Knight1986 | 29.08.2013 08:18 | Einmal die Text Datei vom adwCleaner. Die anderen zwei schrite volgen in den nächsten Posts. Code:
# AdwCleaner v3.001 - Report created 29/08/2013 at 08:49:06
# Updated 24/08/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Marc - MARC-PC
# Running from : C:\Users\Marc\Downloads\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : Browser Manager
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
[!] Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\Users\Marc\Qtrax
Folder Deleted : C:\Users\Marc\AppData\Local\Temp\Softonic
Folder Deleted : C:\Users\Marc\AppData\LocalLow\Softonic
Folder Deleted : C:\Users\Marc\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Marc\AppData\Roaming\DSite
Folder Deleted : C:\Users\Marc\AppData\Roaming\file scout
File Deleted : C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3h4vomr6.default\searchplugins\11-suche.xml
File Deleted : C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3h4vomr6.default\searchplugins\Babylon.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3h4vomr6.default\bprotector_extensions.sqlite
File Deleted : C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3h4vomr6.default\bprotector_prefs.js
File Deleted : C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3h4vomr6.default\user.js
File Deleted : C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Windows\System32\Tasks\Browser Manager
File Deleted : C:\Windows\Tasks\DSite.job
File Deleted : C:\Windows\System32\Tasks\DSite
File Deleted : C:\Windows\System32\Tasks\QtraxPlayer
***** [ Shortcuts ] *****
***** [ Registry ] *****
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Manager
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1CF98CC-06C3-4079-A113-FC631B1FA231}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C1CF98CC-06C3-4079-A113-FC631B1FA231}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5260254C-A7AD-4ECC-80E5-144414C678E8}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5260254C-A7AD-4ECC-80E5-144414C678E8}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\QtraxPlayer
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBE69E64-6A1A-4696-A617-4CEFDC92E4B0}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBE69E64-6A1A-4696-A617-4CEFDC92E4B0}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Web-Suche
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKCU\Software\5d558f8bbd3ce813
Key Deleted : HKLM\SOFTWARE\5d558f8bbd3ce813
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\BrowserMngr
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BrowserMngr
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\browse~1\261519~1.190\{16cdf~1\browse~1.dll
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16502
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v23.0.1 (de)
[ File : C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3h4vomr6.default\prefs.js ]
Line Deleted : user_pref("avg.install.userHPSettings", "hxxp://search.babylon.com/?affID=114351&tt=270912_11_3912_3&babsrc=HP_ss&mntrId=6cab904b000000000000001f3ae4a366");
Line Deleted : user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Line Deleted : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Line Deleted : user_pref("extensions.BabylonToolbar.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=114351&tt=270912_11_3912_3");
Line Deleted : user_pref("extensions.BabylonToolbar.babext", "babExt");
Line Deleted : user_pref("extensions.BabylonToolbar.babtrack", "babTrack");
Line Deleted : user_pref("extensions.BabylonToolbar.bbDpng", "28");
Line Deleted : user_pref("extensions.BabylonToolbar.cntry", "CH");
Line Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Line Deleted : user_pref("extensions.BabylonToolbar.dfltlng", "en");
Line Deleted : user_pref("extensions.BabylonToolbar.dfltsrch", "false");
Line Deleted : user_pref("extensions.BabylonToolbar.dpk", "");
Line Deleted : user_pref("extensions.BabylonToolbar.dpkLst", "1169821598,3855095921,302281469,2400444324,3654782829,1334533236,3874294282,3866767559,3224935090,3754950497,1766448872,2740670312,1029927063,1148409960,[...]
Line Deleted : user_pref("extensions.BabylonToolbar.envrmnt", "production");
Line Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Line Deleted : user_pref("extensions.BabylonToolbar.firstrun", false);
Line Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "D20A103A568AA9B0148FAE48AC3F2233");
Line Deleted : user_pref("extensions.BabylonToolbar.hmpg", false);
Line Deleted : user_pref("extensions.BabylonToolbar.hrdid", "6cab904b000000000000001f3ae4a366");
Line Deleted : user_pref("extensions.BabylonToolbar.id", "6cab904b000000000000001f3ae4a366");
Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15611");
Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar.instlday", "15611");
Line Deleted : user_pref("extensions.BabylonToolbar.instlref", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false");
Line Deleted : user_pref("extensions.BabylonToolbar.keywordurl", "");
Line Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.8.0.722:30:07");
Line Deleted : user_pref("extensions.BabylonToolbar.lastdp", 28);
Line Deleted : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1");
Line Deleted : user_pref("extensions.BabylonToolbar.newTab", false);
Line Deleted : user_pref("extensions.BabylonToolbar.newtab", "false");
Line Deleted : user_pref("extensions.BabylonToolbar.newtaburl", "");
Line Deleted : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"29\",\"lastVrsn\":\"29\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0}");
Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar.prtnrid", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar.savedVrsnTs", "1");
Line Deleted : user_pref("extensions.BabylonToolbar.sg", "azb");
Line Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Line Deleted : user_pref("extensions.BabylonToolbar.smplgrp", "azb");
Line Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar.srcext", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar.srch", "");
Line Deleted : user_pref("extensions.BabylonToolbar.srchprvdr", "");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=6cab904b000000000000001f3ae4a366&q=");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrid", "base");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=6cab904b000000000000001f3ae4a366&q=");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.8.0.7");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.0.722:30:07");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.8.0.7");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsnts", "1.8.0.722:30:07");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=114351&tt=270912_11_3912_3");
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.0.722:30:07");
Line Deleted : user_pref("extensions.Softonic.admin", false);
Line Deleted : user_pref("extensions.Softonic.aflt", "SD");
Line Deleted : user_pref("extensions.Softonic.autoRvrt", "false");
