Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 02.11.2014
Suchlauf-Zeit: 10:11:35
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.3.1025
Malware Datenbank: v2014.11.02.03
Rootkit Datenbank: v2014.11.01.02
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: bonger
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 363947
Verstrichene Zeit: 16 Min, 0 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente erkannt)
Module: 0
(Keine schädliche Elemente erkannt)
Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)
Registrierungswerte: 0
(Keine schädliche Elemente erkannt)
Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)
Ordner: 0
(Keine schädliche Elemente erkannt)
Dateien: 0
(Keine schädliche Elemente erkannt)
Physische Sektoren: 0
(Keine schädliche Elemente erkannt)
(end) Code:
# AdwCleaner v4.002 - Bericht erstellt am 02/11/2014 um 09:45:24
# DB v2014-10-26.6
# Aktualisiert 27/10/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Benutzername : bonger - BONGER-PC
# Gestartet von : C:\Users\bonger\Downloads\AdwCleaner_4.002.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\Program Files\Astroburn Toolbar
Ordner Gelöscht : C:\Users\bonger\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Program Files\DAEMON Tools Toolbar
Ordner Gelöscht : C:\Users\bonger\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\bonger\AppData\Roaming\eType
Ordner Gelöscht : C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\FoxTab
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\Program Files\ICQ6Toolbar
Ordner Gelöscht : C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\ICQToolbarData
Ordner Gelöscht : C:\Users\bonger\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Program Files\iLivid
Ordner Gelöscht : C:\Program Files\Iminent
Ordner Gelöscht : C:\Users\bonger\AppData\Local\PackageAware
Ordner Gelöscht : C:\Program Files\PC Speed Maximizer
Ordner Gelöscht : C:\Program Files\pc speed up
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pdfforge
Ordner Gelöscht : C:\Program Files\pdfforge
Ordner Gelöscht : C:\Users\bonger\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\bonger\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\bonger\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\SweetIMToolbarData
Ordner Gelöscht : C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\SweetPacksToolbarData
Ordner Gelöscht : C:\Users\bonger\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Program Files\Windows iLivid Toolbar
Ordner Gelöscht : C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Datei Gelöscht : C:\Users\bonger\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx
Datei Gelöscht : C:\Windows\system32\roboot.exe
Datei Gelöscht : C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\invalidprefs.js
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\webssearches.xml
Datei Gelöscht : C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\user.js
Datei Gelöscht : C:\Users\bonger\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\bonger\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\nohfdhapjjlndfgjnmdlcabloeembdkj
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Web-Suche
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\FTDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_arcsoft-totalmedia-theatre_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_arcsoft-totalmedia-theatre_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_bpm-studio_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_bpm-studio_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_call-of-duty-4_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_call-of-duty-4_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cyberlink-powerdvd_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cyberlink-powerdvd_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fifa-09_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fifa-09_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_jdownloader_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_jdownloader_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_norton-internet-security_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_norton-internet-security_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_stereoscopic-player_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_stereoscopic-player_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_virtual-clonedrive_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_virtual-clonedrive_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_virtual-dj_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_virtual-dj_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_winrar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_winrar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\vShare.tv
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\searchqutoolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\Bandoo
Schlüssel Gelöscht : HKLM\SOFTWARE\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Speedchecker Limited
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17344
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v7.0.1 (de)
-\\ Google Chrome v33.0.1750.117
*************************
AdwCleaner[R0].txt - [17690 octets] - [02/11/2014 09:41:14]
