| Flori5563 | 12.08.2014 00:00 |
Servus Timo,
Nun sieht es doch mittlerweile sehr gut aus. Im Folgenden findest Du die Textdateien!
Achja, ich hab die Anleitung für den Revo Uninstaller nicht gut verstanden. Ich hoffe, es ist trotzdem ok, dass ich es ausgelassen habe.
Junkware Remove Tool Textdatei : Code:
# AdwCleaner v3.304 - Bericht erstellt am 12/08/2014 um 00:37:16
# Aktualisiert 08/08/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Florian - FLORIAN
# Gestartet von : C:\Users\Florian\Downloads\adwcleaner_3.304.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : IePluginServices
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Users\Florian\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Florian\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
***** [ Tasks ] *****
Task Gelöscht : AmiUpdXp
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Verknüpfung Desinfiziert : C:\Users\Florian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Florian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [InetStat]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EAB5257A-1FB3-474C-9B42-231F52622E72}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\Fabulous
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v31.0 (x86 de)
[ Datei : C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\m7t6ivwh.default-1407774337751\prefs.js ]
-\\ Google Chrome v
[ Datei : C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
*************************
AdwCleaner[R0].txt - [8033 octets] - [12/08/2014 00:36:34]
AdwCleaner[S0].txt - [5779 octets] - [12/08/2014 00:37:16]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5839 octets] ##########
Dann vom mbam : Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 12.08.2014
Suchlauf-Zeit: 00:41:39
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.08.11.08
Rootkit Datenbank: v2014.08.04.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Florian
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 322308
Verstrichene Zeit: 4 Min, 54 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 2
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, In Quarantäne, [94c04f76700b60d62fd8defa4ab8f40c],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\istartsurf uninstall, In Quarantäne, [ef6563625625a19562bbc411d2309769],
Registrierungswerte: 1
PUP.Optional.FastStart.A, HKU\S-1-5-21-3253947246-835676800-3242475936-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, In Quarantäne, [db7919acb7c40a2cbe198b56679b0cf4]
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 6
PUP.Optional.Extutil.A, C:\Users\Florian\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, In Quarantäne, [5ff5636256255cda401ad2face349f61],
PUP.Optional.Managera.A, C:\Users\Florian\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, In Quarantäne, [df756e57324967cf7ddee6e6649e2bd5],
PUP.Optional.Fabulous.Discounts.T, C:\Users\Florian\AppData\Local\fabulous_08111614, In Quarantäne, [e96bb80d710a8da9a5a0814d0cf6e51b],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\code, In Quarantäne, [ef6563625625a19562bbc411d2309769],
Dateien: 57
PUP.Optional.SearchProtect.A, C:\Users\Florian\AppData\Local\Temp\nscB656.exe, In Quarantäne, [490bf7cedba04de9ee30b183e21fef11],
PUP.Optional.Conduit.A, C:\Users\Florian\AppData\Local\Temp\nslA563.exe, In Quarantäne, [045075504d2e58deeb189fee30d1b848],
PUP.Optional.SearchProtect.A, C:\Users\Florian\AppData\Local\Temp\nspA211.exe, In Quarantäne, [c98b398c671441f5a17d1024887944bc],
PUP.Optional.Conduit.A, C:\Users\Florian\AppData\Local\Temp\nsz6F38\SpSetup.exe, In Quarantäne, [ea6ab70e7704fb3b62ac31f814edaf51],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsa1947.exe, In Quarantäne, [a5afb70e8fecb97d9a69810c9f62d828],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsaEF9A.exe, In Quarantäne, [6aea428380fbc17534cfbdd0c53c1ee2],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsd5F72.exe, In Quarantäne, [76de9c29fc7ff442d1327b1239c8ba46],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsf7366.exe, In Quarantäne, [d480f1d47b0058de01028ffe857cd42c],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsfEB76.exe, In Quarantäne, [59fbdbea8eed251106fdc8c5fe0346ba],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsfFA03.exe, In Quarantäne, [2f252c998fec6ccad42f64292cd5bc44],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsgCB4.exe, In Quarantäne, [2f256b5a2e4dec4a25decbc2cd348977],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsi51A6.exe, In Quarantäne, [a6ae18ad324938fe0201cebf40c15fa1],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsi6106.exe, In Quarantäne, [dd77d4f1166571c560a3038a2cd58878],
