So alles erledigt:-)
Geht echt alles fix & reibungslos, toll!!! (ich meine die Dowloads, Scans usw.)
Danke!!!
C:\ mbam.txt :
Suchlauf Datum: 10.04.2014
Suchlauf-Zeit: 10:10:05
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.1.1004
Malware Datenbank: v2014.04.10.03
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: bluejvkeyes
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 240319
Verstrichene Zeit: 18 Min, 4 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 6
Trojan.Agent.ZT, C:\ProgramData\xci\gcwhf.exe, 2556, Löschen bei Neustart, [847cbf4144bc07f9bb1573d7f50ce11f]
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\SweetIM.exe, 3256, Löschen bei Neustart, [04fc1de30df3827ed3a04cf2f1137b85]
Trojan.Agent.ZT, C:\ProgramData\goo\btwtcsd.exe, 3592, Löschen bei Neustart, [a35d24dc9c647f812ba5e16921e0e41c]
Trojan.Agent.ZT, C:\ProgramData\goo\btwtcsd.exe, 5064, Löschen bei Neustart, [a35d24dc9c647f812ba5e16921e0e41c]
Trojan.Agent.ZT, C:\ProgramData\gbr\ljlneyx.exe, 3624, Löschen bei Neustart, [966a847c748c669a983864e6df22be42]
Trojan.Agent.ZT, C:\ProgramData\gbr\ljlneyx.exe, 5100, Löschen bei Neustart, [966a847c748c669a983864e6df22be42]
Module: 23
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll, Löschen bei Neustart, [8f7124dcd52b43bd93e0b589a65e728e],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll, Löschen bei Neustart, [8f7124dcd52b43bd93e0b589a65e728e],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll, Löschen bei Neustart, [8f7124dcd52b43bd93e0b589a65e728e],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll, Löschen bei Neustart, [8f7124dcd52b43bd93e0b589a65e728e],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll, Löschen bei Neustart, [8f7124dcd52b43bd93e0b589a65e728e],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll, Löschen bei Neustart, [8f7124dcd52b43bd93e0b589a65e728e],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll, Löschen bei Neustart, [8f7124dcd52b43bd93e0b589a65e728e],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll, Löschen bei Neustart, [8f7124dcd52b43bd93e0b589a65e728e],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll, Löschen bei Neustart, [8f7124dcd52b43bd93e0b589a65e728e],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll, Löschen bei Neustart, [8f7124dcd52b43bd93e0b589a65e728e],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll, Löschen bei Neustart, [8f7124dcd52b43bd93e0b589a65e728e],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll, Löschen bei Neustart, [8f7124dcd52b43bd93e0b589a65e728e],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll, Löschen bei Neustart, [8f7124dcd52b43bd93e0b589a65e728e],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll, Löschen bei Neustart, [8f7124dcd52b43bd93e0b589a65e728e],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll, Löschen bei Neustart, [8f7124dcd52b43bd93e0b589a65e728e],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll, Löschen bei Neustart, [8f7124dcd52b43bd93e0b589a65e728e],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgUpdateSupport.dll, Löschen bei Neustart, [b44c01ff27d94eb2670c0a3446beac54],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgcommunication.dll, Löschen bei Neustart, [08f84fb1926e03fd9ad92b1320e4fe02],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgIEPlayer.dll, Löschen bei Neustart, [03fde719946cc43cbcb762dcf70d16ea],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgcommon.dll, Löschen bei Neustart, [8c7409f7a25ef20e4e257ec04bb926da],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mghooking.dll, Löschen bei Neustart, [e61a0ff1f709956bb7bc0b3307fd04fc],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgxml_wrapper.dll, Löschen bei Neustart, [fa06e818a9571fe153203ffff311b64a],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgconfig.dll, Löschen bei Neustart, [758b43bda25e12ee1c573fff11f31be5],
Registrierungsschlüssel: 2
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\SWEETIM, In Quarantäne, [f50b1fe12dd3e0205083dfabb350d42c],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-39800961-588471803-1280384396-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, In Quarantäne, [17e9fe02c7391de35f730a80e71c7b85],
Registrierungswerte: 9
PUP.Optional.SweetIM, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SweetIM, C:\Program Files\SweetIM\Messenger\SweetIM.exe, In Quarantäne, [04fc1de30df3827ed3a04cf2f1137b85]
