Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   malwarebytes hat was entdeckt PUP.Optional.Somoto (https://www.trojaner-board.de/154713-malwarebytes-hat-entdeckt-pup-optional-somoto.html)

deni 02.06.2014 21:22
malwarebytes hat was entdeckt PUP.Optional.Somoto
 
Liste der Anhänge anzeigen (Anzahl: 1)
malwarebytes hat mir was gefunden ich hoffe das ist gut so mit der Log datei.


Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 02.06.2014
Suchlauf-Zeit: 22:06:59
Logdatei: log02.06.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.02.07
Rootkit Datenbank: v2014.05.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: User

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 288549
Verstrichene Zeit: 3 Min, 5 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 1
PUP.Optional.Softonic.A, HKU\S-1-5-21-2361638782-447500554-2431201240-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [00af53207cffad891e3109941be74fb1],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 2
PUP.Optional.Somoto, C:\Users\User\AppData\Local\Temp\bitool.dll, , [78378fe4fd7e66d024370f053ec40df3],
PUP.Optional.SearchSun.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (      "startup_urls": [ "hxxp://www.google.com/ig/redirectdomain?brand=MDNC&bmod=MDNC", "hxxp://websearch.searchsun.info/?pid=34&r=2014/05/08&hid=2317330843708676478&lg=EN&cc=CH&unqvl=52" ],), ,[8c2386ed087380b6580d454bfc0815eb]

Physische Sektoren: 0
(No malicious items detected)


(end)

cosinus 02.06.2014 21:37
Hallo und :hallo:

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

deni 06.06.2014 18:47
So ich ich hoffe Du kannst was damit anfangen und mir Helfen mein System zu säubern

Danke für deine bemühungen

ESET online Scan:

Code:
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2O56WO39\duckegg[1].exe        Win32/Duckegg.A evtl. unerwünschte Anwendung        gelöscht - in Quarantäne kopiert
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\68R0MFQ3\OptimizerPro[1].exe        Variante von Win32/AdWare.SpeedingUpMyPC.E Anwendung        Gesäubert durch Löschen - in Quarantäne kopiert
C:\Users\User\AppData\Local\Temp\bitool.dll        Win32/Somoto.C evtl. unerwünschte Anwendung        gelöscht - in Quarantäne kopiert
E:\Tools\MediaPack\Setup.exe        Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung        gelöscht - in Quarantäne kopiert

Log vom FRST:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-06-2014
Ran by User (administrator) on MEDION on 06-06-2014 19:19:22
Running from C:\Users\User\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) D:\itunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11774568 2011-01-13] (Realtek Semiconductor)
HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-03-12] (CyberLink)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1743088 2014-05-29] (Bitdefender)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-03] (CyberLink)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => D:\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\RunOnce: [MedionReminder] - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe /DeleteRunKey [443688 2011-03-12] (CyberLink)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-05-29] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-29] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-05-29] (Bitdefender)
HKU\S-1-5-21-2361638782-447500554-2431201240-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-02-26] (Google Inc.)
HKU\S-1-5-21-2361638782-447500554-2431201240-1000\...\Run: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
HKU\S-1-5-21-2361638782-447500554-2431201240-1000\...\Run: [EADM] => D:\Origin\Origin.exe [3588952 2014-05-08] (Electronic Arts)
HKU\S-1-5-21-2361638782-447500554-2431201240-1000\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-05-29] (Bitdefender)
HKU\S-1-5-21-2361638782-447500554-2431201240-1000\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-29] (Bitdefender)
HKU\S-1-5-21-2361638782-447500554-2431201240-1000\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-05-29] (Bitdefender)
HKU\S-1-5-21-2361638782-447500554-2431201240-1000\...\Run: [DAEMON Tools Lite] => D:\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2361638782-447500554-2431201240-1000\...\MountPoints2: {7f318d66-9f2f-11e3-b16b-806e6f6e6963} - F:\Autorun.exe
HKU\S-1-5-21-2361638782-447500554-2431201240-1000\...\MountPoints2: {d050bf7a-e70b-11e3-9a81-6c626d470660} - H:\setup.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.glarysoft.com/?src=iehome
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.glarysoft.com/?src=iehome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.glarysoft.com/?src=iehome
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0yvcbqoj.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: SNT - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0yvcbqoj.default\Extensions\o-oaelzmm@iyio-fgxvhh.net [2014-05-08]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-05-10]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ []
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-05-10]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=MDNC&bmod=MDNC
CHR StartupUrls: "hxxp://www.google.com/ig/redirectdomain?brand=MDNC&bmod=MDNC", "hxxp://websearch.searchsun.info/?pid=34&r=2014/05/08&hid=2317330843708676478&lg=EN&cc=CH&unqvl=52"
CHR DefaultSearchKeyword: isearch.glarysoft.com
CHR DefaultSearchProvider: Glary Search
CHR DefaultSearchURL: hxxp://isearch.glarysoft.com/?q={searchTerms}&src=gcsearch
CHR DefaultNewTabURL:
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2014-02-28]
CHR Extension: (Angry Birds) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-02-28]
CHR Extension: (Forge of Empires) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\anaphblkfplenhkephgneolhnmjminjg [2014-02-28]
CHR Extension: (Bitdefender Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-05-10]
CHR Extension: (Musik Songs Spieler) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdenlcnfdjepagejpfajlkicggieknab [2014-02-28]
CHR Extension: (Battlefield Heroes) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2014-03-01]
CHR Extension: (Tanki Online) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnamgoimgnbgkabfjkikldbfdhhfhdo [2014-03-01]
CHR Extension: (Alexa Traffic Rank) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel [2014-05-08]
CHR Extension: (RAD Soldiers) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkiahcckehgdocgonfdickeagmoembpe [2014-03-01]
CHR Extension: (Despicable Me 2 - Mission Impopsible) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\egcldgpekkbhbdelknamfcahbimgnhji [2014-03-01]
CHR Extension: (Fire Boy And Water Girl) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iogblfbfoldfgammcabomglfajocfpea [2014-03-01]
CHR Extension: (Eurosport.com) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfckibmjhbkjhjplimmnlnmgienindde [2014-03-01]
CHR Extension: (SNT) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljgnlhageoaclicndlnphplodpbhocpg [2014-05-08]
CHR Extension: (Der Planer der Räume) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcafejemebbngbglfoinpoaannbihjna [2014-03-01]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-28]
CHR Extension: (PickAndBuy) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkoccbdjkeaamdeoffonpcpnfjhnefoe [2014-05-08]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-05-10]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-15] ()
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1526800 2014-05-29] (Bitdefender)

