Danke, bin den Anweisungen gefolgt. :)
Malwarebytes hat einiges gefunden.
Hier sind die Logs: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 24.07.2014
Suchlauf-Zeit: 21:40:40
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.07.24.07
Rootkit Datenbank: v2014.07.17.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Julian
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 335184
Verstrichene Zeit: 19 Min, 32 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 3
Adware.Adpeak, C:\Program Files\002\yewimmxqbs64.exe, 1500, Löschen bei Neustart, [3027099a1d5e56e0fe8e67302cd8817f]
PUP.Optional.Adpeak.A, C:\Program Files\002\yewimmxqbs64.exe, 1500, Löschen bei Neustart, [ec6b099a33484fe70978c55ece365ca4]
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\RrFilterService64.exe, 6156, Löschen bei Neustart, [da7df4af8eed84b206a2dcd6669cc13f]
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 14
Adware.Adpeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\yewimmxqbs64, In Quarantäne, [3027099a1d5e56e0fe8e67302cd8817f],
PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [06518d16c9b21125ba1c9bc0eb17ae52],
PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [06518d16c9b21125ba1c9bc0eb17ae52],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2318119315-2552203331-2539763449-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [fa5d5e45661541f5c7cfb7a38e74a15f],
PUP.Optional.Adpeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\yewimmxqbs64, In Quarantäne, [ec6b099a33484fe70978c55ece365ca4],
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\LevelQualityWatcher, In Quarantäne, [5ff8940f3b4088aed2a2a22ba75bc33d],
PUP.Optional.RRSavings.A, HKLM\SOFTWARE\Rr Savings, In Quarantäne, [292ee8bbcbb03afcc991b02ea65c7d83],
PUP.Optional.RRSavings.A, HKLM\SOFTWARE\rrsavings, In Quarantäne, [9dbaf2b12952a59128334599f40e6d93],
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{813BA625-B0FA-48D8-9B75-59759C88C219}, In Quarantäne, [035400a3e09b0036837b4694c24058a8],
PUP.Optional.AdPeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\netfilter64, In Quarantäne, [bb9c7a292c4fb77f6473675fe12140c0],
PUP.Optional.RRSavings.A, HKU\S-1-5-21-2318119315-2552203331-2539763449-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\RrSavings, In Quarantäne, [66f1e4bf95e6de58b1ac9c42b2503bc5],
PUP.Optional.RRSavings.A, HKU\S-1-5-21-2318119315-2552203331-2539763449-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Rr Savings, In Quarantäne, [490e1a8974079a9c65fade00a062c63a],
PUP.Optional.RRSavings.A, HKU\S-1-5-21-2318119315-2552203331-2539763449-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\rrsavings, In Quarantäne, [f562faa9324986b0cf8f4a94a45ede22],
PUP.Optional.RRSavings.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RrFilterService64, In Quarantäne, [da7df4af8eed84b206a2dcd6669cc13f],
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 1
PUP.Optional.Trovi.A, HKU\S-1-5-21-2318119315-2552203331-2539763449-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MC4459BB7-F1E5-42BE-A27B-FAF94C872BB5&SearchSource=55&CUI=&UM=6&UP=SPB2B7EA56-BA8D-4B59-9D9A-346C015C613C&SSPV=, Gut: (www.google.com), Schlecht: (hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MC4459BB7-F1E5-42BE-A27B-FAF94C872BB5&SearchSource=55&CUI=&UM=6&UP=SPB2B7EA56-BA8D-4B59-9D9A-346C015C613C&SSPV=),Ersetzt,[4d0afca7e09b072fd72a3572de2653ad]
Ordner: 30
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter, Löschen bei Neustart, [da7df4af8eed84b206a2dcd6669cc13f],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\SSL, In Quarantäne, [da7df4af8eed84b206a2dcd6669cc13f],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\defaults, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\defaults\preferences, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\locale, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\addon-kit, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\addon-kit\data, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\addon-kit\lib, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\data, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\event, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\addon, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\content, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\dom, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\events, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\l10n, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\private-browsing, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\system, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\tabs, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\traits, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\utils, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\window, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\windows, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\RrSavings, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\RrSavings\data, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\RrSavings\lib, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\RrSavings\tests, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
Dateien: 103
Adware.Adpeak, C:\Program Files\002\yewimmxqbs64.exe, Löschen bei Neustart, [3027099a1d5e56e0fe8e67302cd8817f],
PUP.Optional.CouponDownloader.A, C:\Program Files (x86)\Rr Savings\RrSavings.dll, In Quarantäne, [06518d16c9b21125ba1c9bc0eb17ae52],
PUP.Optional.AdPeak.A, C:\temp\t.msi, In Quarantäne, [ee69495a4f2c9f97592e7428df25619f],
PUP.Optional.DownloadSponsor, C:\Users\Julian\Downloads\CCleaner - CHIP-Downloader.exe, In Quarantäne, [cc8b495adc9f7cba7e6ae7952dd7af51],
PUP.Optional.AdPeak.A, C:\Windows\Installer\5fad25.msi, In Quarantäne, [a2b53c6794e7bf77ccbbf5a78480e917],
PUP.Optional.BetterDeals.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage, Löschen bei Neustart, [eb6c7f244635ed49a43aede60cf6ab55],
PUP.Optional.BetterDeals.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage-journal, Löschen bei Neustart, [00572380077433036975676cdd25d828],
