Kabimaus | 21.07.2014 18:08 | mbam.txt: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 21.07.2014
Suchlauf-Zeit: 18:32:30
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.07.21.05
Rootkit Datenbank: v2014.07.17.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: admin
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 287269
Verstrichene Zeit: 8 Min, 22 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 29
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [54d5edb54a313105a1a2322ae31fad53],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [54d5edb54a313105a1a2322ae31fad53],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1983403286-1626189231-2232492376-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Löschen bei Neustart, [c96092104734a294cf1b6fe81fe3db25],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1983403286-1626189231-2232492376-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Löschen bei Neustart, [6cbd7a288ceffd39f7f4570046bc14ec],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, In Quarantäne, [6cbd7a288ceffd39f7f4570046bc14ec],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64, In Quarantäne, [e148c8da5e1d05319e933989738f24dc],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{9d5747ee-0448-4681-8337-1555de75a3b6}Gw64, In Quarantäne, [86a37c26b8c3a690a58ce1e138cad828],
PUP.Optional.SupraSavings, HKLM\SOFTWARE\suprasavings, In Quarantäne, [6bbe475be299ff3721cc556cf40ea15f],
PUP.Optional.RocketTab.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ibnjmihbbanannlbobkbmnmckjnmdnom, In Quarantäne, [32f7b2f075064aec2e6e11b2a0627a86],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [4adf80221863e254ea047598db2953ad],
PUP.Optional.FreeSoftToday.A, HKLM\SOFTWARE\WOW6432NODE\FrEeSoFtOdAy, In Quarantäne, [ef3acfd38cefca6cea8e784d3fc3e51b],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, In Quarantäne, [191041618cefae882c45cc56c4400ef2],
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\webssearchesSoftware, In Quarantäne, [3decd3cf3f3c9e98911fc41b19e9b848],
PUP.Optional.Aartemis.A, HKLM\SOFTWARE\WOW6432NODE\AARTEMISSOFTWARE\aartemishp, In Quarantäne, [8d9cbfe3daa158dea6ba519d3bc78d73],
PUP.Optional.RocketTab.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ibnjmihbbanannlbobkbmnmckjnmdnom, In Quarantäne, [ea3fc1e10675e84eb7e5fec505fd4eb2],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [71b800a2364516206e80010c45bfc43c],
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, In Quarantäne, [8d9c59490b7061d5f9b212b4778b26da],
PUP.Optional.NetCrawl.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util NetCrawl, In Quarantäne, [1f0a851dcfacf73f9e78e1e9b54d18e8],
PUP.Optional.SupraSavings.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, Löschen bei Neustart, [a7824d552259af87311324b99b675aa6],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\V-9.1HD, Löschen bei Neustart, [e742e9b9b7c49d99e95fed36bc4812ee],
PUP.Optional.BonanzaDeals.A, HKU\S-1-5-21-1983403286-1626189231-2232492376-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BonanzaDealsLive, Löschen bei Neustart, [bf6a1191502b14224114c6449f658b75],
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-1983403286-1626189231-2232492376-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\suprasavings, Löschen bei Neustart, [8f9a386a77043df9380503db07fb9a66],
PUP.Optional.RocketTab.A, HKU\S-1-5-21-1983403286-1626189231-2232492376-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ibnjmihbbanannlbobkbmnmckjnmdnom, Löschen bei Neustart, [4fda455d2457ab8b6637c102986a1ee2],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1983403286-1626189231-2232492376-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Löschen bei Neustart, [a1883b67344787af2904fbf1e22049b7],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1983403286-1626189231-2232492376-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Löschen bei Neustart, [f138e2c028533bfb83bb59a99e6657a9],
PUP.Optional.Ciuvo.A, HKU\S-1-5-21-1983403286-1626189231-2232492376-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\ciuvo.com, Löschen bei Neustart, [0e1b4161f487f442223ed4f41ce6b34d],
PUP.Optional.SuperFish.A, HKU\S-1-5-21-1983403286-1626189231-2232492376-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, Löschen bei Neustart, [64c5386ae9926dc92f30b5136b978977],
PUP.Optional.Qone8, HKU\S-1-5-21-1983403286-1626189231-2232492376-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Löschen bei Neustart, [1b0ed4ce85f6d5611ecfb25b53b17090],
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-1983403286-1626189231-2232492376-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, Löschen bei Neustart, [c267a6fcd4a769cd6446e5e11be7629e],
Registrierungswerte: 3
PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\w7k71tpw.default-1397410510911\extensions\faststartff@gmail.com, In Quarantäne, [b376138fceadef470483928f22e2d12f]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1983403286-1626189231-2232492376-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0X2O1C0R2R1R, Löschen bei Neustart, [f138e2c028533bfb83bb59a99e6657a9]