Line Deleted : user_pref("extensions.Softonic.cntry", "CH");
Line Deleted : user_pref("extensions.Softonic.cv", "cv5");
Line Deleted : user_pref("extensions.Softonic.dfltLng", "de");
Line Deleted : user_pref("extensions.Softonic.dfltSrch", true);
Line Deleted : user_pref("extensions.Softonic.dfltlng", "de");
Line Deleted : user_pref("extensions.Softonic.dfltsrch", true);
Line Deleted : user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");
Line Deleted : user_pref("extensions.Softonic.dspOld", "SweetIM Search");
Line Deleted : user_pref("extensions.Softonic.envrmnt", "production");
Line Deleted : user_pref("extensions.Softonic.excTlbr", false);
Line Deleted : user_pref("extensions.Softonic.hdrMd5", "A2ED3DC11EA351953AD943010909B7E8");
Line Deleted : user_pref("extensions.Softonic.hmpg", true);
Line Deleted : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=13&cc=");
Line Deleted : user_pref("extensions.Softonic.hpNew", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=13&cc=");
Line Deleted : user_pref("extensions.Softonic.hpOld", "www.google.ch");
Line Deleted : user_pref("extensions.Softonic.hrdid", "6cab904b000000000000001f3ae4a366");
Line Deleted : user_pref("extensions.Softonic.id", "6cab904b000000000000001f3ae4a366");
Line Deleted : user_pref("extensions.Softonic.instlDay", "15577");
Line Deleted : user_pref("extensions.Softonic.instlRef", "MON00015");
Line Deleted : user_pref("extensions.Softonic.instlday", "15577");
Line Deleted : user_pref("extensions.Softonic.instlref", "MON00015");
Line Deleted : user_pref("extensions.Softonic.isdcmntcmplt", "false");
Line Deleted : user_pref("extensions.Softonic.keyWordUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=2&cc=&q=");
Line Deleted : user_pref("extensions.Softonic.keywordurl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=2&cc=&q=");
Line Deleted : user_pref("extensions.Softonic.lastVrsnTs", "1.6.7.412:25:39");
Line Deleted : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");
Line Deleted : user_pref("extensions.Softonic.newTab", true);
Line Deleted : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=15&cc=");
Line Deleted : user_pref("extensions.Softonic.newtab", true);
Line Deleted : user_pref("extensions.Softonic.newtaburl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=15&cc=");
Line Deleted : user_pref("extensions.Softonic.prdct", "Softonic");
Line Deleted : user_pref("extensions.Softonic.propectorlck", 86030656);
Line Deleted : user_pref("extensions.Softonic.prtnrId", "softonic");
Line Deleted : user_pref("extensions.Softonic.prtnrid", "softonic");
Line Deleted : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search settings, Click No to restore original settings");
Line Deleted : user_pref("extensions.Softonic.savedVrsnTs", "1");
Line Deleted : user_pref("extensions.Softonic.sg", "cz");
Line Deleted : user_pref("extensions.Softonic.similarsitesstorage-pid2", "f22a8301350f8ffc");
Line Deleted : user_pref("extensions.Softonic.smplGrp", "none");
Line Deleted : user_pref("extensions.Softonic.smplgrp", "none");
Line Deleted : user_pref("extensions.Softonic.srch", "");
Line Deleted : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Line Deleted : user_pref("extensions.Softonic.srchprvdr", "Search the web (Softonic)");
Line Deleted : user_pref("extensions.Softonic.tlbrId", "base");
Line Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=1&cc=&q=");
Line Deleted : user_pref("extensions.Softonic.tlbrid", "base");
Line Deleted : user_pref("extensions.Softonic.tlbrsrchurl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=1&cc=&q=");
Line Deleted : user_pref("extensions.Softonic.vrsn", "1.6.7.4");
Line Deleted : user_pref("extensions.Softonic.vrsnTs", "1.6.7.412:25:39");
Line Deleted : user_pref("extensions.Softonic.vrsni", "1.6.7.4");
Line Deleted : user_pref("extensions.Softonic.vrsnts", "1.6.7.412:25:39");
Line Deleted : user_pref("extensions.Softonic_i.dnsErr", true);
Line Deleted : user_pref("extensions.Softonic_i.hmpg", true);
Line Deleted : user_pref("extensions.Softonic_i.newTab", true);
Line Deleted : user_pref("extensions.Softonic_i.smplGrp", "none");
Line Deleted : user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.412:25:39");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://search.babylon.com/?affID=114351&tt=270912_11_3912_3&babsrc=HP_ss&mntrId=6cab904b000000000000001f3ae4a366");
-\\ Google Chrome v
[ File : C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [17152 octets] - [29/08/2013 08:46:20]
AdwCleaner[S0].txt - [17492 octets] - [29/08/2013 08:49:06]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17553 octets] ########## Schrit zwei ist auch ausgeführt.
Hir das ergebnins. Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.5 (08.28.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Marc on 29.08.2013 at 8:59:57.59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A04B7F69-E27E-4A8F-8B79-D8118C8C5A31}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
~~~ Files
Successfully deleted: [File] "C:\Users\Marc\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Marc\start menu\programs\browser manager"
Successfully deleted: [Folder] "C:\Users\Marc\music\qtrax media library"
Successfully deleted: [Empty Folder] C:\Users\Marc\appdata\local\{138BF293-D15F-4E1A-9E0C-B7513AF3BDA7}
Successfully deleted: [Empty Folder] C:\Users\Marc\appdata\local\{21552D49-C23D-473F-B045-AFE7E19EF831}
Successfully deleted: [Empty Folder] C:\Users\Marc\appdata\local\{49897CD3-EA3D-4F73-8337-FE2CBF8E91CE}
Successfully deleted: [Empty Folder] C:\Users\Marc\appdata\local\{7BC9DAEE-F7B9-468E-BC02-0884E7366AF5}
Successfully deleted: [Empty Folder] C:\Users\Marc\appdata\local\{911105BD-59F0-461A-A554-E2BFCAFC8634}
Successfully deleted: [Empty Folder] C:\Users\Marc\appdata\local\{A6971C59-D30F-4781-8F52-3D098DD6F86F}
Successfully deleted: [Empty Folder] C:\Users\Marc\appdata\local\{B212C70F-5AA9-4795-A0A6-3B4BE2FDDB2F}
Successfully deleted: [Empty Folder] C:\Users\Marc\appdata\local\{BD8CCE91-C469-4D68-838A-ADE4EDC4901C}
Successfully deleted: [Empty Folder] C:\Users\Marc\appdata\local\{D9DC8E74-A997-4799-995B-4DB2A77A21DC}
Successfully deleted: [Empty Folder] C:\Users\Marc\appdata\local\{EA7A606F-7DA3-410C-958D-28EB0B497E96}
Successfully deleted: [Empty Folder] C:\Users\Marc\appdata\local\{ECC6288E-C543-428A-B648-9469752D59D6}
Successfully deleted: [Empty Folder] C:\Users\Marc\appdata\local\{F3D6FE75-F8B8-4F56-890B-259643A31635}
Successfully deleted: [Empty Folder] C:\Users\Marc\appdata\local\{F3F49F4C-08FB-46A7-ACD7-BF6268A1E89C}
~~~ FireFox
Successfully deleted: [File] C:\user.js
Successfully deleted: [Folder] C:\Users\Marc\AppData\Roaming\mozilla\firefox\profiles\3h4vomr6.default\extensions\staged
Emptied folder: C:\Users\Marc\AppData\Roaming\mozilla\firefox\profiles\3h4vomr6.default\minidumps [268 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.08.2013 at 9:02:05.79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Der Scan mit FRST ist abgeschlosen
Hir das ergebnis.