AdwCleaner[S0].txt - [17419 octets] - [02/11/2014 09:45:24]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17480 octets] ########## Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.5 (10.31.2014:1)
OS: Windows 7 Ultimate x86
Ran by bonger on 02.11.2014 at 9:57:22,99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C7C8B596-7B57-450A-B642-108659A195EA}
~~~ Files
Successfully deleted: [File] "C:\Windows\wininit.ini"
~~~ Folders
Successfully deleted: [Folder] "C:\Users\bonger\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free window registry repair"
Successfully deleted: [Folder] "C:\Users\bonger\AppData\Roaming\microsoft\windows\start menu\programs\free window registry repair"
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{005BCBE4-93BC-4EC5-B25B-981D5873DCE5}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{13A93D4B-1A2D-46B4-9895-7ACE48061F64}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{1496C326-5B7C-4C66-B719-3EC4CC7C418F}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{1626441C-39A2-4238-99B4-29A4BF2F904B}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{1C022D0B-9B15-4890-ADF1-A1FEDC8F19BB}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{23168811-69F0-4B60-B519-B3744FDADF04}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{2C42274C-6C85-4148-A157-8DE67C6C2468}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{2C96EDEC-B296-4CA6-BC18-280BBB352BFF}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{30D58278-DA65-490B-9DCF-0AA12AF53C2B}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{3786C4B8-CC7E-4E0B-952E-571A2D5ED110}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{3B58CDE9-B036-4201-9BEA-6725CA16F6D1}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{4107F8A5-F8FC-4974-9BCF-086057FB93A2}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{42EDEEB4-B7BC-4AB7-91BE-94B89DB23FB4}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{463E119A-2634-47B9-A94C-848612210080}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{4A08C338-40F5-4D69-B0FD-1E2FD60EDAB9}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{4C6E2781-21AA-434E-B3E6-B4F9C76F145B}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{4ED2B88A-08C5-43F8-81C8-83F002F334A2}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{51C2A460-00CB-461C-BEC4-F10FD8727906}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{5C973365-899F-4BD3-A229-C03A0C3AA63D}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{5DA6A440-096C-498E-A558-27CD8E0DAE3D}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{5E3990AE-294A-412A-8826-000BC08A571D}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{6B77EFB3-2E25-485B-B2D9-99EDF374BC29}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{76E62CC8-A5C5-418D-B58F-F53F69F3B58F}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{8B9E05F2-DE1E-4D0A-824A-A6EC7FEE18E0}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{8BE91616-2266-4E4F-8404-BC153119B5E6}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{9995B115-13D0-415E-A0A0-7ED7E4873272}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{B416D47C-6F3A-441A-91DB-0CD1D4F72D57}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{B877F3A9-9CBA-4C09-8538-A9EF5C12A4E0}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{C45DAAA6-980C-47CF-81A2-40F683E6EE22}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{C6080AFF-EB45-4425-A7AE-F7A22CCFB712}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{CC898FFE-797B-4632-AE92-A2DF6CF36BE6}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{D213DE9B-0904-4ECA-B1CE-79ED0283BCC3}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{DBEAE7C5-C718-465C-8600-614A351C4743}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{E737C967-0C45-4D04-BCEE-49AA493FFBDD}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{EDB80422-60C9-4A4C-A093-DD3585F6ACF4}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{F33417CE-49F4-49C5-A553-292E1952660C}
Successfully deleted: [Empty Folder] C:\Users\bonger\appdata\local\{F4822BFF-5922-43FA-B202-83438ECA35D8}
~~~ FireFox
Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\bonger\AppData\Roaming\mozilla\firefox\profiles\6wf3z6x7.default\prefs.js
user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
user_pref("browser.search.defaultengine", "Ask.com");
user_pref("browser.search.defaultenginename", "webssearches");
user_pref("browser.search.selectedEngine", "webssearches");
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.babExt", "");
user_pref("extensions.BabylonToolbar.babTrack", "affID=112542&tt=2912_6");
user_pref("extensions.BabylonToolbar.bbDpng", 5);
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.dfltSrch", true);
user_pref("extensions.BabylonToolbar.hmpg", true);
user_pref("extensions.BabylonToolbar.id", "eac8dc3f00000000000000242178bae9");
user_pref("extensions.BabylonToolbar.instlDay", "15538");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?affID=112542&tt=2912_6&babsrc=KW_ss&mntrId=eac8dc3f00000000000000242178bae9&q=");
user_pref("extensions.BabylonToolbar.lastDP", 5);
user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.176:34:24");
user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "7.0");
user_pref("extensions.BabylonToolbar.newTab", false);
user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?affID=112542&tt=2912_6&babsrc=NT_ss&mntrId=eac8dc3f00000000000000242178bae9");