PUP.Optional.FastStart.A, HKU\S-1-5-21-1983403286-1626189231-2232492376-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, Löschen bei Neustart, [74b5c9d9f388e74f614320a7b74b926e]
Registrierungsdaten: 8
PUP.Optional.Skytech.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SearchProtect64.dll, Gut: (), Schlecht: (C:\PROGRA~2\SupTab\SearchProtect64.dll),Ersetzt,[5ccdf9a97902ca6c3f907a1348b9f709]
PUP.Optional.Skytech.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SearchProtect32.dll, Gut: (), Schlecht: (C:\PROGRA~2\SupTab\SearchProtect32.dll),Ersetzt,[ee3b851d4c2f9a9c0fc0f4993cc548b8]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1404280088&from=tugs&uid=WDCXWD5000LPVX-22V0TT0_WD-WXE1E13HHPC2HHPC2, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1404280088&from=tugs&uid=WDCXWD5000LPVX-22V0TT0_WD-WXE1E13HHPC2HHPC2),Ersetzt,[0326752d4734280e373a465b3ec6d22e]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[c66310922655d561b1ef505b11f3718f]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1404280088&from=tugs&uid=WDCXWD5000LPVX-22V0TT0_WD-WXE1E13HHPC2HHPC2&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1404280088&from=tugs&uid=WDCXWD5000LPVX-22V0TT0_WD-WXE1E13HHPC2HHPC2&q={searchTerms}),Ersetzt,[e544a101c9b2b87eb7b84859798b7090]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hp&ts=1404280088&from=tugs&uid=WDCXWD5000LPVX-22V0TT0_WD-WXE1E13HHPC2HHPC2, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1404280088&from=tugs&uid=WDCXWD5000LPVX-22V0TT0_WD-WXE1E13HHPC2HHPC2),Ersetzt,[fb2e1290205b68cec0ada2ffc3410cf4]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1404280088&from=tugs&uid=WDCXWD5000LPVX-22V0TT0_WD-WXE1E13HHPC2HHPC2, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1404280088&from=tugs&uid=WDCXWD5000LPVX-22V0TT0_WD-WXE1E13HHPC2HHPC2),Ersetzt,[16139b07df9c270f4f2220817f85e51b]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[73b69e045f1cf93d7729298248bcb34d]
Ordner: 68
PUP.Optional.eSafe.A, C:\ProgramData\eSafe\log, In Quarantäne, [06232c76136884b27008faeea06243bd],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.DigitalSite.A, C:\Users\admin\AppData\Roaming\DigitalSite\UpdateProc, In Quarantäne, [7baedcc6d1aaec4aa7474f9f57ab916f],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\rep, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\rep, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
Rogue.Multiple, C:\ProgramData\374311380, In Quarantäne, [f138bee41a6184b2586f1a7a56ac8977],
PUP.Optional.OpenCandy, C:\Users\admin\AppData\Roaming\OpenCandy, In Quarantäne, [2aff178ba0db46f0bab0e5bfdc2647b9],
PUP.Optional.OpenCandy, C:\Users\admin\AppData\Roaming\OpenCandy\0DE31C843F324607A6422B2256D0A209, In Quarantäne, [2aff178ba0db46f0bab0e5bfdc2647b9],
PUP.Optional.BonanzaDeals.A, C:\ProgramData\BonanzaDealsLive, In Quarantäne, [0227386a1c5f3ef8421c7a2b3ac87090],
PUP.Optional.BonanzaDeals.A, C:\ProgramData\BonanzaDealsLive\Update, In Quarantäne, [0227386a1c5f3ef8421c7a2b3ac87090],
PUP.Optional.BonanzaDeals.A, C:\ProgramData\BonanzaDealsLive\Update\Log, In Quarantäne, [0227386a1c5f3ef8421c7a2b3ac87090],
PUP.Optional.BonanzaDeals.A, C:\Users\admin\AppData\Local\BonanzaDealsLive, In Quarantäne, [8b9e09995f1c61d55f0000a5fc0636ca],
PUP.Optional.BonanzaDeals.A, C:\Users\admin\AppData\Local\BonanzaDealsLive\CrashReports, In Quarantäne, [8b9e09995f1c61d55f0000a5fc0636ca],
PUP.Optional.BonanzaDeals.A, C:\Program Files (x86)\BonanzaDealsLive, In Quarantäne, [a386eab8d4a73ef89cc5aafb917106fa],
PUP.Optional.BonanzaDeals.A, C:\Program Files (x86)\BonanzaDealsLive\CrashReports, In Quarantäne, [a386eab8d4a73ef89cc5aafb917106fa],
PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService, In Quarantäne, [9990f1b194e7ec4af29cfdabb74b4db3],
PUP.Optional.CrossRider.A, C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe, In Quarantäne, [1a0fd7cbeb906cca02d2bfeb6d95619f],
PUP.Optional.CrossRider.A, C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.76_0, In Quarantäne, [1a0fd7cbeb906cca02d2bfeb6d95619f],
PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings, In Quarantäne, [9891e4bed1aadf57e1105e4d20e27d83],
PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings\SSL, In Quarantäne, [9891e4bed1aadf57e1105e4d20e27d83],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, In Quarantäne, [70b9dbc71b60ed49dd647842ac567888],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, In Quarantäne, [70b9dbc71b60ed49dd647842ac567888],
PUP.Optional.SearchProtect.A, C:\Users\admin\AppData\Local\SearchProtect, In Quarantäne, [a7826c36f7845cda51f1625831d1c63a],
PUP.Optional.RocketFind.A, C:\Users\admin\AppData\Roaming\RocketUpdater\UpdateProc, In Quarantäne, [f930604281fa2e08526203b87d85af51],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, In Quarantäne, [3dec8f13413ae74f31845a6238ca0cf4],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, In Quarantäne, [3dec8f13413ae74f31845a6238ca0cf4],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [3dec8f13413ae74f31845a6238ca0cf4],
PUP.Optional.SystemSpeedup, C:\Users\admin\AppData\Roaming\systweak\ssd, In Quarantäne, [2207ccd6f38873c367f1635aa85ac040],
Dateien: 151
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect64.dll, In Quarantäne, [5ccdf9a97902ca6c3f907a1348b9f709],