Trojan.Agent.ZT, HKU\S-1-5-21-39800961-588471803-1280384396-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|g10jsu, C:\ProgramData\goo\btwtcsd.exe, In Quarantäne, [a35d24dc9c647f812ba5e16921e0e41c]
Trojan.Agent.ZT, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|f2dea, C:\ProgramData\gbr\ljlneyx.exe, In Quarantäne, [966a847c748c669a983864e6df22be42]
Trojan.Agent.ZT, HKU\S-1-5-21-39800961-588471803-1280384396-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|f2dea, C:\ProgramData\gbr\ljlneyx.exe, In Quarantäne, [966a847c748c669a983864e6df22be42]
Trojan.Agent.ZT, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|f2dea, C:\ProgramData\gbr\ljlneyx.exe, In Quarantäne, [966a847c748c669a983864e6df22be42]
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\SWEETIM|simapp_id, {CC3E70DE-982E-11DF-B9BF-001377FE3BD6}, In Quarantäne, [f50b1fe12dd3e0205083dfabb350d42c]
PUP.Optional.SweetIM.A, HKU\S-1-5-21-39800961-588471803-1280384396-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, {CC3E70DE-982E-11DF-B9BF-001377FE3BD6}, In Quarantäne, [17e9fe02c7391de35f730a80e71c7b85]
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGHELPERAPP.EXE, 1, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65]
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGTOOLBARPROXY.DLL, 1, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65]
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 5
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\conf, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
Dateien: 79
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll, Löschen bei Neustart, [8f7124dcd52b43bd93e0b589a65e728e],
Trojan.Agent.ZT, C:\ProgramData\xci\gcwhf.exe, Löschen bei Neustart, [847cbf4144bc07f9bb1573d7f50ce11f],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\SweetIM.exe, Löschen bei Neustart, [04fc1de30df3827ed3a04cf2f1137b85],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgUpdateSupport.dll, Löschen bei Neustart, [b44c01ff27d94eb2670c0a3446beac54],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgcommunication.dll, Löschen bei Neustart, [08f84fb1926e03fd9ad92b1320e4fe02],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgIEPlayer.dll, Löschen bei Neustart, [03fde719946cc43cbcb762dcf70d16ea],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgcommon.dll, Löschen bei Neustart, [8c7409f7a25ef20e4e257ec04bb926da],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mghooking.dll, Löschen bei Neustart, [e61a0ff1f709956bb7bc0b3307fd04fc],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgxml_wrapper.dll, Löschen bei Neustart, [fa06e818a9571fe153203ffff311b64a],
PUP.Optional.SweetIM, C:\Program Files\SweetIM\Messenger\mgconfig.dll, Löschen bei Neustart, [758b43bda25e12ee1c573fff11f31be5],
Trojan.Agent.ZT, C:\ProgramData\goo\btwtcsd.exe, Löschen bei Neustart, [a35d24dc9c647f812ba5e16921e0e41c],
Trojan.Agent.ZT, C:\ProgramData\gbr\ljlneyx.exe, Löschen bei Neustart, [966a847c748c669a983864e6df22be42],
Trojan.Agent.ZT, C:\ProgramData\jfp\lbekyaq.exe, In Quarantäne, [a060ce3299679a6627a91f2b31d07789],
Trojan.Agent.ZT, C:\ProgramData\jonjldu\lpcq.exe, In Quarantäne, [f20e966a04fc28d8d5fb97b35aa7e61a],
Trojan.Agent.ZT, C:\ProgramData\xpe\mvtna.exe, In Quarantäne, [b54b8a768e727f817d5352f82ed3a957],
Trojan.Agent.ZT, C:\ProgramData\ptmm\aqxfmpi.exe, In Quarantäne, [d92726da01ffb94708c8ee5ca35e03fd],
Trojan.Agent.ZT, C:\ProgramData\rtyeusg\otptq.exe, In Quarantäne, [59a7b44c3fc12ad6c10f252530d17090],
Trojan.Agent.ED, C:\Users\bluejvkeyes\AppData\Roaming\Qaywk\tjgdsxeja.exe, In Quarantäne, [d828cf31be42dd230d71fb63c43d7c84],
Trojan.Agent.ED, C:\Users\bluejvkeyes\AppData\Local\Lbovygvrj\fsundfxeja.exe, In Quarantäne, [0cf415ebb848da2669153b2340c1f010],
PUP.Optional.SweetIM, C:\Windows\Installer\3e6232.msi, In Quarantäne, [eb15758bcc3432ce5c17d46aa65ef50b],
PUP.Optional.SweetIM, C:\Windows\Installer\3e6238.msi, In Quarantäne, [c23edb2512ee0cf4442f76c8f50fc040],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\default.xml, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\mghooking.dll, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\mglogger.dll, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\about.html, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\bing.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dating.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\find.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\games.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\google.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\help.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\music.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\news.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\options.html, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\photos.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\version.txt, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\video.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