PUP.Optional.Conduit.A, C:\Windows\Temp\nskFBA1.exe, In Quarantäne, [441007bec0bb58de5da68effda274ab6],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsm7C6E.exe, In Quarantäne, [f85cd0f5106b25112ed5cebf28d9837d],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsm896F.exe, In Quarantäne, [4014774e6e0d8caa699adab3e51c956b],
PUP.Optional.Conduit.A, C:\Windows\Temp\nso54C9.exe, In Quarantäne, [84d016af04776acc7390a8e5d0314cb4],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsq16F0.exe, In Quarantäne, [c391467fef8ca096c241d2bb19e85ca4],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsq2355.exe, In Quarantäne, [4e065c691f5c68ceef145c319d64e11f],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsr44D9.exe, In Quarantäne, [96be349125563105ea199cf14cb54ab6],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsw9D3.exe, In Quarantäne, [86ce15b0c8b36accdd26f09ddc25e31d],
PUP.Optional.Conduit.A, C:\Windows\Temp\nszDE07.exe, In Quarantäne, [8ec6566fa8d366d0d42f9feebf42dd23],
PUP.Optional.Amonetize, C:\Users\Florian\Downloads\Minecraft force op__8124_il14581.exe, In Quarantäne, [f163b411c7b4f640112784240ef38080],
PUP.Hacktool, C:\Users\Florian\Downloads\minecraft_trn7.zip, In Quarantäne, [282cedd83645c76fdc1a77fec23e21df],
PUP.Optional.Amonetize, C:\Users\Florian\AppData\Local\10149\a25760.exe, In Quarantäne, [dc7830956a11cc6a7340bde443be8977],
PUP.Optional.IStartSurf.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml, In Quarantäne, [aaaa279e7cff92a4aa9237a2877b768a],
PUP.Optional.Extutil.A, C:\Users\Florian\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, In Quarantäne, [5ff5636256255cda401ad2face349f61],
PUP.Optional.Extutil.A, C:\Users\Florian\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, In Quarantäne, [5ff5636256255cda401ad2face349f61],
PUP.Optional.Extutil.A, C:\Users\Florian\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, In Quarantäne, [5ff5636256255cda401ad2face349f61],
PUP.Optional.Managera.A, C:\Users\Florian\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, In Quarantäne, [df756e57324967cf7ddee6e6649e2bd5],
PUP.Optional.Managera.A, C:\Users\Florian\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, In Quarantäne, [df756e57324967cf7ddee6e6649e2bd5],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\277.json, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\MessageBox.xml, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\uninstallDlg2.xml, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\UninstallManager.exe, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\bg.png, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\bg1.png, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\bk_shadow.png, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\button.png, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\button1.png, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\checkbox.png, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\checkbox_select.png, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\checked.png, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\close.png, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\loading_bg.png, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\loading_light.png, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\min.png, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\scrollbar.bmp, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\Thumbs.db, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\unchecked.png, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\code\code1.jpg, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\code\code2.jpg, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\code\code3.jpg, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\code\code4.jpg, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\code\code5.jpg, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\code\code6.jpg, In Quarantäne, [ef6563625625a19562bbc411d2309769],
PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\code\Thumbs.db, In Quarantäne, [ef6563625625a19562bbc411d2309769],
Physische Sektoren: 0
(No malicious items detected)
(end)
Und zu guter letzt vom FRST :
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-08-2014 01
Ran by Florian (administrator) on FLORIAN on 12-08-2014 00:57:49
Running from C:\Users\Florian\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Spotify Ltd) C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Spotify Ltd) C:\Users\Florian\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-11] (AVAST Software)
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20917408 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [239488 2011-04-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\Run: [Spotify Web Helper] => C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-09] (Spotify Ltd)
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\Run: [Spotify] => C:\Users\Florian\AppData\Roaming\Spotify\spotify.exe [6162488 2014-07-09] (Spotify Ltd)
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\MountPoints2: {dc874563-d0b7-11e3-824c-806e6f6e6963} - "E:\Start.exe"
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar905.lnk
ShortcutTarget: Sidebar905.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (No File)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x707A52DCC564CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\m7t6ivwh.default-1407774337751
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-11]
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR StartupUrls: "hxxp://www.google.de/"
CHR Extension: (Google Docs) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-01]
CHR Extension: (Google Drive) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-01]
CHR Extension: (YouTube) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-01]
CHR Extension: (Adblock Plus) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-01]
CHR Extension: (Google-Suche) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-01]
CHR Extension: (Google Wallet) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-01]
CHR Extension: (Google Mail) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-11]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-11] (AVAST Software)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-11] ()
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-07-21] (LogMeIn Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-12 00:57 - 2014-08-12 00:57 - 00009909 _____ () C:\Users\Florian\Desktop\mbam.txt
2014-08-12 00:53 - 2014-08-12 00:53 - 00006239 _____ () C:\Users\Florian\Desktop\Neu.txt
2014-08-12 00:40 - 2014-08-12 00:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-12 00:40 - 2014-08-12 00:40 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-12 00:40 - 2014-08-12 00:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-12 00:40 - 2014-08-12 00:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-12 00:40 - 2014-08-12 00:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-12 00:40 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-12 00:40 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-12 00:40 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-12 00:39 - 2014-08-12 00:40 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Florian\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-12 00:36 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-12 00:35 - 2014-08-12 00:37 - 00000000 ____D () C:\AdwCleaner
2014-08-12 00:35 - 2014-08-12 00:35 - 01366203 _____ () C:\Users\Florian\Downloads\adwcleaner_3.304.exe
2014-08-12 00:28 - 2014-08-12 00:28 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Florian\Downloads\revosetup95.exe
2014-08-12 00:28 - 2014-08-12 00:28 - 00001280 _____ () C:\Users\Florian\Desktop\Revo Uninstaller.lnk
2014-08-12 00:28 - 2014-08-12 00:28 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-11 19:52 - 2014-08-12 00:57 - 00011596 _____ () C:\Users\Florian\Downloads\FRST.txt