==================== Drivers (Whitelisted) ====================

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2013-12-02] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2013-12-02] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2014-05-29] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-29] (Disc Soft Ltd)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-06 19:19 - 2014-06-06 19:19 - 00018481 _____ () C:\Users\User\Downloads\FRST.txt
2014-06-06 19:19 - 2014-06-06 19:19 - 00000000 ____D () C:\FRST
2014-06-06 19:18 - 2014-06-06 19:18 - 02072576 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-06-06 19:16 - 2014-06-06 19:16 - 00000000 ___HD () C:\Windows\AxInstSV
2014-06-06 19:16 - 2014-06-06 19:16 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-02 22:04 - 2014-06-02 22:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-02 22:03 - 2014-06-02 22:03 - 00000000 ____D () C:\Users\User\AppData\Temp
2014-05-29 17:44 - 2014-05-29 20:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Tropico 5
2014-05-29 17:42 - 2014-05-29 17:42 - 00000381 _____ () C:\Users\User\Desktop\Tropico 5.lnk
2014-05-29 17:42 - 2014-05-29 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tropico 5
2014-05-29 17:40 - 2014-05-29 17:40 - 00000000 ____D () C:\Users\User\Downloads\Tropico.5.GERMAN-ENiGMA
2014-05-29 17:28 - 2014-05-29 17:28 - 00000649 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-05-29 17:28 - 2014-05-29 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-05-29 17:27 - 2014-05-29 17:41 - 00000000 ____D () C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2014-05-29 17:27 - 2014-05-29 17:27 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-05-29 17:24 - 2014-05-29 17:41 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-05-29 17:13 - 2014-05-29 17:13 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-05-25 11:12 - 2014-05-25 11:12 - 00287456 _____ () C:\Windows\Minidump\052514-6723-01.dmp
2014-05-25 11:12 - 2014-05-25 11:12 - 00000000 ____D () C:\Windows\Minidump
2014-05-17 11:04 - 2014-05-17 11:04 - 00000000 ____D () C:\Users\User\Desktop\Vhannibal E2 Quadri 9-13-16-19 est 15 mag(1)
2014-05-15 12:57 - 2014-05-15 12:57 - 00000000 ____D () C:\Users\User\Desktop\Vhannibal E2 Quadri 9-13-16-19 est 15 mag
2014-05-14 21:13 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 21:13 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 21:13 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 21:13 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 21:13 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 21:13 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 12:00 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 12:00 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 12:00 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 12:00 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 12:00 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 12:00 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 12:00 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 12:00 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 12:00 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 12:00 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 12:00 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 12:00 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 12:00 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 12:00 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 12:00 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 12:00 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 12:00 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 12:00 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 12:00 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 12:00 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 12:00 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 12:00 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 12:00 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 12:00 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 12:00 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 12:00 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 12:00 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 12:00 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 12:00 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 12:00 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 12:00 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 12:00 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 12:00 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-11 20:37 - 2014-05-11 20:37 - 00000646 _____ () C:\Users\User\Desktop\dreamboxEDIT.lnk
2014-05-11 20:37 - 2014-05-11 20:37 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dreamboxEDIT
2014-05-11 20:30 - 2014-05-11 20:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\GlarySoft
2014-05-11 20:30 - 2014-05-11 20:30 - 00001110 _____ () C:\Users\User\Desktop\Absolute Uninstaller.lnk
2014-05-11 20:30 - 2014-05-11 20:30 - 00000166 _____ () C:\Users\User\Desktop\Glarysoft Freeware.url
2014-05-11 19:05 - 2014-05-11 19:06 - 00001790 _____ () C:\sc-cleaner.txt
2014-05-11 19:04 - 2014-05-11 19:04 - 00001893 _____ () C:\Users\User\Desktop\JRT.txt
2014-05-11 18:57 - 2014-05-11 18:57 - 00000000 ____D () C:\Windows\ERUNT
2014-05-11 18:50 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-11 18:48 - 2014-05-11 18:48 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
2014-05-11 18:48 - 2014-05-11 18:48 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
2014-05-11 18:42 - 2014-05-11 18:54 - 00000000 ____D () C:\AdwCleaner
2014-05-11 18:37 - 2014-06-02 22:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-11 18:36 - 2014-06-02 22:05 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-11 18:36 - 2014-06-02 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-11 18:36 - 2014-06-02 22:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-11 18:36 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-11 18:36 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-11 18:36 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 18:36 - 2014-05-11 18:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-10 23:54 - 2014-05-10 23:54 - 00000385 _____ () C:\Users\User\AppData\Roaminguser_gensett.xml
2014-05-10 22:52 - 2014-05-10 22:52 - 00000000 ____D () C:\Users\User\Desktop\Newnigma-3.3.1-dm800se-sim2-SSL-84b
2014-05-10 22:37 - 2014-05-10 22:37 - 00000000 ____D () C:\Users\User\Desktop\BlackHole-1-7-4-dm800se-ramiMAHER
2014-05-10 22:35 - 2014-05-10 22:35 - 00580235 _____ () C:\ProgramData\1399753106.bdinstall.bin
2014-05-10 22:22 - 2014-05-10 22:22 - 00002190 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2014-05-10 22:22 - 2014-05-10 22:22 - 00002071 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk
2014-05-10 22:22 - 2014-05-10 22:22 - 00000684 ____H () C:\bdr-cf01
2014-05-10 22:22 - 2014-05-10 22:22 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-05-10 22:22 - 2014-05-10 22:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-05-10 22:22 - 2014-05-10 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender
2014-05-10 22:22 - 2014-05-10 22:22 - 00000000 ____D () C:\ProgramData\BDLogging
2014-05-10 22:22 - 2013-12-02 11:58 - 00635392 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-05-10 22:22 - 2013-12-02 11:56 - 00893440 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-05-10 22:22 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2014-05-10 22:22 - 2013-11-04 15:47 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-05-10 22:22 - 2013-02-22 18:46 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2014-05-10 22:22 - 2012-11-02 13:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-05-10 22:22 - 2012-04-17 13:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-05-10 22:22 - 2009-07-15 00:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-05-10 22:22 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2014-05-10 22:19 - 2014-05-10 22:22 - 00253404 ____H () C:\bdr-ld01
2014-05-10 22:19 - 2014-05-10 22:22 - 00009216 ____H () C:\bdr-ld01.mbr
2014-05-10 22:19 - 2014-05-10 22:22 - 00000000 ____D () C:\Users\User\AppData\Roaming\Bitdefender
2014-05-10 22:19 - 2013-09-24 15:38 - 46879860 ____H () C:\bdr-im01.gz
2014-05-10 22:19 - 2013-08-13 12:38 - 03271472 ____H () C:\bdr-bz01
2014-05-10 22:18 - 2014-05-10 22:52 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-05-10 22:18 - 2014-05-10 22:22 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-05-10 22:18 - 2014-05-10 22:19 - 00000000 ____D () C:\Program Files\Bitdefender
2014-05-10 22:18 - 2014-05-10 22:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\QuickScan
2014-05-10 22:18 - 2013-11-04 15:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2014-05-10 22:18 - 2013-11-04 15:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2014-05-10 22:18 - 2013-08-23 12:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-05-10 22:18 - 2013-08-07 12:46 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-05-10 22:09 - 2014-05-10 22:18 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-05-10 22:02 - 2014-03-08 10:58 - 00000426 _____ () C:\AVScanner.ini
2014-05-10 21:38 - 2014-05-10 21:38 - 00000000 ____D () C:\Users\User\Desktop\OPENPLi-dm800se-sim2-SSL84b-Backup by DMZ-2012-05-10
2014-05-10 18:39 - 2014-05-10 18:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-08 23:55 - 2014-05-15 10:53 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-08 23:55 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-08 23:55 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-08 23:55 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-08 23:55 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-08 23:55 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-08 23:55 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-08 23:55 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-08 23:55 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-08 23:55 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-08 23:55 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-08 23:55 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-08 23:55 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-08 23:55 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-08 23:55 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-08 23:55 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-08 23:55 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-08 23:55 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-08 23:55 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-08 23:55 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-08 23:55 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-08 23:55 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-08 23:55 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-08 23:55 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-08 23:55 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-08 23:55 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-08 23:55 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-08 23:55 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-08 23:55 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-08 23:55 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-08 23:55 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-08 23:55 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-08 23:55 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-08 23:55 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-08 23:55 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-08 23:55 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-08 23:55 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-08 23:55 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-08 23:55 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-08 23:55 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-08 23:55 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-08 23:55 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-08 23:55 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-08 23:55 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-08 23:55 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-08 21:43 - 2014-05-10 22:09 - 00001049 _____ () C:\Windows\wininit.ini
2014-05-08 21:27 - 2014-05-08 21:27 - 00000000 ____D () C:\Users\User\Desktop\power-sat-PLI4-sanray4-ssl84d-trial-tuner-by-voyger
2014-05-08 21:26 - 2014-05-10 22:10 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-08 21:26 - 2014-05-10 22:09 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-08 21:26 - 2014-05-08 21:26 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-08 21:15 - 2014-06-06 19:11 - 00000446 ____H () C:\Windows\Tasks\SN.Booster-S-93271131.job
2014-05-08 21:15 - 2014-05-08 21:17 - 00000000 ____D () C:\ProgramData\ItsReadyApp
2014-05-08 21:15 - 2014-05-08 21:15 - 00002692 _____ () C:\Windows\System32\Tasks\SN.Booster-S-93271131
2014-05-08 21:15 - 2014-05-08 21:15 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
2014-05-08 21:14 - 2014-05-08 21:17 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-08 21:14 - 2014-05-08 21:16 - 00000000 ____D () C:\ProgramData\ae7ea956ec59a405
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\User\AppData\Local\Chromatic Browser
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator

==================== One Month Modified Files and Folders =======

2014-06-06 19:19 - 2014-06-06 19:19 - 00018481 _____ () C:\Users\User\Downloads\FRST.txt
2014-06-06 19:19 - 2014-06-06 19:19 - 00000000 ____D () C:\FRST
2014-06-06 19:19 - 2014-02-26 15:51 - 00000000 ____D () C:\Users\User\AppData\Local\Temp
2014-06-06 19:19 - 2014-02-26 15:50 - 01287399 _____ () C:\Windows\WindowsUpdate.log
2014-06-06 19:19 - 2014-02-26 15:50 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-06 19:18 - 2014-06-06 19:18 - 02072576 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-06-06 19:17 - 2014-03-09 11:25 - 00000000 ____D () C:\ProgramData\Origin
2014-06-06 19:17 - 2011-02-10 21:25 - 00699132 _____ () C:\Windows\system32\perfh007.dat
2014-06-06 19:17 - 2011-02-10 21:25 - 00149014 _____ () C:\Windows\system32\perfc007.dat
2014-06-06 19:17 - 2009-07-14 07:13 - 01619832 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-06 19:16 - 2014-06-06 19:16 - 00000000 ___HD () C:\Windows\AxInstSV
2014-06-06 19:16 - 2014-06-06 19:16 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-06 19:11 - 2014-05-08 21:15 - 00000446 ____H () C:\Windows\Tasks\SN.Booster-S-93271131.job
2014-06-06 19:11 - 2014-02-26 15:50 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-06 19:11 - 2011-03-02 02:23 - 00011529 _____ () C:\Windows\setupact.log
2014-06-06 19:11 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-04 21:31 - 2014-03-14 11:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-04 19:10 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-04 19:10 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-02 22:06 - 2014-05-11 18:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-02 22:05 - 2014-05-11 18:36 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-02 22:05 - 2014-05-11 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-02 22:05 - 2014-05-11 18:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-02 22:04 - 2014-06-02 22:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-02 22:03 - 2014-06-02 22:03 - 00000000 ____D () C:\Users\User\AppData\Temp
2014-05-30 17:59 - 2010-11-21 05:47 - 00038486 _____ () C:\Windows\PFRO.log
2014-05-29 20:33 - 2014-05-29 17:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\Tropico 5
2014-05-29 17:42 - 2014-05-29 17:42 - 00000381 _____ () C:\Users\User\Desktop\Tropico 5.lnk
2014-05-29 17:42 - 2014-05-29 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tropico 5
2014-05-29 17:41 - 2014-05-29 17:27 - 00000000 ____D () C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2014-05-29 17:41 - 2014-05-29 17:24 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-05-29 17:40 - 2014-05-29 17:40 - 00000000 ____D () C:\Users\User\Downloads\Tropico.5.GERMAN-ENiGMA
2014-05-29 17:36 - 2014-03-01 14:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\FileZilla
2014-05-29 17:28 - 2014-05-29 17:28 - 00000649 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-05-29 17:28 - 2014-05-29 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-05-29 17:27 - 2014-05-29 17:27 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-05-29 17:13 - 2014-05-29 17:13 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-05-25 11:12 - 2014-05-25 11:12 - 00287456 _____ () C:\Windows\Minidump\052514-6723-01.dmp
2014-05-25 11:12 - 2014-05-25 11:12 - 00000000 ____D () C:\Windows\Minidump
2014-05-25 10:49 - 2014-02-28 19:11 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-17 11:04 - 2014-05-17 11:04 - 00000000 ____D () C:\Users\User\Desktop\Vhannibal E2 Quadri 9-13-16-19 est 15 mag(1)
2014-05-17 10:59 - 2014-04-02 21:41 - 00000000 ____D () C:\Users\User\Desktop\Settings Dreambox NEU
2014-05-15 12:57 - 2014-05-15 12:57 - 00000000 ____D () C:\Users\User\Desktop\Vhannibal E2 Quadri 9-13-16-19 est 15 mag
2014-05-15 12:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-15 10:54 - 2014-02-26 15:52 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 10:54 - 2014-02-26 15:52 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 10:53 - 2014-05-08 23:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 17:04 - 2014-03-03 20:18 - 00002112 _____ () C:\Users\User\Desktop\CCcam.cfg
2014-05-14 17:04 - 2014-03-01 14:29 - 00000000 ____D () C:\Users\User\AppData\Roaming\Notepad++
2014-05-14 13:31 - 2014-03-14 11:29 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 13:31 - 2014-03-14 11:29 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 13:31 - 2014-03-14 11:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-12 07:26 - 2014-05-11 18:36 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-11 18:36 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-11 18:36 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 20:37 - 2014-05-11 20:37 - 00000646 _____ () C:\Users\User\Desktop\dreamboxEDIT.lnk
2014-05-11 20:37 - 2014-05-11 20:37 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dreamboxEDIT
2014-05-11 20:32 - 2014-05-11 20:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\GlarySoft
2014-05-11 20:32 - 2014-03-15 20:30 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-05-11 20:30 - 2014-05-11 20:30 - 00001110 _____ () C:\Users\User\Desktop\Absolute Uninstaller.lnk
2014-05-11 20:30 - 2014-05-11 20:30 - 00000166 _____ () C:\Users\User\Desktop\Glarysoft Freeware.url
2014-05-11 19:06 - 2014-05-11 19:05 - 00001790 _____ () C:\sc-cleaner.txt
2014-05-11 19:04 - 2014-05-11 19:04 - 00001893 _____ () C:\Users\User\Desktop\JRT.txt
2014-05-11 18:57 - 2014-05-11 18:57 - 00000000 ____D () C:\Windows\ERUNT
2014-05-11 18:54 - 2014-05-11 18:42 - 00000000 ____D () C:\AdwCleaner
2014-05-11 18:48 - 2014-05-11 18:48 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
2014-05-11 18:48 - 2014-05-11 18:48 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
2014-05-11 18:36 - 2014-05-11 18:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-10 23:54 - 2014-05-10 23:54 - 00000385 _____ () C:\Users\User\AppData\Roaminguser_gensett.xml
2014-05-10 23:54 - 2014-02-28 18:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-10 22:52 - 2014-05-10 22:52 - 00000000 ____D () C:\Users\User\Desktop\Newnigma-3.3.1-dm800se-sim2-SSL-84b
2014-05-10 22:52 - 2014-05-10 22:18 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-05-10 22:37 - 2014-05-10 22:37 - 00000000 ____D () C:\Users\User\Desktop\BlackHole-1-7-4-dm800se-ramiMAHER
2014-05-10 22:35 - 2014-05-10 22:35 - 00580235 _____ () C:\ProgramData\1399753106.bdinstall.bin
2014-05-10 22:22 - 2014-05-10 22:22 - 00002190 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2014-05-10 22:22 - 2014-05-10 22:22 - 00002071 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk
2014-05-10 22:22 - 2014-05-10 22:22 - 00000684 ____H () C:\bdr-cf01
2014-05-10 22:22 - 2014-05-10 22:22 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-05-10 22:22 - 2014-05-10 22:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-05-10 22:22 - 2014-05-10 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender
2014-05-10 22:22 - 2014-05-10 22:22 - 00000000 ____D () C:\ProgramData\BDLogging
2014-05-10 22:22 - 2014-05-10 22:19 - 00253404 ____H () C:\bdr-ld01
2014-05-10 22:22 - 2014-05-10 22:19 - 00009216 ____H () C:\bdr-ld01.mbr
2014-05-10 22:22 - 2014-05-10 22:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\Bitdefender
2014-05-10 22:22 - 2014-05-10 22:18 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-05-10 22:19 - 2014-05-10 22:18 - 00000000 ____D () C:\Program Files\Bitdefender
2014-05-10 22:18 - 2014-05-10 22:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\QuickScan
2014-05-10 22:18 - 2014-05-10 22:09 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-05-10 22:10 - 2014-05-08 21:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-10 22:09 - 2014-05-08 21:43 - 00001049 _____ () C:\Windows\wininit.ini
2014-05-10 22:09 - 2014-05-08 21:26 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-10 22:02 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-10 21:38 - 2014-05-10 21:38 - 00000000 ____D () C:\Users\User\Desktop\OPENPLi-dm800se-sim2-SSL84b-Backup by DMZ-2012-05-10
2014-05-10 18:39 - 2014-05-10 18:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-10 18:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-09 08:14 - 2014-05-14 12:00 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 12:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 21:27 - 2014-05-08 21:27 - 00000000 ____D () C:\Users\User\Desktop\power-sat-PLI4-sanray4-ssl84d-trial-tuner-by-voyger
2014-05-08 21:26 - 2014-05-08 21:26 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-08 21:22 - 2014-02-26 15:51 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-05-08 21:17 - 2014-05-08 21:15 - 00000000 ____D () C:\ProgramData\ItsReadyApp
2014-05-08 21:17 - 2014-05-08 21:14 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-08 21:16 - 2014-05-08 21:14 - 00000000 ____D () C:\ProgramData\ae7ea956ec59a405
2014-05-08 21:15 - 2014-05-08 21:15 - 00002692 _____ () C:\Windows\System32\Tasks\SN.Booster-S-93271131
2014-05-08 21:15 - 2014-05-08 21:15 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\User\AppData\Local\Chromatic Browser
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator
2014-05-08 21:14 - 2014-02-28 18:39 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-05-08 20:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\bitool.dll
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-29 11:19