PUP.Optional.SweetIM.A, C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png, In Quarantäne, [27d9d32d04fca9574f52be9a9a689b65],
Physische Sektoren: 0
(No malicious items detected)
(end)
C:\ Adwcleaner.txt :
AdwCleaner Logfile:
Code:
# AdwCleaner v3.023 - Bericht erstellt am 10/04/2014 um 10:27:29
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : bluejvkeyes - BLUEJVKEYES-PC
# Gestartet von : C:\Users\bluejvkeyes\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\SweetIM
Ordner Gelöscht : C:\Program Files\Ask.com
Ordner Gelöscht : C:\Program Files\SweetIM
Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Ordner Gelöscht : C:\Users\bluejvkeyes\AppData\Local\OpenCandy
Ordner Gelöscht : C:\Users\bluejvkeyes\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\bluejvkeyes\AppData\LocalLow\SweetIM
Ordner Gelöscht : C:\Users\bluejvkeyes\AppData\Roaming\uniblue
Ordner Gelöscht : C:\Users\bluejvkeyes\AppData\Roaming\Mozilla\Firefox\Profiles\ah294i5n.default\Extensions\toolbar@ask.com
Datei Gelöscht : C:\Users\bluejvkeyes\AppData\Roaming\Mozilla\Firefox\Profiles\ah294i5n.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Users\bluejvkeyes\AppData\Roaming\Mozilla\Firefox\Profiles\ah294i5n.default\searchplugins\askcomsearch.xml
Datei Gelöscht : C:\Users\bluejvkeyes\AppData\Roaming\Mozilla\Firefox\Profiles\ah294i5n.default\searchplugins\SweetIm.xml
Datei Gelöscht : C:\Users\bluejvkeyes\AppData\Roaming\Mozilla\Firefox\Profiles\ah294i5n.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23CFBD29-EECB-475C-BB2C-7158EE58E8BA}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23CFBD29-EECB-475C-BB2C-7158EE58E8BA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{50F7F0BE-31BA-4145-BD8B-6B0DECFED804}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{08ED8855-4C2E-429B-A878-F129E1F624FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A6CC2CA2-2779-4F10-88BF-A3C9EB874C24}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16521
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v28.0 (de)
[ Datei : C:\Users\bluejvkeyes\AppData\Roaming\Mozilla\Firefox\Profiles\ah294i5n.default\prefs.js ]
Zeile gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Zeile gelöscht : user_pref("browser.search.order.1", "Ask.com");
Zeile gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
*************************
AdwCleaner[R0].txt - [17431 octets] - [10/04/2014 10:24:45]
AdwCleaner[S0].txt - [17357 octets] - [10/04/2014 10:27:29]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17418 octets] ##########
--- --- ---
C:\ JRT.txt :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x86
Ran by bluejvkeyes on 10.04.2014 at 10:34:33,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-39800961-588471803-1280384396-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D2CFDF74-1C1D-44E9-B0C1-574357A25D5A}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\bluejvkeyes\AppData\Roaming\mozilla\firefox\profiles\ah294i5n.default\minidumps [138 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.04.2014 at 10:37:39,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
C:\ FRST.txt :
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01 (ATTENTION: ====> FRST version is 28 days old and could be outdated)
Ran by bluejvkeyes (administrator) on BLUEJVKEYES-PC on 10-04-2014 10:39:58
Running from C:\Users\bluejvkeyes\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2008-12-24] (CyberLink)
HKLM\...\Run: [UpdateP2GoShortCut] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM\...\Run: [RemoteControl8] - C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [PDVD8LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [UpdatePPShortCut] - C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] - C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-03-12] (CyberLink Corp.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1848648 2008-03-17] (CANON INC.)
