nameless91 | 07.02.2014 17:06 | Hier erstmal die von Malwarebytes: Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2014.02.07.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
arne-lena :: ARNE-LENA-PC [Administrator]
07.02.2014 16:44:45
mbam-log-2014-02-07 (16-44-45).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 269811
Laufzeit: 5 Minute(n), 10 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende) Hier die von AdwCleaner: Code:
# AdwCleaner v3.018 - Bericht erstellt am 07/02/2014 um 16:53:16
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : arne-lena - ARNE-LENA-PC
# Gestartet von : C:\Users\arne-lena\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Program Files (x86)\vShare.tv plugin
Ordner Gelöscht : C:\Program Files (x86)\VshareComplete
Ordner Gelöscht : C:\Users\arne-lena\AppData\LocalLow\facemoods.com
Ordner Gelöscht : C:\Users\arne-lena\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\arne-lena\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\arne-lena\AppData\Roaming\VshareComplete
Datei Gelöscht : C:\Users\arne-lena\AppData\Roaming\Mozilla\Firefox\Profiles\91oyl5hk.default\invalidprefs.js
Datei Gelöscht : C:\Users\arne-lena\AppData\Roaming\Mozilla\Firefox\Profiles\91oyl5hk.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\arne-lena\AppData\Roaming\Mozilla\Firefox\Profiles\91oyl5hk.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\arne-lena\AppData\Roaming\Mozilla\Firefox\Profiles\91oyl5hk.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\vShare.tv
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\SimplyGen
Schlüssel Gelöscht : HKLM\Software\Uniblue\DriverScanner
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\arne-lena\AppData\Roaming\Mozilla\Firefox\Profiles\91oyl5hk.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "204c3cc0000000000000742f68a8b153");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15885");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.53:13:38");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=121562&tt=250613_gr4&tsp=4928");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
*************************
AdwCleaner[R0].txt - [6919 octets] - [07/02/2014 16:52:26]
AdwCleaner[S0].txt - [6576 octets] - [07/02/2014 16:53:16]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6636 octets] ########## Hier die vom Junkware Removal Tool: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Home Premium x64
Ran by arne-lena on 07.02.2014 at 16:58:10,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-910976494-1536576313-2717932127-1003\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{114A8AC6-B22B-48F4-A75B-9A570AA825D6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{114A8AC6-B22B-48F4-A75B-9A570AA825D6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{08337871-0e50-4031-9110-3bd21ca3c065}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{08337871-0e50-4031-9110-3bd21ca3c065}
~~~ Files
Successfully deleted: [File] C:\Windows\syswow64\sho9CFA.tmp
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\arne-lena\appdata\local\{061A9F18-3E7D-499C-B218-1507852E350C}
Successfully deleted: [Empty Folder] C:\Users\arne-lena\appdata\local\{9832CA3C-4C05-4546-AE35-25F2C075C665}
Successfully deleted: [Empty Folder] C:\Users\arne-lena\appdata\local\{CA2AB4EA-FB22-4C69-BBDC-592A01E83170}
~~~ FireFox
Emptied folder: C:\Users\arne-lena\AppData\Roaming\mozilla\firefox\profiles\91oyl5hk.default\minidumps [41 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.02.2014 at 17:02:45,69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Und zuletzt die FRST.exe:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014
Ran by arne-lena (administrator) on ARNE-LENA-PC on 07-02-2014 17:05:13
Running from C:\Users\arne-lena\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Voyetra Turtle Beach, Inc.) C:\Program Files (x86)\Turtle Beach\AudioAdvantageMicro\TBAA.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(VMLite, Inc.) C:\XP Mode\VMLiteService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11821160 2011-05-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [Turtle Beach Audio Advantage Micro] - C:\Program Files (x86)\Turtle Beach\AudioAdvantageMicro\TBAA.exe [1654784 2009-08-30] (Voyetra Turtle Beach, Inc.)