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2014
Ran by User at 2014-06-06 19:19:37
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

Absolute Uninstaller 2.9.0.722 (HKLM-x32\...\Absolute Uninstaller_is1) (Version:  - Glarysoft.com)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 9.23.0 - ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 8.1.0 - ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 3.12.0 - ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 3.4.0 - ashampoo GmbH & Co. KG)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.27.0.1146 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3418 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3418 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3802 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.3911 - CyberLink Corp.)
CyberLink PowerRecover (x32 Version: 5.5.3911 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version:  - )
Erazer Control Center (HKLM-x32\...\Erazer Control Center_is1) (Version: 1.0.0.8 - Medion AG)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FileZilla Client 3.7.4.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.4.1 - Tim Kosse)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java Auto Updater (x32 Version: 2.0.3.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2227 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.2 - Notepad++ Team)
NVIDIA Display Control Panel (Version: 6.14.12.6760 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 267.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.60 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6285 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
streamWriter (HKLM-x32\...\streamWriter_is1) (Version:  - )
Tropico 5 (HKLM-x32\...\Tropico 5_is1) (Version: 1.0 - ENiGMA)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

04-06-2014 18:26:37 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {385358D4-6BAB-42F3-B5AE-E7F519709DAC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-26] (Google Inc.)
Task: {4F6D9B1C-6E8B-44F7-9E83-688BDC677B8D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {52B51F1D-5345-495F-86E4-0B4E68619A7C} - System32\Tasks\SN.Booster-S-93271131 => c:\programdata\itsreadyapp\sn.booster\SN.Booster.exe
Task: {98CA8F59-162E-474B-9463-195ACD3EA218} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-26] (Google Inc.)
Task: {F0FE1B3C-5C40-42E8-BC73-7841C28FB82D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SN.Booster-S-93271131.job => c:\programdata\itsreadyapp\sn.booster\SN.Booster.exe

==================== Loaded Modules (whitelisted) =============

2014-05-10 22:22 - 2013-06-19 11:45 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2014-05-10 22:22 - 2014-03-27 19:18 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2014-05-10 22:22 - 2011-11-14 19:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
2014-05-10 22:22 - 2014-03-27 19:18 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
2014-06-04 19:08 - 2014-06-04 19:08 - 00775936 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00044_004\ashttpbr.mdl
2014-06-04 19:08 - 2014-06-04 19:08 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00044_004\ashttpdsp.mdl
2014-06-04 19:08 - 2014-06-04 19:08 - 02598560 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00044_004\ashttpph.mdl
2014-06-04 19:08 - 2014-06-04 19:08 - 01321872 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00044_004\ashttprbl.mdl
2014-03-15 20:30 - 2014-03-15 20:30 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-05-10 22:22 - 2013-03-25 15:16 - 01117920 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll
2014-06-06 19:16 - 2014-05-23 10:55 - 00358144 _____ () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-29 20:20 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-02-11 21:29 - 2014-02-11 21:29 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-10 22:22 - 2014-03-15 00:05 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2014-04-29 20:20 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-29 20:20 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-29 20:20 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-29 20:20 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-29 20:20 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2009-11-03 00:20 - 2009-11-03 00:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-03 00:23 - 2009-11-03 00:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-05-10 18:39 - 2014-05-10 18:39 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-14 13:31 - 2014-05-14 13:31 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
2014-03-03 20:28 - 2014-03-03 20:28 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll
2011-02-25 02:01 - 2010-11-06 09:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/06/2014 07:13:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2014 07:05:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2014 06:57:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/01/2014 10:25:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2014 06:01:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/29/2014 05:17:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/29/2014 05:12:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/29/2014 05:12:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/29/2014 05:12:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/29/2014 10:34:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/04/2014 07:09:00 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (06/01/2014 01:39:14 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (05/31/2014 00:14:23 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (05/29/2014 10:13:17 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (05/29/2014 05:14:30 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (05/25/2014 11:12:43 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000004a (0x00000000773f132a, 0x0000000000000002, 0x0000000000000000, 0xfffff880097c7b60)C:\Windows\MEMORY.DMP052514-6723-01

Error: (05/25/2014 11:12:42 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎25.‎05.‎2014 um 11:10:24 unerwartet heruntergefahren.