HKLM\...\Run: [IJNetworkScanUtility] - C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2007-11-19] (CANON INC.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1425208 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\.DEFAULT\...\Winlogon: [Shell] C:\ProgramData\xci\gcwhf.exe,explorer.exe <==== ATTENTION
HKU\S-1-5-21-39800961-588471803-1280384396-1001\...\Run: [Sony PC Companion] - C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449760 2013-10-31] (Sony)
HKU\S-1-5-21-39800961-588471803-1280384396-1001\...\Run: [TomTomHOME.exe] - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-07-02] (TomTom)
HKU\S-1-5-21-39800961-588471803-1280384396-1001\...\Run: [Power2GoExpress] - [X]
HKU\S-1-5-21-39800961-588471803-1280384396-1001\...\Winlogon: [Shell] C:\ProgramData\rtyeusg\otptq.exe,explorer.exe <==== ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Yahoo! Toolbar - {EF2D6E36-5C05-4F40-B861-9E909B5BAE09} - C:\Users\bluejvkeyes\AppData\Roaming\YahooToolbar\IE\YahooToolbar.dll (Yahoo! Inc.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\bluejvkeyes\AppData\Roaming\Mozilla\Firefox\Profiles\ah294i5n.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.berlinerhaie.com/index.php
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/MycameraPlugin - C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Microsoft .NET Framework Assistant - C:\Users\bluejvkeyes\AppData\Roaming\Mozilla\Firefox\Profiles\ah294i5n.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-07-02]
FF Extension: Yahoo! Toolbar - C:\Program Files\Mozilla Firefox\extensions\{52c732b8-d108-4aae-b327-4b16b66dda26} [2014-03-29]
FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-03-29]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-03-29]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-29]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-03-29]
========================== Services (Whitelisted) =================
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
==================== Drivers (Whitelisted) ====================
S3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2007-06-01] (SAMSUNG ELECTRONICS CO., LTD.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
S3 usbser32; C:\Windows\System32\DRIVERS\usbser.sys [27648 2010-11-20] (Microsoft Corporation)
S3 w800bus; C:\Windows\System32\DRIVERS\w800bus.sys [60768 2005-06-13] (MCCI)
S3 w800mdfl; C:\Windows\System32\DRIVERS\w800mdfl.sys [9264 2005-06-13] (MCCI)
S3 w800mdm; C:\Windows\System32\DRIVERS\w800mdm.sys [96224 2005-06-13] (MCCI)
S3 w800mgmt; C:\Windows\System32\DRIVERS\w800mgmt.sys [87792 2005-06-13] (MCCI)
S3 w800obex; C:\Windows\System32\DRIVERS\w800obex.sys [85664 2005-06-13] (MCCI)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\BLUEJV~1\AppData\Local\Temp\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-10 10:37 - 2014-04-10 10:37 - 00001393 _____ () C:\Users\bluejvkeyes\Desktop\JRT.txt
2014-04-10 10:34 - 2014-04-10 10:34 - 00000000 ____D () C:\Windows\ERUNT
2014-04-10 10:33 - 2014-04-10 10:33 - 01016261 _____ (Thisisu) C:\Users\bluejvkeyes\Desktop\JRT.exe
2014-04-10 10:30 - 2014-04-10 10:30 - 00017499 _____ () C:\Users\bluejvkeyes\Desktop\AdwCleaner[S0].txt
2014-04-10 10:24 - 2014-04-10 10:27 - 00000000 ____D () C:\AdwCleaner
2014-04-10 10:22 - 2014-04-10 10:22 - 01426178 _____ () C:\Users\bluejvkeyes\Downloads\adwcleaner.exe
2014-04-10 10:19 - 2014-04-10 10:19 - 00018998 _____ () C:\Users\bluejvkeyes\Desktop\mbam.txt
2014-04-10 09:48 - 2014-04-10 10:17 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 09:47 - 2014-04-10 09:47 - 00001056 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 09:47 - 2014-04-10 09:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 09:47 - 2014-04-10 09:47 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-10 09:47 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-10 09:47 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-10 09:47 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-10 09:43 - 2014-04-10 09:44 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\bluejvkeyes\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-10 09:36 - 2014-04-10 10:11 - 00023428 _____ () C:\Windows\PFRO.log
2014-04-09 10:56 - 2014-04-09 10:56 - 00012637 _____ () C:\ComboFix.txt
2014-04-09 10:43 - 2014-04-09 10:56 - 00000000 ____D () C:\Qoobox