user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.propectorlck", 148490685);
user_pref("extensions.BabylonToolbar.prtkDS", 1);
user_pref("extensions.BabylonToolbar.prtkHmpg", 1);
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.ptch_0717", true);
user_pref("extensions.BabylonToolbar.smplGrp", "azb");
user_pref("extensions.BabylonToolbar.srcExt", "ss");
user_pref("extensions.BabylonToolbar.tlbrId", "base");
user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.176:34:24");
user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112542&tt=2912_6");
user_pref("extensions.BabylonToolbar_i.hardId", "eac8dc3f00000000000000242178bae9");
user_pref("extensions.BabylonToolbar_i.id", "eac8dc3f00000000000000242178bae9");
user_pref("extensions.BabylonToolbar_i.instlDay", "15538");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.176:34:24");
user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
user_pref("extensions.Softonic.aflt", "OC");
user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
user_pref("extensions.Softonic.autoRvrt", "false");
user_pref("extensions.Softonic.dfltLng", "de");
user_pref("extensions.Softonic.dfltSrch", true);
user_pref("extensions.Softonic.dnsErr", true);
user_pref("extensions.Softonic.excTlbr", false);
user_pref("extensions.Softonic.ffxUnstlRst", false);
user_pref("extensions.Softonic.hmpg", true);
user_pref("extensions.Softonic.id", "eac8dc3f0000000000000015af7253ec");
user_pref("extensions.Softonic.instlDay", "16016");
user_pref("extensions.Softonic.instlRef", "MOY00621");
user_pref("extensions.Softonic.newTab", true);
user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=eac8dc3f0000000000000015af7253ec");
user_pref("extensions.Softonic.prdct", "Softonic");
user_pref("extensions.Softonic.prtnrId", "softonic");
user_pref("extensions.Softonic.rvrt", "false");
user_pref("extensions.Softonic.smplGrp", "none");
user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
user_pref("extensions.Softonic.tlbrId", "opencandy2013");
user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=eac8dc3f0000000000000015af7253ec&q=");
user_pref("extensions.Softonic.vrsn", "1.8.21.14");
user_pref("extensions.Softonic.vrsnTs", "1.8.21.1411:42:18");
user_pref("extensions.Softonic.vrsni", "1.8.21.14");
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.id", "eac8dc3f00000000000000242178bae9");
user_pref("extensions.delta.instlDay", "15819");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.16.16");
user_pref("extensions.delta.vrsnTs", "1.8.16.1616:46:22");
user_pref("extensions.delta.vrsni", "1.8.16.16");
user_pref("extensions.holasearch.admin", false);
user_pref("extensions.holasearch.aflt", "babsst");
user_pref("extensions.holasearch.appId", "{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}");
user_pref("extensions.holasearch.autoRvrt", "false");
user_pref("extensions.holasearch.dfltLng", "de");
user_pref("extensions.holasearch.excTlbr", false);
user_pref("extensions.holasearch.ffxUnstlRst", false);
user_pref("extensions.holasearch.id", "eac8dc3f0000000000000015af7253ec");
user_pref("extensions.holasearch.instlDay", "15938");
user_pref("extensions.holasearch.instlRef", "sst");
user_pref("extensions.holasearch.newTab", false);
user_pref("extensions.holasearch.prdct", "holasearch");
user_pref("extensions.holasearch.prtnrId", "holasearch");
user_pref("extensions.holasearch.rvrt", "false");
user_pref("extensions.holasearch.smplGrp", "none");
user_pref("extensions.holasearch.tlbrId", "base");
user_pref("extensions.holasearch.tlbrSrchUrl", "");
user_pref("extensions.holasearch.vrsn", "1.8.16.16");
user_pref("extensions.holasearch.vrsnTs", "1.8.16.1611:44:21");
user_pref("extensions.holasearch.vrsni", "1.8.16.16");
user_pref("extensions.incredibar.admin", false);
user_pref("extensions.incredibar.aflt", "orgnl");
user_pref("extensions.incredibar.afterInstallRpt", "sent");
user_pref("extensions.incredibar.cntry", "DE");
user_pref("extensions.incredibar.dfltLng", "");
user_pref("extensions.incredibar.dfltSrch", false);
user_pref("extensions.incredibar.dfltlng", "en");
user_pref("extensions.incredibar.dfltsrch", "false");
user_pref("extensions.incredibar.did", "10595");
user_pref("extensions.incredibar.envrmnt", "production");
user_pref("extensions.incredibar.excTlbr", false);
user_pref("extensions.incredibar.hdrMd5", "BFCF1B2B59E06393B15A51B9A8319AF7");
user_pref("extensions.incredibar.hmpg", false);
user_pref("extensions.incredibar.hrdid", "0");
user_pref("extensions.incredibar.id", "eac8dc3f00000000000000242178bae9");
user_pref("extensions.incredibar.installerproductid", "26");
user_pref("extensions.incredibar.instlDay", "15412");
user_pref("extensions.incredibar.instlRef", "");
user_pref("extensions.incredibar.instlday", "15412");
user_pref("extensions.incredibar.instlref", "");
user_pref("extensions.incredibar.isDcmntCmplt", false);
user_pref("extensions.incredibar.isdcmntcmplt", "false");
user_pref("extensions.incredibar.keywordurl", "");
user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1421:08:35");
user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
user_pref("extensions.incredibar.newTab", false);
user_pref("extensions.incredibar.newtab", "false");
user_pref("extensions.incredibar.newtaburl", "");
user_pref("extensions.incredibar.noFFXTlbr", false);
user_pref("extensions.incredibar.ppd", "");