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-08-2013
Ran by Marc (administrator) on 29-08-2013 09:06:25
Running from C:\Users\Marc\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Creative Technology Ltd.) C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corp.) C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Users\Marc\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(CREALOGIX E-Payment AG) C:\Program Files\CLX.PayPen\CLXReader.exe
(Dropbox, Inc.) C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Facebook) C:\Users\Marc\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
(Sony Corporation) C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Windows\system32\schtasks.exe
(Microsoft Corporation) C:\Windows\system32\sdclt.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [OEM02Mon.exe] - C:\Windows\OEM02Mon.exe [36864 2007-05-10] (Creative Technology Ltd.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [DELL Webcam Manager] - C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [118784 2007-07-27] (Creative Technology Ltd.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [13793824 2009-06-16] (NVIDIA Corporation)
HKLM\...\Run: [NVHotkey] - C:\Windows\system32\nvHotkey.dll [92704 2009-06-16] (NVIDIA Corporation)
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM\...\Run: [Bing Bar] - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe [243544 2010-04-27] (Microsoft Corp.)
HKLM\...\Run: [Microsoft Default Manager] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [947152 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [VDownloader] - C:\Program Files\VDownloader\VDownloader.exe [879104 2012-12-20] (Vitzo)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-11-21] (Google Inc.)
HKCU\...\Run: [msnmsgr] - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [x]
HKCU\...\Run: [SkyDrive] - C:\Users\Marc\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-14] (Microsoft Corporation)
HKCU\...\Run: [Facebook Update] - C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-25] (Facebook Inc.)
HKCU\...\Run: [CLXReader] - C:\Program Files\CLX.PayPen\CLXReader.exe [4108152 2012-08-14] (CREALOGIX E-Payment AG)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKCU\...\Winlogon: [Shell] explorer.exe,C:\Users\Marc\AppData\Roaming\cache.dat <==== ATTENTION
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Marc\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Picture Motion Browser Medien-Prüfung.lnk
ShortcutTarget: Picture Motion Browser Medien-Prüfung.lnk -> C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ch.msn.com/?ocid=OIE9HP
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {AF4BC682-A543-4440-A849-186E9BBE09F9} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - @C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3h4vomr6.default
FF Homepage: https://www.google.ch/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Microsoft.com/NpWinExt,version=5.0 - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Marc\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Marc\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Marc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Marc\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin HKCU: vitzo.com/VDownloader - C:\Program Files\VDownloader\Addons\npVDownloader.dll (Vitzo)
FF SearchPlugin: C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3h4vomr6.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3h4vomr6.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3h4vomr6.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\3h4vomr6.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [msntoolbar@msn.com] C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF Extension: Bing Bar - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF HKLM\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF Extension: No Name - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF HKLM\...\Firefox\Extensions: [support@vdownloader.com] C:\Program Files\VDownloader\Addons\FireFox
FF Extension: VDownloader - C:\Program Files\VDownloader\Addons\FireFox
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Marc\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Marc\AppData\Local\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Marc\AppData\Local\Google\Chrome\Application\29.0.1547.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U35) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.350.10) - C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Bing Bar) - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Desktop) - C:\Users\Marc\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll No File
CHR Plugin: (Google Update) - C:\Users\Marc\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Extension: (Chrome In-App Payments service) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR HKLM\...\Chrome\Extension: [eoccbpoodnckjdnackiffhjfkogfhnhh] - C:\Program Files\VDownloader\Addons\Chrome.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [295232 2013-01-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R2 EkaProt6; C:\Windows\System32\DRIVERS\ekaprot6.sys [23704 2011-01-31] (Ekahau Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
S3 PayPen; C:\Windows\System32\Drivers\PayPen.sys [18560 2012-08-14] ()
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-29 09:05 - 2013-08-29 09:05 - 01072975 _____ (Farbar) C:\Users\Marc\Downloads\FRST(1).exe.part
2013-08-29 09:05 - 2013-08-29 09:05 - 00000000 _____ C:\Users\Marc\Downloads\FRST(1).exe
2013-08-29 09:02 - 2013-08-29 09:02 - 00003522 _____ C:\Users\Marc\Desktop\JRT.txt
2013-08-29 08:59 - 2013-08-29 08:59 - 00000511 _____ C:\Users\Marc\Desktop\JRT.exe - Verknüpfung.lnk
2013-08-29 08:59 - 2013-08-29 08:59 - 00000000 ____D C:\Windows\ERUNT
2013-08-29 08:57 - 2013-08-29 08:57 - 01023533 _____ (Thisisu) C:\Users\Marc\Downloads\JRT.exe
2013-08-29 08:46 - 2013-08-29 08:49 - 00000000 ____D C:\AdwCleaner
2013-08-29 08:45 - 2013-08-29 08:45 - 00000552 _____ C:\Users\Marc\Desktop\adwcleaner.exe - Verknüpfung.lnk
2013-08-29 08:43 - 2013-08-29 08:44 - 00994642 _____ C:\Users\Marc\Downloads\adwcleaner(1).exe
2013-08-29 08:40 - 2013-08-29 08:41 - 00994642 _____ C:\Users\Marc\Downloads\adwcleaner.exe
2013-08-28 20:53 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-28 20:50 - 2013-08-28 20:50 - 01072975 _____ (Farbar) C:\Users\Marc\Downloads\FRST.exe