2014-04-09 10:43 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-09 10:43 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-09 10:43 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-09 10:43 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-09 10:43 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-09 10:43 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-09 10:43 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-09 10:43 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-09 10:42 - 2014-04-09 10:55 - 00000000 ____D () C:\Windows\erdnt
2014-04-09 10:24 - 2014-04-09 10:24 - 05194596 ____R (Swearware) C:\Users\bluejvkeyes\Desktop\ComboFix.exe
2014-04-09 10:20 - 2014-04-10 10:10 - 00000000 ____D () C:\ProgramData\jfp
2014-04-09 10:20 - 2014-04-09 10:20 - 00000000 ____D () C:\ProgramData\pkx
2014-04-09 10:20 - 2014-04-09 10:20 - 00000000 ____D () C:\ProgramData\icppmw
2014-04-08 09:29 - 2014-04-08 09:30 - 00023005 _____ () C:\Users\bluejvkeyes\Desktop\Addition.txt
2014-04-08 09:28 - 2014-04-10 10:39 - 00013096 _____ () C:\Users\bluejvkeyes\Desktop\FRST.txt
2014-04-08 09:28 - 2014-04-10 10:39 - 00000000 ____D () C:\FRST
2014-04-08 09:28 - 2014-04-08 09:28 - 01145856 _____ (Farbar) C:\Users\bluejvkeyes\Desktop\FRST.exe
2014-04-08 09:23 - 2014-04-08 09:23 - 00000484 _____ () C:\Users\bluejvkeyes\Downloads\defogger_disable.log
2014-04-08 09:23 - 2014-04-08 09:23 - 00000000 _____ () C:\Users\bluejvkeyes\defogger_reenable
2014-04-08 09:21 - 2014-04-08 09:21 - 00050477 _____ () C:\Users\bluejvkeyes\Downloads\Defogger.exe
2014-04-08 09:01 - 2014-04-10 10:10 - 00000000 ____D () C:\ProgramData\ptmm
2014-04-08 09:01 - 2014-04-09 10:20 - 00000000 ____D () C:\ProgramData\dykawl
2014-04-08 09:01 - 2014-04-08 09:01 - 00000000 ____D () C:\ProgramData\igr
2014-04-08 08:59 - 2014-04-10 10:11 - 00000000 ____D () C:\ProgramData\xci
2014-04-08 08:34 - 2014-04-10 10:11 - 00000000 ____D () C:\ProgramData\gbr
2014-04-08 08:34 - 2014-04-10 10:10 - 00000000 ____D () C:\ProgramData\dmbh
2014-04-08 08:34 - 2014-04-08 08:34 - 00000000 ____D () C:\ProgramData\tjlt
2014-04-08 08:31 - 2014-04-10 10:10 - 00000000 ____D () C:\ProgramData\xpe
2014-04-07 11:04 - 2014-04-10 10:10 - 00000000 ____D () C:\ProgramData\jonjldu
2014-04-07 11:04 - 2014-04-09 10:18 - 00000000 ____D () C:\ProgramData\mfgo
2014-04-07 11:04 - 2014-04-07 11:09 - 00000000 ____D () C:\ProgramData\dpypj
2014-04-07 11:04 - 2014-04-07 11:04 - 00000000 ____D () C:\ProgramData\muemw
2014-04-04 13:13 - 2014-04-07 11:09 - 00000000 ____D () C:\ProgramData\bxaoqa
2014-04-04 13:13 - 2014-04-07 11:04 - 00000000 ____D () C:\ProgramData\jyr
2014-04-04 13:13 - 2014-04-04 13:14 - 00000000 ____D () C:\ProgramData\qmccg
2014-04-03 13:32 - 2014-04-10 10:11 - 00000000 ____D () C:\ProgramData\rtyeusg
2014-04-03 13:32 - 2014-04-10 10:11 - 00000000 ____D () C:\ProgramData\goo
2014-04-03 13:32 - 2014-04-10 09:39 - 00000000 ____D () C:\ProgramData\vxdg
2014-04-03 13:32 - 2014-04-10 09:39 - 00000000 ____D () C:\ProgramData\gylokkk
2014-04-03 13:32 - 2014-04-03 13:32 - 00000000 ____D () C:\ProgramData\ouan
2014-04-03 13:29 - 2014-04-10 10:10 - 00000000 ____D () C:\ProgramData\nhvfg
2014-04-03 13:28 - 2014-04-09 10:35 - 00000000 ___HD () C:\Users\bluejvkeyes\AppData\Local\Eiepxwigmy
2014-04-03 13:25 - 2014-04-10 10:10 - 00000000 ___HD () C:\Users\bluejvkeyes\AppData\Roaming\Qaywk
2014-04-03 13:24 - 2014-04-10 10:10 - 00000000 ___HD () C:\Users\bluejvkeyes\AppData\Local\Lbovygvrj
2014-03-29 22:46 - 2014-03-29 22:46 - 00000000 ____D () C:\Users\bluejvkeyes\AppData\Roaming\RavensburgerTipToi
2014-03-29 22:45 - 2014-03-29 22:46 - 00000000 ____D () C:\ProgramData\RavensburgerTipToi
2014-03-29 22:45 - 2014-03-29 22:45 - 00001026 _____ () C:\Users\bluejvkeyes\Desktop\tiptoi.lnk
2014-03-29 22:45 - 2014-03-29 22:45 - 00000000 ____D () C:\Users\bluejvkeyes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
2014-03-29 22:45 - 2014-03-29 22:45 - 00000000 ____D () C:\Program Files\Ravensburger tiptoi
2014-03-29 08:59 - 2014-03-29 09:00 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-29 08:22 - 2014-03-29 08:22 - 00002170 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-03-29 08:17 - 2014-03-29 08:18 - 00847824 _____ (Google Inc.) C:\Users\bluejvkeyes\Downloads\GoogleEarthSetup.exe
2014-03-29 08:12 - 2014-03-29 08:13 - 00848000 _____ (Google Inc.) C:\Users\bluejvkeyes\Downloads\googleupdatesetup(3).exe