Error: (05/25/2014 10:46:02 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (05/25/2014 10:41:22 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.3
registriert werden. Der Computer mit IP-Adresse 192.168.0.6 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (05/24/2014 02:21:12 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.


Microsoft Office Sessions:
=========================
Error: (06/06/2014 07:13:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2014 07:05:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2014 06:57:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/01/2014 10:25:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2014 06:01:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/29/2014 05:17:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\SoftonicDownloader_fuer_virtual-clonedrive.exe

Error: (05/29/2014 05:12:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\SoftonicDownloader_fuer_virtual-clonedrive.exe

Error: (05/29/2014 05:12:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\SoftonicDownloader_fuer_virtual-clonedrive.exe

Error: (05/29/2014 05:12:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\SoftonicDownloader_fuer_virtual-clonedrive.exe

Error: (05/29/2014 10:34:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 34%
Total physical RAM: 8173.7 MB
Available physical RAM: 5383.98 MB
Total Pagefile: 16345.57 MB
Available Pagefile: 13314.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:58.53 GB) (Free:15.43 GB) NTFS
Drive d: (Data) (Fixed) (Total:891 GB) (Free:708.32 GB) NTFS
Drive e: (Recover) (Fixed) (Total:40.51 GB) (Free:21.99 GB) NTFS
Drive f: ("Battlefield 4™") (CDROM) (Total:7.91 GB) (Free:0 GB) CDFS
Drive h: (20140523_202246) (CDROM) (Total:2.14 GB) (Free:0 GB) CDFS
Drive i: () (Removable) (Total:1.87 GB) (Free:1.76 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 60 GB) (Disk ID: 086C2905)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=59 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 6B4F62F8)
Partition 1: (Not Active) - (Size=891 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=41 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 2 GB) (Disk ID: 0027D114)
Partition 1: (Not Active) - (Size=2 GB) - (Type=0E)

==================== End Of Log ============================

cosinus 07.06.2014 02:10
Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


deni 07.06.2014 20:21
ADW Cleaner:
Code:
# AdwCleaner v3.212 - Bericht erstellt am 07/06/2014 um 21:10:06
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : User - MEDION
# Gestartet von : C:\Users\User\Downloads\adwcleaner_3.212.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\ItsReadyApp
Ordner Gelöscht : C:\Users\User\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_continuetosave.info_0.localstorage-journal

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Softonic

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]

-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0yvcbqoj.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.B49Ctay8.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorob[...]

-\\ Google Chrome v34.0.1847.131

[ Datei : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://websearch.searchsun.info/?l=1&q={searchTerms}&pid=34&r=2014/05/08&hid=2317330843708676478&lg=EN&cc=CH&unqvl=52
Gelöscht [Search Provider] : hxxp://isearch.glarysoft.com/?q={searchTerms}&src=gcsearch
Gelöscht [Startup_urls] : hxxp://websearch.searchsun.info/?pid=34&r=2014/05/08&hid=2317330843708676478&lg=EN&cc=CH&unqvl=52
Gelöscht [Extension] : cknebhggccemgcnbidipinkifmmegdel

*************************

AdwCleaner[R0].txt - [5331 octets] - [11/05/2014 18:49:50]
AdwCleaner[R1].txt - [2324 octets] - [07/06/2014 21:08:47]
AdwCleaner[S0].txt - [5387 octets] - [11/05/2014 18:54:08]
AdwCleaner[S1].txt - [2329 octets] - [07/06/2014 21:10:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2389 octets] ##########

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-06-2014
Ran by User (administrator) on MEDION on 07-06-2014 21:18:48
Running from C:\Users\User\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Apple Inc.) D:\itunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11774568 2011-01-13] (Realtek Semiconductor)
HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-03-12] (CyberLink)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1743088 2014-05-29] (Bitdefender)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-03] (CyberLink)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => D:\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [emsisoft anti-malware] => C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe [4330432 2014-02-15] (Emsisoft GmbH)
HKLM\...\RunOnce: [MedionReminder] - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe /DeleteRunKey [443688 2011-03-12] (CyberLink)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-05-29] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-29] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-05-29] (Bitdefender)
HKU\S-1-5-21-2361638782-447500554-2431201240-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-02-26] (Google Inc.)
HKU\S-1-5-21-2361638782-447500554-2431201240-1000\...\Run: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
HKU\S-1-5-21-2361638782-447500554-2431201240-1000\...\Run: [EADM] => D:\Origin\Origin.exe [3588952 2014-05-08] (Electronic Arts)
HKU\S-1-5-21-2361638782-447500554-2431201240-1000\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-05-29] (Bitdefender)
HKU\S-1-5-21-2361638782-447500554-2431201240-1000\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-29] (Bitdefender)
HKU\S-1-5-21-2361638782-447500554-2431201240-1000\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-05-29] (Bitdefender)
HKU\S-1-5-21-2361638782-447500554-2431201240-1000\...\Run: [DAEMON Tools Lite] => D:\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2361638782-447500554-2431201240-1000\...\MountPoints2: {7f318d66-9f2f-11e3-b16b-806e6f6e6963} - F:\Autorun.exe
HKU\S-1-5-21-2361638782-447500554-2431201240-1000\...\MountPoints2: {d050bf7a-e70b-11e3-9a81-6c626d470660} - H:\setup.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0yvcbqoj.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: SNT - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0yvcbqoj.default\Extensions\o-oaelzmm@iyio-fgxvhh.net [2014-05-08]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-05-10]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ []
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-05-10]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=MDNC&bmod=MDNC
CHR StartupUrls: "hxxp://www.google.com/ig/redirectdomain?brand=MDNC&bmod=MDNC", "hxxp://websearch.searchsun.info/?pid=34&r=2014/05/08&hid=2317330843708676478&lg=EN&cc=CH&unqvl=52"
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2014-02-28]
CHR Extension: (Angry Birds) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-02-28]
CHR Extension: (Forge of Empires) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\anaphblkfplenhkephgneolhnmjminjg [2014-02-28]
CHR Extension: (Bitdefender Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-05-10]
CHR Extension: (Musik Songs Spieler) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdenlcnfdjepagejpfajlkicggieknab [2014-02-28]
CHR Extension: (Battlefield Heroes) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2014-03-01]
CHR Extension: (Tanki Online) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnamgoimgnbgkabfjkikldbfdhhfhdo [2014-03-01]
CHR Extension: (Alexa Traffic Rank) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel [2014-05-08]
CHR Extension: (RAD Soldiers) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkiahcckehgdocgonfdickeagmoembpe [2014-03-01]
CHR Extension: (Despicable Me 2 - Mission Impopsible) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\egcldgpekkbhbdelknamfcahbimgnhji [2014-03-01]
CHR Extension: (Fire Boy And Water Girl) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iogblfbfoldfgammcabomglfajocfpea [2014-03-01]
CHR Extension: (Eurosport.com) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfckibmjhbkjhjplimmnlnmgienindde [2014-03-01]
CHR Extension: (SNT) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljgnlhageoaclicndlnphplodpbhocpg [2014-05-08]
CHR Extension: (Der Planer der Räume) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcafejemebbngbglfoinpoaannbihjna [2014-03-01]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-28]
CHR Extension: (PickAndBuy) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkoccbdjkeaamdeoffonpcpnfjhnefoe [2014-05-08]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-05-10]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4163584 2014-02-15] (Emsisoft GmbH)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-15] ()
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1526800 2014-05-29] (Bitdefender)

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2013-12-02] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2013-12-02] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2014-05-29] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-29] (Disc Soft Ltd)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-07 21:18 - 2014-06-07 21:18 - 00001055 _____ () C:\Users\User\Desktop\JRT.txt
2014-06-07 21:07 - 2014-06-07 21:07 - 01333465 _____ () C:\Users\User\Downloads\adwcleaner_3.212.exe
2014-06-07 21:07 - 2014-06-07 21:07 - 01016261 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-06-06 19:43 - 2014-06-06 19:43 - 00000651 _____ () C:\Users\User\Desktop\report.txt
2014-06-06 19:29 - 2014-06-06 19:29 - 00001095 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-06-06 19:29 - 2014-06-06 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2014-06-06 19:28 - 2014-06-07 21:10 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-06-06 19:28 - 2014-06-06 19:28 - 00000000 ____D () C:\Users\User\Documents\Anti-Malware
2014-06-06 19:25 - 2014-06-06 19:27 - 223568888 _____ (Emsisoft GmbH ) C:\Users\User\Downloads\EmsisoftAntiMalwareSetup_81040.exe
2014-06-06 19:19 - 2014-06-07 21:18 - 00017670 _____ () C:\Users\User\Downloads\FRST.txt
2014-06-06 19:19 - 2014-06-07 21:18 - 00000000 ____D () C:\FRST
2014-06-06 19:19 - 2014-06-06 19:19 - 00034461 _____ () C:\Users\User\Downloads\Addition.txt
2014-06-06 19:18 - 2014-06-06 19:18 - 02072576 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-06-06 19:16 - 2014-06-06 19:16 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-02 22:04 - 2014-06-02 22:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-02 22:03 - 2014-06-02 22:03 - 00000000 ____D () C:\Users\User\AppData\Temp
2014-05-29 17:44 - 2014-05-29 20:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Tropico 5
2014-05-29 17:42 - 2014-05-29 17:42 - 00000381 _____ () C:\Users\User\Desktop\Tropico 5.lnk
2014-05-29 17:42 - 2014-05-29 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tropico 5
2014-05-29 17:40 - 2014-05-29 17:40 - 00000000 ____D () C:\Users\User\Downloads\Tropico.5.GERMAN-ENiGMA
2014-05-29 17:28 - 2014-05-29 17:28 - 00000649 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-05-29 17:28 - 2014-05-29 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-05-29 17:27 - 2014-05-29 17:41 - 00000000 ____D () C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2014-05-29 17:27 - 2014-05-29 17:27 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-05-29 17:24 - 2014-05-29 17:41 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-05-29 17:13 - 2014-05-29 17:13 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-05-25 11:12 - 2014-05-25 11:12 - 00287456 _____ () C:\Windows\Minidump\052514-6723-01.dmp
2014-05-25 11:12 - 2014-05-25 11:12 - 00000000 ____D () C:\Windows\Minidump
2014-05-17 11:04 - 2014-05-17 11:04 - 00000000 ____D () C:\Users\User\Desktop\Vhannibal E2 Quadri 9-13-16-19 est 15 mag(1)
2014-05-15 12:57 - 2014-05-15 12:57 - 00000000 ____D () C:\Users\User\Desktop\Vhannibal E2 Quadri 9-13-16-19 est 15 mag
2014-05-14 21:13 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 21:13 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 21:13 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 21:13 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 21:13 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 21:13 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 12:00 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 12:00 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 12:00 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 12:00 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 12:00 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 12:00 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 12:00 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 12:00 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 12:00 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 12:00 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 12:00 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 12:00 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 12:00 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 12:00 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 12:00 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 12:00 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 12:00 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 12:00 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 12:00 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 12:00 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 12:00 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 12:00 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 12:00 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 12:00 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 12:00 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 12:00 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 12:00 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 12:00 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 12:00 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 12:00 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 12:00 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 12:00 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 12:00 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 12:00 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-11 20:37 - 2014-05-11 20:37 - 00000646 _____ () C:\Users\User\Desktop\dreamboxEDIT.lnk
2014-05-11 20:37 - 2014-05-11 20:37 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dreamboxEDIT
2014-05-11 20:30 - 2014-05-11 20:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\GlarySoft
2014-05-11 20:30 - 2014-05-11 20:30 - 00001110 _____ () C:\Users\User\Desktop\Absolute Uninstaller.lnk
2014-05-11 20:30 - 2014-05-11 20:30 - 00000166 _____ () C:\Users\User\Desktop\Glarysoft Freeware.url
2014-05-11 19:05 - 2014-05-11 19:06 - 00001790 _____ () C:\sc-cleaner.txt
2014-05-11 18:57 - 2014-05-11 18:57 - 00000000 ____D () C:\Windows\ERUNT
2014-05-11 18:50 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-11 18:48 - 2014-05-11 18:48 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
2014-05-11 18:48 - 2014-05-11 18:48 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
2014-05-11 18:42 - 2014-06-07 21:10 - 00000000 ____D () C:\AdwCleaner
2014-05-11 18:37 - 2014-06-02 22:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-11 18:36 - 2014-06-02 22:05 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-11 18:36 - 2014-06-02 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-11 18:36 - 2014-06-02 22:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-11 18:36 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-11 18:36 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-11 18:36 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 18:36 - 2014-05-11 18:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-10 23:54 - 2014-05-10 23:54 - 00000385 _____ () C:\Users\User\AppData\Roaminguser_gensett.xml
2014-05-10 22:52 - 2014-05-10 22:52 - 00000000 ____D () C:\Users\User\Desktop\Newnigma-3.3.1-dm800se-sim2-SSL-84b
2014-05-10 22:37 - 2014-05-10 22:37 - 00000000 ____D () C:\Users\User\Desktop\BlackHole-1-7-4-dm800se-ramiMAHER
2014-05-10 22:35 - 2014-05-10 22:35 - 00580235 _____ () C:\ProgramData\1399753106.bdinstall.bin
2014-05-10 22:22 - 2014-05-10 22:22 - 00002190 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2014-05-10 22:22 - 2014-05-10 22:22 - 00002071 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk
2014-05-10 22:22 - 2014-05-10 22:22 - 00000684 ____H () C:\bdr-cf01
2014-05-10 22:22 - 2014-05-10 22:22 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-05-10 22:22 - 2014-05-10 22:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-05-10 22:22 - 2014-05-10 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender
2014-05-10 22:22 - 2014-05-10 22:22 - 00000000 ____D () C:\ProgramData\BDLogging
2014-05-10 22:22 - 2013-12-02 11:58 - 00635392 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-05-10 22:22 - 2013-12-02 11:56 - 00893440 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-05-10 22:22 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2014-05-10 22:22 - 2013-11-04 15:47 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-05-10 22:22 - 2013-02-22 18:46 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2014-05-10 22:22 - 2012-11-02 13:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-05-10 22:22 - 2012-04-17 13:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-05-10 22:22 - 2009-07-15 00:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-05-10 22:22 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2014-05-10 22:19 - 2014-05-10 22:22 - 00253404 ____H () C:\bdr-ld01
2014-05-10 22:19 - 2014-05-10 22:22 - 00009216 ____H () C:\bdr-ld01.mbr
2014-05-10 22:19 - 2014-05-10 22:22 - 00000000 ____D () C:\Users\User\AppData\Roaming\Bitdefender
2014-05-10 22:19 - 2013-09-24 15:38 - 46879860 ____H () C:\bdr-im01.gz
2014-05-10 22:19 - 2013-08-13 12:38 - 03271472 ____H () C:\bdr-bz01
2014-05-10 22:18 - 2014-05-10 22:52 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-05-10 22:18 - 2014-05-10 22:22 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-05-10 22:18 - 2014-05-10 22:19 - 00000000 ____D () C:\Program Files\Bitdefender
2014-05-10 22:18 - 2014-05-10 22:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\QuickScan
2014-05-10 22:18 - 2013-11-04 15:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2014-05-10 22:18 - 2013-11-04 15:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2014-05-10 22:18 - 2013-08-23 12:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-05-10 22:18 - 2013-08-07 12:46 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-05-10 22:09 - 2014-05-10 22:18 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-05-10 22:02 - 2014-03-08 10:58 - 00000426 _____ () C:\AVScanner.ini
2014-05-10 21:38 - 2014-05-10 21:38 - 00000000 ____D () C:\Users\User\Desktop\OPENPLi-dm800se-sim2-SSL84b-Backup by DMZ-2012-05-10
2014-05-10 18:39 - 2014-05-10 18:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-08 23:55 - 2014-05-15 10:53 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-08 23:55 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-08 23:55 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-08 23:55 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-08 23:55 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-08 23:55 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-08 23:55 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-08 23:55 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-08 23:55 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-08 23:55 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-08 23:55 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-08 23:55 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-08 23:55 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-08 23:55 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-08 23:55 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-08 23:55 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-08 23:55 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-08 23:55 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-08 23:55 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-08 23:55 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-08 23:55 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-08 23:55 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-08 23:55 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-08 23:55 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-08 23:55 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-08 23:55 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-08 23:55 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-08 23:55 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-08 23:55 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-08 23:55 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-08 23:55 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-08 23:55 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-08 23:55 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-08 23:55 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-08 23:55 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-08 23:55 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-08 23:55 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-08 23:55 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-08 23:55 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-08 23:55 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-08 23:55 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-08 23:55 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-08 23:55 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-08 23:55 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-08 23:55 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-08 21:43 - 2014-05-10 22:09 - 00001049 _____ () C:\Windows\wininit.ini
2014-05-08 21:27 - 2014-05-08 21:27 - 00000000 ____D () C:\Users\User\Desktop\power-sat-PLI4-sanray4-ssl84d-trial-tuner-by-voyger
2014-05-08 21:26 - 2014-05-10 22:10 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-08 21:26 - 2014-05-10 22:09 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-08 21:26 - 2014-05-08 21:26 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-08 21:15 - 2014-06-07 21:11 - 00000446 ____H () C:\Windows\Tasks\SN.Booster-S-93271131.job
2014-05-08 21:15 - 2014-05-08 21:15 - 00002692 _____ () C:\Windows\System32\Tasks\SN.Booster-S-93271131
2014-05-08 21:15 - 2014-05-08 21:15 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
2014-05-08 21:14 - 2014-05-08 21:17 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-08 21:14 - 2014-05-08 21:16 - 00000000 ____D () C:\ProgramData\ae7ea956ec59a405
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator

==================== One Month Modified Files and Folders =======

2014-06-07 21:18 - 2014-06-07 21:18 - 00001055 _____ () C:\Users\User\Desktop\JRT.txt
2014-06-07 21:18 - 2014-06-06 19:19 - 00017670 _____ () C:\Users\User\Downloads\FRST.txt
2014-06-07 21:18 - 2014-06-06 19:19 - 00000000 ____D () C:\FRST
2014-06-07 21:18 - 2014-02-26 15:51 - 00000000 ____D () C:\Users\User\AppData\Local\Temp
2014-06-07 21:18 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-07 21:18 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-07 21:17 - 2011-02-10 21:25 - 00699132 _____ () C:\Windows\system32\perfh007.dat
2014-06-07 21:17 - 2011-02-10 21:25 - 00149014 _____ () C:\Windows\system32\perfc007.dat
2014-06-07 21:17 - 2009-07-14 07:13 - 01619832 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-07 21:13 - 2014-03-09 11:25 - 00000000 ____D () C:\ProgramData\Origin
2014-06-07 21:11 - 2014-05-08 21:15 - 00000446 ____H () C:\Windows\Tasks\SN.Booster-S-93271131.job
2014-06-07 21:11 - 2014-02-26 15:50 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-07 21:11 - 2011-03-02 02:23 - 00011641 _____ () C:\Windows\setupact.log
2014-06-07 21:11 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-07 21:10 - 2014-06-06 19:28 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-06-07 21:10 - 2014-05-11 18:42 - 00000000 ____D () C:\AdwCleaner
2014-06-07 21:10 - 2014-02-26 15:50 - 01338566 _____ () C:\Windows\WindowsUpdate.log
2014-06-07 21:10 - 2010-11-21 05:47 - 00040240 _____ () C:\Windows\PFRO.log
2014-06-07 21:07 - 2014-06-07 21:07 - 01333465 _____ () C:\Users\User\Downloads\adwcleaner_3.212.exe
2014-06-07 21:07 - 2014-06-07 21:07 - 01016261 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-06-07 20:31 - 2014-03-14 11:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-07 20:19 - 2014-02-26 15:50 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-07 17:35 - 2009-07-14 07:08 - 00032528 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-06 19:43 - 2014-06-06 19:43 - 00000651 _____ () C:\Users\User\Desktop\report.txt
2014-06-06 19:29 - 2014-06-06 19:29 - 00001095 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-06-06 19:29 - 2014-06-06 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2014-06-06 19:28 - 2014-06-06 19:28 - 00000000 ____D () C:\Users\User\Documents\Anti-Malware
2014-06-06 19:27 - 2014-06-06 19:25 - 223568888 _____ (Emsisoft GmbH ) C:\Users\User\Downloads\EmsisoftAntiMalwareSetup_81040.exe
2014-06-06 19:19 - 2014-06-06 19:19 - 00034461 _____ () C:\Users\User\Downloads\Addition.txt
2014-06-06 19:18 - 2014-06-06 19:18 - 02072576 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-06-06 19:16 - 2014-06-06 19:16 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-02 22:06 - 2014-05-11 18:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-02 22:05 - 2014-05-11 18:36 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-02 22:05 - 2014-05-11 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-02 22:05 - 2014-05-11 18:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-02 22:04 - 2014-06-02 22:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-02 22:03 - 2014-06-02 22:03 - 00000000 ____D () C:\Users\User\AppData\Temp
2014-05-29 20:33 - 2014-05-29 17:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\Tropico 5
2014-05-29 17:42 - 2014-05-29 17:42 - 00000381 _____ () C:\Users\User\Desktop\Tropico 5.lnk
2014-05-29 17:42 - 2014-05-29 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tropico 5
2014-05-29 17:41 - 2014-05-29 17:27 - 00000000 ____D () C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2014-05-29 17:41 - 2014-05-29 17:24 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-05-29 17:40 - 2014-05-29 17:40 - 00000000 ____D () C:\Users\User\Downloads\Tropico.5.GERMAN-ENiGMA
2014-05-29 17:36 - 2014-03-01 14:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\FileZilla
2014-05-29 17:28 - 2014-05-29 17:28 - 00000649 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-05-29 17:28 - 2014-05-29 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-05-29 17:27 - 2014-05-29 17:27 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-05-29 17:13 - 2014-05-29 17:13 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-05-25 11:12 - 2014-05-25 11:12 - 00287456 _____ () C:\Windows\Minidump\052514-6723-01.dmp
2014-05-25 11:12 - 2014-05-25 11:12 - 00000000 ____D () C:\Windows\Minidump
2014-05-25 10:49 - 2014-02-28 19:11 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-17 11:04 - 2014-05-17 11:04 - 00000000 ____D () C:\Users\User\Desktop\Vhannibal E2 Quadri 9-13-16-19 est 15 mag(1)
2014-05-17 10:59 - 2014-04-02 21:41 - 00000000 ____D () C:\Users\User\Desktop\Settings Dreambox NEU
2014-05-15 12:57 - 2014-05-15 12:57 - 00000000 ____D () C:\Users\User\Desktop\Vhannibal E2 Quadri 9-13-16-19 est 15 mag
2014-05-15 12:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-15 10:54 - 2014-02-26 15:52 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 10:54 - 2014-02-26 15:52 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 10:53 - 2014-05-08 23:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 17:04 - 2014-03-03 20:18 - 00002112 _____ () C:\Users\User\Desktop\CCcam.cfg
2014-05-14 17:04 - 2014-03-01 14:29 - 00000000 ____D () C:\Users\User\AppData\Roaming\Notepad++