PUP.Optional.Adpeak.A, C:\Program Files\002\yewimmxqbs64.exe, Löschen bei Neustart, [ec6b099a33484fe70978c55ece365ca4],
PUP.Optional.AdPeak, C:\Windows\System32\drivers\netfilter64.sys, In Quarantäne, [bb9c7a292c4fb77f6473675fe12140c0],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\Installbat64.dll, In Quarantäne, [da7df4af8eed84b206a2dcd6669cc13f],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\Microsoft.Deployment.WindowsInstaller.dll, In Quarantäne, [da7df4af8eed84b206a2dcd6669cc13f],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\Microsoft.Deployment.WindowsInstaller.xml, In Quarantäne, [da7df4af8eed84b206a2dcd6669cc13f],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\nfapi.dll, Löschen bei Neustart, [da7df4af8eed84b206a2dcd6669cc13f],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\nfregdrv.exe, In Quarantäne, [da7df4af8eed84b206a2dcd6669cc13f],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\ProtocolFilters.dll, Löschen bei Neustart, [da7df4af8eed84b206a2dcd6669cc13f],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\RrFilterService64.exe, Löschen bei Neustart, [da7df4af8eed84b206a2dcd6669cc13f],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\sample.dll, In Quarantäne, [da7df4af8eed84b206a2dcd6669cc13f],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\bootstrap.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\harness-options.json, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\icon.png, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\install.rdf, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\locales.json, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\defaults\preferences\prefs.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\addon-kit\lib\page-mod.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\addon-kit\lib\private-browsing.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\addon-kit\lib\request.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\addon-kit\lib\windows.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\observer-service.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\api-utils.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\base64.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\byte-streams.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\collection.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\content.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\cortex.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\cuddlefish.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\deprecate.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\environment.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\errors.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\events.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\file.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\functional.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\globals.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\heritage.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\hidden-frame.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\light-traits.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\list.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\loader.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\match-pattern.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\memory.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\namespace.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\plain-text-console.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\preferences-service.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\promise.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\querystring.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\runtime.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\sandbox.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\self.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\system.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\text-streams.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\timer.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\traceback.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\traits.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\unload.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\url.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\uuid.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\window-utils.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\xhr.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\xpcom.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\xul-app.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\event\core.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\event\target.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\addon\runner.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\content\content-proxy.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\content\content-worker.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\content\loader.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\content\symbiont.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\content\worker.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\dom\events.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\events\assembler.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\l10n\core.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\l10n\html.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\l10n\loader.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\l10n\locale.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\l10n\prefs.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\private-browsing\utils.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\system\events.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\tabs\events.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\tabs\observer.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\tabs\tab.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\tabs\utils.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\traits\core.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\utils\data.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\utils\object.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\utils\registry.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\utils\thumbnail.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\window\utils.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\windows\dom.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\windows\loader.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\windows\observer.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\api-utils\lib\windows\tabs.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\RrSavings\data\icon64.png, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.RRSavings.A, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\extensions\RrSavings@jetpack\resources\RrSavings\lib\main.js, In Quarantäne, [8ec9277c7ffc7bbbbced179b669ca55b],
