\Software\ParetoLogic
Schlüssel Gefunden : HKLM\Software\PerformerSoft
Schlüssel Gefunden : HKLM\Software\systweak
Schlüssel Gefunden : HKLM\Software\Uniblue
Schlüssel Gefunden : HKLM\Software\Uniblue\DriverScanner
Schlüssel Gefunden : HKLM\Software\WNLT
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{E09EF104-3849-47F4-B005-A120558F3FEF}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{FB61B649-3FC8-4754-89A2-501456130AB5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\WNLT
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwODjwdSN4nYKkLkiDsRZrjHk60SYY7Cl78H_h3cyuEGnob5GRpsGdyFykBBkBWRGBw2McZsLouNpGTnwryp245Hx5ptRReMm6-ViTDOHT0LQ1Z5nBZtzFzfe_-Sm0lJcWsCbyieDQldLsAfZKnuWYSTNOM,&q={searchTerms}
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwODjwdSN4nYKkLkiDsRZrjHk60SYY7Cl78H_h3cyuEGnob5GRpsGdyFykBBkBWRGBw2McZsLouNpGTnwryp245Hx5ptRReMm6-ViTDOHT0LQ1Z5nBZtzFzfe_-Sm0lJcWsCbyieDQldLsAfZKnuWYSTNOM,&q={searchTerms}
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwODjwdSN4nYKkLkiDsRZrjHk60SYY7Cl78H_h3cyuEGnob5GRpsGdyFykBBkBWRGBw2McZsLouNpGTnwryp245Hx5ptRReMm6-ViTDOHT0LQ1Z5nBZtzFzfe_-Sm0lJcWsCbyieDQldLsAfZKnuWYSTNOM,&q={searchTerms}
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwODjwdSN4nYKkLkiDsRZrjHk60SYY7Cl78H_h3cyuEGnob5GRpsGdyFykBBkBWRGBw2McZsLouNpGTnwryp245Hx5ptRReMm6-ViTDOHT0LQ1Z5nBZtzFzfe_-Sm0lJcWsCbyieDQldLsAfZKnuWYSTNOM,&q={searchTerms}
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwODjwdSN4nYKkLkiDsRZrjHk60SYY7Cl78H_h3cyuEGnob5GRpsGdyFykBBkBWRGBw2McZsLouNpGTnwryp245Hx5ptRReMm6-ViTDOHT0LQ1Z5nBZtzFzfe_-Sm0lJcWsCbyieDQldLsAfZKnuWYSTNOM,&q={searchTerms}
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwODjwdSN4nYKkLkiDsRZrjHk60SYY7Cl78H_h3cyuEGnob5GRpsGdyFykBBkBWRGBw2McZsLouNpGTnwryp245Hx5ptRReMm6-ViTDOHT0LQ1Z5nBZtzFzfe_-Sm0lJcWsCbyieDQldLsAfZKnuWYSTNOc,&q={searchTerms}
-\\ Google Chrome v34.0.1847.137
[ Datei : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gefunden [Search Provider] : hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwODjwdSN4nYKkLkiDsRZrjHk60SYY7Cl78H_h3cyuEGnob5GRpsGdyFykBBkBWRGBw2McZsLouNpGTnwryp245Hx5ptRReMm6-ViTDOHT0LQ1Z5nBZtzFzfe_-Sm0lJcWsCbyieDQldLsAfZKnuWYSTNOc,&q={searchTerms}
Gefunden [Search Provider] : hxxp://mystart.incredibar.com/?a=6PRFYy48Z5&i=26&loc=skw&search={searchTerms}
Gefunden [Homepage] : hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwODjwdSN4nYKkLkiDsRZrjHk60SYY7Cl78H_h3cyuEGnob5GRpsGdyFykBBkBWRGBw2McZsLouNpGTnwryp245Hx5ptSeNHJ4zOV3AHwNqYaWGYOjiqpVE0TI2d6Af_7wo4KokiXY3n3p0_-0rOLUGLa3s,
Gefunden [Extension] : bkomkajifikmkfnjgphkjcfeepbnojok
Gefunden [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj
[ Datei : C:\Users\M.A.K\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gefunden [Search Provider] : hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwODjwdSN4nYKkLkiDsRZrjHk60SYY7Cl78H_h3cyuEGnob5GRpsGdyFykBBkBWRGBw2McZsLouNpGTnwryp245Hx5ptRReMm6-ViTDOHT0LQ1Z5nBZtzFzfe_-Sm0lJcWsCbyieDQldLsAfZKnuWYSTNOc,&q={searchTerms}
Gefunden [Search Provider] : hxxp://mystart.incredibar.com/?a=6PRaS6Ux6M&i=26&loc=skw&search={searchTerms}
Gefunden [Homepage] : hxxp://mystart.incredibar.com/?a=6PRaS6Ux6M&i=26&loc=skw
Gefunden [Extension] : bkomkajifikmkfnjgphkjcfeepbnojok
Gefunden [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gefunden [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gefunden [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj
[ Datei : C:\Users\Zümrüt\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gefunden [Search Provider] : hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwODjwdSN4nYKkLkiDsRZrjHk60SYY7Cl78H_h3cyuEGnob5GRpsGdyFykBBkBWRGBw2McZsLouNpGTnwryp245Hx5ptRReMm6-ViTDOHT0LQ1Z5nBZtzFzfe_-Sm0lJcWsCbyieDQldLsAfZKnuWYSTNOc,&q={searchTerms}
Gefunden [Search Provider] : hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3324415&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=2&UP=SP1EF8BB08-EB82-48BC-AA59-8590B3BC051B&q={searchTerms}&SSPV=
Gefunden [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gefunden [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gefunden [Extension] : jcdgjdiieiljkfkdcloehkohchhpekkn
Gefunden [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj
*************************
AdwCleaner[R0].txt - [21744 octets] - [19/05/2014 21:35:24]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [21805 octets] ########## Code:
# AdwCleaner v3.210 - Bericht erstellt am 19/05/2014 um 21:36:06
# Aktualisiert 19/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Zümrüt - ZÜMRÜT-PC
# Gestartet von : C:\Users\Zümrüt\Downloads\adwcleaner_3.210.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : IBUpdaterService
Dienst Gelöscht : LPTSystemUpdater
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\ParetoLogic
Ordner Gelöscht : C:\ProgramData\RegClean
Ordner Gelöscht : C:\Program Files (x86)\LPT
Ordner Gelöscht : C:\Program Files (x86)\SmartTweak
Ordner Gelöscht : C:\Program Files (x86)\Speed Test 127
Ordner Gelöscht : C:\Windows\SysWOW64\ARFC
Ordner Gelöscht : C:\Windows\SysWOW64\jmdp
Ordner Gelöscht : C:\Windows\SysWOW64\WNLT
Ordner Gelöscht : C:\Windows\System32\ljkb