2013-08-27 16:11 - 2013-08-27 16:11 - 00000000 ____D C:\FRST
2013-08-24 14:30 - 2013-08-24 14:55 - 00000000 ____D C:\Users\Marc\Sex
2013-08-15 00:36 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 00:36 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 00:36 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 00:36 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 00:36 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 00:36 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-15 00:36 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-15 00:36 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 00:36 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 00:36 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 00:36 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 00:36 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-15 00:36 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-15 00:36 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 00:36 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 00:36 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-14 08:18 - 2013-07-17 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 08:18 - 2013-07-10 11:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 08:18 - 2013-07-09 14:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 08:18 - 2013-07-08 06:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-14 08:18 - 2013-07-08 06:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 08:18 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 08:18 - 2013-07-08 06:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 08:18 - 2013-07-08 06:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 08:18 - 2013-07-08 06:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 08:18 - 2013-07-05 05:20 - 00914880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 08:18 - 2013-07-05 03:43 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2013-08-14 08:18 - 2013-06-15 15:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-14 08:18 - 2013-06-15 13:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-13 10:24 - 2013-08-13 18:56 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
==================== One Month Modified Files and Folders =======
2013-08-29 09:06 - 2013-08-29 09:06 - 00000518 _____ C:\Users\Marc\Desktop\FRST.exe - Verknüpfung.lnk
2013-08-29 09:05 - 2013-08-29 09:05 - 01072975 _____ (Farbar) C:\Users\Marc\Downloads\FRST(1).exe.part
2013-08-29 09:05 - 2013-08-29 09:05 - 00000000 _____ C:\Users\Marc\Downloads\FRST(1).exe
2013-08-29 09:02 - 2013-08-29 09:02 - 00003522 _____ C:\Users\Marc\Desktop\JRT.txt
2013-08-29 08:59 - 2013-08-29 08:59 - 00000511 _____ C:\Users\Marc\Desktop\JRT.exe - Verknüpfung.lnk
2013-08-29 08:59 - 2013-08-29 08:59 - 00000000 ____D C:\Windows\ERUNT
2013-08-29 08:57 - 2013-08-29 08:57 - 01023533 _____ (Thisisu) C:\Users\Marc\Downloads\JRT.exe
2013-08-29 08:57 - 2006-11-02 14:52 - 02074179 _____ C:\Windows\WindowsUpdate.log
2013-08-29 08:57 - 2006-11-02 12:33 - 01587172 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-29 08:53 - 2012-08-25 16:47 - 00000000 ___RD C:\Users\Marc\SkyDrive
2013-08-29 08:53 - 2012-03-21 14:48 - 00000000 ___RD C:\Users\Marc\Dropbox
2013-08-29 08:53 - 2012-03-21 13:56 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Dropbox
2013-08-29 08:51 - 2012-11-10 00:53 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-29 08:51 - 2011-11-11 00:26 - 00031776 _____ C:\ProgramData\nvModes.dat
2013-08-29 08:51 - 2011-11-11 00:26 - 00031776 _____ C:\ProgramData\nvModes.001
2013-08-29 08:51 - 2006-11-02 14:47 - 00003664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-29 08:51 - 2006-11-02 14:47 - 00003664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-29 08:50 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-29 08:49 - 2013-08-29 08:46 - 00000000 ____D C:\AdwCleaner
2013-08-29 08:49 - 2011-11-11 00:45 - 00004268 _____ C:\Windows\bthservsdp.dat
2013-08-29 08:49 - 2011-11-10 19:28 - 00000000 ____D C:\Users\Marc
2013-08-29 08:49 - 2006-11-02 15:01 - 00032554 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-29 08:45 - 2013-08-29 08:45 - 00000552 _____ C:\Users\Marc\Desktop\adwcleaner.exe - Verknüpfung.lnk
2013-08-29 08:44 - 2013-08-29 08:43 - 00994642 _____ C:\Users\Marc\Downloads\adwcleaner(1).exe
2013-08-29 08:41 - 2013-08-29 08:40 - 00994642 _____ C:\Users\Marc\Downloads\adwcleaner.exe
2013-08-28 21:28 - 2012-04-05 09:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-28 21:20 - 2012-11-10 00:53 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-28 21:13 - 2011-11-21 11:31 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2978347520-1581668813-3411711660-1000UA.job
2013-08-28 20:50 - 2013-08-28 20:50 - 01072975 _____ (Farbar) C:\Users\Marc\Downloads\FRST.exe
2013-08-28 20:46 - 2006-11-02 14:52 - 00042830 _____ C:\Windows\setupact.log
2013-08-27 16:11 - 2013-08-27 16:11 - 00000000 ____D C:\FRST
2013-08-24 14:55 - 2013-08-24 14:30 - 00000000 ____D C:\Users\Marc\Sex
2013-08-24 14:12 - 2012-08-25 17:07 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2978347520-1581668813-3411711660-1000UA.job
2013-08-23 20:13 - 2011-11-21 11:31 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2978347520-1581668813-3411711660-1000Core.job
2013-08-23 17:12 - 2012-08-25 17:07 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2978347520-1581668813-3411711660-1000Core.job
2013-08-21 08:20 - 2011-11-21 11:32 - 00002042 _____ C:\Users\Marc\Desktop\Google Chrome.lnk
2013-08-19 09:16 - 2012-05-03 09:52 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-18 08:14 - 2011-11-10 20:34 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-15 07:59 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-15 07:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-15 07:30 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-15 00:46 - 2013-07-28 02:02 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 00:43 - 2006-11-02 12:24 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-08-13 18:56 - 2013-08-13 10:24 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-08-09 17:39 - 2011-11-21 13:03 - 00000000 ____D C:\Users\Marc\AppData\Roaming\vlc
2013-08-03 06:59 - 2011-11-11 00:22 - 00128518 _____ C:\Windows\PFRO.log
2013-08-02 06:09 - 2013-08-28 20:53 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