user_pref("extensions.incredibar.prdct", "incredibar");
user_pref("extensions.incredibar.productid", "26");
user_pref("extensions.incredibar.prtnrId", "Incredibar");
user_pref("extensions.incredibar.prtnrid", "Incredibar");
user_pref("extensions.incredibar.sg", "none");
user_pref("extensions.incredibar.smplGrp", "none");
user_pref("extensions.incredibar.smplgrp", "none");
user_pref("extensions.incredibar.srch", "");
user_pref("extensions.incredibar.srchprvdr", "");
user_pref("extensions.incredibar.tlbrId", "base");
user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8mJhtCNP&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar.tlbrid", "base");
user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6R8mJhtCNP&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar.upn2", "6R8mJhtCNP");
user_pref("extensions.incredibar.upn2n", "92824008879849137");
user_pref("extensions.incredibar.vrsn", "1.5.11.14");
user_pref("extensions.incredibar.vrsnTs", "1.5.11.1421:08:35");
user_pref("extensions.incredibar.vrsni", "1.5.11.14");
user_pref("extensions.incredibar.vrsnts", "1.5.11.1421:08:35");
user_pref("extensions.incredibar_i.aflt", "orgnl");
user_pref("extensions.incredibar_i.dfltLng", "");
user_pref("extensions.incredibar_i.did", "10595");
user_pref("extensions.incredibar_i.excTlbr", false);
user_pref("extensions.incredibar_i.id", "eac8dc3f00000000000000242178bae9");
user_pref("extensions.incredibar_i.installerproductid", "26");
user_pref("extensions.incredibar_i.instlDay", "15412");
user_pref("extensions.incredibar_i.instlRef", "");
user_pref("extensions.incredibar_i.ms_url_id", "");
user_pref("extensions.incredibar_i.newTab", false);
user_pref("extensions.incredibar_i.ppd", "");
user_pref("extensions.incredibar_i.prdct", "incredibar");
user_pref("extensions.incredibar_i.productid", "26");
user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
user_pref("extensions.incredibar_i.smplGrp", "none");
user_pref("extensions.incredibar_i.tlbrId", "base");
user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8mJhtCNP&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar_i.upn2", "6R8mJhtCNP");
user_pref("extensions.incredibar_i.upn2n", "92824008879849137");
user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1421:08:35");
user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
user_pref("sweetim.toolbar.cargo", "3.1010006");
user_pref("sweetim.toolbar.dialogs.0.enable", "true");
user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
user_pref("sweetim.toolbar.dialogs.0.height", "335");
user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.html");
user_pref("sweetim.toolbar.dialogs.0.width", "761");
user_pref("sweetim.toolbar.dialogs.1.enable", "true");
user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
user_pref("sweetim.toolbar.dialogs.1.height", "300");
user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
user_pref("sweetim.toolbar.dialogs.1.width", "500");
user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube
user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.mode.debug", "false");
user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.0.enable", "true");
user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "false");
user_pref("sweetim.toolbar.scripts.1.callback", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "");
user_pref("sweetim.toolbar.scripts.1.elementid", "id_predict_include_script");
user_pref("sweetim.toolbar.scripts.1.enable", "false");
user_pref("sweetim.toolbar.scripts.1.id", "id_script_prad");
user_pref("sweetim.toolbar.scripts.1.url", "hxxp://cdn1.predictad.com/scripts/publishers/sweetim/predictadme.js");
user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://sear
user_pref("sweetim.toolbar.search.history.capacity", "10");
user_pref("sweetim.toolbar.searchguard.enable", "true");
user_pref("sweetim.toolbar.simapp_id", "{AC1FF1A4-B608-42B9-9E08-C267EFCCA4D4}");
user_pref("sweetim.toolbar.version", "1.5.0.2");
Emptied folder: C:\Users\bonger\AppData\Roaming\mozilla\firefox\profiles\6wf3z6x7.default\minidumps [2 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.11.2014 at 9:59:39,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-11-2014
Ran by bonger (administrator) on BONGER-PC on 02-11-2014 10:03:00
Running from C:\Users\bonger\Downloads
Loaded Profiles: bonger & UpdatusUser (Available profiles: bonger & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(webEcoz, LLC.) C:\Program Files\PhotoSync\Sync.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(webEcoz, LLC.) C:\Program Files\PhotoSync\peservice.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
() C:\Windows\System32\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
() C:\ProgramData\TVersity\Media Server\MediaServer.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Thisisu) C:\Users\bonger\Downloads\JRT (1).exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-15] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM\...\Run: [sync] => C:\Program Files\photoSync\sync.exe [276992 2013-10-08] (webEcoz, LLC.)
HKLM\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2013-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1049129853-3666174710-3722791784-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1049129853-3666174710-3722791784-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-07] (Apple Inc.)