Ordner Gelöscht : C:\Users\ZMRT~1\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\SweetIM
Ordner Gelöscht : C:\Users\M.A.K\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\M.A.K\AppData\Local\Yandex
Ordner Gelöscht : C:\Users\M.A.K\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\M.A.K\AppData\LocalLow\SweetIM
Ordner Gelöscht : C:\Users\M.A.K\AppData\LocalLow\Yandex
Ordner Gelöscht : C:\Users\M.A.K\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\M.A.K\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\M.A.K\AppData\Roaming\Yandex
Ordner Gelöscht : C:\Users\Zümrüt\AppData\Local\LPT
Ordner Gelöscht : C:\Users\Zümrüt\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Zümrüt\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Zümrüt\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\Zümrüt\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\Zümrüt\AppData\Roaming\DriverCure
Ordner Gelöscht : C:\Users\Zümrüt\AppData\Roaming\ParetoLogic
Ordner Gelöscht : C:\Users\Zümrüt\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Zümrüt\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Zümrüt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Ordner Gelöscht : C:\Users\M.A.K\AppData\Local\Software
Ordner Gelöscht : C:\Users\Zümrüt\AppData\Local\Software
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Ordner Gelöscht : C:\Users\M.A.K\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Ordner Gelöscht : C:\Users\Zümrüt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Ordner Gelöscht : C:\Users\M.A.K\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Ordner Gelöscht : C:\Users\Zümrüt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Datei Gelöscht : C:\Windows\System32\dmwu.exe
Datei Gelöscht : C:\Windows\System32\ImhxxpComm.dll
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\ZMRT~1\AppData\Local\Temp\uninstaller.exe
Datei Gelöscht : C:\Users\M.A.K\daemonprocess.txt
Datei Gelöscht : C:\Users\Zümrüt\daemonprocess.txt
Datei Gelöscht : C:\Users\M.A.K\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage
Datei Gelöscht : C:\Users\M.A.K\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal
Datei Gelöscht : C:\Windows\Tasks\PC Performer_DEFAULT.job
Datei Gelöscht : C:\Windows\System32\Tasks\PC Performer_DEFAULT
Datei Gelöscht : C:\Windows\Tasks\PC Performer_UPDATES.job
Datei Gelöscht : C:\Windows\System32\Tasks\PC Performer_UPDATES
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Speed Test 127.BackgroundHostObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Speed Test 127.BackgroundHostObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Speed Test 127.Navbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Speed Test 127.Navbar.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Speed Test 127.ScriptHostObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Speed Test 127.ScriptHostObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Speed Test 127.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Speed Test 127.Tool.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E09EF104-3849-47F4-B005-A120558F3FEF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FB61B649-3FC8-4754-89A2-501456130AB5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3013E03D-89D5-4580-8560-DB198297CC29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{53FDCCB0-2404-4274-9002-5A3A1FD40426}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B69509B5-4A90-4433-A2DE-BE439F6581F2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{F2F1AE7C-149B-46D3-9498-12572C7AFE11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E09EF104-3849-47F4-B005-A120558F3FEF}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{FB61B649-3FC8-4754-89A2-501456130AB5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\ParetoLogic
Schlüssel Gelöscht : HKCU\Software\PerformerSoft
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\smarttweak
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\WNLT
Schlüssel Gelöscht : HKLM\Software\ParetoLogic
Schlüssel Gelöscht : HKLM\Software\PerformerSoft
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\WNLT
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\WNLT
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Google Chrome v34.0.1847.137
[ Datei : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Search Provider] : hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwODjwdSN4nYKkLkiDsRZrjHk60SYY7Cl78H_h3cyuEGnob5GRpsGdyFykBBkBWRGBw2McZsLouNpGTnwryp245Hx5ptRReMm6-ViTDOHT0LQ1Z5nBZtzFzfe_-Sm0lJcWsCbyieDQldLsAfZKnuWYSTNOc,&q={searchTerms}
Gelöscht [Search Provider] : hxxp://mystart.incredibar.com/?a=6PRFYy48Z5&i=26&loc=skw&search={searchTerms}
Gelöscht [Homepage] : hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwODjwdSN4nYKkLkiDsRZrjHk60SYY7Cl78H_h3cyuEGnob5GRpsGdyFykBBkBWRGBw2McZsLouNpGTnwryp245Hx5ptSeNHJ4zOV3AHwNqYaWGYOjiqpVE0TI2d6Af_7wo4KokiXY3n3p0_-0rOLUGLa3s,
Gelöscht [Extension] : bkomkajifikmkfnjgphkjcfeepbnojok
Gelöscht [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj
[ Datei : C:\Users\M.A.K\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Search Provider] : hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwODjwdSN4nYKkLkiDsRZrjHk60SYY7Cl78H_h3cyuEGnob5GRpsGdyFykBBkBWRGBw2McZsLouNpGTnwryp245Hx5ptRReMm6-ViTDOHT0LQ1Z5nBZtzFzfe_-Sm0lJcWsCbyieDQldLsAfZKnuWYSTNOc,&q={searchTerms}
Gelöscht [Search Provider] : hxxp://mystart.incredibar.com/?a=6PRaS6Ux6M&i=26&loc=skw&search={searchTerms}
Gelöscht [Homepage] : hxxp://mystart.incredibar.com/?a=6PRaS6Ux6M&i=26&loc=skw
Gelöscht [Extension] : bkomkajifikmkfnjgphkjcfeepbnojok
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gelöscht [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj
[ Datei : C:\Users\Zümrüt\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Search Provider] : hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwODjwdSN4nYKkLkiDsRZrjHk60SYY7Cl78H_h3cyuEGnob5GRpsGdyFykBBkBWRGBw2McZsLouNpGTnwryp245Hx5ptRReMm6-ViTDOHT0LQ1Z5nBZtzFzfe_-Sm0lJcWsCbyieDQldLsAfZKnuWYSTNOc,&q={searchTerms}
Gelöscht [Search Provider] : hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3324415&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=2&UP=SP1EF8BB08-EB82-48BC-AA59-8590B3BC051B&q={searchTerms}&SSPV=
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gelöscht [Extension] : jcdgjdiieiljkfkdcloehkohchhpekkn
Gelöscht [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj
*************************
AdwCleaner[R0].txt - [22066 octets] - [19/05/2014 21:35:24]
AdwCleaner[S0].txt - [19736 octets] - [19/05/2014 21:36:06]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19797 octets] ########## Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Protection, 19.05.2014 21:47:13, SYSTEM, ZÃ?MRÃ?T-PC, Protection, Malware Protection, Starting,
Protection, 19.05.2014 21:47:13, SYSTEM, ZÃ?MRÃ?T-PC, Protection, Malware Protection, Started,
Protection, 19.05.2014 21:47:13, SYSTEM, ZÃ?MRÃ?T-PC, Protection, Malicious Website Protection, Starting,
Update, 19.05.2014 21:47:18, SYSTEM, ZÃ?MRÃ?T-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 19.05.2014 21:47:31, SYSTEM, ZÃ?MRÃ?T-PC, Manual, Malware Database, 2014.3.4.9, 2014.5.19.10,
Protection, 19.05.2014 21:47:39, SYSTEM, ZÃ?MRÃ?T-PC, Protection, Malicious Website Protection, Started,
Protection, 19.05.2014 21:47:43, SYSTEM, ZÃ?MRÃ?T-PC, Protection, Refresh, Starting,
Protection, 19.05.2014 21:47:43, SYSTEM, ZÃ?MRÃ?T-PC, Protection, Malicious Website Protection, Stopping,
Protection, 19.05.2014 21:47:43, SYSTEM, ZÃ?MRÃ?T-PC, Protection, Malicious Website Protection, Stopped,
Protection, 19.05.2014 21:47:46, SYSTEM, ZÃ?MRÃ?T-PC, Protection, Refresh, Success,
Protection, 19.05.2014 21:47:46, SYSTEM, ZÃ?MRÃ?T-PC, Protection, Malicious Website Protection, Starting,
Protection, 19.05.2014 21:47:47, SYSTEM, ZÃ?MRÃ?T-PC, Protection, Malicious Website Protection, Started,
Protection, 19.05.2014 22:22:01, SYSTEM, ZÃ?MRÃ?T-PC, Protection, Malware Protection, Starting,
Protection, 19.05.2014 22:22:01, SYSTEM, ZÃ?MRÃ?T-PC, Protection, Malware Protection, Started,
Protection, 19.05.2014 22:22:01, SYSTEM, ZÃ?MRÃ?T-PC, Protection, Malicious Website Protection, Starting,
Protection, 19.05.2014 22:24:24, SYSTEM, ZÃ?MRÃ?T-PC, Protection, Malicious Website Protection, Started,
(end) FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Zümrüt (administrator) on ZÜMRÜT-PC on 19-05-2014 22:29:19
Running from C:\Users\Zümrüt\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dropbox, Inc.) C:\Users\Zümrüt\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-03-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [522232 2012-09-26] (Cisco Systems, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1983832016-936756737-872752734-1000\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1983832016-936756737-872752734-1001\...\Run: [Facebook Update] => C:\Users\Zümrüt\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-10] (Facebook Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [241984 2011-10-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [203072 2011-10-16] (NVIDIA Corporation)
Startup: C:\Users\Zümrüt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Zümrüt\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Zümrüt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: WEB.DE Toolbar BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: WEB.DE Toolbar BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKCU - No Name - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No File
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3B7F2F84-982A-49EA-9368-45FB5BC144D9}: [NameServer]212.123.96.110,141.82.16.200
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin64.dll (Skype)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Zümrüt\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR StartupUrls: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