Files to move or delete:
====================
C:\ProgramData\nvModes.dat
C:\Users\Marc\AppData\Local\Temp\ICReinstall_DownloadManagerSetup(1).exe
C:\Users\Marc\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Marc\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Marc\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Marc\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Marc\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Marc\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Marc\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Marc\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Marc\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Marc\AppData\Local\Temp\Quarantine.exe
C:\Users\Marc\AppData\Local\Temp\UnityWebPlayer4275381299534217750.exe
C:\Users\Marc\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\Marc\AppData\Local\Temp\wmpfirefoxplugin.exe
C:\Users\Marc\AppData\Local\Temp\_is1080.exe
C:\Users\Marc\AppData\Local\Temp\_is3407.exe
C:\Users\Marc\AppData\Local\Temp\_is754B.exe
C:\Users\Marc\AppData\Local\Temp\{F59E31AF-7BC3-49F6-B40F-7D5C4E6126E3}\{2F819DAF-429B-4179-AEDC-AE71B7B9D889}\Common.dll
C:\Users\Marc\AppData\Local\Temp\{F59E31AF-7BC3-49F6-B40F-7D5C4E6126E3}\{2F819DAF-429B-4179-AEDC-AE71B7B9D889}\CTCabEx.DLL
C:\Users\Marc\AppData\Local\Temp\{F59E31AF-7BC3-49F6-B40F-7D5C4E6126E3}\{2F819DAF-429B-4179-AEDC-AE71B7B9D889}\RegEdit.dll
C:\Users\Marc\AppData\Local\Temp\{F59E31AF-7BC3-49F6-B40F-7D5C4E6126E3}\{2F819DAF-429B-4179-AEDC-AE71B7B9D889}\_ISUSER.DLL
C:\Users\Marc\AppData\Local\Temp\{F59E31AF-7BC3-49F6-B40F-7D5C4E6126E3}\{2F819DAF-429B-4179-AEDC-AE71B7B9D889}\_setup.dll
C:\Users\Marc\AppData\Local\Temp\{C0BDDD0C-1001-474C-816B-20D82A785801}\{59F6A514-9813-47A3-948C-8A155460CC2A}\DIFxAPI.dll
C:\Users\Marc\AppData\Local\Temp\{C0BDDD0C-1001-474C-816B-20D82A785801}\{59F6A514-9813-47A3-948C-8A155460CC2A}\DIFxCmd.exe
C:\Users\Marc\AppData\Local\Temp\{C0BDDD0C-1001-474C-816B-20D82A785801}\{59F6A514-9813-47A3-948C-8A155460CC2A}\RixDICON.dll
C:\Users\Marc\AppData\Local\Temp\{C0BDDD0C-1001-474C-816B-20D82A785801}\{59F6A514-9813-47A3-948C-8A155460CC2A}\snymsico.dll
C:\Users\Marc\AppData\Local\Temp\{C0BDDD0C-1001-474C-816B-20D82A785801}\{59F6A514-9813-47A3-948C-8A155460CC2A}\x64\DIFxAPI.dll
C:\Users\Marc\AppData\Local\Temp\{C0BDDD0C-1001-474C-816B-20D82A785801}\{59F6A514-9813-47A3-948C-8A155460CC2A}\x64\DIFxCmd.exe
C:\Users\Marc\AppData\Local\Temp\{C0BDDD0C-1001-474C-816B-20D82A785801}\{59F6A514-9813-47A3-948C-8A155460CC2A}\x64\RixDICON.dll
C:\Users\Marc\AppData\Local\Temp\{C0BDDD0C-1001-474C-816B-20D82A785801}\{59F6A514-9813-47A3-948C-8A155460CC2A}\x64\snymsico.dll
C:\Users\Marc\AppData\Local\Temp\{68D303D4-B5F6-4D4B-ACEA-1B555B84B9D5}\ISSetup.dll
C:\Users\Marc\AppData\Local\Temp\{68D303D4-B5F6-4D4B-ACEA-1B555B84B9D5}\_Setup.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\GoogleCrashHandler.exe
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\GoogleCrashHandler64.exe
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\GoogleUpdate.exe
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\GoogleUpdateBroker.exe
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\GoogleUpdateOnDemand.exe
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\GoogleUpdateSetup.exe
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdate.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_am.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_ar.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_bg.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_bn.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_ca.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_cs.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_da.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_de.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_el.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_en-GB.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_en.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_es-419.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_es.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_et.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_fa.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_fi.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_fil.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_fr.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_gu.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_hi.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_hr.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_hu.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_id.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_is.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_it.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_iw.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_ja.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_kn.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_ko.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_lt.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_lv.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_ml.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_mr.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_ms.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_nl.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_no.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_pl.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_pt-BR.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_pt-PT.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_ro.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_ru.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_sk.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_sl.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_sr.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_sv.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_sw.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_ta.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_te.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_th.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_tr.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_uk.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_ur.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_vi.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_zh-CN.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\goopdateres_zh-TW.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\npGoogleUpdate3.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\psmachine.dll