HKU\S-1-5-21-1049129853-3666174710-3722791784-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-07-16] (Microsoft Corporation)
Startup: C:\Users\bonger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
BootExecute: autocheck autochk * sdnclean.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKCU - {1C6BBE7F-01F0-4E30-A6B1-80422086B185} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10959
BHO: PreispiratenSearchURL -> {0B660087-931C-4056-A04F-0423890E40B6} -> C:\Program Files\Preispiraten\Preispiraten2\PPSearchURL.dll ()
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: amazon -> {84B94901-3645-4D80-A6B7-4D0050B19455} -> C:\Program Files\Preispiraten6\IEButtonAmazonInterface.dll ()
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: metaspinner media GmbH -> {CD9B7762-DFBC-42B1-BB30-02A78287B456} -> C:\Program Files\Preispiraten\Preispiraten2\IEButtonEBayInterface.dll ()
BHO: metaspinner media GmbH -> {D3AA56A9-8137-4950-A6F9-D0190A82AF2A} -> C:\Program Files\Preispiraten\Preispiraten2\IEButtonPPInterface.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: Preispiraten -> {E9E027BF-C3F3-4022-8F6B-8F6D39A59684} -> C:\Program Files\Preispiraten6\IEButtonPPInterface.dll ()
Toolbar: HKLM - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKCU - No Name - {955D413E-9DCE-4CC9-BB9D-C807E2C04601} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_25\bin\new_plugin\npjp2.dll No File
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\3.0.40723.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\bonger\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\bonger\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\bonger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: 20-20 3D Viewer - C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\Extensions\2020Player@2020Technologies.com [2010-11-12]
FF Extension: Virtus Search Opt-in - C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\Extensions\extension@virtusdesigns.com [2010-11-26]
FF Extension: TVU Web Player - C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\Extensions\firefox@tvunetworks.com [2011-04-23]
FF Extension: Eclipse - C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\Extensions\{12bc3590-67a6-11de-8a39-0800200c9a66} [2010-11-26]
FF Extension: FT DeepDark - C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2012-07-10]
FF Extension: iMacros for Firefox - C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-03-05]
FF Extension: FT GraphiteGlow - C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\Extensions\{99e34760-2754-11e0-91fa-0800200c9a66} [2012-07-10]
FF Extension: FT SleekDark - C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\Extensions\{a21cd440-41d6-11e0-9207-0800200c9a66} [2012-07-10]
FF Extension: Preispiraten - C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\Extensions\{C8D3D3BE-7ADC-4109-BF8C-6330A9F58B0C} [2010-11-22]
FF Extension: Greasemonkey - C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012-10-16]
FF Extension: NASA Night Launch - C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\Extensions\nasanightlaunch@example.com.xpi [2011-10-26]
FF Extension: Amazon Startcenter - C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\Extensions\{144D1513-0819-4538-AD26-D515AF443AE7}.xpi [2012-07-10]
FF Extension: Amazon Statusbar Button - C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\Extensions\{32DD6873-2BC0-4E4B-B9A3-0E602AB0DC14}.xpi [2012-07-10]
FF Extension: FXOpera - C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\Extensions\{e7c7d1b3-5984-410e-9f1e-54e3f8490e8e}.xpi [2011-10-26]
FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2012-07-18]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2012-07-18]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010-12-15]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-03-16]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-06-15]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} [2011-10-12]
FF HKLM\...\Firefox\Extensions: [fe_7.0@nokia.com] - C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0
FF Extension: Firefox Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0 [2012-02-23]
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-06-27]
FF HKLM\...\Thunderbird\Extensions: [te_9.0@nokia.com] - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012-02-23]
FF Extension: No Name - C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\extensions\specialsavings@superfish.com [Not Found]
FF Extension: No Name - C:\Users\bonger\AppData\Roaming\Mozilla\Firefox\Profiles\6wf3z6x7.default\extensions\faststartff@gmail.com [Not Found]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR Profile: C:\Users\bonger\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\bonger\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-23]
CHR Extension: (YouTube) - C:\Users\bonger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-23]
CHR Extension: (Adblock Plus) - C:\Users\bonger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-31]
CHR Extension: (Google-Suche) - C:\Users\bonger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-23]
CHR Extension: (Logitech SetPoint) - C:\Users\bonger\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd [2014-07-25]
CHR Extension: (Google Wallet) - C:\Users\bonger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-14]
CHR Extension: (Google Mail) - C:\Users\bonger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-23]
CHR HKLM\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-06-27]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-10-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [994096 2014-10-15] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-11-12] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 peservice; C:\Program Files\photoSync\peservice.exe [41472 2013-10-08] (webEcoz, LLC.) [File not signed]
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2011-04-26] ()
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1249064 2011-07-29] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [108480 2010-09-14] (SlySoft, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2011-02-05] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [37384 2014-10-15] (Avira Operations GmbH & Co. KG)
S3 bdacap; C:\Windows\System32\drivers\bdacap.sys [322048 2006-11-03] (Genesys Logic, Inc.) [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-09-13] (DT Soft Ltd)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
R3 ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [11984 2007-02-16] (Elaborate Bytes AG)
R3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [44296 2013-01-03] (Logitech, Inc.)