HKLM-x32\...\Run: [MDS_Menu] - C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-08-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-11-23] (cyberlink)
HKLM-x32\...\Run: [UpdatePPShortCut] - C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Nero MediaHome 4] - C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5179880 2012-12-20] (Nero AG)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKU\S-1-5-21-910976494-1536576313-2717932127-1001\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
HKU\S-1-5-21-910976494-1536576313-2717932127-1001\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\S-1-5-21-910976494-1536576313-2717932127-1001\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\S-1-5-21-910976494-1536576313-2717932127-1001\...\RunOnce: [Turtle Beach Audio Advantage Micro] - C:\Program Files (x86)\Turtle Beach\AudioAdvantageMicro\AudioAdvantageCpl.exe [2088960 2009-10-01] (Voyetra Turtle Beach, Inc.)
HKU\S-1-5-21-910976494-1536576313-2717932127-1003\...\Run: [Xvid] - C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-910976494-1536576313-2717932127-1003\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-21-910976494-1536576313-2717932127-1005\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\S-1-5-21-910976494-1536576313-2717932127-1005\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {917623D1-D8E5-11D2-BE8B-00104B06BDE3} hxxp://floridakeysmedia.tv/axiscam/Codebase/AxisCamControl.ocx
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\arne-lena\AppData\Roaming\Mozilla\Firefox\Profiles\91oyl5hk.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-12-01]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-12-01]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-23] (CyberLink)
R2 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [518632 2012-12-20] (Nero AG)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] ()
R2 VMLiteService; C:\XP Mode\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-12-04] (DT Soft Ltd)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52832 2014-02-05] (hxxp://libusb-win32.sourceforge.net)
S3 libusb0; C:\Windows\SysWOW64\DRIVERS\libusb0.sys [52832 2013-12-26] (hxxp://libusb-win32.sourceforge.net)
R3 USBAU; C:\Windows\System32\drivers\CM10264.sys [1306624 2009-09-08] (C-Media Electronics Inc)
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
S3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
S3 VMLiteUSB; C:\Windows\System32\Drivers\VMLiteUSB.sys [150120 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S0 nvpciflt; system32\DRIVERS\nvpciflt.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-07 17:05 - 2014-02-07 17:05 - 00015330 _____ () C:\Users\arne-lena\Desktop\FRST.txt
2014-02-07 17:04 - 2014-02-07 17:04 - 00000000 ____D () C:\Users\arne-lena\Desktop\FRST-OlderVersion
2014-02-07 17:02 - 2014-02-07 17:02 - 00001912 _____ () C:\Users\arne-lena\Desktop\JRT.txt
2014-02-07 16:58 - 2014-02-07 16:58 - 00000000 ____D () C:\Windows\ERUNT
2014-02-07 16:57 - 2014-02-07 16:57 - 01037530 _____ (Thisisu) C:\Users\arne-lena\Desktop\JRT.exe
2014-02-07 16:52 - 2014-02-07 16:53 - 00000000 ____D () C:\AdwCleaner
2014-02-07 16:45 - 2014-02-07 16:45 - 01166132 _____ () C:\Users\arne-lena\Desktop\adwcleaner.exe