C:\Users\Marc\AppData\Local\Temp\{67DD9315-E2C9-4993-8E2A-50C5058817D9}\psuser.dll
C:\Users\Marc\AppData\Local\Temp\{587DD263-DD9F-4D70-A9E6-A53BABAAFC30}\ISSetup.dll
C:\Users\Marc\AppData\Local\Temp\{587DD263-DD9F-4D70-A9E6-A53BABAAFC30}\_Setup.dll
C:\Users\Marc\AppData\Local\Temp\{4535D53D-5CC7-4B67-B0E6-E97DBCB90F87}\adobeshockwavextrabundle.exe
C:\Users\Marc\AppData\Local\Temp\{000226CF-996C-400A-B252-E1E0F8534BBB}\ISSetup.dll
C:\Users\Marc\AppData\Local\Temp\{000226CF-996C-400A-B252-E1E0F8534BBB}\_Setup.dll
C:\Users\Marc\AppData\Local\Temp\_MEI48242\kernel32.dll
C:\Users\Marc\AppData\Local\Temp\_MEI48242\mfc90.dll
C:\Users\Marc\AppData\Local\Temp\_MEI48242\mfc90u.dll
C:\Users\Marc\AppData\Local\Temp\_MEI48242\mfcm90.dll
C:\Users\Marc\AppData\Local\Temp\_MEI48242\mfcm90u.dll
C:\Users\Marc\AppData\Local\Temp\_MEI48242\psapi.dll
C:\Users\Marc\AppData\Local\Temp\_MEI48242\python26.dll
C:\Users\Marc\AppData\Local\Temp\_MEI48242\pythoncom26.dll
C:\Users\Marc\AppData\Local\Temp\_MEI48242\PyWinTypes26.dll
C:\Users\Marc\AppData\Local\Temp\_MEI48242\shell32.dll
C:\Users\Marc\AppData\Local\Temp\_MEI48242\wxbase293u_net_vc.dll
C:\Users\Marc\AppData\Local\Temp\_MEI48242\wxbase293u_vc.dll
C:\Users\Marc\AppData\Local\Temp\_MEI48242\wxmsw293u_adv_vc.dll
C:\Users\Marc\AppData\Local\Temp\_MEI48242\wxmsw293u_core_vc.dll
C:\Users\Marc\AppData\Local\Temp\_MEI48242\wxmsw293u_html_vc.dll
C:\Users\Marc\AppData\Local\Temp\_MEI48242\wxmsw293u_webview_vc.dll
C:\Users\Marc\AppData\Local\Temp\Temp1_DigiFoto402_upd.zip\digifoto.exe
C:\Users\Marc\AppData\Local\Temp\SweetIMReinstall\SweetImSetup.exe
C:\Users\Marc\AppData\Local\Temp\scoped_dir_7836_21362\CRX_INSTALL\npVDownloader.dll
C:\Users\Marc\AppData\Local\Temp\scoped_dir_5440_1778\CRX_INSTALL\npVDownloader.dll
C:\Users\Marc\AppData\Local\Temp\scoped_dir_5204_21116\CRX_INSTALL\npVDownloader.dll
C:\Users\Marc\AppData\Local\Temp\scoped_dir_3100_21284\CRX_INSTALL\npVDownloader.dll
C:\Users\Marc\AppData\Local\Temp\nsx1611.tmp\DropboxNSISTools.dll
C:\Users\Marc\AppData\Local\Temp\nswC70.tmp\DropboxNSISTools.dll
C:\Users\Marc\AppData\Local\Temp\nsuE2C1.tmp\chrmPref.dll
C:\Users\Marc\AppData\Local\Temp\nsuE2C1.tmp\IEFunctions.dll
C:\Users\Marc\AppData\Local\Temp\nsuE2C1.tmp\mt.dll
C:\Users\Marc\AppData\Local\Temp\nsuE2C1.tmp\nsisos.dll
C:\Users\Marc\AppData\Local\Temp\nsuE2C1.tmp\Processes.dll
C:\Users\Marc\AppData\Local\Temp\nsuE2C1.tmp\System.dll
C:\Users\Marc\AppData\Local\Temp\nsuE2C1.tmp\Time.dll
C:\Users\Marc\AppData\Local\Temp\nsuE2C1.tmp\UserInfo.dll
C:\Users\Marc\AppData\Local\Temp\nsr5D6D.tmp\DropboxNSISTools.dll
C:\Users\Marc\AppData\Local\Temp\nsnB57B.tmp\DropboxNSISTools.dll
C:\Users\Marc\AppData\Local\Temp\nsc14BA.tmp\DropboxNSISTools.dll
C:\Users\Marc\AppData\Local\Temp\nsc14BA.tmp\UAC.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\dotNetFx40LP_Full_x86de.exe
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Setup.exe
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupEngine.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUi.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUtility.exe
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\sqmapi.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3082\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3076\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2070\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2052\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1055\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1053\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1049\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1046\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1045\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1044\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1043\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1042\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1041\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1040\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1038\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1037\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1036\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1035\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1033\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1032\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1031\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1030\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1029\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1028\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1025\SetupResources.dll
C:\Users\Marc\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
C:\Users\Marc\AppData\Local\Temp\is357113909\DeltaTB.exe
C:\Users\Marc\AppData\Local\Temp\is357113909\DownloadManagerV2.exe
C:\Users\Marc\AppData\Local\Temp\is357113909\QtraxInstaller.exe
C:\Users\Marc\AppData\Local\Temp\is357113909\uninstaller.exe
C:\Users\Marc\AppData\Local\Temp\is180804277\14333978_Setup.EXE
C:\Users\Marc\AppData\Local\Temp\is180804277\4738337_Setup.EXE
C:\Users\Marc\AppData\Local\Temp\is180804277\53072112_Setup.EXE
C:\Users\Marc\AppData\Local\Temp\is180804277\DeltaTB.exe
C:\Users\Marc\AppData\Local\Temp\is180804277\dp.exe
C:\Users\Marc\AppData\Local\Temp\is180804277\PricePeepInstaller.exe
C:\Users\Marc\AppData\Local\Temp\is180804277\QtraxInstaller.exe
C:\Users\Marc\AppData\Local\Temp\is180804277\yontoo-c2.exe
C:\Users\Marc\AppData\Local\Temp\is180804277\yontoo-c4.exe
C:\Users\Marc\AppData\Local\Temp\IDC2.tmp\FP_AX_CAB_INSTALLER64.exe
C:\Users\Marc\AppData\Local\Temp\Adobe\Shockwave 11\gcapi_dll.dll
C:\Users\Marc\AppData\Local\Temp\Adobe\Shockwave 11\gi.dll
C:\Users\Marc\AppData\Local\Temp\Adobe\Shockwave 11\gtapi.dll
C:\Users\Marc\AppData\Local\Temp\Adobe\Shockwave 11\SymCCIS.dll
C:\Users\Marc\AppData\Local\Temp\A958.dir\InstallFlashPlayer.exe
C:\Users\Marc\AppData\Local\Temp\967429CBEA314E3EBC91036B24089247\IP2TDFJewel\7.1.361\JewelExtension.dll
C:\Users\Marc\AppData\Local\Temp\967429CBEA314E3EBC91036B24089247\IP2TDFButton1\7.1.361\JewelExtension.dll
C:\Users\Marc\AppData\Local\Temp\87597F2A-BAB0-7891-ACBB-5A9DCF132762\Setup.exe