2014-03-29 08:10 - 2014-03-29 08:10 - 00848000 _____ (Google Inc.) C:\Users\bluejvkeyes\Downloads\googleupdatesetup(2).exe
2014-03-29 08:09 - 2014-03-29 08:09 - 00848000 _____ (Google Inc.) C:\Users\bluejvkeyes\Downloads\googleupdatesetup(1).exe
2014-03-28 15:50 - 2014-03-28 15:50 - 00024598 _____ () C:\Users\bluejvkeyes\Downloads\Kinder-(3)
2014-03-28 15:46 - 2014-03-28 15:46 - 00023286 _____ () C:\Users\bluejvkeyes\Downloads\Kinder-(2)
2014-03-28 15:44 - 2014-03-28 15:44 - 00023046 _____ () C:\Users\bluejvkeyes\Downloads\Kinder-(1)
2014-03-28 15:16 - 2014-04-10 09:40 - 00013244 _____ () C:\Windows\DPINST.LOG
2014-03-24 22:25 - 2014-03-24 22:25 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-24 22:23 - 2014-03-24 22:25 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-03-24 22:23 - 2014-03-24 22:25 - 00000000 ____D () C:\Program Files\iTunes
2014-03-24 22:23 - 2014-03-24 22:23 - 00000000 ____D () C:\Program Files\iPod
2014-03-21 14:45 - 2014-03-25 00:42 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-03-18 13:28 - 2014-04-07 11:09 - 00000000 ____D () C:\Users\bluejvkeyes\Documents\aufbauanleitungen playmobil
2014-03-18 10:41 - 2014-04-10 10:28 - 00002085 _____ () C:\Windows\setupact.log
2014-03-18 10:41 - 2014-03-18 10:41 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-14 13:52 - 2014-03-01 06:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-14 13:52 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-14 13:52 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 13:52 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 13:52 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-14 13:52 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-14 13:52 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-14 13:52 - 2014-03-01 05:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-14 13:52 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-14 13:52 - 2014-03-01 05:31 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-14 13:52 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 13:52 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-14 13:51 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 13:51 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 13:51 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-14 13:51 - 2014-03-01 05:25 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 13:51 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-14 13:51 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 13:51 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 13:51 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-14 13:51 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 13:51 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 13:51 - 2014-02-07 03:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 13:51 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 13:51 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-14 13:50 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-14 13:50 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 14:19 - 2014-03-12 14:19 - 00005686 _____ () C:\Users\bluejvkeyes\Downloads\Kinder-
==================== One Month Modified Files and Folders =======
2014-04-10 10:40 - 2014-04-08 09:28 - 00013096 _____ () C:\Users\bluejvkeyes\Desktop\FRST.txt
2014-04-10 10:39 - 2014-04-08 09:28 - 00000000 ____D () C:\FRST
2014-04-10 10:39 - 2012-08-08 22:41 - 01503634 _____ () C:\Windows\WindowsUpdate.log
2014-04-10 10:37 - 2014-04-10 10:37 - 00001393 _____ () C:\Users\bluejvkeyes\Desktop\JRT.txt
2014-04-10 10:36 - 2009-07-14 06:34 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-10 10:36 - 2009-07-14 06:34 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-10 10:34 - 2014-04-10 10:34 - 00000000 ____D () C:\Windows\ERUNT
2014-04-10 10:33 - 2014-04-10 10:33 - 01016261 _____ (Thisisu) C:\Users\bluejvkeyes\Desktop\JRT.exe
2014-04-10 10:33 - 2010-06-04 21:21 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-10 10:30 - 2014-04-10 10:30 - 00017499 _____ () C:\Users\bluejvkeyes\Desktop\AdwCleaner[S0].txt
2014-04-10 10:29 - 2012-03-13 00:25 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-10 10:29 - 2010-06-11 21:22 - 00000000 ____D () C:\Users\bluejvkeyes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-04-10 10:29 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-10 10:28 - 2014-03-18 10:41 - 00002085 _____ () C:\Windows\setupact.log
2014-04-10 10:27 - 2014-04-10 10:24 - 00000000 ____D () C:\AdwCleaner