2014-02-07 11:00 - 2014-02-07 11:00 - 00036361 _____ () C:\Users\arne-lena\Downloads\Pixies - Bristol 1989-05-08.torrent
2014-02-06 17:28 - 2014-02-06 17:28 - 00072304 _____ () C:\ComboFix.txt
2014-02-06 17:12 - 2014-02-06 17:28 - 00000000 ____D () C:\Qoobox
2014-02-06 17:12 - 2014-02-06 17:27 - 00000000 ____D () C:\Windows\erdnt
2014-02-06 17:12 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-06 17:12 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-06 17:12 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-06 17:12 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-06 17:12 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-06 17:12 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-06 17:12 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-06 17:12 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-06 17:11 - 2014-02-06 17:11 - 05180173 ____R (Swearware) C:\Users\arne-lena\Desktop\ComboFix.exe
2014-02-06 10:22 - 2014-02-06 11:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-05 20:39 - 2014-02-07 17:05 - 00000000 ____D () C:\FRST
2014-02-05 20:39 - 2014-02-05 20:40 - 00037409 _____ () C:\Users\arne-lena\Downloads\FRST.txt
2014-02-05 20:39 - 2014-02-05 20:40 - 00034721 _____ () C:\Users\arne-lena\Downloads\Addition.txt
2014-02-05 20:38 - 2014-02-07 17:04 - 02079744 _____ (Farbar) C:\Users\arne-lena\Desktop\FRST64.exe
2014-02-05 18:21 - 2014-02-05 18:21 - 00000548 _____ () C:\Users\arne-lena\Documents\cc_20140205_182114.reg
2014-02-05 18:21 - 2014-02-05 18:21 - 00000206 _____ () C:\Users\arne-lena\Documents\cc_20140205_182126.reg
2014-02-05 18:20 - 2014-02-05 18:21 - 00109420 _____ () C:\Users\arne-lena\Documents\cc_20140205_182056.reg
2014-02-05 13:15 - 2014-02-05 13:16 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\arne-lena\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-05 12:14 - 2014-02-05 12:14 - 00000000 ____D () C:\Program Files (x86)\LibUSB-Win32
2014-02-05 12:13 - 2014-02-05 12:13 - 00418298 _____ () C:\Users\arne-lena\Downloads\iRecoveryWin32.zip
2014-02-05 12:13 - 2014-02-05 12:13 - 00000000 ____D () C:\Users\arne-lena\Downloads\iRecoveryWin32
2014-02-05 12:09 - 2014-02-05 12:09 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-02-05 12:08 - 2014-02-05 12:08 - 00076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusb0.dll
2014-02-05 12:08 - 2014-02-05 12:08 - 00067680 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusb0.dll
2014-02-05 12:08 - 2014-02-05 12:08 - 00052832 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusb0.sys
2014-02-05 12:08 - 2014-02-05 12:08 - 00025088 _____ () C:\Users\arne-lena\Downloads\installer_x64.exe
2014-02-05 12:08 - 2014-02-05 12:08 - 00023552 _____ () C:\Users\arne-lena\Downloads\installer_x86.exe
2014-02-05 12:08 - 2014-02-05 12:08 - 00007322 _____ () C:\Users\arne-lena\Downloads\Apple_Recovery_(iBoot)_USB_Driver.cat
2014-02-05 12:08 - 2014-02-05 12:08 - 00000000 ____D () C:\Users\arne-lena\Downloads\x86
2014-02-05 12:08 - 2014-02-05 12:08 - 00000000 ____D () C:\Users\arne-lena\Downloads\license
2014-02-05 12:08 - 2014-02-05 12:08 - 00000000 ____D () C:\Users\arne-lena\Downloads\ia64
2014-02-05 12:08 - 2014-02-05 12:08 - 00000000 ____D () C:\Users\arne-lena\Downloads\amd64
2014-02-05 12:07 - 2014-02-05 12:07 - 00913186 _____ () C:\Users\arne-lena\Downloads\libusb-win32-bin-1.2.6.0.zip
2014-02-05 12:07 - 2014-02-05 12:07 - 00000000 ____D () C:\Users\arne-lena\Downloads\libusb-win32-bin-1.2.6.0
2014-01-29 12:50 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-01-29 12:49 - 2014-01-29 12:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-29 12:49 - 2014-01-29 12:50 - 00000000 ____D () C:\Program Files\iTunes
2014-01-29 12:49 - 2014-01-29 12:50 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-29 12:49 - 2014-01-29 12:49 - 00000000 ____D () C:\Program Files\iPod
2014-01-29 12:47 - 2014-01-29 12:47 - 00000000 ____D () C:\Users\Public\Documents\Wondershare
2014-01-29 12:46 - 2014-01-29 12:46 - 00000000 ____D () C:\Users\arne-lena\AppData\Local\Wondershare
2014-01-29 12:46 - 2014-01-29 12:46 - 00000000 ____D () C:\ProgramData\Wondershare
2014-01-29 12:46 - 2014-01-29 12:46 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-01-29 12:46 - 2013-12-26 09:40 - 00052832 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\Drivers\libusb0.sys
2014-01-29 12:45 - 2014-01-29 12:46 - 40698144 _____ (Wondershare Software Co.,Ltd. ) C:\Users\arne-lena\Downloads\drfone_full1284.exe
2014-01-29 12:42 - 2014-01-29 12:42 - 02361218 _____ () C:\Users\arne-lena\Downloads\iH8sn0w-iREB-V3.1.2-For-Windows-English.zip
2014-01-29 12:42 - 2014-01-29 12:42 - 00000000 ____D () C:\Users\arne-lena\Downloads\iH8sn0w-iREB-V3.1.2-For-Windows-English
2014-01-29 12:06 - 2014-01-29 12:11 - 00000000 ____D () C:\Users\arne-lena\Downloads\sn0wbreeze-V1.7
2014-01-29 12:06 - 2014-01-29 12:06 - 00592737 _____ () C:\Users\arne-lena\Downloads\sn0wbreeze-V1.7.zip
2014-01-28 20:56 - 2014-01-28 20:56 - 00014206 _____ () C:\Users\arne-lena\Downloads\hs_err_pid5804.log
2014-01-28 20:05 - 2014-01-28 20:05 - 05755050 _____ () C:\Users\arne-lena\Downloads\ibrickr_v0.91.zip
2014-01-28 20:05 - 2014-01-28 20:05 - 00000000 ____D () C:\Users\arne-lena\Downloads\ibrickr_v0.91
2014-01-22 18:03 - 2014-01-22 18:03 - 00398692 _____ () C:\Users\arne-lena\Downloads\iREB-r5.zip
2014-01-22 18:03 - 2014-01-22 18:03 - 00000000 ____D () C:\Users\arne-lena\Downloads\iREB-r5
2014-01-22 17:40 - 2014-01-22 17:40 - 00408541 _____ () C:\Users\arne-lena\Downloads\iREB-r7.zip
2014-01-22 17:40 - 2014-01-22 17:40 - 00000000 ____D () C:\Users\arne-lena\Downloads\iREB-r7
2014-01-22 17:22 - 2014-01-22 17:22 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-01-22 17:21 - 2014-01-22 17:21 - 00000000 ____D () C:\Users\arne-lena\AppData\Local\Apple
2014-01-22 17:21 - 2014-01-22 17:21 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-01-22 17:21 - 2014-01-22 17:21 - 00000000 ____D () C:\Program Files\Bonjour
2014-01-22 17:21 - 2014-01-22 17:21 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-01-22 17:21 - 2014-01-22 17:21 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-01-22 17:17 - 2014-01-22 17:20 - 100400976 _____ (Apple Inc.) C:\Users\arne-lena\Downloads\iTunes64Setup.exe
2014-01-22 14:16 - 2014-01-22 17:52 - 00000000 ____D () C:\Users\arne-lena\AppData\Roaming\redsn0w
2014-01-22 14:15 - 2014-01-22 14:15 - 17279732 _____ () C:\Users\arne-lena\Downloads\redsn0w_win_0.9.15b3.zip