PUP.Optional.Trovi, C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.selectedEngine", "Trovi search");), Ersetzt,[1e39b6eded8e90a68e0dba26aa5a22de]
Physische Sektoren: 0
(No malicious items detected)
(end) Code:
# AdwCleaner v3.216 - Bericht erstellt am 25/07/2014 um 19:04:45
# Aktualisiert 17/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Julian - JULIAN-PC
# Gestartet von : C:\Users\Julian\Desktop\adwcleaner_3.216.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\Rr Savings
Ordner Gelöscht : C:\Windows\Installer\{813BA625-B0FA-48D8-9B75-59759C88C219}
Ordner Gelöscht : C:\Program Files\002
Ordner Gelöscht : C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3566FB70-E722-4182-8266-815EAE862998}
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\07BF6653227E2814286618E5EA689289
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\526AB318AF0B8D84B9579557C9882C91
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\07BF6653227E2814286618E5EA689289
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\526AB318AF0B8D84B9579557C9882C91
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17207
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\prefs.js ]
-\\ Google Chrome v36.0.1985.125
[ Datei : C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Extension] : blbkdnmdcafmfhinpmnlhhddbepgkeaa
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
*************************
AdwCleaner[R0].txt - [2092 octets] - [25/07/2014 19:01:17]
AdwCleaner[S0].txt - [1967 octets] - [25/07/2014 19:04:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2027 octets] ########## Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Julian on 25.07.2014 at 19:08:46,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Julian\AppData\Roaming\mozilla\firefox\profiles\ip8ywb8t.default\minidumps [140 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.07.2014 at 19:23:28,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014
Ran by Julian (administrator) on JULIAN-PC on 25-07-2014 19:48:58
Running from C:\Users\Julian\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(MKS Software Inc.) C:\Windows\System32\nutsrv4.exe
(PTC) C:\Program Files\PTC\PTC Portmapper\i486_nt\obj\portmap.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Panasonic\Panasonic-DMS\RPT Network Printer Port\Msgsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RPT Msgsrv] => C:\Program Files (x86)\Panasonic\Panasonic-DMS\RPT Network Printer Port\Msgsrv.exe [69120 2007-04-11] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NuTCSetupEnviron] => C:\Program Files\PTC\MKS Toolkit\bin\ncoeenv.exe [37160 2009-11-23] (MKS Software Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2318119315-2552203331-2539763449-1000\...\Run: [Spotify Web Helper] => C:\Users\Julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-16] (Spotify Ltd)
HKU\S-1-5-21-2318119315-2552203331-2539763449-1005\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x414913376651CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
DPF: HKLM-x32 {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v1026/Navigram.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default
FF Homepage: about:home
FF NetworkProxy: "backup.ftp", "162.209.207.22"
FF NetworkProxy: "backup.ftp_port", 1080
FF NetworkProxy: "backup.socks", "162.209.207.22"
FF NetworkProxy: "backup.socks_port", 1080
FF NetworkProxy: "backup.ssl", "162.209.207.22"
FF NetworkProxy: "backup.ssl_port", 1080
FF NetworkProxy: "ftp", "72.34.180.129"
FF NetworkProxy: "ftp_port", 1080
FF NetworkProxy: "http", "72.34.180.129"
FF NetworkProxy: "http_port", 1080
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "72.34.180.129"
FF NetworkProxy: "socks_port", 1080
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "72.34.180.129"
FF NetworkProxy: "ssl_port", 1080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FoxyProxy Standard - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\ip8ywb8t.default\Extensions\foxyproxy@eric.h.jung [2014-02-13]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2013-11-21]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2013-11-21]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2013-11-21]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2013-11-21]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2013-11-21]
Chrome:
=======
CHR HomePage: hxxp://google.com/
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Extension: (Google Docs) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-07]
CHR Extension: (Google Drive) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-07]
CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-07]
CHR Extension: (Google-Suche) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-07]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-08-07]
CHR Extension: (Google Wallet) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Google Mail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-07]
CHR Extension: (Anti-Banner) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-08-07]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avp; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 NuTCRACKERService; C:\Windows\system32\nutsrv4.exe [563424 2009-11-10] (MKS Software Inc.)