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect32.dll, In Quarantäne, [ee3b851d4c2f9a9c0fc0f4993cc548b8],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, In Quarantäne, [54d5edb54a313105a1a2322ae31fad53],
PUP.Optional.DigitalSites.A, C:\Users\admin\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe, In Quarantäne, [af7a673b4e2d9e98944cbb7ee31e7090],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys, In Quarantäne, [e148c8da5e1d05319e933989738f24dc],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gw64.sys, In Quarantäne, [86a37c26b8c3a690a58ce1e138cad828],
PUP.Optional.WebsSearches.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml, In Quarantäne, [d653039f0972072fe6cc5a858082ed13],
PUP.Optional.eSafe.A, C:\ProgramData\eSafe\log\eGdpSvc.LOG, In Quarantäne, [06232c76136884b27008faeea06243bd],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface64.dll, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterfacef32.dll, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\ient.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\RSHP.exe, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SpAPPSv32.dll, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SpAPPSv64.dll, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WebDataJs, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\arrow.png, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo.png, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo_hover.png, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_logo.png, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo.png, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo2.png, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\0.png, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ie8.js, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit.js, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, In Quarantäne, [ba6fd4ce2952b5814fa6feeaf80a1de3],
PUP.Optional.DigitalSite.A, C:\Users\admin\AppData\Roaming\DigitalSite\UpdateProc\config.dat, In Quarantäne, [7baedcc6d1aaec4aa7474f9f57ab916f],
PUP.Optional.DigitalSite.A, C:\Users\admin\AppData\Roaming\DigitalSite\UpdateProc\info.dat, In Quarantäne, [7baedcc6d1aaec4aa7474f9f57ab916f],
PUP.Optional.DigitalSite.A, C:\Users\admin\AppData\Roaming\DigitalSite\UpdateProc\prod.dat, In Quarantäne, [7baedcc6d1aaec4aa7474f9f57ab916f],
PUP.Optional.DigitalSite.A, C:\Users\admin\AppData\Roaming\DigitalSite\UpdateProc\STTL.DAT, In Quarantäne, [7baedcc6d1aaec4aa7474f9f57ab916f],
PUP.Optional.DigitalSite.A, C:\Users\admin\AppData\Roaming\DigitalSite\UpdateProc\TTL.DAT, In Quarantäne, [7baedcc6d1aaec4aa7474f9f57ab916f],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\EULA.txt, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js, In Quarantäne, [1217d2d062198da97fd5e923857f1be5],
Rogue.Multiple, C:\ProgramData\374311380\BIT5A6C.tmp, In Quarantäne, [f138bee41a6184b2586f1a7a56ac8977],
PUP.Optional.OpenCandy, C:\Users\admin\AppData\Roaming\OpenCandy\0DE31C843F324607A6422B2256D0A209\Trial-14.0.1000.89_de-DE_1004733_DE-2.exe, In Quarantäne, [2aff178ba0db46f0bab0e5bfdc2647b9],
PUP.Optional.BonanzaDeals.A, C:\ProgramData\BonanzaDealsLive\Update\Log\BonanzaDealsLive.log, In Quarantäne, [0227386a1c5f3ef8421c7a2b3ac87090],
PUP.Optional.RocketFind.A, C:\Users\admin\AppData\Roaming\RocketUpdater\UpdateProc\config.dat, In Quarantäne, [f930604281fa2e08526203b87d85af51],
PUP.Optional.RocketFind.A, C:\Users\admin\AppData\Roaming\RocketUpdater\UpdateProc\info.dat, In Quarantäne, [f930604281fa2e08526203b87d85af51],
PUP.Optional.RocketFind.A, C:\Users\admin\AppData\Roaming\RocketUpdater\UpdateProc\UpdateTask.exe, In Quarantäne, [f930604281fa2e08526203b87d85af51],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-07-02[07-49-41-838].log, In Quarantäne, [3dec8f13413ae74f31845a6238ca0cf4],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, In Quarantäne, [3dec8f13413ae74f31845a6238ca0cf4],
PUP.Optional.SystemSpeedup, C:\Users\admin\AppData\Roaming\systweak\ssd\SSDPTstub.exe, In Quarantäne, [2207ccd6f38873c367f1635aa85ac040],
Physische Sektoren: 0
(No malicious items detected)
(end) AdwCleaner Code:
# AdwCleaner v3.216 - Bericht erstellt am 21/07/2014 um 18:52:19
# Aktualisiert 17/07/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : admin - ADMIN-PC
# Gestartet von : C:\Users\admin\Desktop\adwcleaner_3.216.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\eSafe
Ordner Gelöscht : C:\Program Files (x86)\Bench
Ordner Gelöscht : C:\Program Files (x86)\BonanzaDeals
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files\003
Ordner Gelöscht : C:\Users\admin\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\admin\AppData\Roaming\Advanced System Protector
Ordner Gelöscht : C:\Users\admin\AppData\Roaming\digitalsite
Ordner Gelöscht : C:\Users\admin\AppData\Roaming\DigitalSites
Ordner Gelöscht : C:\Users\admin\AppData\Roaming\RocketUpdater
Ordner Gelöscht : C:\Users\admin\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\admin\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\admin\Documents\Optimizer Pro
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\admin\AppData\Roaming\aps.uninstall.scan.results