2014-01-22 14:15 - 2014-01-22 14:15 - 00000000 ____D () C:\Users\arne-lena\Downloads\redsn0w_win_0.9.15b3
2014-01-21 23:43 - 2014-01-21 23:43 - 03197440 _____ () C:\Users\arne-lena\Downloads\tinyumbrella-7.04.00.exe
2014-01-21 23:17 - 2014-01-21 23:17 - 00000000 _____ () C:\Users\arne-lena\Downloads\blackra1n.log
2014-01-21 22:56 - 2014-01-21 22:56 - 00000000 ____D () C:\Program Files (x86)\RMT
2014-01-21 22:40 - 2014-01-29 12:30 - 00077106 _____ () C:\Users\arne-lena\Downloads\umbrella.log
2014-01-21 22:40 - 2014-01-29 12:30 - 00054561 _____ () C:\Users\arne-lena\umbrella0.log
2014-01-21 22:40 - 2014-01-28 20:56 - 00000161 _____ () C:\Windows\system32\Drivers\etc\hosts.umbrella
2014-01-21 22:40 - 2014-01-21 22:40 - 00000000 ____D () C:\Users\arne-lena\.shsh
2014-01-15 11:44 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 11:44 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 11:44 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 11:44 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 11:44 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 11:44 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 11:44 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 11:44 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 11:44 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
==================== One Month Modified Files and Folders =======
2014-02-07 17:05 - 2014-02-07 17:05 - 00015330 _____ () C:\Users\arne-lena\Desktop\FRST.txt
2014-02-07 17:05 - 2014-02-05 20:39 - 00000000 ____D () C:\FRST
2014-02-07 17:04 - 2014-02-07 17:04 - 00000000 ____D () C:\Users\arne-lena\Desktop\FRST-OlderVersion
2014-02-07 17:04 - 2014-02-05 20:38 - 02079744 _____ (Farbar) C:\Users\arne-lena\Desktop\FRST64.exe
2014-02-07 17:02 - 2014-02-07 17:02 - 00001912 _____ () C:\Users\arne-lena\Desktop\JRT.txt
2014-02-07 17:02 - 2009-07-14 05:45 - 00017152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-07 17:02 - 2009-07-14 05:45 - 00017152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-07 17:00 - 2011-05-16 15:04 - 00654602 _____ () C:\Windows\system32\perfh007.dat
2014-02-07 17:00 - 2011-05-16 15:04 - 00130216 _____ () C:\Windows\system32\perfc007.dat
2014-02-07 17:00 - 2009-07-14 06:13 - 01500294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-07 16:58 - 2014-02-07 16:58 - 00000000 ____D () C:\Windows\ERUNT
2014-02-07 16:57 - 2014-02-07 16:57 - 01037530 _____ (Thisisu) C:\Users\arne-lena\Desktop\JRT.exe
2014-02-07 16:54 - 2011-12-15 12:02 - 00068857 _____ () C:\Windows\setupact.log
2014-02-07 16:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-07 16:53 - 2014-02-07 16:52 - 00000000 ____D () C:\AdwCleaner
2014-02-07 16:53 - 2011-12-09 13:13 - 00000000 ____D () C:\Users\arne-lena\AppData\Roaming\SoftGrid Client
2014-02-07 16:53 - 2011-12-01 08:19 - 01535512 _____ () C:\Windows\WindowsUpdate.log
2014-02-07 16:45 - 2014-02-07 16:45 - 01166132 _____ () C:\Users\arne-lena\Desktop\adwcleaner.exe
2014-02-07 16:37 - 2012-05-22 07:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-07 16:24 - 2011-12-02 13:13 - 00000000 ____D () C:\The Folder
2014-02-07 13:38 - 2013-11-22 01:30 - 00000000 ____D () C:\Users\arne-lena\AppData\Roaming\uTorrent
2014-02-07 11:00 - 2014-02-07 11:00 - 00036361 _____ () C:\Users\arne-lena\Downloads\Pixies - Bristol 1989-05-08.torrent
2014-02-07 10:15 - 2013-05-21 22:26 - 00000000 ____D () C:\rou
2014-02-07 10:11 - 2012-01-09 12:34 - 00000000 ____D () C:\Program Files (x86)\Slots Jungle Casino
2014-02-06 23:52 - 2011-12-01 18:32 - 00000000 ____D () C:\torrent
2014-02-06 23:38 - 2011-12-08 00:43 - 00000000 ____D () C:\Users\arne-lena\AppData\Roaming\Free Download Manager
2014-02-06 17:31 - 2013-05-29 11:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-06 17:31 - 2011-12-16 07:24 - 00128744 _____ () C:\Windows\PFRO.log
2014-02-06 17:28 - 2014-02-06 17:28 - 00072304 _____ () C:\ComboFix.txt
2014-02-06 17:28 - 2014-02-06 17:12 - 00000000 ____D () C:\Qoobox
2014-02-06 17:27 - 2014-02-06 17:12 - 00000000 ____D () C:\Windows\erdnt
2014-02-06 17:26 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-06 17:11 - 2014-02-06 17:11 - 05180173 ____R (Swearware) C:\Users\arne-lena\Desktop\ComboFix.exe
2014-02-06 11:12 - 2014-02-06 10:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-05 20:40 - 2014-02-05 20:39 - 00037409 _____ () C:\Users\arne-lena\Downloads\FRST.txt
2014-02-05 20:40 - 2014-02-05 20:39 - 00034721 _____ () C:\Users\arne-lena\Downloads\Addition.txt
2014-02-05 18:21 - 2014-02-05 18:21 - 00000548 _____ () C:\Users\arne-lena\Documents\cc_20140205_182114.reg
2014-02-05 18:21 - 2014-02-05 18:21 - 00000206 _____ () C:\Users\arne-lena\Documents\cc_20140205_182126.reg
2014-02-05 18:21 - 2014-02-05 18:20 - 00109420 _____ () C:\Users\arne-lena\Documents\cc_20140205_182056.reg
2014-02-05 18:15 - 2013-06-26 20:20 - 00000000 ____D () C:\Users\arne-lena\AppData\Roaming\DVDVideoSoft
2014-02-05 18:15 - 2012-01-24 08:19 - 00000000 ____D () C:\Program Files (x86)\WinPalace
2014-02-05 18:15 - 2011-12-22 12:37 - 00000000 ____D () C:\Program Files (x86)\Grand Parker Casino
2014-02-05 13:16 - 2014-02-05 13:15 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\arne-lena\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-05 13:16 - 2011-12-14 10:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-05 13:08 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-05 12:14 - 2014-02-05 12:14 - 00000000 ____D () C:\Program Files (x86)\LibUSB-Win32
2014-02-05 12:14 - 2012-01-07 01:50 - 00000000 ____D () C:\Users\arne-lena\VMLites
2014-02-05 12:13 - 2014-02-05 12:13 - 00418298 _____ () C:\Users\arne-lena\Downloads\iRecoveryWin32.zip
2014-02-05 12:13 - 2014-02-05 12:13 - 00000000 ____D () C:\Users\arne-lena\Downloads\iRecoveryWin32
2014-02-05 12:09 - 2014-02-05 12:09 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-02-05 12:09 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-02-05 12:08 - 2014-02-05 12:08 - 00076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusb0.dll
2014-02-05 12:08 - 2014-02-05 12:08 - 00067680 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusb0.dll
2014-02-05 12:08 - 2014-02-05 12:08 - 00052832 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusb0.sys
2014-02-05 12:08 - 2014-02-05 12:08 - 00025088 _____ () C:\Users\arne-lena\Downloads\installer_x64.exe
2014-02-05 12:08 - 2014-02-05 12:08 - 00023552 _____ () C:\Users\arne-lena\Downloads\installer_x86.exe