R2 PortmapperService; C:\Program Files\PTC/PTC Portmapper/i486_nt/obj/portmap.exe [676864 2013-05-17] (PTC) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-21] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2013-12-19] (Kaspersky Lab ZAO)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-25 19:23 - 2014-07-25 19:23 - 00000760 _____ () C:\Users\Julian\Desktop\JRT.txt
2014-07-25 19:08 - 2014-07-25 19:08 - 00000000 ____D () C:\Windows\ERUNT
2014-07-25 19:06 - 2014-07-25 19:06 - 00002107 _____ () C:\Users\Julian\Desktop\AdwCleaner[S0].txt
2014-07-25 19:01 - 2014-07-25 19:05 - 00000000 ____D () C:\AdwCleaner
2014-07-25 19:01 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-25 19:00 - 2014-07-25 19:00 - 01016261 _____ (Thisisu) C:\Users\Julian\Desktop\JRT.exe
2014-07-25 18:58 - 2014-07-25 18:58 - 01354223 _____ () C:\Users\Julian\Desktop\adwcleaner_3.216.exe
2014-07-24 22:13 - 2014-07-24 22:13 - 00031525 _____ () C:\Users\Julian\Desktop\mbam.txt
2014-07-24 21:40 - 2014-07-25 08:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-24 21:39 - 2014-07-24 21:39 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-24 21:39 - 2014-07-24 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-24 21:39 - 2014-07-24 21:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-24 21:39 - 2014-07-24 21:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-24 21:39 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-24 21:39 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-24 21:39 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-24 21:38 - 2014-07-24 21:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Julian\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-24 19:43 - 2014-07-24 19:43 - 00012146 _____ () C:\ComboFix.txt
2014-07-24 19:30 - 2014-07-24 19:43 - 00000000 ____D () C:\Qoobox
2014-07-24 19:30 - 2014-07-24 19:43 - 00000000 ____D () C:\ComboFix
2014-07-24 19:30 - 2014-07-24 19:40 - 00000000 ____D () C:\Windows\erdnt
2014-07-24 19:30 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-24 19:30 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-24 19:30 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-24 19:30 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-24 19:30 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-24 19:30 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-24 19:30 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-24 19:30 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-24 19:23 - 2014-07-24 19:24 - 05562147 ____R (Swearware) C:\Users\Julian\Desktop\ComboFix.exe
2014-07-24 19:21 - 2014-07-24 19:21 - 00001268 _____ () C:\Users\Julian\Desktop\Revo Uninstaller.lnk
2014-07-24 19:21 - 2014-07-24 19:21 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-24 18:22 - 2014-07-24 18:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Julian\Desktop\revosetup95.exe
2014-07-24 18:14 - 2014-07-24 18:16 - 00033657 _____ () C:\Users\Julian\Desktop\Addition.txt
2014-07-24 18:11 - 2014-07-25 19:48 - 00017708 _____ () C:\Users\Julian\Desktop\FRST.txt
2014-07-24 18:11 - 2014-07-25 19:48 - 00000000 ____D () C:\FRST
2014-07-24 18:10 - 2014-07-24 18:11 - 02093568 _____ (Farbar) C:\Users\Julian\Desktop\FRST64.exe
2014-07-24 17:15 - 2014-07-24 22:00 - 00000000 ____D () C:\temp
2014-07-10 08:30 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 08:30 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-10 08:30 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 08:30 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 08:30 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 08:30 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 08:30 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-10 08:30 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 08:30 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-10 08:30 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-10 08:30 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 08:30 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 08:30 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 08:30 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 08:30 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-10 08:30 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-10 08:30 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 08:30 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 08:30 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 08:30 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 08:30 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 08:30 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 08:30 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 08:30 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 08:30 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 08:30 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 08:30 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-10 08:30 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-10 08:30 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-10 08:30 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-10 08:30 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 08:30 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 08:30 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 08:30 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-10 08:30 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 08:30 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-10 08:30 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 08:30 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 08:30 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-10 08:30 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-10 08:30 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-10 08:30 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-10 08:30 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 08:30 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 08:30 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 08:30 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 08:30 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 08:30 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 08:30 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-10 08:30 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 08:30 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 08:30 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 08:30 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-10 08:30 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-10 08:30 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 08:30 