2014-08-11 19:52 - 2014-08-11 19:52 - 00035498 _____ () C:\Users\Florian\Downloads\Addition.txt
2014-08-11 19:51 - 2014-08-12 00:57 - 00000000 ____D () C:\FRST
2014-08-11 19:48 - 2014-08-11 19:48 - 02099712 _____ (Farbar) C:\Users\Florian\Downloads\FRST64.exe
2014-08-11 18:39 - 2014-08-11 18:39 - 02347384 _____ (ESET) C:\Users\Florian\Downloads\esetsmartinstaller_deu.exe
2014-08-11 18:30 - 2014-08-11 18:53 - 149922450 _____ (Norman Shark AS) C:\Users\Florian\Downloads\Norman_Malware_Cleaner.exe.part
2014-08-11 18:29 - 2014-08-11 18:29 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-11 18:29 - 2014-08-11 18:29 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-11 18:29 - 2014-08-11 18:29 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-11 18:29 - 2014-08-11 18:29 - 00001982 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-11 18:29 - 2014-08-11 18:29 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\AVAST Software
2014-08-11 18:29 - 2014-08-11 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-11 18:28 - 2014-08-11 18:28 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-11 18:28 - 2014-08-11 18:28 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-11 18:27 - 2014-08-11 18:28 - 91906368 _____ (AVAST Software) C:\Users\Florian\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-08-11 18:25 - 2014-08-11 18:25 - 00000000 ____D () C:\Users\Florian\Desktop\Alte Firefox-Daten
2014-08-11 18:15 - 2014-08-12 00:53 - 00000000 ____D () C:\Users\Florian\AppData\Local\10149
2014-08-11 18:15 - 2014-08-11 18:21 - 00000000 ____D () C:\Users\Florian\AppData\Local\ContextFree
2014-08-11 18:11 - 2014-08-11 18:11 - 00257752 _____ () C:\Users\Florian\Downloads\Minecraft Force Op.rar
2014-08-11 18:03 - 2014-08-11 18:03 - 00356864 _____ () C:\Users\Florian\Downloads\Minecraft.exe
2014-08-11 11:09 - 2014-08-11 11:09 - 04980105 _____ () C:\Users\Florian\Desktop\launcher^FTB_Launcher(1).exe
2014-08-10 19:21 - 2014-08-10 19:22 - 00000000 ____D () C:\Users\Florian\Desktop\Modxray
2014-08-07 13:00 - 2014-08-07 15:08 - 00000000 ____D () C:\Users\Florian\Desktop\Grand Theft Auto San Andreas
2014-08-07 13:00 - 2014-08-07 15:07 - 00000000 ____D () C:\Users\Florian\Desktop\FSX(1)
2014-08-07 10:23 - 2014-08-07 10:57 - 701897648 _____ () C:\Users\Florian\Desktop\FSX(1).rar
2014-08-06 21:19 - 2014-08-06 21:20 - 00033426 _____ () C:\Users\Florian\Downloads\FSX.rar
2014-08-06 20:58 - 2014-08-06 20:58 - 00675988 _____ () C:\Users\Florian\Desktop\Minecraft.exe
2014-08-06 20:48 - 2014-08-06 20:49 - 11990847 _____ () C:\Users\Florian\Downloads\sa-mp-0.3z-R1-install.exe
2014-08-06 20:15 - 2014-08-06 20:15 - 00000000 ___RD () C:\Users\Florian\Documents\Notes
2014-08-06 20:13 - 2014-08-06 20:13 - 00001474 _____ () C:\Users\Florian\Desktop\Windows Live Mail.lnk
2014-08-06 20:13 - 2014-08-06 20:13 - 00000453 _____ () C:\Users\Florian\Desktop\Minecraft - Verknüpfung.lnk
2014-08-06 20:12 - 2014-08-08 17:34 - 00000000 ___RD () C:\Users\Florian\Desktop\ä
2014-08-06 12:17 - 2014-08-11 20:29 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\.minecraft
2014-08-06 12:13 - 2014-08-06 12:13 - 02632153 _____ () C:\Users\Florian\Downloads\forge-1.7.2-10.12.0.1024-installer.jar
2014-08-05 00:03 - 2014-08-05 00:03 - 00000000 ____D () C:\Users\Florian\AppData\Local\CrashRpt
2014-08-04 23:56 - 2014-08-11 00:52 - 00000000 ____D () C:\Users\Florian\AppData\Local\wf-launcher
2014-08-04 23:56 - 2014-08-11 00:31 - 00000000 ____D () C:\ProgramData\GFACE
2014-08-03 20:42 - 2014-08-03 23:57 - 00000000 ____D () C:\Users\Florian\Documents\FIFA World
2014-08-03 20:23 - 2014-08-03 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
2014-08-03 17:41 - 2014-08-03 17:42 - 23516512 _____ (Electronic Arts, Inc.) C:\Users\Florian\Downloads\EASportsFIFAWorld.exe
2014-08-01 17:23 - 2014-08-01 17:23 - 00000609 _____ () C:\Users\Florian\Documents\Standard.mvc
2014-08-01 17:19 - 2014-08-06 12:10 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Craften Terminal
2014-08-01 17:19 - 2014-08-01 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal
2014-08-01 17:19 - 2014-08-01 17:19 - 00000000 ____D () C:\Program Files (x86)\Craften Terminal
2014-08-01 17:18 - 2014-08-01 17:19 - 23178493 _____ (Craften.de ) C:\Users\Florian\Downloads\craftenterminal.exe