C:\Users\Marc\AppData\Local\Temp\87597F2A-BAB0-7891-ACBB-5A9DCF132762\sqlite3.dll
C:\Users\Marc\AppData\Local\Temp\87597F2A-BAB0-7891-ACBB-5A9DCF132762\Latest\BrowserManagerSetup.exe
C:\Users\Marc\AppData\Local\Temp\87597F2A-BAB0-7891-ACBB-5A9DCF132762\Latest\IECookieLow.dll
C:\Users\Marc\AppData\Local\Temp\87597F2A-BAB0-7891-ACBB-5A9DCF132762\Latest\MyBabylonTB.exe
C:\Users\Marc\AppData\Local\Temp\87597F2A-BAB0-7891-ACBB-5A9DCF132762\Latest\Setup.exe
C:\Users\Marc\AppData\Local\Temp\87597F2A-BAB0-7891-ACBB-5A9DCF132762\Latest\sqlite3.dll
C:\Users\Marc\AppData\Local\Temp\55039882.Uninstall\uninstaller.exe
C:\Users\Marc\AppData\Local\Temp\55000118.Uninstall\uninstaller.exe
C:\Users\Marc\AppData\Local\Temp\486177.Uninstall\uninstaller.exe
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\GoogleEarth.exe
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemyext.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\earthps.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\geplugin.exe
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\ge_expat.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\googleearth_free.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\icudt.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\IGAttrs.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\IGCore.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\IGExportCommon.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\IGGfx.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\IGMath.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\IGOpt.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\IGSg.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\IGUtils.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\msvcp100.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\msvcr100.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\npgeplugin.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\plugin_ax.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\QtCore4.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\QtGui4.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\QtNetwork4.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\QtWebKit4.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\imageformats\qgif4.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\imageformats\qjpeg4.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\optimizations\IGOptExtension.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogles20\D3DCompiler_43.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogles20\d3dx9_43.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogles20\IGAttrs.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogles20\IGGfx.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogles20\IGSg.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogles20\libEGL.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogles20\libGLESv2.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogl\IGAttrs.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogl\IGGfx.dll
C:\Users\Marc\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogl\IGSg.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-29 08:57
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-08-2013
Ran by Marc at 2013-08-29 09:09:10
Running from C:\Users\Marc\Downloads
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
Advanced Audio FX Engine
Advanced Video FX Engine
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
Bing Bar (Version: 5.0.1449.0)
Bing Bar Platform (Version: 5.0.1449.0)
Broadcom 440x 10/100 Integrated Controller (Version: 10.04.01)
CLX.PayPen - CLX.PayPen Wireless (Version: 2.0.6.1)
Conexant HDA D330 MDC V.92 Modem
D3DX10 (Version: 15.4.2368.0902)
Dell Resource CD (Version: 1.00.0000)
Dell Webcam Center
Dell Webcam Manager
DesignPro 5 (Version: 5.5.708)
Dropbox (HKCU Version: 2.0.22)
Ekahau HeatMapper (Version: 1.1.3.38636)
Facebook Messenger 2.1.4814.0 (Version: 2.1.4814.0)
GoldWave v5.54
Google Chrome (HKCU Version: 29.0.1547.57)
Google Drive (Version: 1.11.4865.2530)
Google Earth Plug-in (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.153)
HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät (Version: 22.0.334.0)
HP Officejet Pro 8500 A910 Hilfe (Version: 140.0.2.2)
HP Update (Version: 5.002.005.003)
I.R.I.S. OCR (Version: 12.3.4)
Intel Matrix Storage Manager
Intel(R) PROSet/Wireless Software (Version: 11.01.0000)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 37 (Version: 6.0.370)
Junk Mail filter update (Version: 15.4.3502.0922)
Kies Air Discovery Service
Laptop Integrated Webcam Driver (1.04.01.1011)
Live! Cam Avatar (Version: 1.0)
Live! Cam Avatar Creator (Version: 4.6.0817.1)
mCore (Version: 9.24.0000)
mDriver (Version: 9.24.0000)
Mesh Runtime (Version: 15.4.5722.2)
mHelp (Version: 9.24.0000)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Default Manager (Version: 2.1.55.0)
Microsoft Search Enhancement Pack (Version: 3.0.126.0)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SkyDrive (HKCU Version: 17.0.2015.0811)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
mMHouse (Version: 9.24.0000)
Mozilla Firefox 23.0.1 (x86 de) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
Mozilla Thunderbird 17.0.8 (x86 de) (Version: 17.0.8)
mPfMgr (Version: 9.24.0000)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
mWMI (Version: 9.24.0000)
NAVIGON Fresh 3.4.1 (Version: 3.4.1)
NVIDIA Drivers (Version: 1.3)
OpenOffice.org 3.3 (Version: 3.3.9567)
Picture Package Music Transfer (Version: 1.1.00.11270)
Pinnacle VideoSpin (Version: 2.0.0.669)
QuickTime (Version: 7.71.80.42)
RICOH R5U8xx Media Driver ver.3.62.02 (Version: 3.62.02)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
Segoe UI (Version: 15.4.2271.0615)
Sony Picture Utility (Version: 3.0.01.12110)
Steuern11 (Version: 1.0.1.1375)
Studie zur Verbesserung von HP Officejet Pro 8500 A910 Produkten (Version: 22.0.334.0)
swMSM (Version: 12.0.0.1)
Unity Web Player (HKCU Version: )
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
VDownloader 3.9.1360
Virtual DJ Home Edition - Atomix Productions
Visitenkarten in 2 Minuten
VLC media player 2.0.6 (Version: 2.0.6)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows-Treiberpaket - C Technologies AB (PayPen) Input Pen (09/28/2007 2.0.0.0) (Version: 09/28/2007 2.0.0.0)
==================== Restore Points =========================