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-10 08:30 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 08:30 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 08:30 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 08:30 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 08:30 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 08:30 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-10 08:30 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-10 08:30 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-10 08:30 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-10 08:30 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-10 08:30 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-10 08:30 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-10 08:30 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-10 08:30 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-10 08:30 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-10 08:30 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-10 08:30 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-10 08:30 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-10 08:30 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-10 08:30 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 08:28 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 08:28 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-10 08:28 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-02 08:50 - 2014-07-09 10:55 - 00000000 ____D () C:\Users\Julian\AppData\Local\Adobe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-25 19:49 - 2014-07-24 18:11 - 00017708 _____ () C:\Users\Julian\Desktop\FRST.txt
2014-07-25 19:48 - 2014-07-24 18:11 - 00000000 ____D () C:\FRST
2014-07-25 19:43 - 2013-05-15 13:26 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-25 19:34 - 2013-05-31 15:29 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-25 19:23 - 2014-07-25 19:23 - 00000760 _____ () C:\Users\Julian\Desktop\JRT.txt
2014-07-25 19:13 - 2009-07-14 06:45 - 00021648 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-25 19:13 - 2009-07-14 06:45 - 00021648 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-25 19:08 - 2014-07-25 19:08 - 00000000 ____D () C:\Windows\ERUNT
2014-07-25 19:06 - 2014-07-25 19:06 - 00002107 _____ () C:\Users\Julian\Desktop\AdwCleaner[S0].txt
2014-07-25 19:06 - 2013-05-31 15:29 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-25 19:05 - 2014-07-25 19:01 - 00000000 ____D () C:\AdwCleaner
2014-07-25 19:05 - 2014-02-15 09:29 - 00216104 _____ () C:\Windows\PFRO.log
2014-07-25 19:05 - 2013-12-14 09:37 - 00034994 _____ () C:\Windows\setupact.log
2014-07-25 19:05 - 2013-05-15 12:36 - 02043512 _____ () C:\Windows\WindowsUpdate.log
2014-07-25 19:05 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-25 19:00 - 2014-07-25 19:00 - 01016261 _____ (Thisisu) C:\Users\Julian\Desktop\JRT.exe
2014-07-25 18:59 - 2013-05-17 16:12 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Spotify
2014-07-25 18:58 - 2014-07-25 18:58 - 01354223 _____ () C:\Users\Julian\Desktop\adwcleaner_3.216.exe
2014-07-25 14:51 - 2013-05-17 16:12 - 00000000 ____D () C:\Users\Julian\AppData\Local\Spotify
2014-07-25 08:13 - 2014-07-24 21:40 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-25 07:03 - 2014-01-19 12:25 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 07:03 - 2014-01-19 12:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 22:19 - 2014-01-19 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 22:13 - 2014-07-24 22:13 - 00031525 _____ () C:\Users\Julian\Desktop\mbam.txt
2014-07-24 22:00 - 2014-07-24 17:15 - 00000000 ____D () C:\temp
2014-07-24 21:39 - 2014-07-24 21:39 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-24 21:39 - 2014-07-24 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-24 21:39 - 2014-07-24 21:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-24 21:39 - 2014-07-24 21:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-24 21:39 - 2014-07-24 21:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Julian\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-24 19:43 - 2014-07-24 19:43 - 00012146 _____ () C:\ComboFix.txt
2014-07-24 19:43 - 2014-07-24 19:30 - 00000000 ____D () C:\Qoobox
2014-07-24 19:43 - 2014-07-24 19:30 - 00000000 ____D () C:\ComboFix
2014-07-24 19:43 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-24 19:40 - 2014-07-24 19:30 - 00000000 ____D () C:\Windows\erdnt
2014-07-24 19:39 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-24 19:24 - 2014-07-24 19:23 - 05562147 ____R (Swearware) C:\Users\Julian\Desktop\ComboFix.exe
2014-07-24 19:21 - 2014-07-24 19:21 - 00001268 _____ () C:\Users\Julian\Desktop\Revo Uninstaller.lnk
2014-07-24 19:21 - 2014-07-24 19:21 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-24 18:22 - 2014-07-24 18:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Julian\Desktop\revosetup95.exe
2014-07-24 18:16 - 2014-07-24 18:14 - 00033657 _____ () C:\Users\Julian\Desktop\Addition.txt
2014-07-24 18:11 - 2014-07-24 18:10 - 02093568 _____ (Farbar) C:\Users\Julian\Desktop\FRST64.exe
2014-07-22 07:37 - 2013-07-01 20:02 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-20 12:36 - 2013-08-07 11:47 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-14 02:03 - 2014-02-20 20:03 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Skype
2014-07-12 13:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-11 19:04 - 2009-07-14 06:45 - 00355664 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 19:01 - 2011-04-12 09:55 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 19:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-11 19:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 22:37 - 2013-05-15 15:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-10 22:34 - 2013-07-31 22:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 22:32 - 2013-05-15 14:24 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 10:55 - 2014-07-02 08:50 - 00000000 ____D () C:\Users\Julian\AppData\Local\Adobe
2014-07-08 20:15 - 2011-04-12 09:43 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-07-08 20:15 - 2011-04-12 09:43 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-07-08 20:15 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-02 15:01 - 2013-10-23 16:28 - 00000000 ____D () C:\Users\Julian\Documents\Kasse
2014-07-01 08:54 - 2013-05-15 15:32 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-01 08:54 - 2013-05-15 15:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Users\Julian\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-20 12:52
==================== End Of Log ============================ --- --- ---
--- --- --- |