R3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [12808 2013-01-03] (Logitech, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2011-02-05] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-11-02] (Malwarebytes Corporation)
R1 MIPFSv332; C:\Windows\system32\drivers\MIPFSv332.sys [145960 2010-09-20] (GetData Pty Ltd)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.)
S3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [60032 2010-04-21] (Razer USA Ltd) [File not signed]
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [611064 2011-03-08] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-10-10] (Avira GmbH)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2011-03-14] (Samsung Electronics) [File not signed]
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
R3 WFMC_VAD; C:\Windows\System32\DRIVERS\wfmcvad.sys [19456 2010-02-08] (WiFi Media Connect)
S1 ArcSec; system32\drivers\ArcSec.sys [X]
S3 catchme; \??\C:\Users\bonger\AppData\Local\Temp\catchme.sys [X]
S1 MIPv432; \??\C:\Windows\system32\drivers\MIPv432.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-02 10:02 - 2014-11-02 10:02 - 00000000 ____D () C:\Users\bonger\Downloads\FRST-OlderVersion
2014-11-02 09:59 - 2014-11-02 09:59 - 00019754 _____ () C:\Users\bonger\Desktop\JRT.txt
2014-11-02 09:57 - 2014-11-02 09:57 - 01706359 _____ (Thisisu) C:\Users\bonger\Downloads\JRT (1).exe
2014-11-02 09:55 - 2014-11-02 09:55 - 01706359 _____ (Thisisu) C:\Users\bonger\Downloads\JRT.exe
2014-11-02 09:55 - 2014-11-02 09:55 - 00000000 ____D () C:\Windows\ERUNT
2014-11-02 09:54 - 2014-11-02 09:54 - 00017561 _____ () C:\Users\bonger\Desktop\AdwCleaner[S0].txt
2014-11-02 09:48 - 2014-11-02 09:48 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini
2014-11-02 09:48 - 2014-11-02 09:48 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Verlauf
2014-11-02 09:47 - 2014-11-02 09:48 - 00000000 ____D () C:\Users\TEMP
2014-11-02 09:47 - 2014-11-02 09:47 - 00000000 _SHDL () C:\Users\TEMP\Startmenü
2014-11-02 09:47 - 2014-11-02 09:47 - 00000000 _SHDL () C:\Users\TEMP\Netzwerkumgebung
2014-11-02 09:47 - 2014-11-02 09:47 - 00000000 _SHDL () C:\Users\TEMP\Druckumgebung
2014-11-02 09:47 - 2014-11-02 09:47 - 00000000 _SHDL () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-11-02 09:47 - 2012-02-16 15:45 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Macromedia
2014-11-02 09:47 - 2010-11-15 12:44 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Microsoft Help
2014-11-02 09:47 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-02 09:47 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-02 09:41 - 2014-11-02 09:45 - 00000000 ____D () C:\AdwCleaner
2014-11-02 09:40 - 2014-11-02 09:40 - 01998336 _____ () C:\Users\bonger\Downloads\AdwCleaner_4.002.exe
2014-11-02 09:04 - 2014-11-02 09:04 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-02 09:03 - 2014-11-02 09:03 - 00001111 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-02 09:03 - 2014-11-02 09:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-02 09:03 - 2014-11-02 09:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-02 09:03 - 2014-11-02 09:03 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-11-02 09:03 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-02 09:03 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-02 09:03 - 2014-10-01 11:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-02 09:02 - 2014-11-02 09:02 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\bonger\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-01 10:07 - 2014-11-01 10:07 - 00026044 _____ () C:\ComboFix.txt
2014-11-01 09:49 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-01 09:49 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-01 09:49 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-01 09:49 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-01 09:49 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-01 09:49 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-01 09:49 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-01 09:49 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-01 09:48 - 2014-11-01 10:07 - 00000000 ____D () C:\Qoobox
2014-11-01 09:48 - 2014-11-01 10:05 - 00000000 ____D () C:\Windows\erdnt
2014-11-01 09:47 - 2014-11-01 09:47 - 05591672 ____R (Swearware) C:\Users\bonger\Downloads\ComboFix.exe
2014-11-01 09:37 - 2014-11-01 09:37 - 00001291 _____ () C:\Users\bonger\Desktop\Revo Uninstaller.lnk
2014-11-01 09:37 - 2014-11-01 09:37 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-11-01 09:37 - 2014-10-31 09:32 - 00272296 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-11-01 09:36 - 2014-11-01 09:36 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bonger\Downloads\revosetup95.exe
2014-11-01 09:35 - 2014-11-01 09:35 - 00918440 _____ (Oracle Corporation) C:\Users\bonger\Downloads\jre-7u60-windows-i586-iftw.exe
2014-11-01 09:34 - 2014-11-02 09:34 - 00000000 ____D () C:\ProgramData\InstaShare
2014-11-01 09:34 - 2014-11-01 09:34 - 00000000 ____D () C:\ProgramData\nXeUcVT
2014-11-01 09:30 - 2014-11-01 09:30 - 79397080 _____ () C:\Users\bonger\Downloads\java-setup (1).exe
2014-11-01 09:28 - 2014-11-01 09:28 - 79397080 _____ () C:\Users\bonger\Downloads\java-setup.exe
2014-10-31 09:43 - 2014-10-31 10:06 - 00046081 _____ () C:\Users\bonger\Downloads\Addition.txt