2014-04-10 10:24 - 2012-03-13 00:25 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-10 10:22 - 2014-04-10 10:22 - 01426178 _____ () C:\Users\bluejvkeyes\Downloads\adwcleaner.exe
2014-04-10 10:19 - 2014-04-10 10:19 - 00018998 _____ () C:\Users\bluejvkeyes\Desktop\mbam.txt
2014-04-10 10:17 - 2014-04-10 09:48 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 10:11 - 2014-04-10 09:36 - 00023428 _____ () C:\Windows\PFRO.log
2014-04-10 10:11 - 2014-04-08 08:59 - 00000000 ____D () C:\ProgramData\xci
2014-04-10 10:11 - 2014-04-08 08:34 - 00000000 ____D () C:\ProgramData\gbr
2014-04-10 10:11 - 2014-04-03 13:32 - 00000000 ____D () C:\ProgramData\rtyeusg
2014-04-10 10:11 - 2014-04-03 13:32 - 00000000 ____D () C:\ProgramData\goo
2014-04-10 10:10 - 2014-04-09 10:20 - 00000000 ____D () C:\ProgramData\jfp
2014-04-10 10:10 - 2014-04-08 09:01 - 00000000 ____D () C:\ProgramData\ptmm
2014-04-10 10:10 - 2014-04-08 08:34 - 00000000 ____D () C:\ProgramData\dmbh
2014-04-10 10:10 - 2014-04-08 08:31 - 00000000 ____D () C:\ProgramData\xpe
2014-04-10 10:10 - 2014-04-07 11:04 - 00000000 ____D () C:\ProgramData\jonjldu
2014-04-10 10:10 - 2014-04-03 13:29 - 00000000 ____D () C:\ProgramData\nhvfg
2014-04-10 10:10 - 2014-04-03 13:25 - 00000000 ___HD () C:\Users\bluejvkeyes\AppData\Roaming\Qaywk
2014-04-10 10:10 - 2014-04-03 13:24 - 00000000 ___HD () C:\Users\bluejvkeyes\AppData\Local\Lbovygvrj
2014-04-10 10:10 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-04-10 09:48 - 2012-08-08 13:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-10 09:47 - 2014-04-10 09:47 - 00001056 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 09:47 - 2014-04-10 09:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 09:47 - 2014-04-10 09:47 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-10 09:44 - 2014-04-10 09:43 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\bluejvkeyes\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-10 09:40 - 2014-03-28 15:16 - 00013244 _____ () C:\Windows\DPINST.LOG
2014-04-10 09:39 - 2014-04-03 13:32 - 00000000 ____D () C:\ProgramData\vxdg
2014-04-10 09:39 - 2014-04-03 13:32 - 00000000 ____D () C:\ProgramData\gylokkk
2014-04-09 10:56 - 2014-04-09 10:56 - 00012637 _____ () C:\ComboFix.txt
2014-04-09 10:56 - 2014-04-09 10:43 - 00000000 ____D () C:\Qoobox
2014-04-09 10:56 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-04-09 10:55 - 2014-04-09 10:42 - 00000000 ____D () C:\Windows\erdnt
2014-04-09 10:54 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2014-04-09 10:35 - 2014-04-03 13:28 - 00000000 ___HD () C:\Users\bluejvkeyes\AppData\Local\Eiepxwigmy
2014-04-09 10:24 - 2014-04-09 10:24 - 05194596 ____R (Swearware) C:\Users\bluejvkeyes\Desktop\ComboFix.exe
2014-04-09 10:20 - 2014-04-09 10:20 - 00000000 ____D () C:\ProgramData\pkx
2014-04-09 10:20 - 2014-04-09 10:20 - 00000000 ____D () C:\ProgramData\icppmw
2014-04-09 10:20 - 2014-04-08 09:01 - 00000000 ____D () C:\ProgramData\dykawl
2014-04-09 10:18 - 2014-04-07 11:04 - 00000000 ____D () C:\ProgramData\mfgo
2014-04-08 09:30 - 2014-04-08 09:29 - 00023005 _____ () C:\Users\bluejvkeyes\Desktop\Addition.txt
2014-04-08 09:28 - 2014-04-08 09:28 - 01145856 _____ (Farbar) C:\Users\bluejvkeyes\Desktop\FRST.exe
2014-04-08 09:23 - 2014-04-08 09:23 - 00000484 _____ () C:\Users\bluejvkeyes\Downloads\defogger_disable.log
2014-04-08 09:23 - 2014-04-08 09:23 - 00000000 _____ () C:\Users\bluejvkeyes\defogger_reenable
2014-04-08 09:23 - 2010-06-04 21:21 - 00000000 ____D () C:\Users\bluejvkeyes
2014-04-08 09:21 - 2014-04-08 09:21 - 00050477 _____ () C:\Users\bluejvkeyes\Downloads\Defogger.exe
2014-04-08 09:01 - 2014-04-08 09:01 - 00000000 ____D () C:\ProgramData\igr
2014-04-08 08:59 - 2010-06-05 00:45 - 00120472 _____ () C:\Users\bluejvkeyes\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-08 08:45 - 2009-07-14 06:33 - 00424416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-08 08:40 - 2010-06-11 22:52 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-04-08 08:34 - 2014-04-08 08:34 - 00000000 ____D () C:\ProgramData\tjlt
2014-04-07 11:09 - 2014-04-07 11:04 - 00000000 ____D () C:\ProgramData\dpypj
2014-04-07 11:09 - 2014-04-04 13:13 - 00000000 ____D () C:\ProgramData\bxaoqa
2014-04-07 11:09 - 2014-03-18 13:28 - 00000000 ____D () C:\Users\bluejvkeyes\Documents\aufbauanleitungen playmobil
2014-04-07 11:04 - 2014-04-07 11:04 - 00000000 ____D () C:\ProgramData\muemw