2014-02-05 12:08 - 2014-02-05 12:08 - 00007322 _____ () C:\Users\arne-lena\Downloads\Apple_Recovery_(iBoot)_USB_Driver.cat
2014-02-05 12:08 - 2014-02-05 12:08 - 00000000 ____D () C:\Users\arne-lena\Downloads\x86
2014-02-05 12:08 - 2014-02-05 12:08 - 00000000 ____D () C:\Users\arne-lena\Downloads\license
2014-02-05 12:08 - 2014-02-05 12:08 - 00000000 ____D () C:\Users\arne-lena\Downloads\ia64
2014-02-05 12:08 - 2014-02-05 12:08 - 00000000 ____D () C:\Users\arne-lena\Downloads\amd64
2014-02-05 12:07 - 2014-02-05 12:07 - 00913186 _____ () C:\Users\arne-lena\Downloads\libusb-win32-bin-1.2.6.0.zip
2014-02-05 12:07 - 2014-02-05 12:07 - 00000000 ____D () C:\Users\arne-lena\Downloads\libusb-win32-bin-1.2.6.0
2014-02-04 21:37 - 2012-05-22 07:25 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-04 21:37 - 2012-05-22 07:25 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 21:37 - 2011-08-10 20:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-03 20:09 - 2012-01-25 11:12 - 00000000 ____D () C:\Program Files (x86)\Grande Vegas Casino
2014-01-30 19:25 - 2013-05-21 22:38 - 00000000 ____D () C:\tyschan
2014-01-29 12:50 - 2014-01-29 12:49 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-29 12:50 - 2014-01-29 12:49 - 00000000 ____D () C:\Program Files\iTunes
2014-01-29 12:50 - 2014-01-29 12:49 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-29 12:49 - 2014-01-29 12:49 - 00000000 ____D () C:\Program Files\iPod
2014-01-29 12:47 - 2014-01-29 12:47 - 00000000 ____D () C:\Users\Public\Documents\Wondershare
2014-01-29 12:46 - 2014-01-29 12:46 - 00000000 ____D () C:\Users\arne-lena\AppData\Local\Wondershare
2014-01-29 12:46 - 2014-01-29 12:46 - 00000000 ____D () C:\ProgramData\Wondershare
2014-01-29 12:46 - 2014-01-29 12:46 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-01-29 12:46 - 2014-01-29 12:45 - 40698144 _____ (Wondershare Software Co.,Ltd. ) C:\Users\arne-lena\Downloads\drfone_full1284.exe
2014-01-29 12:42 - 2014-01-29 12:42 - 02361218 _____ () C:\Users\arne-lena\Downloads\iH8sn0w-iREB-V3.1.2-For-Windows-English.zip
2014-01-29 12:42 - 2014-01-29 12:42 - 00000000 ____D () C:\Users\arne-lena\Downloads\iH8sn0w-iREB-V3.1.2-For-Windows-English
2014-01-29 12:30 - 2014-01-21 22:40 - 00077106 _____ () C:\Users\arne-lena\Downloads\umbrella.log
2014-01-29 12:30 - 2014-01-21 22:40 - 00054561 _____ () C:\Users\arne-lena\umbrella0.log
2014-01-29 12:30 - 2011-12-01 08:38 - 00000000 ____D () C:\Users\arne-lena
2014-01-29 12:11 - 2014-01-29 12:06 - 00000000 ____D () C:\Users\arne-lena\Downloads\sn0wbreeze-V1.7
2014-01-29 12:06 - 2014-01-29 12:06 - 00592737 _____ () C:\Users\arne-lena\Downloads\sn0wbreeze-V1.7.zip
2014-01-28 20:56 - 2014-01-28 20:56 - 00014206 _____ () C:\Users\arne-lena\Downloads\hs_err_pid5804.log
2014-01-28 20:56 - 2014-01-21 22:40 - 00000161 _____ () C:\Windows\system32\Drivers\etc\hosts.umbrella
2014-01-28 20:19 - 2011-12-08 15:12 - 00000600 _____ () C:\Users\arne-lena\PUTTY.RND
2014-01-28 20:05 - 2014-01-28 20:05 - 05755050 _____ () C:\Users\arne-lena\Downloads\ibrickr_v0.91.zip
2014-01-28 20:05 - 2014-01-28 20:05 - 00000000 ____D () C:\Users\arne-lena\Downloads\ibrickr_v0.91
2014-01-26 13:16 - 2012-03-23 16:03 - 00000000 ____D () C:\Program Files (x86)\Casino Titan
2014-01-25 22:00 - 2013-05-24 19:04 - 00000000 ____D () C:\DLNA