CHR Plugin: (PriceGong) - C:\Users\Zümrüt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.7_0\plugins/npPriceGong_CH.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Embed WMPlayer inline) - C:\Users\Zümrüt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bamkbfdmckphehgiafpenehgebjgdlli [2012-12-12]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-03-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-03-02] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R3 WinHttpAutoProxySvc; winhttp.dll [X]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-17] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-19] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-19 22:28 - 2014-05-19 22:28 - 00001691 _____ () C:\Users\Zümrüt\Desktop\mbam.txt
2014-05-19 21:47 - 2014-05-19 22:24 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 21:47 - 2014-05-19 21:47 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-19 21:47 - 2014-05-19 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-19 21:47 - 2014-05-19 21:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-19 21:47 - 2014-05-19 21:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-19 21:47 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-19 21:47 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-19 21:47 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-19 21:46 - 2014-05-19 21:46 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Zümrüt\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-19 21:43 - 2014-05-19 21:43 - 00000000 ____D () C:\Windows\ERUNT
2014-05-19 21:42 - 2014-05-19 21:42 - 01016261 _____ (Thisisu) C:\Users\Zümrüt\Downloads\JRT.exe
2014-05-19 21:35 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-19 21:34 - 2014-05-19 21:36 - 00000000 ____D () C:\AdwCleaner
2014-05-19 21:34 - 2014-05-19 21:34 - 01326389 _____ () C:\Users\Zümrüt\Downloads\adwcleaner_3.210.exe
2014-05-19 20:54 - 2014-05-19 20:54 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Zümrüt\Downloads\revosetup95.exe
2014-05-19 20:54 - 2014-05-19 20:54 - 00001268 _____ () C:\Users\Zümrüt\Desktop\Revo Uninstaller.lnk
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-19 16:24 - 2014-05-19 16:24 - 00015024 _____ () C:\Users\Zümrüt\Desktop\Ereignisse.txt
2014-05-19 15:55 - 2014-05-19 15:55 - 00051312 _____ () C:\Users\Zümrüt\Desktop\Addition.txt
2014-05-19 15:54 - 2014-05-19 15:54 - 00060568 _____ () C:\Users\Zümrüt\Desktop\FRST.txt
2014-05-19 15:47 - 2014-05-19 22:29 - 00000000 ____D () C:\FRST
2014-05-19 15:45 - 2014-05-19 15:45 - 02067456 _____ (Farbar) C:\Users\Zümrüt\Downloads\FRST64.exe
2014-05-19 15:44 - 2014-05-19 15:44 - 00000474 _____ () C:\Users\Zümrüt\Downloads\defogger_disable.log
2014-05-19 15:44 - 2014-05-19 15:44 - 00000000 _____ () C:\Users\Zümrüt\defogger_reenable
2014-05-19 15:43 - 2014-05-19 15:43 - 00050477 _____ () C:\Users\Zümrüt\Downloads\Defogger.exe
2014-05-19 15:31 - 2014-05-19 15:31 - 00000000 ____D () C:\Users\Zümrüt\AppData\Local\TuneUp Software
2014-05-19 15:29 - 2014-05-19 15:37 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-05-19 15:29 - 2014-05-19 15:29 - 27883432 _____ (TuneUp Software) C:\Users\Zümrüt\Downloads\TuneUpUtilities2014_de-DE.exe
2014-05-19 15:11 - 2014-05-19 22:29 - 00019251 _____ () C:\Users\Zümrüt\Downloads\FRST.txt
2014-05-19 15:11 - 2014-05-19 15:48 - 00051312 _____ () C:\Users\Zümrüt\Downloads\Addition.txt
2014-05-16 16:15 - 2014-05-19 22:21 - 00008546 _____ () C:\Windows\PFRO.log
2014-05-16 16:15 - 2014-05-19 22:21 - 00000538 _____ () C:\Windows\setupact.log
2014-05-16 16:15 - 2014-05-16 16:15 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-16 12:59 - 2014-05-16 12:59 - 00003416 _____ () C:\Windows\System32\Tasks\{4191952B-4600-432A-ABD0-28B7523B4BF0}
2014-05-16 12:55 - 2014-05-16 12:55 - 01342896 _____ (UPDF) C:\Users\Zümrüt\Downloads\UPDFSetup.exe
2014-05-16 12:22 - 2014-05-16 12:22 - 00000000 ____D () C:\Users\Zümrüt\AppData\Local\Skype
2014-05-15 13:45 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 13:45 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 13:45 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 13:45 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 13:45 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 13:45 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 11:14 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 11:14 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 11:14 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 11:14 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 11:14 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 11:14 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 11:14 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 11:14 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 11:14 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 11:14 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 11:14 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 11:14 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 11:14 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 11:14 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 11:14 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 11:14 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 11:14 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 11:14 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 11:14 