2014-08-01 00:35 - 2014-08-01 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.3
2014-08-01 00:33 - 2014-08-01 00:35 - 00000000 ____D () C:\Program Files (x86)\MTA San Andreas 1.3
2014-08-01 00:32 - 2014-08-01 00:33 - 00000000 ____D () C:\ProgramData\MTA San Andreas All
2014-08-01 00:32 - 2014-08-01 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.4
2014-08-01 00:32 - 2014-08-01 00:32 - 00000000 ____D () C:\Program Files (x86)\MTA San Andreas 1.4
2014-08-01 00:31 - 2014-08-01 00:31 - 21830784 _____ (Multi Theft Auto) C:\Users\Florian\Downloads\mtasa-1.4.exe
2014-07-30 14:35 - 2014-07-30 14:45 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\FileZilla
2014-07-30 14:35 - 2014-07-30 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-07-30 14:35 - 2014-07-30 14:35 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-07-30 14:32 - 2014-07-30 14:32 - 05981830 _____ (Tim Kosse) C:\Users\Florian\Downloads\FileZilla_3.9.0.1_win32-setup.exe
2014-07-29 23:59 - 2014-07-29 23:59 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2014-07-29 23:59 - 2014-07-29 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2014-07-29 23:59 - 2014-07-29 23:59 - 00000000 ____D () C:\Program Files\Virtual Audio Cable
2014-07-29 23:56 - 2014-07-30 00:06 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Winamp
2014-07-29 23:56 - 2014-07-29 23:56 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-07-29 23:53 - 2014-07-29 23:53 - 00270848 _____ (Secure By Design Inc.) C:\Users\Florian\Downloads\Ninite Winamp Installer.exe
2014-07-29 23:51 - 2014-07-29 23:51 - 00826192 _____ (Chip Digital GmbH) C:\Users\Florian\Downloads\Virtual Audio Cable - CHIP-Installer.exe
2014-07-29 18:05 - 2014-08-10 11:35 - 00000000 ____D () C:\Users\Florian\AppData\Local\paul.bv96@yahoo.com
2014-07-29 18:05 - 2014-07-29 18:05 - 00029718 _____ () C:\Users\Florian\Downloads\SAMP_KeyBinder.zip
2014-07-29 16:43 - 2014-07-29 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-29 16:43 - 2014-07-29 16:43 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-28 19:16 - 2014-07-28 19:16 - 00000880 _____ () C:\Users\Florian\Downloads\Dokumente - Verknüpfung.lnk
2014-07-26 20:55 - 2014-07-26 20:55 - 04873530 _____ () C:\Users\Florian\Downloads\Cops.rar
2014-07-25 22:08 - 2014-07-25 22:08 - 00270848 _____ (Secure By Design Inc.) C:\Users\Florian\Downloads\Ninite Avast Installer.exe
2014-07-24 20:13 - 2014-07-24 20:27 - 00004841 _____ () C:\Users\Florian\Documents\TombRaider.log
2014-07-21 18:08 - 2014-07-21 18:08 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-07-17 18:36 - 2014-07-17 18:36 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-07-17 18:36 - 2014-07-17 18:36 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-07-15 16:21 - 2014-07-15 16:21 - 00000000 ____D () C:\Users\Florian\AppData\Local\fabi.me
2014-07-15 15:43 - 2014-07-15 15:43 - 00169004 _____ () C:\Users\Florian\Downloads\KeyCommander-1.3.1-setup.exe
2014-07-15 15:43 - 2014-07-15 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fabi.me
2014-07-15 15:43 - 2014-07-15 15:43 - 00000000 ____D () C:\Program Files (x86)\fabi.me
2014-07-15 15:40 - 2014-08-11 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
2014-07-15 15:39 - 2014-07-15 15:39 - 11878040 _____ (AutoIt Team) C:\Users\Florian\Downloads\autoit-v3-setup.exe
2014-07-15 15:35 - 2014-07-15 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MacroX
2014-07-15 15:35 - 2014-07-15 15:36 - 00000000 ____D () C:\Program Files (x86)\MacroX
2014-07-15 15:35 - 2014-07-15 15:35 - 02480915 _____ () C:\Users\Florian\Downloads\macrox!.exe
2014-07-15 15:35 - 2014-07-15 15:35 - 00000971 _____ () C:\Users\UpdatusUser\Desktop\MacroX.lnk
2014-07-15 15:35 - 2014-07-15 15:35 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MacroX
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-12 00:58 - 2014-08-11 19:52 - 00011596 _____ () C:\Users\Florian\Downloads\FRST.txt
2014-08-12 00:57 - 2014-08-12 00:57 - 00009909 _____ () C:\Users\Florian\Desktop\mbam.txt
2014-08-12 00:57 - 2014-08-11 19:51 - 00000000 ____D () C:\FRST
2014-08-12 00:56 - 2014-08-12 00:40 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-12 00:55 - 2014-05-01 15:30 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Skype