Datei Gelöscht : C:\Users\admin\Desktop\Continue VuuPC Installation.lnk
Datei Gelöscht : C:\Windows\System32\Tasks\DigitalSite
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [LManager]
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522292216}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555295516}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566296616}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2B47855E-B429-4DF6-8293-E1DBF2381A07}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\FreeSoftToday
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\powerpack
Schlüssel Gelöscht : HKCU\Software\Rocket Browser
Schlüssel Gelöscht : HKCU\Software\RocketUpdater
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\blockAndSurf
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\aartemisSoftware
Schlüssel Gelöscht : HKLM\Software\GlobalUpdate
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Tutorials
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17207
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\3k71wec3.default\prefs.js ]
Zeile gelöscht : user_pref("browser.search.defaultenginename", "webssearches");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "webssearches");
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [6812 octets] - [21/07/2014 18:51:46]
AdwCleaner[S0].txt - [5672 octets] - [21/07/2014 18:52:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5732 octets] ########## JRT.txt Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by admin on 21.07.2014 at 18:55:37,48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\admin\AppData\Roaming\mozilla\firefox\profiles\3k71wec3.default\minidumps [7 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.07.2014 at 19:01:00,34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Frst log:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-07-2014
Ran by admin (administrator) on ADMIN-PC on 21-07-2014 19:03:32
Running from C:\Users\admin\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [7138816 2013-10-14] (Broadcom Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8D3F423B5CE1CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\3k71wec3.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus Pop-up Addon - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\3k71wec3.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-07-04]
FF Extension: Adblock Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\3k71wec3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-04]
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR StartMenuInternet: Google Chrome - chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5824512 2013-10-14] (Broadcom Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-06-24] (Avira Operations GmbH & Co. KG)
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [331264 2011-12-06] (Intel(R) Corporation) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-21 19:01 - 2014-07-21 19:01 - 00000756 _____ () C:\Users\admin\Desktop\JRT.txt
2014-07-21 18:55 - 2014-07-21 18:55 - 00000000 ____D () C:\Windows\ERUNT
2014-07-21 18:53 - 2014-07-21 18:53 - 00005824 _____ () C:\Users\admin\Desktop\AdwCleaner[S0].txt
2014-07-21 18:52 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-21 18:51 - 2014-07-21 18:52 - 00000000 ____D () C:\AdwCleaner
2014-07-21 18:50 - 2014-07-21 18:50 - 01354223 _____ () C:\Users\admin\Desktop\adwcleaner_3.216.exe
2014-07-21 18:50 - 2014-07-21 18:50 - 01016261 _____ (Thisisu) C:\Users\admin\Desktop\JRT.exe
2014-07-21 18:49 - 2014-07-21 18:49 - 00040111 _____ () C:\Users\admin\Desktop\mbam.txt
2014-07-21 18:30 - 2014-07-21 18:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-21 18:30 - 2014-07-21 18:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-21 18:30 - 2014-07-21 18:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-21 18:30 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-21 18:30 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-21 18:30 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-21 18:27 - 2014-07-21 18:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-20 23:07 - 2014-07-20 23:07 - 00021756 _____ () C:\Users\admin\Desktop\ComboFix.txt
2014-07-20 22:36 - 2014-07-20 23:07 - 00000000 ____D () C:\Qoobox
2014-07-20 22:36 - 2014-07-20 23:06 - 00000000 ____D () C:\Windows\erdnt
2014-07-20 22:36 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-20 22:36 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-20 22:36 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-20 22:36 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-20 22:36 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-20 22:36 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-20 22:36 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-20 22:36 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-20 22:33 - 2014-07-20 22:34 - 05561612 ____R (Swearware) C:\Users\admin\Desktop\ComboFix.exe
2014-07-20 18:23 - 2014-07-20 18:23 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\admin\Downloads\revosetup95.exe
2014-07-20 18:23 - 2014-07-20 18:23 - 00001268 _____ () C:\Users\admin\Desktop\Revo Uninstaller.lnk