14-08-2013 21:09:09 Geplanter Prüfpunkt
14-08-2013 22:34:37 Windows Update
16-08-2013 08:50:38 Geplanter Prüfpunkt
16-08-2013 22:00:06 Geplanter Prüfpunkt
17-08-2013 22:00:13 Geplanter Prüfpunkt
18-08-2013 06:18:19 Windows Update
19-08-2013 09:24:46 Geplanter Prüfpunkt
19-08-2013 22:00:07 Geplanter Prüfpunkt
20-08-2013 22:00:07 Geplanter Prüfpunkt
22-08-2013 08:49:09 Geplanter Prüfpunkt
22-08-2013 22:00:16 Geplanter Prüfpunkt
23-08-2013 06:47:09 Windows Update
23-08-2013 22:00:12 Geplanter Prüfpunkt
28-08-2013 18:53:43 Windows Update
29-08-2013 06:40:47 Windows Update
==================== Hosts content: ==========================
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0026D573-C410-4E67-9C96-331017EB280B} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-19] (Microsoft Corporation)
Task: {0DCB4353-D1C0-4130-A499-8EAF3082B61B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-10] (Google Inc.)
Task: {104CE4F7-0DEF-498E-B498-55D7E6E8C8F0} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-01-27] (Microsoft Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1E517B96-22E5-4B71-B857-63E494A63115} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2978347520-1581668813-3411711660-1000Core => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-21] (Google Inc.)
Task: {26E75976-C3D4-4F34-B01D-A5A11CEA4555} - System32\Tasks\Microsoft\Windows\WindowsBackup\CheckFull => C:\Windows\System32\sdclt.exe [2010-12-14] (Microsoft Corporation)
Task: {2FDBDC47-7148-49DB-9D32-32E6A003C996} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => C:\Windows\System32\ndfapi.dll [2008-01-19] (Microsoft Corporation)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {42B3BF69-EF59-4D2F-925E-2C2F033544AB} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Marc => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {4C80C0F9-ADE4-4C49-8C0A-EB3E34AE6258} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\System32\sdclt.exe [2010-12-14] (Microsoft Corporation)
Task: {50717079-3473-45F7-9292-289BCF234A70} - System32\Tasks\HPCustParticipation HP Officejet Pro 8500 A910 => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {5C4CB010-62D0-4AFE-8B6C-D67F587BFB92} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {6563C3D7-E5BB-4BC4-9AD2-484149597386} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {79C81796-050A-4065-9802-2C0706BEE4AB} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-01-27] (Microsoft Corporation)
Task: {897CA36B-C3C6-46F7-982B-7AEAD55125ED} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2008-01-19] (Microsoft Corporation)
Task: {959CFFFE-1E37-4393-9594-CB2B757FE008} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2978347520-1581668813-3411711660-1000Core => C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-25] (Facebook Inc.)
Task: {A0DAF509-5829-401F-B5B3-005B229515DB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2978347520-1581668813-3411711660-1000UA => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-21] (Google Inc.)
Task: {A1868F64-ED08-49A9-9F86-F62ED855AFFD} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\System32\srrstr.dll [2008-01-19] (Microsoft Corporation)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-19] (Microsoft Corporation)
Task: {C8FB0A6F-9D68-4F5A-83C3-50CD234B44DB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {CAF8472F-E325-4292-AA2C-12082DFB3F12} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2978347520-1581668813-3411711660-1000UA => C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-25] (Facebook Inc.)
Task: {DFE66225-BDC1-45BD-BA12-D76B273FA58E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-10] (Google Inc.)
Task: {E0D130A6-8F0D-45F3-9DAC-490C37472237} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\system32\schtasks.exe [2008-01-19] (Microsoft Corporation)
Task: {E3B0BF9C-3D26-4E40-8D49-ACC94D13F177} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\system32\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2011-11-10] ()
Task: {F1E2360B-E2A7-4B07-8A0B-8F350A50BF31} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\system32\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {F8D6E476-24FE-4649-A4D7-985706B29128} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => C:\Windows\System32\ndfapi.dll [2008-01-19] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2978347520-1581668813-3411711660-1000Core.job => C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2978347520-1581668813-3411711660-1000UA.job => C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2978347520-1581668813-3411711660-1000Core.job => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2978347520-1581668813-3411711660-1000UA.job => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==========
==================== Faulty Device Manager Devices =============
Name: Microsoft-ISATAP-Adapter #11
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-08-27 18:10:37.303
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-27 18:10:37.163
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-27 18:10:37.022
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-27 18:10:36.851
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-27 16:13:14.590
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-27 16:13:14.434
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-27 16:13:13.982
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-27 16:13:13.779
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-07 17:36:33.622
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Browser Manager\2.6.1519.190\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-07 17:36:33.433
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Browser Manager\2.6.1519.190\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 42%
Total physical RAM: 3069.31 MB
Available physical RAM: 1778.84 MB
Total Pagefile: 6339.64 MB
Available Pagefile: 5078.3 MB
Total Virtual: 2047.88 MB
Available Virtual: 1942.36 MB
==================== Drives ================================
Drive c: (Daten) (Fixed) (Total:232.88 GB) (Free:50.55 GB) NTFS
Drive d: (System) (Fixed) (Total:232.88 GB) (Free:157.55 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: FC89BA5F)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 05C5E182)
Partition 1: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
==================== End Of Log ============================ |