2014-10-31 09:41 - 2014-11-02 10:03 - 00026127 _____ () C:\Users\bonger\Downloads\FRST.txt
2014-10-31 09:40 - 2014-11-02 10:03 - 00000000 ____D () C:\FRST
2014-10-31 09:40 - 2014-11-02 10:02 - 01105920 _____ (Farbar) C:\Users\bonger\Downloads\FRST.exe
2014-10-31 09:34 - 2014-10-31 09:34 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-10-31 09:31 - 2014-10-31 09:31 - 00638888 _____ (Oracle Corporation) C:\Users\bonger\Downloads\chromeinstall-8u25.exe
2014-10-29 16:05 - 2014-10-29 16:05 - 00000000 ____D () C:\Users\bonger\AppData\Roaming\dlg
2014-10-29 16:00 - 2014-10-29 16:00 - 00664432 _____ () C:\Users\bonger\Downloads\RegpairSetup-Downloader.exe
2014-10-29 15:26 - 2014-10-29 16:04 - 00000000 ____D () C:\Program Files\Free Window Registry Repair
2014-10-29 14:48 - 2013-09-13 19:37 - 00000898 _____ () C:\Windows\system32\Drivers\etc\hosts.20141029-144821.backup
2014-10-29 14:44 - 2013-09-13 19:37 - 00000898 _____ () C:\Windows\system32\Drivers\etc\hosts.20141029-144409.backup
2014-10-29 14:16 - 2014-11-01 08:36 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-10-29 14:16 - 2014-10-31 08:22 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-29 14:15 - 2014-10-29 14:15 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\bonger\Downloads\spybot-2.4.exe
2014-10-26 09:03 - 2014-10-26 09:11 - 02817032 _____ () C:\Users\bonger\Downloads\wulogo4254.rar
2014-10-23 14:53 - 2014-10-23 14:53 - 02524336 _____ () C:\Users\bonger\Downloads\adobe-indesign_26285 (1).exe
2014-10-23 14:50 - 2014-10-23 14:50 - 00000000 ____D () C:\Program Files\Adobe Download Assistant
2014-10-23 14:49 - 2014-10-23 14:50 - 00001092 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
2014-10-23 14:49 - 2014-10-23 14:49 - 00000000 ____D () C:\Users\bonger\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-10-23 14:48 - 2014-10-23 14:48 - 02524336 _____ () C:\Users\bonger\Downloads\adobe-indesign_26285.exe
2014-10-21 16:16 - 2014-10-21 16:16 - 00913088 _____ () C:\Users\bonger\Downloads\postcard.psd
2014-10-20 11:05 - 2014-10-20 11:05 - 00035304 _____ () C:\Users\bonger\Downloads\janeausten.zip
2014-10-20 10:56 - 2014-10-20 10:56 - 00013179 _____ () C:\Users\bonger\Downloads\gratis.zip
2014-10-16 07:39 - 2014-10-31 09:32 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-10-16 07:34 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 07:34 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 07:34 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 07:34 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 07:34 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 07:34 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 07:34 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 07:34 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 07:34 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 07:34 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 07:34 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 07:34 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 07:34 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 07:34 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 07:34 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 07:34 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 07:34 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 07:34 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 07:34 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 07:34 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 07:34 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 07:34 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 07:34 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 07:34 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 07:34 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 07:34 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 07:34 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 07:34 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 07:34 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 07:34 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 07:34 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 07:34 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 07:34 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 07:34 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 07:34 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 07:34 - 2014-07-17 02:39 - 00919552 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 07:34 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 07:34 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 07:34 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-16 07:34 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 07:34 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 07:34 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 07:34 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 07:34 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 07:34 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 07:34 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 07:34 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 07:33 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 07:33 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 10:22 - 2014-10-15 10:22 - 03909864 _____ () C:\Users\bonger\Downloads\Hearts_II_Photoshop_Brushes_by_redheadstock.zip