2014-01-23 18:55 - 2011-12-09 08:57 - 00000000 ____D () C:\Program Files (x86)\Jackpot Capital
2014-01-22 18:03 - 2014-01-22 18:03 - 00398692 _____ () C:\Users\arne-lena\Downloads\iREB-r5.zip
2014-01-22 18:03 - 2014-01-22 18:03 - 00000000 ____D () C:\Users\arne-lena\Downloads\iREB-r5
2014-01-22 17:52 - 2014-01-22 14:16 - 00000000 ____D () C:\Users\arne-lena\AppData\Roaming\redsn0w
2014-01-22 17:40 - 2014-01-22 17:40 - 00408541 _____ () C:\Users\arne-lena\Downloads\iREB-r7.zip
2014-01-22 17:40 - 2014-01-22 17:40 - 00000000 ____D () C:\Users\arne-lena\Downloads\iREB-r7
2014-01-22 17:23 - 2013-05-22 10:19 - 00000000 ____D () C:\Users\arne-lena\AppData\Roaming\Apple Computer
2014-01-22 17:23 - 2013-05-22 10:19 - 00000000 ____D () C:\Users\arne-lena\AppData\Local\Apple Computer
2014-01-22 17:22 - 2014-01-22 17:22 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-01-22 17:21 - 2014-01-22 17:21 - 00000000 ____D () C:\Users\arne-lena\AppData\Local\Apple
2014-01-22 17:21 - 2014-01-22 17:21 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-01-22 17:21 - 2014-01-22 17:21 - 00000000 ____D () C:\Program Files\Bonjour
2014-01-22 17:21 - 2014-01-22 17:21 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-01-22 17:21 - 2014-01-22 17:21 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-01-22 17:21 - 2013-05-22 10:18 - 00000000 ____D () C:\ProgramData\Apple
2014-01-22 17:20 - 2014-01-22 17:17 - 100400976 _____ (Apple Inc.) C:\Users\arne-lena\Downloads\iTunes64Setup.exe
2014-01-22 14:15 - 2014-01-22 14:15 - 17279732 _____ () C:\Users\arne-lena\Downloads\redsn0w_win_0.9.15b3.zip
2014-01-22 14:15 - 2014-01-22 14:15 - 00000000 ____D () C:\Users\arne-lena\Downloads\redsn0w_win_0.9.15b3
2014-01-21 23:43 - 2014-01-21 23:43 - 03197440 _____ () C:\Users\arne-lena\Downloads\tinyumbrella-7.04.00.exe
2014-01-21 23:17 - 2014-01-21 23:17 - 00000000 _____ () C:\Users\arne-lena\Downloads\blackra1n.log
2014-01-21 22:56 - 2014-01-21 22:56 - 00000000 ____D () C:\Program Files (x86)\RMT
2014-01-21 22:40 - 2014-01-21 22:40 - 00000000 ____D () C:\Users\arne-lena\.shsh
2014-01-18 10:28 - 2013-05-21 22:39 - 00000000 ____D () C:\Anna-Lenas Scheiss Fuckin Shit Ordner
2014-01-18 10:03 - 2012-02-10 12:22 - 00000000 ____D () C:\Program Files (x86)\Club World Casinos
2014-01-16 17:56 - 2013-05-21 22:18 - 00000000 ____D () C:\files
2014-01-16 16:11 - 2011-12-14 10:13 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-01-16 14:34 - 2011-12-02 18:01 - 00000000 ____D () C:\Program Files (x86)\Slotastic
2014-01-16 07:33 - 2009-07-14 05:45 - 00393184 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 23:57 - 2013-07-17 09:46 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 23:54 - 2011-07-18 21:31 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-10 11:25 - 2011-12-29 18:25 - 00000000 ____D () C:\Program Files (x86)\Slotocash Casino
2014-01-09 20:07 - 2011-12-09 16:06 - 00000000 ____D () C:\Another American Experience
Some content of TEMP:
====================
C:\Users\arne-lena\AppData\Local\Temp\avgnt.exe
C:\Users\arne-lena\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-29 09:39
==================== End Of Log ============================ --- --- ---
--- --- --- |