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 11:14 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 11:14 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 11:14 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 11:14 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 11:14 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 11:14 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 11:14 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 11:14 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 11:14 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 11:14 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 11:14 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 11:14 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 11:14 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 11:14 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 11:14 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 11:14 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 11:14 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 11:14 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 11:14 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 11:14 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 11:14 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 11:14 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 11:14 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 11:14 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 11:14 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 11:14 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-11 23:24 - 2014-05-11 23:24 - 04557717 _____ () C:\Users\Zümrüt\Downloads\Wenn-Opa_s-parken.wmv
2014-05-08 13:49 - 2014-05-16 14:27 - 00000000 ____D () C:\Users\Zümrüt\Documents\Bewerbung
2014-05-08 13:48 - 2014-05-08 13:48 - 00000000 ____D () C:\Users\Zümrüt\Documents\Stex
2014-05-06 16:00 - 2014-05-15 13:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 14:33 - 2014-05-07 15:20 - 00000000 ____D () C:\Users\Zümrüt\Desktop\QM
2014-05-06 14:30 - 2014-05-07 14:51 - 00000000 ____D () C:\Users\Zümrüt\Desktop\Ali
2014-05-04 15:11 - 2014-05-04 15:11 - 00000000 ____D () C:\Users\Zümrüt\AppData\Roaming\DropboxMaster
2014-04-28 20:57 - 2014-04-28 20:57 - 00009728 ___SH () C:\Users\Zümrüt\Desktop\Thumbs.db
2014-04-26 22:09 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-26 22:09 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-26 22:09 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-26 22:09 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-26 22:08 - 2014-04-26 22:09 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-26 15:56 - 2014-04-26 15:56 - 00000000 ____D () C:\Windows\de
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\he
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\fr
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\fi
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\es
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\en
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\el
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\da
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\cs
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\bg
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\ar
2014-04-26 15:53 - 2014-04-26 15:53 - 00001309 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\tr
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\th
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\sv
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\sl
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\sk
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\ru
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\ro
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\pl
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\nl
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\it
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\hu
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\hr
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\ca
2014-04-26 15:45 - 2014-04-26 15:45 - 00002490 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-04-26 15:35 - 2014-04-26 15:35 - 00000000 ____D () C:\Users\Zümrüt\Documents\OneNote-Notizbücher
2014-04-24 10:55 - 2014-04-24 10:55 - 00921654 _____ () C:\Users\Zümrüt\Downloads\g6.bmp
2014-04-24 10:54 - 2014-04-24 10:54 - 00921654 _____ () C:\Users\Zümrüt\Downloads\g5.bmp
2014-04-23 13:51 - 2014-04-23 13:51 - 00000000 __SHD () C:\Users\Zümrüt\AppData\Local\EmieUserList
2014-04-23 13:51 - 2014-04-23 13:51 - 00000000 __SHD () C:\Users\Zümrüt\AppData\Local\EmieSiteList