2014-08-12 00:54 - 2014-07-11 23:12 - 00000000 ____D () C:\Users\Florian\AppData\Local\LogMeIn Hamachi
2014-08-12 00:54 - 2014-05-29 13:44 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Spotify
2014-08-12 00:54 - 2014-05-01 01:07 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\TS3Client
2014-08-12 00:54 - 2014-05-01 00:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-12 00:54 - 2014-05-01 00:44 - 00000000 __RDO () C:\Users\Florian\SkyDrive
2014-08-12 00:54 - 2014-05-01 00:36 - 00077186 _____ () C:\Windows\PFRO.log
2014-08-12 00:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Performance
2014-08-12 00:54 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-12 00:54 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-08-12 00:53 - 2014-08-12 00:53 - 00006239 _____ () C:\Users\Florian\Desktop\Neu.txt
2014-08-12 00:53 - 2014-08-11 18:15 - 00000000 ____D () C:\Users\Florian\AppData\Local\10149
2014-08-12 00:43 - 2014-05-01 00:47 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3253947246-835676800-3242475936-1001
2014-08-12 00:43 - 2014-05-01 00:43 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-12 00:43 - 2013-09-12 11:43 - 00764340 _____ () C:\Windows\system32\perfh007.dat
2014-08-12 00:43 - 2013-09-12 11:43 - 00159160 _____ () C:\Windows\system32\perfc007.dat
2014-08-12 00:40 - 2014-08-12 00:40 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-12 00:40 - 2014-08-12 00:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-12 00:40 - 2014-08-12 00:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-12 00:40 - 2014-08-12 00:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-12 00:40 - 2014-08-12 00:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Florian\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-12 00:37 - 2014-08-12 00:35 - 00000000 ____D () C:\AdwCleaner
2014-08-12 00:37 - 2014-06-26 16:53 - 00001073 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-12 00:37 - 2014-05-01 00:56 - 00001112 _____ () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-12 00:37 - 2014-05-01 00:42 - 00001011 _____ () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-12 00:35 - 2014-08-12 00:35 - 01366203 _____ () C:\Users\Florian\Downloads\adwcleaner_3.304.exe
2014-08-12 00:28 - 2014-08-12 00:28 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Florian\Downloads\revosetup95.exe
2014-08-12 00:28 - 2014-08-12 00:28 - 00001280 _____ () C:\Users\Florian\Desktop\Revo Uninstaller.lnk
2014-08-12 00:28 - 2014-08-12 00:28 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-12 00:22 - 2014-07-04 19:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-12 00:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-08-11 22:49 - 2014-05-01 00:38 - 01164524 _____ () C:\Windows\WindowsUpdate.log
2014-08-11 22:11 - 2014-07-11 22:21 - 00000000 ____D () C:\Users\Florian\AppData\Local\ftblauncher
2014-08-11 20:29 - 2014-08-06 12:17 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\.minecraft
2014-08-11 19:52 - 2014-08-11 19:52 - 00035498 _____ () C:\Users\Florian\Downloads\Addition.txt
2014-08-11 19:48 - 2014-08-11 19:48 - 02099712 _____ (Farbar) C:\Users\Florian\Downloads\FRST64.exe
2014-08-11 18:53 - 2014-08-11 18:30 - 149922450 _____ (Norman Shark AS) C:\Users\Florian\Downloads\Norman_Malware_Cleaner.exe.part
2014-08-11 18:39 - 2014-08-11 18:39 - 02347384 _____ (ESET) C:\Users\Florian\Downloads\esetsmartinstaller_deu.exe
2014-08-11 18:29 - 2014-08-11 18:29 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-11 18:29 - 2014-08-11 18:29 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-11 18:29 - 2014-08-11 18:29 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-11 18:29 - 2014-08-11 18:29 - 00001982 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-11 18:29 - 2014-08-11 18:29 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\AVAST Software
2014-08-11 18:29 - 2014-08-11 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-11 18:28 - 2014-08-11 18:28 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-11 18:28 - 2014-08-11 18:28 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-11 18:28 - 2014-08-11 18:27 - 91906368 _____ (AVAST Software) C:\Users\Florian\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-08-11 18:25 - 2014-08-11 18:25 - 00000000 ____D () C:\Users\Florian\Desktop\Alte Firefox-Daten