2014-04-07 11:04 - 2014-04-04 13:13 - 00000000 ____D () C:\ProgramData\jyr
2014-04-04 13:14 - 2014-04-04 13:13 - 00000000 ____D () C:\ProgramData\qmccg
2014-04-03 14:11 - 2011-01-26 22:43 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-03 14:11 - 2011-01-26 22:42 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-03 13:32 - 2014-04-03 13:32 - 00000000 ____D () C:\ProgramData\ouan
2014-04-03 09:51 - 2014-04-10 09:47 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-10 09:47 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-10 09:47 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 12:20 - 2012-09-02 21:45 - 00000000 ____D () C:\Users\bluejvkeyes\Documents\pippifax
2014-04-01 14:19 - 2010-06-11 23:20 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-04-01 11:07 - 2010-06-14 22:10 - 00000000 ____D () C:\Users\bluejvkeyes\AppData\Roaming\ZoomBrowser EX
2014-04-01 11:04 - 2010-06-11 22:33 - 00000000 ____D () C:\ProgramData\ZoomBrowser
2014-03-30 21:26 - 2012-05-09 21:28 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-29 22:46 - 2014-03-29 22:46 - 00000000 ____D () C:\Users\bluejvkeyes\AppData\Roaming\RavensburgerTipToi
2014-03-29 22:46 - 2014-03-29 22:45 - 00000000 ____D () C:\ProgramData\RavensburgerTipToi
2014-03-29 22:45 - 2014-03-29 22:45 - 00001026 _____ () C:\Users\bluejvkeyes\Desktop\tiptoi.lnk
2014-03-29 22:45 - 2014-03-29 22:45 - 00000000 ____D () C:\Users\bluejvkeyes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
2014-03-29 22:45 - 2014-03-29 22:45 - 00000000 ____D () C:\Program Files\Ravensburger tiptoi
2014-03-29 09:00 - 2014-03-29 08:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-29 08:22 - 2014-03-29 08:22 - 00002170 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-03-29 08:21 - 2010-06-11 21:41 - 00000000 ____D () C:\Users\bluejvkeyes\AppData\Local\Google
2014-03-29 08:21 - 2010-06-11 21:41 - 00000000 ____D () C:\Program Files\Google
2014-03-29 08:18 - 2014-03-29 08:17 - 00847824 _____ (Google Inc.) C:\Users\bluejvkeyes\Downloads\GoogleEarthSetup.exe
2014-03-29 08:13 - 2014-03-29 08:12 - 00848000 _____ (Google Inc.) C:\Users\bluejvkeyes\Downloads\googleupdatesetup(3).exe
2014-03-29 08:10 - 2014-03-29 08:10 - 00848000 _____ (Google Inc.) C:\Users\bluejvkeyes\Downloads\googleupdatesetup(2).exe
2014-03-29 08:09 - 2014-03-29 08:09 - 00848000 _____ (Google Inc.) C:\Users\bluejvkeyes\Downloads\googleupdatesetup(1).exe
2014-03-28 15:50 - 2014-03-28 15:50 - 00024598 _____ () C:\Users\bluejvkeyes\Downloads\Kinder-(3)
2014-03-28 15:46 - 2014-03-28 15:46 - 00023286 _____ () C:\Users\bluejvkeyes\Downloads\Kinder-(2)
2014-03-28 15:44 - 2014-03-28 15:44 - 00023046 _____ () C:\Users\bluejvkeyes\Downloads\Kinder-(1)
2014-03-28 15:16 - 2014-01-16 14:01 - 00001972 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-03-28 15:15 - 2010-06-09 14:20 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-03-25 00:42 - 2014-03-21 14:45 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-03-24 22:25 - 2014-03-24 22:25 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-24 22:25 - 2014-03-24 22:23 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-03-24 22:25 - 2014-03-24 22:23 - 00000000 ____D () C:\Program Files\iTunes
2014-03-24 22:23 - 2014-03-24 22:23 - 00000000 ____D () C:\Program Files\iPod
2014-03-24 22:23 - 2010-08-08 21:02 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-18 14:52 - 2013-08-16 00:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 14:50 - 2010-06-04 21:32 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-18 14:45 - 2010-08-04 13:29 - 00000000 ____D () C:\ProgramData\CanonIJ
2014-03-18 10:41 - 2014-03-18 10:41 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-17 21:18 - 2009-07-14 06:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-12 22:48 - 2012-04-10 22:18 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-12 22:48 - 2011-07-06 09:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 14:19 - 2014-03-12 14:19 - 00005686 _____ () C:\Users\bluejvkeyes\Downloads\Kinder-
2014-03-12 11:47 - 2010-06-11 22:09 - 00000000 ____D () C:\ProgramData\tmp
2014-03-11 09:52 - 2010-10-24 22:25 - 00104264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys
Some content of TEMP:
====================
C:\Users\bluejvkeyes\AppData\Local\temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-07 00:12
==================== End Of Log ============================
--- --- ---
--- --- ---