2014-04-23 00:27 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-23 00:27 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-23 00:27 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-23 00:27 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-23 00:27 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-23 00:27 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-23 00:27 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-23 00:27 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-23 00:27 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-23 00:27 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-23 00:27 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-23 00:27 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-23 00:27 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-23 00:27 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-23 00:27 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-23 00:27 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-23 00:27 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-23 00:27 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-23 00:27 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-23 00:27 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-23 00:27 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-23 00:27 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-23 00:27 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-23 00:27 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-23 00:27 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-23 00:27 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-23 00:27 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-23 00:27 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-23 00:27 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-23 00:27 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-23 00:27 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-23 00:27 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-23 00:27 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-23 00:27 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-23 00:27 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-23 00:26 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-23 00:26 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-23 00:26 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-23 00:26 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-23 00:26 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-23 00:26 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-23 00:26 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-23 00:26 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-23 00:26 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
==================== One Month Modified Files and Folders =======
2014-05-19 22:29 - 2014-05-19 15:47 - 00000000 ____D () C:\FRST
2014-05-19 22:29 - 2014-05-19 15:11 - 00019251 _____ () C:\Users\Zümrüt\Downloads\FRST.txt
2014-05-19 22:28 - 2014-05-19 22:28 - 00001691 _____ () C:\Users\Zümrüt\Desktop\mbam.txt
2014-05-19 22:24 - 2014-05-19 21:47 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 22:23 - 2013-12-11 18:23 - 00000000 ___RD () C:\Users\Zümrüt\Dropbox
2014-05-19 22:23 - 2013-12-11 18:20 - 00000000 ____D () C:\Users\Zümrüt\AppData\Roaming\Dropbox
2014-05-19 22:22 - 2012-12-08 23:51 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-19 22:22 - 2012-05-17 11:42 - 00000000 ____D () C:\ProgramData\clear.fi
2014-05-19 22:21 - 2014-05-16 16:15 - 00008546 _____ () C:\Windows\PFRO.log
2014-05-19 22:21 - 2014-05-16 16:15 - 00000538 _____ () C:\Windows\setupact.log
2014-05-19 22:21 - 2012-02-02 23:03 - 01759364 _____ () C:\Windows\WindowsUpdate.log
2014-05-19 22:21 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-19 22:17 - 2012-06-01 15:00 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-19 22:09 - 2013-07-10 16:04 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1983832016-936756737-872752734-1001UA.job
2014-05-19 21:47 - 2014-05-19 21:47 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-19 21:47 - 2014-05-19 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-19 21:47 - 2014-05-19 21:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-19 21:47 - 2014-05-19 21:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-19 21:46 - 2014-05-19 21:46 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Zümrüt\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-19 21:45 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-19 21:45 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-19 21:43 - 2014-05-19 21:43 - 00000000 ____D () C:\Windows\ERUNT
2014-05-19 21:42 - 2014-05-19 21:42 - 01016261 _____ (Thisisu) C:\Users\Zümrüt\Downloads\JRT.exe
2014-05-19 21:38 - 2012-12-08 23:51 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-19 21:36 - 2014-05-19 21:34 - 00000000 ____D () C:\AdwCleaner
2014-05-19 21:36 - 2012-05-17 11:50 - 00000000 ____D () C:\Users\M.A.K
2014-05-19 21:36 - 2012-05-17 11:34 - 00000000 ____D () C:\Users\Zümrüt
2014-05-19 21:34 - 2014-05-19 21:34 - 01326389 _____ () C:\Users\Zümrüt\Downloads\adwcleaner_3.210.exe
2014-05-19 20:54 - 2014-05-19 20:54 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Zümrüt\Downloads\revosetup95.exe
2014-05-19 20:54 - 2014-05-19 20:54 - 00001268 _____ () C:\Users\Zümrüt\Desktop\Revo Uninstaller.lnk
2014-05-19 20:54 - 2014-05-19 20:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-19 16:24 - 2014-05-19 16:24 - 00015024 _____ () C:\Users\Zümrüt\Desktop\Ereignisse.txt
2014-05-19 16:09 - 2013-07-10 16:04 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1983832016-936756737-872752734-1001Core.job
2014-05-19 15:55 - 2014-05-19 15:55 - 00051312 _____ () C:\Users\Zümrüt\Desktop\Addition.txt
2014-05-19 15:54 - 2014-05-19 15:54 - 00060568 _____ () C:\Users\Zümrüt\Desktop\FRST.txt
2014-05-19 15:48 - 2014-05-19 15:11 - 00051312 _____ () C:\Users\Zümrüt\Downloads\Addition.txt
2014-05-19 15:45 - 2014-05-19 15:45 - 02067456 _____ (Farbar) C:\Users\Zümrüt\Downloads\FRST64.exe
2014-05-19 15:44 - 2014-05-19 15:44 - 00000474 _____ () C:\Users\Zümrüt\Downloads\defogger_disable.log
2014-05-19 15:44 - 2014-05-19 15:44 - 00000000 _____ () C:\Users\Zümrüt\defogger_reenable
2014-05-19 15:43 - 2014-05-19 15:43 - 00050477 _____ () C:\Users\Zümrüt\Downloads\Defogger.exe
2014-05-19 15:38 - 2012-11-02 22:50 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-05-19 15:38 - 2012-11-02 22:50 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-05-19 15:37 - 2014-05-19 15:29 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-05-19 15:37 - 2013-10-23 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-05-19 15:35 - 2012-11-02 22:46 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-05-19 15:31 - 2014-05-19 15:31 - 00000000 ____D () C:\Users\Zümrüt\AppData\Local\TuneUp Software
2014-05-19 15:31 - 2012-11-02 22:47 - 00000000 ____D () C:\Users\Zümrüt\AppData\Roaming\TuneUp Software
2014-05-19 15:29 - 2014-05-19 15:29 - 27883432 _____ (TuneUp Software) C:\Users\Zümrüt\Downloads\TuneUpUtilities2014_de-DE.exe
2014-05-16 16:16 - 2012-05-17 11:51 - 00000000 ___RD () C:\Users\M.A.K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 16:16 - 2012-05-17 11:51 - 00000000 ___RD () C:\Users\M.A.K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 16:15 - 2014-05-16 16:15 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-16 14:27 - 2014-05-08 13:49 - 00000000 ____D () C:\Users\Zümrüt\Documents\Bewerbung
2014-05-16 13:06 - 2012-09-25 08:47 - 00000000 ____D () C:\Users\Zümrüt\Tracing
2014-05-16 13:06 - 2012-05-21 21:35 - 00000000 ____D () C:\Users\Zümrüt\AppData\Roaming\Winamp
2014-05-16 13:06 - 2007-07-12 03:49 - 00000000 ____D () C:\Windows\Panther
2014-05-16 12:59 - 2014-05-16 12:59 - 00003416 _____ () C:\Windows\System32\Tasks\{4191952B-4600-432A-ABD0-28B7523B4BF0}
2014-05-16 12:56 - 2012-09-25 08:47 - 00000000 ____D () C:\Users\Zümrüt\AppData\Roaming\mozilla
2014-05-16 12:55 - 2014-05-16 12:55 - 01342896 _____ (UPDF) C:\Users\Zümrüt\Downloads\UPDFSetup.exe
2014-05-16 12:32 - 2012-05-23 00:04 - 00000000 ____D () C:\Users\Zümrüt\AppData\Roaming\Skype
2014-05-16 12:22 - 2014-05-16 12:22 - 00000000 ____D () C:\Users\Zümrüt\AppData\Local\Skype
2014-05-15 13:55 - 2012-05-17 11:38 - 00000000 ___RD () C:\Users\Zümrüt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 13:55 - 2012-05-17 11:38 - 00000000 ___RD () C:\Users\Zümrüt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 13:49 - 2014-05-06 16:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-15 13:47 - 2012-06-15 13:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 13:44 - 2013-07-29 18:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 13:42 - 2012-05-31 14:58 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 11:17 - 2012-06-01 15:00 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-15 11:17 - 2012-06-01 15:00 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-15 11:17 - 2011-10-14 05:49 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-15 11:03 - 2011-10-14 05:49 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-15 11:02 - 2013-12-11 18:23 - 00001025 _____ () C:\Users\Zümrüt\Desktop\Dropbox.lnk
2014-05-15 11:02 - 2013-12-11 18:21 - 00000900 _____ () C:\Windows\wininit.ini
2014-05-15 11:02 - 2013-12-11 18:21 - 00000000 ____D () C:\Users\Zümrüt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-11 23:24 - 2014-05-11 23:24 - 04557717 _____ () C:\Users\Zümrüt\Downloads\Wenn-Opa_s-parken.wmv
2014-05-09 12:49 - 2012-07-06 15:43 - 00000000 ____D () C:\Users\Zümrüt\Documents\Ali
2014-05-09 08:14 - 2014-05-15 11:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-15 11:14 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 15:33 - 2012-12-08 23:51 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 15:33 - 2012-12-08 23:51 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 13:48 - 2014-05-08 13:48 - 00000000 ____D () C:\Users\Zümrüt\Documents\Stex
2014-05-07 15:20 - 2014-05-06 14:33 - 00000000 ____D () C:\Users\Zümrüt\Desktop\QM
2014-05-07 14:51 - 2014-05-06 14:30 - 00000000 ____D () C:\Users\Zümrüt\Desktop\Ali
2014-05-06 12:52 - 2012-05-17 11:34 - 00000000 ____D () C:\Users\Zümrüt\AppData\Local\VirtualStore
2014-05-06 06:40 - 2014-05-15 13:45 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-15 13:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-15 13:45 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-15 13:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-15 13:45 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-15 13:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 15:11 - 2014-05-04 15:11 - 00000000 ____D () C:\Users\Zümrüt\AppData\Roaming\DropboxMaster
2014-05-04 14:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-28 23:16 - 2012-02-03 07:55 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-04-28 23:16 - 2012-02-03 07:55 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-04-28 23:16 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-28 20:57 - 2014-04-28 20:57 - 00009728 ___SH () C:\Users\Zümrüt\Desktop\Thumbs.db
2014-04-28 20:43 - 2013-05-23 11:51 - 00000000 ____D () C:\Users\Zümrüt\Desktop\Malik
2014-04-28 20:42 - 2014-01-20 23:41 - 00000000 ____D () C:\Users\Zümrüt\Desktop\Foto
2014-04-28 20:42 - 2014-01-13 14:04 - 00000000 ____D () C:\Users\Zümrüt\Desktop\Examen
2014-04-26 22:10 - 2013-10-23 14:01 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-26 22:09 - 2014-04-26 22:08 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-26 22:09 - 2012-11-02 21:44 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-26 15:56 - 2014-04-26 15:56 - 00000000 ____D () C:\Windows\de
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\he
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\fr
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\fi
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\es
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\en
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\el
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\da
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\cs
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\bg
2014-04-26 15:54 - 2014-04-26 15:54 - 00000000 ____D () C:\Windows\ar
2014-04-26 15:54 - 2011-10-14 05:42 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-04-26 15:53 - 2014-04-26 15:53 - 00001309 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\tr
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\th
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\sv
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\sl
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\sk
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\ru
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\ro
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\pl
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\nl
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\it
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\hu
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\hr
2014-04-26 15:53 - 2014-04-26 15:53 - 00000000 ____D () C:\Windows\ca
2014-04-26 15:52 - 2012-12-05 15:59 - 00001378 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-04-26 15:50 - 2011-10-14 05:38 - 00001494 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-04-26 15:45 - 2014-04-26 15:45 - 00002490 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-04-26 15:45 - 2011-10-14 05:35 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-04-26 15:43 - 2012-12-05 15:49 - 00000000 ____D () C:\Program Files\Windows Live
2014-04-26 15:35 - 2014-04-26 15:35 - 00000000 ____D () C:\Users\Zümrüt\Documents\OneNote-Notizbücher
2014-04-26 15:25 - 2012-05-31 17:45 - 00000000 ____D () C:\Users\Zümrüt\AppData\Local\Windows Live
2014-04-24 10:55 - 2014-04-24 10:55 - 00921654 _____ () C:\Users\Zümrüt\Downloads\g6.bmp
2014-04-24 10:54 - 2014-04-24 10:54 - 00921654 _____ () C:\Users\Zümrüt\Downloads\g5.bmp
2014-04-23 13:51 - 2014-04-23 13:51 - 00000000 __SHD () C:\Users\Zümrüt\AppData\Local\EmieUserList
2014-04-23 13:51 - 2014-04-23 13:51 - 00000000 __SHD () C:\Users\Zümrüt\AppData\Local\EmieSiteList
2014-04-23 12:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-22 23:49 - 2012-05-17 11:54 - 00094576 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-22 23:49 - 2012-05-17 11:54 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-22 23:49 - 2012-05-17 11:54 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-22 23:48 - 2012-12-08 23:51 - 00002247 _____ () C:\Users\Gast\Desktop\Google Chrome.lnk
2014-04-22 23:48 - 2012-05-17 11:54 - 00001421 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\avgnt.exe
C:\Users\M.A.K\AppData\Local\Temp\avgnt.exe
C:\Users\M.A.K\AppData\Local\Temp\Setup-yabrowser.exe
C:\Users\M.A.K\AppData\Local\Temp\SkypeSetup.exe
C:\Users\M.A.K\AppData\Local\Temp\yupdate-exec-yabrowser.exe
C:\Users\Zümrüt\AppData\Local\Temp\avgnt.exe
C:\Users\Zümrüt\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqiittt.dll
C:\Users\Zümrüt\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Zümrüt\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Zümrüt\AppData\Local\Temp\nss24D7.exe
C:\Users\Zümrüt\AppData\Local\Temp\nsx20FF.exe
C:\Users\Zümrüt\AppData\Local\Temp\nsxE62D.exe
C:\Users\Zümrüt\AppData\Local\Temp\nsxEB5C.exe
C:\Users\Zümrüt\AppData\Local\Temp\Quarantine.exe
C:\Users\Zümrüt\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Zümrüt\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Zümrüt\AppData\Local\Temp\WEB.DE_Toolbar_IE_Setup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe
[2014-05-15 11:14] - [2014-03-04 11:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-12 15:03
==================== End Of Log ============================ --- --- --- |