2014-05-14 13:31 - 2014-03-14 11:29 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 13:31 - 2014-03-14 11:29 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 13:31 - 2014-03-14 11:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-12 07:26 - 2014-05-11 18:36 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-11 18:36 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-11 18:36 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 20:37 - 2014-05-11 20:37 - 00000646 _____ () C:\Users\User\Desktop\dreamboxEDIT.lnk
2014-05-11 20:37 - 2014-05-11 20:37 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dreamboxEDIT
2014-05-11 20:32 - 2014-05-11 20:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\GlarySoft
2014-05-11 20:32 - 2014-03-15 20:30 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-05-11 20:30 - 2014-05-11 20:30 - 00001110 _____ () C:\Users\User\Desktop\Absolute Uninstaller.lnk
2014-05-11 20:30 - 2014-05-11 20:30 - 00000166 _____ () C:\Users\User\Desktop\Glarysoft Freeware.url
2014-05-11 19:06 - 2014-05-11 19:05 - 00001790 _____ () C:\sc-cleaner.txt
2014-05-11 18:57 - 2014-05-11 18:57 - 00000000 ____D () C:\Windows\ERUNT
2014-05-11 18:48 - 2014-05-11 18:48 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
2014-05-11 18:48 - 2014-05-11 18:48 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
2014-05-11 18:36 - 2014-05-11 18:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-10 23:54 - 2014-05-10 23:54 - 00000385 _____ () C:\Users\User\AppData\Roaminguser_gensett.xml
2014-05-10 23:54 - 2014-02-28 18:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-10 22:52 - 2014-05-10 22:52 - 00000000 ____D () C:\Users\User\Desktop\Newnigma-3.3.1-dm800se-sim2-SSL-84b
2014-05-10 22:52 - 2014-05-10 22:18 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-05-10 22:37 - 2014-05-10 22:37 - 00000000 ____D () C:\Users\User\Desktop\BlackHole-1-7-4-dm800se-ramiMAHER
2014-05-10 22:35 - 2014-05-10 22:35 - 00580235 _____ () C:\ProgramData\1399753106.bdinstall.bin
2014-05-10 22:22 - 2014-05-10 22:22 - 00002190 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2014-05-10 22:22 - 2014-05-10 22:22 - 00002071 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk
2014-05-10 22:22 - 2014-05-10 22:22 - 00000684 ____H () C:\bdr-cf01
2014-05-10 22:22 - 2014-05-10 22:22 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-05-10 22:22 - 2014-05-10 22:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-05-10 22:22 - 2014-05-10 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender
2014-05-10 22:22 - 2014-05-10 22:22 - 00000000 ____D () C:\ProgramData\BDLogging
2014-05-10 22:22 - 2014-05-10 22:19 - 00253404 ____H () C:\bdr-ld01
2014-05-10 22:22 - 2014-05-10 22:19 - 00009216 ____H () C:\bdr-ld01.mbr
2014-05-10 22:22 - 2014-05-10 22:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\Bitdefender
2014-05-10 22:22 - 2014-05-10 22:18 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-05-10 22:19 - 2014-05-10 22:18 - 00000000 ____D () C:\Program Files\Bitdefender
2014-05-10 22:18 - 2014-05-10 22:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\QuickScan
2014-05-10 22:18 - 2014-05-10 22:09 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-05-10 22:10 - 2014-05-08 21:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-10 22:09 - 2014-05-08 21:43 - 00001049 _____ () C:\Windows\wininit.ini
2014-05-10 22:09 - 2014-05-08 21:26 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-10 22:02 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-10 21:38 - 2014-05-10 21:38 - 00000000 ____D () C:\Users\User\Desktop\OPENPLi-dm800se-sim2-SSL84b-Backup by DMZ-2012-05-10
2014-05-10 18:39 - 2014-05-10 18:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-10 18:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-09 08:14 - 2014-05-14 12:00 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 12:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 21:27 - 2014-05-08 21:27 - 00000000 ____D () C:\Users\User\Desktop\power-sat-PLI4-sanray4-ssl84d-trial-tuner-by-voyger
2014-05-08 21:26 - 2014-05-08 21:26 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-08 21:22 - 2014-02-26 15:51 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-05-08 21:17 - 2014-05-08 21:14 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-08 21:16 - 2014-05-08 21:14 - 00000000 ____D () C:\ProgramData\ae7ea956ec59a405
2014-05-08 21:15 - 2014-05-08 21:15 - 00002692 _____ () C:\Windows\System32\Tasks\SN.Booster-S-93271131
2014-05-08 21:15 - 2014-05-08 21:15 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Gast
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-05-08 21:14 - 2014-05-08 21:14 - 00000000 ____D () C:\Users\Administrator
2014-05-08 21:14 - 2014-02-28 18:39 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-05-08 20:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-29 11:19

==================== End Of Log ============================
--- --- ---

--- --- ---



JRT:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by User on 07.06.2014 at 21:12:37.78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\0yvcbqoj.default\prefs.js

user_pref("extensions.B49Ctay8.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>
Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\0yvcbqoj.default\minidumps [4 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.06.2014 at 21:18:05.85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cosinus 08.06.2014 15:44
Okay, dann jetzt Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Alle Zeitangaben in WEZ +1. Es ist jetzt 14:33 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131