2014-10-15 10:21 - 2014-10-15 10:22 - 00341606 _____ () C:\Users\bonger\Downloads\Heart_Brushes_by_XPhotoshoperX.abr
2014-10-14 09:09 - 2014-10-14 09:09 - 00928816 _____ () C:\Users\bonger\Downloads\2147495790.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-02 10:00 - 2013-09-30 19:48 - 00000000 ____D () C:\Users\bonger\AppData\Local\D584027D-25E0-4F6F-A217-1CE1A5C323F6.aplzod
2014-11-02 10:00 - 2010-11-12 09:58 - 02572698 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-02 10:00 - 2009-08-14 13:34 - 00729182 _____ () C:\Windows\system32\perfh019.dat
2014-11-02 10:00 - 2009-08-14 13:34 - 00157044 _____ () C:\Windows\system32\perfc019.dat
2014-11-02 09:56 - 2011-02-20 18:26 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-02 09:56 - 2009-07-14 05:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-02 09:56 - 2009-07-14 05:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-02 09:49 - 2010-12-15 22:29 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-11-02 09:48 - 2014-01-04 14:53 - 00000000 ____D () C:\ProgramData\photoSync
2014-11-02 09:47 - 2013-08-16 08:22 - 00260928 _____ () C:\Windows\PFRO.log
2014-11-02 09:47 - 2013-07-25 13:23 - 00035114 _____ () C:\Windows\setupact.log
2014-11-02 09:47 - 2013-04-19 04:21 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-02 09:47 - 2011-02-20 18:26 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-02 09:47 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-02 09:46 - 2010-11-12 09:57 - 01353727 _____ () C:\Windows\WindowsUpdate.log
2014-11-02 09:45 - 2013-06-25 03:09 - 00000000 ____D () C:\Users\bonger\AppData\Local\CRE
2014-11-02 09:34 - 2013-08-21 08:37 - 00000000 ____D () C:\Users\bonger\Download
2014-11-02 09:15 - 2012-10-16 05:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-02 09:08 - 2011-10-26 16:00 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1049129853-3666174710-3722791784-1000UA.job
2014-11-02 08:46 - 2010-11-12 11:29 - 00000000 ____D () C:\Users\bonger\AppData\Local\Adobe
2014-11-02 08:37 - 2011-09-11 09:05 - 00681621 _____ () C:\Windows\system32\TVersityMediaServer.log
2014-11-01 10:27 - 2010-11-12 11:16 - 00000000 ____D () C:\Users\bonger\AppData\Local\CrashDumps
2014-11-01 10:07 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default
2014-11-01 10:07 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2014-11-01 10:02 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini
2014-11-01 09:37 - 2013-10-21 14:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-01 09:36 - 2010-12-15 12:39 - 00000000 ____D () C:\Program Files\Java
2014-11-01 09:28 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Resources
2014-11-01 09:24 - 2014-07-25 14:39 - 00002305 _____ () C:\Users\bonger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-11-01 09:24 - 2011-05-01 12:02 - 00001112 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-01 09:24 - 2010-11-12 10:00 - 00001413 _____ () C:\Users\bonger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-31 09:33 - 2014-02-20 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-10-31 09:33 - 2013-10-21 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-31 09:32 - 2014-09-17 03:55 - 00176552 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-31 09:32 - 2014-09-17 03:55 - 00176552 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-29 14:34 - 2014-01-20 07:53 - 00000000 ___RD () C:\Users\bonger\Desktop\Document
2014-10-28 06:35 - 2010-11-12 10:15 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-26 15:08 - 2011-10-26 16:00 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1049129853-3666174710-3722791784-1000Core.job
2014-10-21 14:55 - 2009-07-14 05:33 - 04138472 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-20 15:17 - 2010-11-12 10:39 - 00000000 ____D () C:\Users\bonger\AppData\Roaming\Adobe
2014-10-20 11:32 - 2010-11-12 11:01 - 00143040 _____ () C:\Users\bonger\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-19 09:06 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-10-17 07:55 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-17 07:41 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-10-17 07:41 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-10-16 08:20 - 2010-11-12 10:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 08:17 - 2013-08-14 10:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 08:08 - 2010-11-13 07:46 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 08:06 - 2014-08-05 10:38 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-15 08:06 - 2013-10-21 04:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-15 08:06 - 2013-10-21 04:10 - 00000000 ____D () C:\Program Files\Avira
2014-10-15 08:04 - 2013-10-21 04:10 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-15 08:04 - 2013-10-21 04:10 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-15 08:04 - 2013-10-21 04:10 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
Some content of TEMP:
====================
C:\Users\bonger\AppData\Local\Temp\avgnt.exe
C:\Users\bonger\AppData\Local\Temp\Quarantine.exe
C:\Users\bonger\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-26 08:29
==================== End Of Log ============================ --- --- --- |