2014-07-20 18:23 - 2014-07-20 18:23 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-20 09:28 - 2014-07-20 09:28 - 00001202 _____ () C:\Users\admin\Desktop\Format Factory.lnk
2014-07-20 09:28 - 2014-07-20 09:28 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2014-07-20 09:28 - 2014-06-25 19:14 - 48888704 _____ (AVM Software Inc.) C:\Users\admin\Documents\pal_install_a4650_r131001_p127000.exe
2014-07-20 09:27 - 2014-07-20 09:27 - 00000000 ____D () C:\Program Files (x86)\FreeTime
2014-07-20 09:23 - 2014-07-20 09:27 - 53647808 _____ (Free Time) C:\Users\admin\Downloads\FFSetup_3.3.5.0.exe
2014-07-19 21:14 - 2014-07-19 21:14 - 539557340 _____ () C:\Windows\MEMORY.DMP
2014-07-19 21:14 - 2014-07-19 21:14 - 00280472 _____ () C:\Windows\Minidump\071914-17924-01.dmp
2014-07-19 21:14 - 2014-07-19 21:14 - 00000000 ____D () C:\Windows\Minidump
2014-07-19 21:09 - 2014-07-19 21:09 - 00001338 _____ () C:\Users\admin\Desktop\Gmer.log
2014-07-19 20:58 - 2014-07-21 19:03 - 00009393 _____ () C:\Users\admin\Desktop\FRST.txt
2014-07-19 20:58 - 2014-07-19 20:58 - 00024514 _____ () C:\Users\admin\Desktop\Addition.txt
2014-07-19 20:56 - 2014-07-19 20:57 - 00380416 _____ () C:\Users\admin\Downloads\Gmer-19357.exe
2014-07-19 20:55 - 2014-07-19 20:56 - 00024514 _____ () C:\Users\admin\Downloads\Addition.txt
2014-07-19 20:54 - 2014-07-21 19:03 - 00000000 ____D () C:\FRST
2014-07-19 20:54 - 2014-07-19 20:56 - 00056293 _____ () C:\Users\admin\Downloads\FRST.txt
2014-07-19 20:54 - 2014-07-19 20:54 - 02089984 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-07-19 20:53 - 2014-07-19 20:53 - 00000472 _____ () C:\Users\admin\Downloads\defogger_disable.log
2014-07-19 20:53 - 2014-07-19 20:53 - 00000000 _____ () C:\Users\admin\defogger_reenable
2014-07-19 20:51 - 2014-07-19 20:51 - 00050477 _____ () C:\Users\admin\Downloads\Defogger.exe
2014-07-19 20:39 - 2014-07-19 20:39 - 00055826 _____ () C:\Users\admin\Desktop\Ereignisse.txt
2014-07-19 20:29 - 2014-07-19 20:29 - 00003102 _____ () C:\Windows\System32\Tasks\{C996C0DB-51F0-4514-B8C3-5BDC0F040DF5}
2014-07-19 20:27 - 2014-07-19 20:27 - 00003172 _____ () C:\Windows\System32\Tasks\{4C311FA7-4673-49BD-B8AA-75D55BF820DE}
2014-07-16 20:23 - 2014-07-16 20:23 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-11 22:54 - 2014-07-11 22:54 - 00000000 ____D () C:\Users\admin\AppData\Local\WorldofTanks
2014-07-09 10:47 - 2014-07-09 10:46 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-09 10:47 - 2014-07-09 10:46 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-09 10:47 - 2014-07-09 10:46 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-09 10:47 - 2014-07-09 10:46 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-07-09 10:46 - 2014-07-09 10:46 - 00000000 ____D () C:\Program Files\Java
2014-07-09 10:41 - 2014-07-09 10:41 - 00961360 _____ (Chip Digital GmbH) C:\Users\admin\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe
2014-07-09 09:09 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 09:09 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 09:09 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 09:09 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 09:09 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 09:09 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 09:09 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 09:09 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 09:09 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 09:09 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 09:09 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 09:09 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 09:09 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 09:09 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 09:09 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 09:09 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 09:09 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 09:09 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 09:09 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 09:09 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 09:09 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 09:09 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 09:09 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 09:09 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 09:09 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 09:09 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 09:09 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 09:09 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 09:09 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 09:09 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 09:09 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 09:09 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 09:09 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 09:09 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 09:09 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 09:09 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 09:09 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 09:09 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 09:09 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 09:09 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 09:09 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 09:09 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 09:09 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 09:09 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 09:09 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 09:09 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 09:09 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 09:09 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 09:09 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 09:09 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 09:09 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 09:09 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 09:09 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 09:09 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 09:09 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 09:09 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 09:08 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 09:08 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 09:08 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 09:08 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 09:08 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 09:07 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 09:07 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 09:07 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 09:07 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 09:07 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 09:07 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 09:07 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 09:07 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 09:07 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 09:07 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 09:07 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 09:07 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 09:07 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 09:07 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 09:07 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 09:07 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 09:07 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 09:03 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 09:03 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 09:03 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-06 21:38 - 2014-07-20 09:26 - 00000000 ____D () C:\Users\admin\AppData\Roaming\vlc
2014-07-04 11:06 - 2014-07-10 15:00 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-04 11:02 - 2014-07-04 11:02 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-07-04 11:02 - 2014-07-04 11:02 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Avira
2014-07-04 11:02 - 2014-07-04 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-04 11:01 - 2014-07-20 18:27 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-04 11:01 - 2014-07-04 11:01 - 00000000 ____D () C:\ProgramData\Avira
2014-07-04 11:01 - 2014-06-24 20:39 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-07-04 11:01 - 2014-06-24 20:39 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-04 11:01 - 2014-06-24 20:39 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-07-04 10:59 - 2014-07-04 10:59 - 00000000 ____D () C:\Users\admin\Downloads\backups
2014-07-04 10:54 - 2014-07-04 10:54 - 00388608 _____ (Trend Micro Inc.) C:\Users\admin\Downloads\HiJackThis204.exe
2014-07-04 10:54 - 2014-07-04 10:54 - 00011743 _____ () C:\Users\admin\Downloads\hijackthis.log
2014-07-04 10:52 - 2014-07-04 10:52 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-04 10:52 - 2014-07-04 10:52 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-04 10:52 - 2014-07-04 10:52 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Mozilla
2014-07-04 10:52 - 2014-07-04 10:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-04 10:44 - 2014-07-04 10:52 - 29677544 _____ (Mozilla) C:\Users\admin\Downloads\Firefox_Setup_de30.0.exe
2014-07-04 10:41 - 2014-07-04 11:01 - 141865920 _____ () C:\Users\admin\Downloads\avira_free_antivirus45_de.exe
2014-07-04 10:08 - 2014-07-17 17:21 - 00000003 _____ () C:\Users\admin\AppData\Local\proxy.log
2014-07-03 23:31 - 2014-07-03 23:31 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-07-03 23:31 - 2014-07-03 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-07-03 23:31 - 2014-07-03 23:31 - 00000000 ____D () C:\Program Files\VideoLAN
2014-07-03 23:23 - 2014-02-12 23:21 - 00000426 _____ () C:\AVScanner.ini
2014-07-03 10:31 - 2014-07-03 13:35 - 00000000 ____D () C:\ProgramData\Norton
2014-07-03 10:10 - 2014-07-03 10:10 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Media Player Classic
2014-07-02 21:55 - 2014-07-02 21:55 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-02 08:16 - 2014-07-03 23:23 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-07-02 07:52 - 2014-07-02 07:52 - 00000000 ____D () C:\ProgramData\TEMP
2014-07-02 07:49 - 2014-07-02 07:49 - 00000000 ____D () C:\Users\admin\AppData\Local\com
2014-07-02 00:19 - 2014-07-02 00:19 - 00000000 ____D () C:\ProgramData\Steam
==================== One Month Modified Files and Folders =======
2014-07-21 19:04 - 2014-07-19 20:58 - 00009393 _____ () C:\Users\admin\Desktop\FRST.txt
2014-07-21 19:03 - 2014-07-19 20:54 - 00000000 ____D () C:\FRST
2014-07-21 19:01 - 2014-07-21 19:01 - 00000756 _____ () C:\Users\admin\Desktop\JRT.txt
2014-07-21 19:00 - 2009-07-14 06:45 - 00035824 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-21 19:00 - 2009-07-14 06:45 - 00035824 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-21 18:56 - 2013-10-16 20:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-21 18:55 - 2014-07-21 18:55 - 00000000 ____D () C:\Windows\ERUNT
2014-07-21 18:53 - 2014-07-21 18:53 - 00005824 _____ () C:\Users\admin\Desktop\AdwCleaner[S0].txt
2014-07-21 18:52 - 2014-07-21 18:51 - 00000000 ____D () C:\AdwCleaner
2014-07-21 18:52 - 2013-10-14 00:42 - 00000995 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-21 18:52 - 2013-10-14 00:41 - 01854775 _____ () C:\Windows\WindowsUpdate.log
2014-07-21 18:52 - 2010-11-21 05:47 - 00878190 _____ () C:\Windows\PFRO.log
2014-07-21 18:52 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-21 18:52 - 2009-07-14 06:51 - 00089373 _____ () C:\Windows\setupact.log
2014-07-21 18:50 - 2014-07-21 18:50 - 01354223 _____ () C:\Users\admin\Desktop\adwcleaner_3.216.exe
2014-07-21 18:50 - 2014-07-21 18:50 - 01016261 _____ (Thisisu) C:\Users\admin\Desktop\JRT.exe
2014-07-21 18:49 - 2014-07-21 18:49 - 00040111 _____ () C:\Users\admin\Desktop\mbam.txt
2014-07-21 18:48 - 2014-07-21 18:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-21 18:42 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\addins
2014-07-21 18:30 - 2014-07-21 18:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-21 18:30 - 2014-07-21 18:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-21 18:28 - 2014-07-21 18:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-21 09:47 - 2014-01-01 20:14 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-20 23:07 - 2014-07-20 23:07 - 00021756 _____ () C:\Users\admin\Desktop\ComboFix.txt
2014-07-20 23:07 - 2014-07-20 22:36 - 00000000 ____D () C:\Qoobox
2014-07-20 23:06 - 2014-07-20 22:36 - 00000000 ____D () C:\Windows\erdnt
2014-07-20 23:06 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-20 22:34 - 2014-07-20 22:33 - 05561612 ____R (Swearware) C:\Users\admin\Desktop\ComboFix.exe
2014-07-20 18:47 - 2013-10-13 01:28 - 00699342 _____ () C:\Windows\system32\perfh007.dat
2014-07-20 18:47 - 2013-10-13 01:28 - 00149450 _____ () C:\Windows\system32\perfc007.dat
2014-07-20 18:47 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-20 18:27 - 2014-07-04 11:01 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-20 18:23 - 2014-07-20 18:23 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\admin\Downloads\revosetup95.exe
2014-07-20 18:23 - 2014-07-20 18:23 - 00001268 _____ () C:\Users\admin\Desktop\Revo Uninstaller.lnk
2014-07-20 18:23 - 2014-07-20 18:23 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-20 09:28 - 2014-07-20 09:28 - 00001202 _____ () C:\Users\admin\Desktop\Format Factory.lnk
2014-07-20 09:28 - 2014-07-20 09:28 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2014-07-20 09:27 - 2014-07-20 09:27 - 00000000 ____D () C:\Program Files (x86)\FreeTime
2014-07-20 09:27 - 2014-07-20 09:23 - 53647808 _____ (Free Time) C:\Users\admin\Downloads\FFSetup_3.3.5.0.exe
2014-07-20 09:26 - 2014-07-06 21:38 - 00000000 ____D () C:\Users\admin\AppData\Roaming\vlc
2014-07-19 21:14 - 2014-07-19 21:14 - 539557340 _____ () C:\Windows\MEMORY.DMP
2014-07-19 21:14 - 2014-07-19 21:14 - 00280472 _____ () C:\Windows\Minidump\071914-17924-01.dmp
2014-07-19 21:14 - 2014-07-19 21:14 - 00000000 ____D () C:\Windows\Minidump
2014-07-19 21:09 - 2014-07-19 21:09 - 00001338 _____ () C:\Users\admin\Desktop\Gmer.log
2014-07-19 20:58 - 2014-07-19 20:58 - 00024514 _____ () C:\Users\admin\Desktop\Addition.txt
2014-07-19 20:57 - 2014-07-19 20:56 - 00380416 _____ () C:\Users\admin\Downloads\Gmer-19357.exe
2014-07-19 20:56 - 2014-07-19 20:55 - 00024514 _____ () C:\Users\admin\Downloads\Addition.txt
2014-07-19 20:56 - 2014-07-19 20:54 - 00056293 _____ () C:\Users\admin\Downloads\FRST.txt
2014-07-19 20:54 - 2014-07-19 20:54 - 02089984 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-07-19 20:53 - 2014-07-19 20:53 - 00000472 _____ () C:\Users\admin\Downloads\defogger_disable.log
2014-07-19 20:53 - 2014-07-19 20:53 - 00000000 _____ () C:\Users\admin\defogger_reenable
2014-07-19 20:53 - 2013-10-14 00:41 - 00000000 ____D () C:\Users\admin
2014-07-19 20:51 - 2014-07-19 20:51 - 00050477 _____ () C:\Users\admin\Downloads\Defogger.exe
2014-07-19 20:39 - 2014-07-19 20:39 - 00055826 _____ () C:\Users\admin\Desktop\Ereignisse.txt
2014-07-19 20:29 - 2014-07-19 20:29 - 00003102 _____ () C:\Windows\System32\Tasks\{C996C0DB-51F0-4514-B8C3-5BDC0F040DF5}
2014-07-19 20:27 - 2014-07-19 20:27 - 00003172 _____ () C:\Windows\System32\Tasks\{4C311FA7-4673-49BD-B8AA-75D55BF820DE}
2014-07-19 19:54 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-07-19 10:35 - 2013-11-17 07:44 - 00000237 _____ () C:\Users\admin\AppData\Roaming\WB.CFG
2014-07-17 17:21 - 2014-07-04 10:08 - 00000003 _____ () C:\Users\admin\AppData\Local\proxy.log
2014-07-17 17:20 - 2013-10-14 00:42 - 00058016 _____ () C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-17 17:20 - 2009-07-14 06:45 - 00275856 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-16 20:23 - 2014-07-16 20:23 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-11 22:54 - 2014-07-11 22:54 - 00000000 ____D () C:\Users\admin\AppData\Local\WorldofTanks
2014-07-10 15:00 - 2014-07-04 11:06 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-10 03:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-10 03:20 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 03:20 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 03:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 03:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 03:04 - 2013-10-12 11:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 03:02 - 2013-10-12 11:30 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 10:47 - 2014-03-19 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-09 10:46 - 2014-07-09 10:47 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-09 10:46 - 2014-07-09 10:47 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-09 10:46 - 2014-07-09 10:47 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-09 10:46 - 2014-07-09 10:47 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-07-09 10:46 - 2014-07-09 10:46 - 00000000 ____D () C:\Program Files\Java
2014-07-09 10:41 - 2014-07-09 10:41 - 00961360 _____ (Chip Digital GmbH) C:\Users\admin\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe
2014-07-08 21:56 - 2013-10-16 20:02 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 21:56 - 2013-10-16 20:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 21:56 - 2013-10-16 20:02 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-04 11:02 - 2014-07-04 11:02 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-07-04 11:02 - 2014-07-04 11:02 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Avira
2014-07-04 11:02 - 2014-07-04 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-04 11:01 - 2014-07-04 11:01 - 00000000 ____D () C:\ProgramData\Avira
2014-07-04 11:01 - 2014-07-04 10:41 - 141865920 _____ () C:\Users\admin\Downloads\avira_free_antivirus45_de.exe
2014-07-04 10:59 - 2014-07-04 10:59 - 00000000 ____D () C:\Users\admin\Downloads\backups
2014-07-04 10:54 - 2014-07-04 10:54 - 00388608 _____ (Trend Micro Inc.) C:\Users\admin\Downloads\HiJackThis204.exe
2014-07-04 10:54 - 2014-07-04 10:54 - 00011743 _____ () C:\Users\admin\Downloads\hijackthis.log
2014-07-04 10:52 - 2014-07-04 10:52 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-04 10:52 - 2014-07-04 10:52 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-04 10:52 - 2014-07-04 10:52 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Mozilla
2014-07-04 10:52 - 2014-07-04 10:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-04 10:52 - 2014-07-04 10:44 - 29677544 _____ (Mozilla) C:\Users\admin\Downloads\Firefox_Setup_de30.0.exe
2014-07-04 10:52 - 2014-06-18 11:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-03 23:31 - 2014-07-03 23:31 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-07-03 23:31 - 2014-07-03 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-07-03 23:31 - 2014-07-03 23:31 - 00000000 ____D () C:\Program Files\VideoLAN
2014-07-03 23:27 - 2013-10-12 12:38 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-03 23:23 - 2014-07-02 08:16 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-07-03 13:35 - 2014-07-03 10:31 - 00000000 ____D () C:\ProgramData\Norton
2014-07-03 10:10 - 2014-07-03 10:10 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Media Player Classic
2014-07-02 21:55 - 2014-07-02 21:55 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-02 21:52 - 2014-05-23 14:52 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-02 08:16 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-02 08:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-02 07:52 - 2014-07-02 07:52 - 00000000 ____D () C:\ProgramData\TEMP
2014-07-02 07:49 - 2014-07-02 07:49 - 00000000 ____D () C:\Users\admin\AppData\Local\com
2014-07-02 00:19 - 2014-07-02 00:19 - 00000000 ____D () C:\ProgramData\Steam
2014-07-02 00:19 - 2014-05-07 17:11 - 00000000 ____D () C:\Users\admin\Documents\my games
2014-07-02 00:18 - 2014-01-04 02:18 - 00199781 _____ () C:\Windows\DirectX.log
2014-06-30 04:09 - 2014-07-09 09:08 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-09 09:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-25 19:14 - 2014-07-20 09:28 - 48888704 _____ (AVM Software Inc.) C:\Users\admin\Documents\pal_install_a4650_r131001_p127000.exe
2014-06-24 20:39 - 2014-07-04 11:01 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-24 20:39 - 2014-07-04 11:01 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-24 20:39 - 2014-07-04 11:01 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-06-24 15:09 - 2014-01-13 19:42 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Skype
Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\avgnt.exe
C:\Users\admin\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-18 00:32
==================== End Of Log ============================ --- --- --- |