2014-08-11 18:21 - 2014-08-11 18:15 - 00000000 ____D () C:\Users\Florian\AppData\Local\ContextFree
2014-08-11 18:21 - 2014-07-15 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
2014-08-11 18:21 - 2013-08-22 22:59 - 00000000 ____D () C:\Windows\ShellNew
2014-08-11 18:11 - 2014-08-11 18:11 - 00257752 _____ () C:\Users\Florian\Downloads\Minecraft Force Op.rar
2014-08-11 18:03 - 2014-08-11 18:03 - 00356864 _____ () C:\Users\Florian\Downloads\Minecraft.exe
2014-08-11 11:09 - 2014-08-11 11:09 - 04980105 _____ () C:\Users\Florian\Desktop\launcher^FTB_Launcher(1).exe
2014-08-11 00:52 - 2014-08-04 23:56 - 00000000 ____D () C:\Users\Florian\AppData\Local\wf-launcher
2014-08-11 00:31 - 2014-08-04 23:56 - 00000000 ____D () C:\ProgramData\GFACE
2014-08-10 19:22 - 2014-08-10 19:21 - 00000000 ____D () C:\Users\Florian\Desktop\Modxray
2014-08-10 11:35 - 2014-07-29 18:05 - 00000000 ____D () C:\Users\Florian\AppData\Local\paul.bv96@yahoo.com
2014-08-09 22:27 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-08-08 17:34 - 2014-08-06 20:12 - 00000000 ___RD () C:\Users\Florian\Desktop\ä
2014-08-07 15:08 - 2014-08-07 13:00 - 00000000 ____D () C:\Users\Florian\Desktop\Grand Theft Auto San Andreas
2014-08-07 15:07 - 2014-08-07 13:00 - 00000000 ____D () C:\Users\Florian\Desktop\FSX(1)
2014-08-07 10:57 - 2014-08-07 10:23 - 701897648 _____ () C:\Users\Florian\Desktop\FSX(1).rar
2014-08-06 21:20 - 2014-08-06 21:19 - 00033426 _____ () C:\Users\Florian\Downloads\FSX.rar
2014-08-06 20:58 - 2014-08-06 20:58 - 00675988 _____ () C:\Users\Florian\Desktop\Minecraft.exe
2014-08-06 20:50 - 2014-05-01 00:42 - 00000000 ____D () C:\Users\Florian\AppData\Local\Packages
2014-08-06 20:49 - 2014-08-06 20:48 - 11990847 _____ () C:\Users\Florian\Downloads\sa-mp-0.3z-R1-install.exe
2014-08-06 20:15 - 2014-08-06 20:15 - 00000000 ___RD () C:\Users\Florian\Documents\Notes
2014-08-06 20:13 - 2014-08-06 20:13 - 00001474 _____ () C:\Users\Florian\Desktop\Windows Live Mail.lnk
2014-08-06 20:13 - 2014-08-06 20:13 - 00000453 _____ () C:\Users\Florian\Desktop\Minecraft - Verknüpfung.lnk
2014-08-06 17:49 - 2014-06-26 16:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-06 17:06 - 2014-05-29 13:48 - 00000000 ____D () C:\Users\Florian\AppData\Local\Spotify
2014-08-06 12:13 - 2014-08-06 12:13 - 02632153 _____ () C:\Users\Florian\Downloads\forge-1.7.2-10.12.0.1024-installer.jar
2014-08-06 12:10 - 2014-08-01 17:19 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Craften Terminal
2014-08-05 00:03 - 2014-08-05 00:03 - 00000000 ____D () C:\Users\Florian\AppData\Local\CrashRpt
2014-08-03 23:57 - 2014-08-03 20:42 - 00000000 ____D () C:\Users\Florian\Documents\FIFA World
2014-08-03 20:42 - 2014-06-04 17:51 - 00000000 ____D () C:\ProgramData\Origin
2014-08-03 20:23 - 2014-08-03 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
2014-08-03 20:23 - 2014-05-02 17:34 - 00133208 _____ () C:\Windows\DirectX.log
2014-08-03 20:04 - 2014-06-04 17:52 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-03 17:42 - 2014-08-03 17:41 - 23516512 _____ (Electronic Arts, Inc.) C:\Users\Florian\Downloads\EASportsFIFAWorld.exe
2014-08-03 17:42 - 2014-06-04 17:51 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-01 17:23 - 2014-08-01 17:23 - 00000609 _____ () C:\Users\Florian\Documents\Standard.mvc
2014-08-01 17:19 - 2014-08-01 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal
2014-08-01 17:19 - 2014-08-01 17:19 - 00000000 ____D () C:\Program Files (x86)\Craften Terminal
2014-08-01 17:19 - 2014-08-01 17:18 - 23178493 _____ (Craften.de ) C:\Users\Florian\Downloads\craftenterminal.exe
2014-08-01 00:35 - 2014-08-01 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.3
2014-08-01 00:35 - 2014-08-01 00:33 - 00000000 ____D () C:\Program Files (x86)\MTA San Andreas 1.3
2014-08-01 00:33 - 2014-08-01 00:32 - 00000000 ____D () C:\ProgramData\MTA San Andreas All
2014-08-01 00:32 - 2014-08-01 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.4
2014-08-01 00:32 - 2014-08-01 00:32 - 00000000 ____D () C:\Program Files (x86)\MTA San Andreas 1.4
2014-08-01 00:31 - 2014-08-01 00:31 - 21830784 _____ (Multi Theft Auto) C:\Users\Florian\Downloads\mtasa-1.4.exe
2014-07-30 14:45 - 2014-07-30 14:35 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\FileZilla
2014-07-30 14:35 - 2014-07-30 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-07-30 14:35 - 2014-07-30 14:35 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-07-30 14:32 - 2014-07-30 14:32 - 05981830 _____ (Tim Kosse) C:\Users\Florian\Downloads\FileZilla_3.9.0.1_win32-setup.exe
2014-07-30 00:25 - 2014-06-26 16:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-30 00:06 - 2014-07-29 23:56 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Winamp
2014-07-29 23:59 - 2014-07-29 23:59 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2014-07-29 23:59 - 2014-07-29 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2014-07-29 23:59 - 2014-07-29 23:59 - 00000000 ____D () C:\Program Files\Virtual Audio Cable
2014-07-29 23:59 - 2013-08-22 16:46 - 00015110 _____ () C:\Windows\setupact.log
2014-07-29 23:56 - 2014-07-29 23:56 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-07-29 23:53 - 2014-07-29 23:53 - 00270848 _____ (Secure By Design Inc.) C:\Users\Florian\Downloads\Ninite Winamp Installer.exe
2014-07-29 23:51 - 2014-07-29 23:51 - 00826192 _____ (Chip Digital GmbH) C:\Users\Florian\Downloads\Virtual Audio Cable - CHIP-Installer.exe
2014-07-29 21:11 - 2014-05-01 14:43 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-29 18:05 - 2014-07-29 18:05 - 00029718 _____ () C:\Users\Florian\Downloads\SAMP_KeyBinder.zip
2014-07-29 16:43 - 2014-07-29 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-29 16:43 - 2014-07-29 16:43 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-28 19:16 - 2014-07-28 19:16 - 00000880 _____ () C:\Users\Florian\Downloads\Dokumente - Verknüpfung.lnk
2014-07-28 15:33 - 2014-05-19 13:43 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\ftblauncher
2014-07-26 20:55 - 2014-07-26 20:55 - 04873530 _____ () C:\Users\Florian\Downloads\Cops.rar
2014-07-25 22:08 - 2014-07-25 22:08 - 00270848 _____ (Secure By Design Inc.) C:\Users\Florian\Downloads\Ninite Avast Installer.exe
2014-07-25 21:56 - 2014-06-04 17:52 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Origin
2014-07-25 21:56 - 2014-06-04 17:52 - 00000000 ____D () C:\Users\Florian\AppData\Local\Origin
2014-07-24 20:27 - 2014-07-24 20:13 - 00004841 _____ () C:\Users\Florian\Documents\TombRaider.log
2014-07-24 16:52 - 2014-05-09 16:15 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Windows Live Writer
2014-07-21 18:08 - 2014-07-21 18:08 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-07-21 16:11 - 2014-06-30 19:03 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\SpinTires
2014-07-17 18:36 - 2014-07-17 18:36 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-07-17 18:36 - 2014-07-17 18:36 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-07-15 16:21 - 2014-07-15 16:21 - 00000000 ____D () C:\Users\Florian\AppData\Local\fabi.me
2014-07-15 15:43 - 2014-07-15 15:43 - 00169004 _____ () C:\Users\Florian\Downloads\KeyCommander-1.3.1-setup.exe
2014-07-15 15:43 - 2014-07-15 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fabi.me
2014-07-15 15:43 - 2014-07-15 15:43 - 00000000 ____D () C:\Program Files (x86)\fabi.me
2014-07-15 15:39 - 2014-07-15 15:39 - 11878040 _____ (AutoIt Team) C:\Users\Florian\Downloads\autoit-v3-setup.exe
2014-07-15 15:36 - 2014-07-15 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MacroX
2014-07-15 15:36 - 2014-07-15 15:35 - 00000000 ____D () C:\Program Files (x86)\MacroX
2014-07-15 15:36 - 2014-05-01 00:42 - 00000000 ____D () C:\Users\Florian\AppData\Local\VirtualStore
2014-07-15 15:35 - 2014-07-15 15:35 - 02480915 _____ () C:\Users\Florian\Downloads\macrox!.exe
2014-07-15 15:35 - 2014-07-15 15:35 - 00000971 _____ () C:\Users\UpdatusUser\Desktop\MacroX.lnk
2014-07-15 15:35 - 2014-07-15 15:35 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MacroX
2014-07-13 15:33 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
Some content of TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-06 17:17
==================== End Of Log ============================
--- --- --- |
Hinweis: 
FRST 32-Bit | FRST 64-Bit
AdwCleaner auf deinen Desktop.
Malwarebytes Anti-Malware 
SecurityCheck und:
