| ichbins2000 | 12.02.2015 17:55 |
merkwürdiger startup Eintrag
Hallo
Nach langer Zeit hat mich anscheinend wieder ein Virus überfallen...
Ich habe einen merkwürdigen startup Eintrag in HKLM .
Wäre dankbar wenn da mal jemand drüberschauen würde
MFG Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-02-2015 02
Ran by julian at 2015-02-12 17:48:27
Running from C:\Users\julian\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3604044926-3834190717-268029489-1001\...\uTorrent) (Version: 3.4.2.38656 - BitTorrent Inc.)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.2.740 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
eMule (HKLM-x32\...\eMule) (Version: - )
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HashTab 5.2.0.14 (HKLM\...\HashTab) (Version: 5.2.0.14 - Implbits Software)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK All-in-One Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.45.4.3 - Marvell)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MyRouter 2.0.8 (HKLM-x32\...\MyRouter) (Version: 2.0.8 - MyRouter, Inc.)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
OpenVPN 2.3.6-I001 (HKLM\...\OpenVPN) (Version: 2.3.6-I001 - )
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
Process Hacker 2.33 (r5590) (HKLM\...\Process_Hacker2_is1) (Version: 2.33.0.5590 - wj32)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1500.0 - SAMSUNG Electronics Co., Ltd.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Virtual Router v1.0 (HKLM-x32\...\{BE905C46-2B34-4D73-AEE1-769ED138E0FF}) (Version: 1.0 - Chris Pietschmann)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
10-02-2015 20:32:42 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
10-02-2015 20:33:51 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
10-02-2015 20:35:04 OpenOffice 4.1.1 wird installiert
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {82C7E1E5-BAF5-4063-98C3-397E81931B35} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-04] (Google Inc.)
Task: {97ED393B-29CD-42AA-8D92-0D40AF04C752} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {B5000AFD-4954-48E4-BBBB-0AB3903774BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-04] (Google Inc.)
Task: {B5EEE72B-BC40-4276-A2A2-23E9D5A53735} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
==================== Loaded Modules (whitelisted) ==============
2014-12-04 20:51 - 2000-01-01 01:00 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-02-10 21:19 - 2015-02-04 10:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-10 21:19 - 2015-02-04 10:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-10 21:19 - 2015-02-04 10:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\90439091.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\90439091.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3604044926-3834190717-268029489-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\julian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3604044926-3834190717-268029489-500 - Administrator - Disabled)
Gast (S-1-5-21-3604044926-3834190717-268029489-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3604044926-3834190717-268029489-1002 - Limited - Enabled)
julian (S-1-5-21-3604044926-3834190717-268029489-1001 - Administrator - Enabled) => C:\Users\julian
test (S-1-5-21-3604044926-3834190717-268029489-1003 - Limited - Enabled) => C:\Users\test
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/10/2015 09:53:36 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={4DF71C62-4CA5-469F-A3EB-C640C0E7B3EE}: Der Benutzer "julian-PC\test" hat eine Verbindung mit dem Namen "VPN-Verbindung 4" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.
Error: (02/01/2015 00:11:29 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={1129064A-55C8-42DD-8E1E-517344962378}: Der Benutzer "julian-PC\test" hat eine Verbindung mit dem Namen "VPN-Verbindung 3" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.
Error: (02/01/2015 00:10:54 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={7F983072-4D60-4716-AA65-4AD38EFCD70A}: Der Benutzer "julian-PC\test" hat eine Verbindung mit dem Namen "VPN-Verbindung 3" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.
Error: (02/01/2015 00:10:33 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={7AD74A77-24CC-4698-AFEA-C5A4C204F52A}: Der Benutzer "julian-PC\test" hat eine Verbindung mit dem Namen "VPN-Verbindung 3" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.
Error: (02/01/2015 00:10:00 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={C07A6342-F80C-4D39-AA89-77F73BE59CDC}: Der Benutzer "julian-PC\test" hat eine Verbindung mit dem Namen "VPN-Verbindung 3" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 691.
Error: (02/01/2015 00:09:34 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={124F04D4-DF01-4817-984F-EFB79F6EF0AE}: Der Benutzer "julian-PC\test" hat eine Verbindung mit dem Namen "VPN-Verbindung 3" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 691.
Error: (02/01/2015 00:09:18 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={AC5C2346-9436-4172-8603-D80CCF6D72A9}: Der Benutzer "julian-PC\test" hat eine Verbindung mit dem Namen "VPN-Verbindung 3" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 691.
Error: (02/01/2015 00:09:03 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={7B24F184-4D80-4AC4-B252-DC486F303F69}: Der Benutzer "julian-PC\test" hat eine Verbindung mit dem Namen "VPN-Verbindung 3" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 691.
Error: (01/30/2015 09:47:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VirtualRouterClient.exe, Version: 1.0.0.0, Zeitstempel: 0x51181751
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdfe0
Ausnahmecode: 0xc000041d
Fehleroffset: 0x000000000000aa7d
ID des fehlerhaften Prozesses: 0x500
Startzeit der fehlerhaften Anwendung: 0xVirtualRouterClient.exe0
Pfad der fehlerhaften Anwendung: VirtualRouterClient.exe1
Pfad des fehlerhaften Moduls: VirtualRouterClient.exe2
Berichtskennung: VirtualRouterClient.exe3
Error: (01/30/2015 09:44:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VirtualRouterClient.exe, Version: 1.0.0.0, Zeitstempel: 0x51181751
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdfe0
Ausnahmecode: 0xc000041d
Fehleroffset: 0x000000000000aa7d
ID des fehlerhaften Prozesses: 0x124
Startzeit der fehlerhaften Anwendung: 0xVirtualRouterClient.exe0
Pfad der fehlerhaften Anwendung: VirtualRouterClient.exe1
Pfad des fehlerhaften Moduls: VirtualRouterClient.exe2
Berichtskennung: VirtualRouterClient.exe3
System errors:
=============
Error: (02/12/2015 02:09:08 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{126C256E-D981-4371-AA59-355430EE07DD} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (06/06/2010 11:04:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (06/07/2010 01:04:40 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000019 (0x0000000000000020, 0xfffffa8005bf9490, 0xfffffa8005bf94b0, 0x0000000004020003)C:\Windows\MEMORY.DMP060710-21169-01
Error: (06/07/2010 01:04:33 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 12.02.2015 um 08:10:25 unerwartet heruntergefahren.
Error: (02/12/2015 08:04:47 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{126C256E-D981-4371-AA59-355430EE07DD} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (02/10/2015 10:08:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VirtualRouterService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/10/2015 09:34:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (02/06/2015 02:34:15 PM) (Source: volsnap) (EventID: 29) (User: )
Description: Die Schattenkopien von Volume "C:" wurde während der Ermittlung abgebrochen.
Error: (02/04/2015 08:30:12 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (02/03/2015 08:46:54 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{126C256E-D981-4371-AA59-355430EE07DD} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Microsoft Office Sessions:
=========================
Error: (02/10/2015 09:53:36 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {4DF71C62-4CA5-469F-A3EB-C640C0E7B3EE}julian-PC\testVPN-Verbindung 40
Error: (02/01/2015 00:11:29 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {1129064A-55C8-42DD-8E1E-517344962378}julian-PC\testVPN-Verbindung 30
Error: (02/01/2015 00:10:54 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {7F983072-4D60-4716-AA65-4AD38EFCD70A}julian-PC\testVPN-Verbindung 30
Error: (02/01/2015 00:10:33 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {7AD74A77-24CC-4698-AFEA-C5A4C204F52A}julian-PC\testVPN-Verbindung 30
Error: (02/01/2015 00:10:00 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {C07A6342-F80C-4D39-AA89-77F73BE59CDC}julian-PC\testVPN-Verbindung 3691
Error: (02/01/2015 00:09:34 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {124F04D4-DF01-4817-984F-EFB79F6EF0AE}julian-PC\testVPN-Verbindung 3691
Error: (02/01/2015 00:09:18 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {AC5C2346-9436-4172-8603-D80CCF6D72A9}julian-PC\testVPN-Verbindung 3691
Error: (02/01/2015 00:09:03 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {7B24F184-4D80-4AC4-B252-DC486F303F69}julian-PC\testVPN-Verbindung 3691
Error: (01/30/2015 09:47:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VirtualRouterClient.exe1.0.0.051181751KERNELBASE.dll6.1.7600.163854a5bdfe0c000041d000000000000aa7d50001d03ccde0306c7bC:\Program Files (x86)\Virtual Router\VirtualRouterClient.exeC:\Windows\system32\KERNELBASE.dll2e4fa2f2-a8c1-11e4-ac03-e81132051f51
Error: (01/30/2015 09:44:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VirtualRouterClient.exe1.0.0.051181751KERNELBASE.dll6.1.7600.163854a5bdfe0c000041d000000000000aa7d12401d03ccd77426ab8C:\Program Files (x86)\Virtual Router\VirtualRouterClient.exeC:\Windows\system32\KERNELBASE.dllb80833e8-a8c0-11e4-844f-e81132051f51
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 41%
Total physical RAM: 3892.55 MB
Available physical RAM: 2288.09 MB
Total Pagefile: 7783.25 MB
Available Pagefile: 5926.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:154.71 GB) (Free:100.57 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0005F617)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=154.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=310.9 GB) - (Type=05)
==================== End Of Log ============================
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-02-2015 02
Ran by julian (administrator) on JULIAN-PC on 12-02-2015 17:47:59
Running from C:\Users\julian\Desktop
Loaded Profiles: julian (Available profiles: julian & test)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Chris Pietschmann (http://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)
HKU\S-1-5-21-3604044926-3834190717-268029489-1001\...\Run: [uTorrent] => C:\Users\test\AppData\Roaming\uTorrent\uTorrent.exe [1740880 2015-02-12] (BitTorrent Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3604044926-3834190717-268029489-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/de-de/?ocid=iehp
FireFox:
========
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-04]
CHR Extension: (Google Docs) - C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-04]
CHR Extension: (Google Drive) - C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-04]
CHR Extension: (YouTube) - C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-04]
CHR Extension: (Google-Suche) - C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-04]
CHR Extension: (Google Tabellen) - C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-04]
CHR Extension: (Google Wallet) - C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-04]
CHR Extension: (Google Mail) - C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-04]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
R2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2013-02-10] (Chris Pietschmann (http://pietschsoft.com)) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2015-02-12] ()
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-12 17:47 - 2015-02-12 17:47 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-02-12 17:47 - 2015-02-12 17:47 - 00000000 ____D () C:\Users\julian\Desktop\FRST-OlderVersion
2015-02-12 17:28 - 2015-02-12 17:28 - 00000518 _____ () C:\Users\test\Desktop\proxies.txt.torrent
2015-02-12 17:27 - 2015-02-12 17:27 - 00000195 _____ () C:\Users\test\Desktop\proxies.txt
2015-02-12 17:05 - 2015-02-12 17:05 - 00000000 ____D () C:\Users\test\Desktop\gptool
2015-02-12 17:04 - 2015-02-12 17:05 - 01581750 _____ () C:\Users\test\Downloads\GPTool.rar
2015-02-12 16:58 - 2015-02-12 17:13 - 00000000 ____D () C:\Users\test\AppData\Roaming\uTorrent
2015-02-12 16:57 - 2015-02-12 16:57 - 01740880 _____ (BitTorrent Inc.) C:\Users\test\Downloads\uTorrent.exe
2015-02-12 16:56 - 2015-02-12 16:56 - 00239648 _____ () C:\Users\test\Downloads\DUCSetup_v4_1_0.exe
2015-02-12 16:56 - 2015-02-12 16:56 - 00000000 ____D () C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2015-02-12 16:56 - 2015-02-12 16:56 - 00000000 ____D () C:\Users\julian\AppData\Local\Vitalwerks
2015-02-12 16:56 - 2015-02-12 16:56 - 00000000 ____D () C:\Program Files (x86)\No-IP
2015-02-12 16:54 - 2015-02-12 16:54 - 00013331 _____ () C:\Users\test\Desktop\mbam-patched.exe.torrent
2015-02-12 16:48 - 2015-02-12 16:48 - 03389035 _____ () C:\Users\test\Downloads\eMule0.50a-Installer (1).exe
2015-02-12 16:48 - 2015-02-12 16:48 - 00000991 _____ () C:\Users\Public\Desktop\eMule.lnk
2015-02-12 16:48 - 2015-02-12 16:48 - 00000000 ____D () C:\Users\test\Downloads\eMule
2015-02-12 16:48 - 2015-02-12 16:48 - 00000000 ____D () C:\Users\test\AppData\Local\eMule
2015-02-12 16:48 - 2015-02-12 16:48 - 00000000 ____D () C:\Users\julian\AppData\Local\eMule
2015-02-12 16:48 - 2015-02-12 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule
2015-02-12 16:48 - 2015-02-12 16:48 - 00000000 ____D () C:\ProgramData\eMule
2015-02-12 16:48 - 2015-02-12 16:48 - 00000000 ____D () C:\Program Files (x86)\eMule
2015-02-12 16:47 - 2015-02-12 16:47 - 03389035 _____ () C:\Users\test\Downloads\eMule0.50a-Installer.exe
2015-02-12 16:44 - 2015-02-12 16:44 - 21072896 _____ (Microsoft Corporation) C:\Users\test\Desktop\mbam-setup-cracked-2.0.4.1028.EXE
2015-02-12 16:44 - 2015-02-12 16:44 - 20991488 ____R (Microsoft Corporation) C:\Users\test\Desktop\mbam-patched.exe
2015-02-12 16:41 - 2015-02-12 16:41 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\test\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-12 16:41 - 2015-02-12 16:41 - 00000030 _____ () C:\Users\test\Desktop\icon.rc
2015-02-12 16:40 - 2015-02-12 16:41 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\test\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-12 16:12 - 2015-02-12 16:12 - 00000000 ____D () C:\Users\test\AppData\Local\Eastman_Kodak_Company
2015-02-12 15:59 - 2015-02-12 15:59 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-02-12 15:59 - 2015-02-12 15:59 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-02-12 15:59 - 2015-02-12 15:59 - 00000000 ____D () C:\Users\test\AppData\Roaming\Adobe
2015-02-12 15:59 - 2015-02-12 15:59 - 00000000 ____D () C:\Users\test\AppData\Local\Adobe
2015-02-12 15:58 - 2015-02-12 16:00 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-12 15:58 - 2015-02-12 15:58 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-02-12 15:56 - 2015-02-12 15:59 - 00000000 ____D () C:\Users\julian\AppData\Local\Adobe
2015-02-12 14:23 - 2015-02-12 14:23 - 00000000 _____ () C:\Users\test\Desktop\Neues Textdokument.txt
2015-02-12 14:19 - 2015-02-12 14:19 - 00698330 _____ () C:\Users\test\Desktop\ppp.xps
2015-02-12 07:54 - 2015-02-12 07:54 - 00000000 ____D () C:\Users\test\AppData\Local\Eastman Kodak Company
2015-02-10 22:12 - 2015-02-10 22:12 - 00000000 ____D () C:\Users\test\AppData\Roaming\OpenOffice
2015-02-10 22:10 - 2015-02-10 22:10 - 00000000 ____D () C:\Users\julian\AppData\Roaming\Process Hacker 2
2015-02-10 22:07 - 2015-02-10 22:07 - 01932448 _____ (wj32 ) C:\Users\test\Downloads\processhacker-2.33-setup.exe
2015-02-10 22:07 - 2015-02-10 22:07 - 00001841 _____ () C:\Users\julian\Desktop\Process Hacker 2.lnk
2015-02-10 22:07 - 2015-02-10 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
2015-02-10 22:07 - 2015-02-10 22:07 - 00000000 ____D () C:\Program Files\Process Hacker 2
2015-02-10 21:06 - 2015-02-10 21:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-02-10 21:05 - 2015-02-10 21:05 - 00000000 ____D () C:\Windows\system32\kodak
2015-02-10 21:04 - 2015-02-10 21:04 - 00000236 _____ () C:\Users\julian\AppData\Local\LaunchHomeCenter.log
2015-02-10 21:01 - 2015-02-10 21:02 - 00000000 ____D () C:\Users\julian\AppData\Local\Eastman_Kodak_Company
2015-02-10 21:01 - 2015-02-10 21:01 - 00002156 _____ () C:\Users\Public\Desktop\KODAK AiO Home Center.lnk
2015-02-10 21:01 - 2015-02-10 21:01 - 00001946 _____ () C:\Users\Public\Desktop\PrintProjects.lnk
2015-02-10 21:01 - 2015-02-10 21:01 - 00000000 ____D () C:\ProgramData\Visan
2015-02-10 21:01 - 2015-02-10 21:01 - 00000000 ____D () C:\ProgramData\PrintProjects
2015-02-10 21:01 - 2015-02-10 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintProjects
2015-02-10 21:01 - 2015-02-10 21:01 - 00000000 ____D () C:\Program Files (x86)\PrintProjects
2015-02-10 21:00 - 2015-02-10 21:00 - 00000000 ____D () C:\Users\julian\AppData\Local\Eastman Kodak Company
2015-02-10 20:59 - 2015-02-10 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak
2015-02-10 20:59 - 2015-02-10 20:59 - 00000000 ____D () C:\Windows\SysWOW64\kodak
2015-02-10 20:57 - 2015-02-10 20:58 - 00000000 ____D () C:\Program Files (x86)\Kodak
2015-02-10 20:56 - 2015-02-12 16:12 - 00000000 ____D () C:\ProgramData\Kodak
2015-02-10 20:56 - 2015-02-10 20:56 - 00000000 ____D () C:\Users\julian\AppData\Roaming\Temp
2015-02-10 20:55 - 2015-02-10 20:55 - 10464648 _____ (Eastman Kodak Company) C:\Users\julian\Downloads\aio_install.exe
2015-02-10 20:54 - 2015-02-10 21:01 - 00014683 _____ () C:\Users\julian\Desktop\Lebenslauf.odt
2015-02-10 20:37 - 2015-02-10 20:37 - 00000000 ____D () C:\Users\julian\AppData\Roaming\OpenOffice
2015-02-10 20:36 - 2015-02-10 20:36 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-02-10 20:36 - 2015-02-10 20:36 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-02-10 20:35 - 2015-02-10 20:35 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-02-10 20:32 - 2015-02-10 20:32 - 00000000 ____D () C:\Users\julian\Desktop\OpenOffice 4.1.1 (de) Installation Files
2015-02-10 20:29 - 2015-02-10 20:32 - 164858324 _____ () C:\Users\julian\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe
2015-02-04 20:21 - 2015-02-04 20:21 - 00000000 ____D () C:\Program Files\HashTab Shell Extension
2015-02-04 20:20 - 2015-02-04 20:21 - 01903054 _____ () C:\Users\test\Downloads\HashTab_v5.2.0.14.zip
2015-02-03 21:52 - 2015-02-03 22:01 - 727711744 _____ () C:\Users\test\Downloads\elementaryos-stable-amd64.20130810.iso
2015-02-03 21:50 - 2015-02-03 21:50 - 01155280 _____ () C:\Users\test\Downloads\Playmate_2014_01.zip
2015-02-03 21:20 - 2015-02-03 21:32 - 1028653056 _____ () C:\Users\test\Downloads\ubuntu-14.04.1-desktop-amd64.iso
2015-02-03 21:17 - 2015-02-03 21:17 - 00039580 _____ () C:\Users\test\Downloads\ubuntu-14.04.1-desktop-amd64.iso (3).torrent
2015-02-03 21:17 - 2015-02-03 21:17 - 00039580 _____ () C:\Users\test\Downloads\ubuntu-14.04.1-desktop-amd64.iso (2).torrent
2015-02-03 21:16 - 2015-02-03 21:16 - 00039580 _____ () C:\Users\test\Downloads\ubuntu-14.04.1-desktop-amd64.iso (1).torrent
2015-02-03 21:08 - 2015-02-03 21:08 - 00240612 _____ () C:\Users\test\Downloads\kali-linux-1.0.9a-i386.torrent
2015-02-03 21:04 - 2015-02-03 21:04 - 00233436 _____ () C:\Users\test\Downloads\kali-linux-1.0.9a-amd64.torrent
2015-01-31 13:14 - 2015-02-01 12:03 - 00000000 ____D () C:\Users\test\Desktop\l517
2015-01-31 13:14 - 2015-01-31 13:14 - 01077336 _____ (Microsoft Corporation) C:\Users\test\Downloads\MSCOMCTL.OCX
2015-01-31 13:13 - 2015-01-31 13:14 - 01183744 _____ (derv82@gmail.com) C:\Users\test\Downloads\L517 v0.994.exe
2015-01-31 12:44 - 2015-01-31 12:44 - 00191515 _____ () C:\Users\test\Downloads\Wodlist.torrent
2015-01-31 12:37 - 2015-01-31 12:37 - 00043472 _____ () C:\Users\test\Downloads\FD62CC1D79F595CBE1DE6356FB13C2165994E469.torrent
2015-01-31 12:30 - 2015-01-31 12:30 - 00033377 _____ () C:\Users\test\Downloads\linuxmint-17.1-kde-64bit.iso.torrent
2015-01-31 12:30 - 2015-01-31 12:30 - 00030797 _____ () C:\Users\test\Downloads\linuxmint-17.1-kde-32bit.iso.torrent
2015-01-31 12:23 - 2015-01-31 12:23 - 00047549 _____ () C:\Users\test\Downloads\[kickass.so]collection.of.wordlist.dictionaries.for.cracking.wifi.wpa.wpa2 (4).torrent
2015-01-31 12:23 - 2015-01-31 12:23 - 00047549 _____ () C:\Users\test\Downloads\[kickass.so]collection.of.wordlist.dictionaries.for.cracking.wifi.wpa.wpa2 (3).torrent
2015-01-31 12:21 - 2015-01-31 12:21 - 00039580 _____ () C:\Users\test\Downloads\ubuntu-14.04.1-desktop-amd64.iso.torrent
2015-01-31 11:55 - 2015-01-31 11:55 - 00013345 _____ () C:\Users\test\Downloads\1.100.000+Wordlist.txt.torrent
2015-01-31 11:33 - 2015-01-31 11:33 - 00017041 _____ () C:\Users\test\Downloads\(demonoid.pw)-25_HD_Nature_Wallpapers_Set_46.TORRENT
2015-01-31 11:32 - 2015-01-31 11:32 - 00000000 ____D () C:\Users\test\AppData\Roaming\java
2015-01-31 11:32 - 2015-01-31 11:32 - 00000000 ____D () C:\Users\test\AppData\Roaming\.minecraft
2015-01-31 11:31 - 2015-01-31 11:32 - 00000000 ____D () C:\Users\test\Desktop\game
2015-01-31 11:31 - 2015-01-31 11:31 - 01294088 _____ (Mojang) C:\Users\test\Desktop\Minecraft.exe
2015-01-31 11:31 - 2015-01-31 11:31 - 00000000 ____D () C:\Users\test\Desktop\tools
2015-01-31 11:31 - 2015-01-31 11:31 - 00000000 ____D () C:\Users\test\Desktop\runtime
2015-01-31 11:07 - 2015-01-31 11:07 - 00018725 _____ () C:\Users\test\Downloads\MONOVA.ORG WPA_Extreme_Wordlist.torrent
2015-01-31 11:03 - 2015-01-31 11:03 - 00017990 _____ () C:\Users\test\Downloads\104472-davajjultimatewordlist-txt-zip-big-wordlist-for-http-bugger.torrent
2015-01-31 11:02 - 2015-01-31 11:02 - 00023702 _____ () C:\Users\test\Downloads\WPA-PSK+WORDLIST+3+Final+%2813+GB%29.rar.torrent
2015-01-30 22:10 - 2015-01-30 22:10 - 00025350 _____ () C:\Users\test\Desktop\Shortcut.txt
2015-01-30 22:02 - 2015-01-30 22:14 - 00000000 ____D () C:\Windupdt
2015-01-30 21:57 - 2015-01-30 21:57 - 00018669 _____ () C:\Users\julian\Desktop\Addition.txt
2015-01-30 21:56 - 2015-02-12 17:48 - 00006641 _____ () C:\Users\julian\Desktop\FRST.txt
2015-01-30 21:56 - 2015-02-12 17:47 - 02134016 _____ (Farbar) C:\Users\julian\Desktop\FRST64.exe
2015-01-30 21:45 - 2015-01-30 21:45 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-01-30 21:44 - 2015-01-30 21:44 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\test\Downloads\tdsskiller44.exe
2015-01-30 21:30 - 2015-01-30 21:27 - 00000311 _____ () C:\Users\julian\Desktop\new.bat
2015-01-30 21:27 - 2015-01-30 21:27 - 00000311 _____ () C:\Users\test\Desktop\new.bat
2015-01-30 21:19 - 2015-01-30 21:19 - 00043281 _____ () C:\Users\test\Downloads\crackstation.txt.gz.torrent
2015-01-30 21:18 - 2015-01-30 21:18 - 00007859 _____ () C:\Users\test\Downloads\plist.txt
2015-01-30 20:46 - 2015-01-30 20:46 - 00000988 _____ () C:\Users\test\Desktop\Bandicam.lnk
2015-01-30 20:46 - 2015-01-30 20:46 - 00000988 _____ () C:\Users\julian\Desktop\Bandicam.lnk
2015-01-30 20:46 - 2015-01-30 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2015-01-30 20:46 - 2015-01-30 20:46 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1
2015-01-30 20:46 - 2015-01-30 20:46 - 00000000 ____D () C:\Program Files (x86)\Bandicam
2015-01-30 20:45 - 2015-01-30 20:46 - 09495760 _____ (Bandisoft) C:\Users\test\Downloads\bdcamsetup.exe
2015-01-30 15:25 - 2015-01-30 15:25 - 00047549 _____ () C:\Users\test\Downloads\[kickass.so]collection.of.wordlist.dictionaries.for.cracking.wifi.wpa.wpa2 (2).torrent
2015-01-30 15:25 - 2015-01-30 15:25 - 00047549 _____ () C:\Users\test\Downloads\[kickass.so]collection.of.wordlist.dictionaries.for.cracking.wifi.wpa.wpa2 (1).torrent
2015-01-30 15:21 - 2015-01-30 15:21 - 00005962 _____ () C:\Users\test\Downloads\frootvpn (2).ovpn
2015-01-30 15:20 - 2015-01-30 15:20 - 00005962 _____ () C:\Users\test\Downloads\frootvpn (1).ovpn
2015-01-30 15:19 - 2015-01-30 15:19 - 00000908 _____ () C:\Users\Public\Desktop\OpenVPN GUI.lnk
2015-01-30 15:18 - 2015-01-30 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2015-01-30 15:18 - 2015-01-30 15:19 - 00000000 ____D () C:\Program Files\TAP-Windows
2015-01-30 15:18 - 2015-01-30 15:19 - 00000000 ____D () C:\Program Files\OpenVPN
2015-01-30 15:18 - 2015-01-30 15:18 - 03408935 _____ () C:\Users\test\Downloads\openvpn-install-2.3.6.zip
2015-01-30 15:18 - 2015-01-30 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2015-01-30 15:11 - 2015-01-30 15:11 - 00047549 _____ () C:\Users\test\Downloads\[kickass.so]collection.of.wordlist.dictionaries.for.cracking.wifi.wpa.wpa2.torrent
2015-01-29 20:11 - 2015-01-29 20:11 - 00023086 _____ () C:\Users\test\Downloads\[kickass.so]wpa.wordlists.torrent
2015-01-29 20:04 - 2015-01-29 20:04 - 00000307 _____ () C:\Users\test\Downloads\checkMyTorrentIp.png.torrent
2015-01-29 19:56 - 2015-01-29 19:56 - 00034684 _____ () C:\Users\test\Downloads\[kickass.so]openwall.wordlists.collection.torrent
2015-01-29 19:47 - 2015-01-29 19:47 - 00005962 _____ () C:\Users\test\Downloads\frootvpn.ovpn
2015-01-29 19:43 - 2015-01-29 19:43 - 00030398 _____ () C:\Users\test\Downloads\dsqzro.imp
2015-01-29 07:26 - 2015-01-29 07:27 - 00000000 ____D () C:\Users\test\Desktop\darkcomet
2015-01-29 07:25 - 2015-01-29 07:26 - 89489915 _____ () C:\Users\test\Downloads\RARs DCR.rar
2015-01-28 20:56 - 2015-01-28 20:56 - 00004612 _____ () C:\Users\test\Desktop\Minecraft -Cracked.exe.torrent
2015-01-28 20:56 - 2015-01-28 20:56 - 00000000 ____D () C:\Users\test\Downloads\uTorrentPortable
2015-01-28 20:55 - 2015-01-28 20:56 - 02361928 _____ (PortableApps.com) C:\Users\test\Downloads\uTorrentPortable_3.4.2.38397_online.paf.exe
2015-01-28 20:47 - 2015-01-28 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
2015-01-28 20:47 - 2015-01-28 20:47 - 00000000 ____D () C:\Program Files (x86)\Resource Hacker
2015-01-28 20:46 - 2015-01-28 20:46 - 00748246 _____ ( ) C:\Users\test\Downloads\reshack_setup.exe
2015-01-28 20:45 - 2015-01-28 20:45 - 03459072 _____ () C:\Users\test\Desktop\tr - Kopie.exe
2015-01-28 20:45 - 2015-01-28 20:45 - 03459072 _____ () C:\Users\test\Desktop\Minecraft -Cracked.exe
2015-01-28 20:45 - 2015-01-28 20:45 - 00000000 ____D () C:\Users\test\AppData\Roaming\game
2015-01-28 20:44 - 2015-01-28 20:44 - 01294088 _____ (Mojang) C:\Users\test\Downloads\Minecraft.exe
2015-01-28 20:26 - 2015-01-28 20:26 - 00048128 _____ () C:\Users\test\Downloads\NetflixChecker.exe
2015-01-28 20:22 - 2015-01-28 20:22 - 00033280 _____ (Gif89 Company) C:\Users\test\Downloads\MARCHOSO.OCX
2015-01-28 20:21 - 2015-01-28 20:21 - 00152848 _____ (Microsoft Corporation) C:\Users\test\Downloads\COMDLG32.OCX
2015-01-28 20:21 - 2015-01-28 20:21 - 00152848 _____ (Microsoft Corporation) C:\Users\test\Downloads\COMDLG32 (1).OCX
2015-01-28 20:21 - 2015-01-28 20:21 - 00108336 _____ (Microsoft Corporation) C:\Users\test\Downloads\MSWINSCK.OCX
2015-01-28 20:15 - 2015-01-30 22:07 - 00000000 ____D () C:\Users\test\Desktop\njrat
2015-01-28 20:14 - 2015-01-28 20:22 - 00000000 ____D () C:\Users\test\Desktop\NjRat Protector FREE ByRoda
2015-01-28 20:14 - 2015-01-28 20:14 - 00554816 _____ () C:\Users\test\Downloads\NjRat Protector FREE ByRoda.rar
2015-01-28 19:55 - 2015-02-12 17:44 - 00000000 ____D () C:\Users\test\Desktop\FRST-OlderVersion
2015-01-28 19:55 - 2015-01-28 19:55 - 00000000 ____D () C:\Users\test\AppData\Roaming\Process Hacker 2
2015-01-28 19:54 - 2015-01-28 19:54 - 00000000 ____D () C:\Users\test\Desktop\processhacker
2015-01-28 19:53 - 2015-01-28 19:54 - 02720895 _____ () C:\Users\test\Downloads\processhacker-2.33-bin.zip
2015-01-28 19:52 - 2015-01-28 19:52 - 00000313 _____ () C:\Users\test\Desktop\dummesau.bat
2015-01-28 19:49 - 2015-01-30 22:10 - 00016694 _____ () C:\Users\test\Desktop\Addition.txt
2015-01-28 19:48 - 2015-02-12 17:48 - 00000000 ____D () C:\FRST
2015-01-28 19:48 - 2015-02-12 17:45 - 00033110 _____ () C:\Users\test\Desktop\FRST.txt
2015-01-28 15:13 - 2015-02-12 17:44 - 02134016 _____ (Farbar) C:\Users\test\Desktop\FRST64.exe
2015-01-28 15:13 - 2015-01-28 15:13 - 02129920 _____ (Farbar) C:\Users\test\Downloads\FRST64.exe
2015-01-28 15:11 - 2015-01-28 15:11 - 00000292 _____ () C:\Users\test\Desktop\penis2.bat
2015-01-28 15:05 - 2015-01-28 15:05 - 00000000 ____D () C:\Users\test\AppData\Local\Chris_Pietschmann_(http__
2015-01-28 15:04 - 2015-01-28 15:04 - 00018034 _____ () C:\Users\test\Desktop\penis.bat
2015-01-28 15:00 - 2015-01-28 15:00 - 00000000 ____D () C:\Users\test\Desktop\Worms or Virus Builders
2015-01-28 14:58 - 2015-01-28 14:58 - 34925069 _____ () C:\Users\test\Downloads\Worms or Virus Builders.rar
2015-01-28 14:51 - 2015-01-28 14:51 - 00262144 _____ () C:\Windows\Minidump\012815-16177-01.dmp
2015-01-28 14:51 - 2010-06-07 01:04 - 336989223 _____ () C:\Windows\MEMORY.DMP
2015-01-28 14:51 - 2010-06-07 01:04 - 00000000 ____D () C:\Windows\Minidump
2015-01-28 14:42 - 2015-01-28 14:42 - 00000000 ____D () C:\Users\test\AppData\Local\Neptune
2015-01-28 14:39 - 2015-01-29 07:22 - 00000000 ____D () C:\Users\test\Desktop\Project Neptune v2.0
2015-01-28 14:38 - 2015-01-28 14:38 - 01818180 _____ () C:\Users\test\Downloads\EncryptedArchive.rar
2015-01-28 14:36 - 2015-01-28 14:36 - 01807890 _____ () C:\Users\test\Downloads\setup_akl.zip
2015-01-28 14:36 - 2015-01-28 14:36 - 00000000 ____D () C:\Users\test\AppData\Roaming\WinRAR
2015-01-28 14:31 - 2015-02-12 07:55 - 00063568 _____ () C:\Users\test\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-23 21:23 - 2015-01-23 21:23 - 00026174 _____ () C:\Users\julian\Downloads\debian-7.8.0-amd64-CD-1.iso.torrent
2015-01-23 21:13 - 2015-01-23 21:13 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\julian\Downloads\tdsskiller44.exe
2015-01-23 21:10 - 2015-01-23 21:12 - 1028653056 _____ () C:\Users\julian\Downloads\ubuntu-14.04.1-desktop-amd64.iso
2015-01-23 21:10 - 2015-01-23 21:10 - 00039580 _____ () C:\Users\julian\Downloads\ubuntu-14.04.1-desktop-amd64.iso (1).torrent
2015-01-23 21:07 - 2015-01-23 21:07 - 00357237 _____ () C:\Users\julian\Downloads\openSUSE-13.2-DVD-x86_64.iso (1).torrent
2015-01-23 21:06 - 2015-01-23 21:06 - 00357237 _____ () C:\Users\julian\Downloads\openSUSE-13.2-DVD-x86_64.iso.torrent
2015-01-23 20:05 - 2015-01-23 20:05 - 00002212 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2015-01-23 20:05 - 2015-01-23 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-01-23 20:04 - 2015-01-23 20:04 - 00880784 _____ (Google Inc.) C:\Users\julian\Downloads\GoogleEarthSetup.exe
2015-01-23 17:54 - 2015-01-23 17:54 - 02059896 _____ () C:\Users\julian\Downloads\winrar-x64-520d.exe
2015-01-23 17:54 - 2015-01-23 17:54 - 00000000 ____D () C:\Users\julian\AppData\Roaming\WinRAR
2015-01-23 17:54 - 2015-01-23 17:54 - 00000000 ____D () C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-23 17:54 - 2015-01-23 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-23 17:54 - 2015-01-23 17:54 - 00000000 ____D () C:\Program Files\WinRAR
2015-01-23 17:39 - 2015-01-23 17:50 - 98046036 ____R () C:\Users\julian\Downloads\wpalist01.rar
2015-01-23 17:34 - 2015-01-23 17:47 - 00000000 ____D () C:\Program Files\PeerBlock
2015-01-23 17:34 - 2015-01-23 17:34 - 00001736 _____ () C:\Users\julian\Desktop\PeerBlock.lnk
2015-01-23 17:34 - 2015-01-23 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
2015-01-23 17:15 - 2015-01-23 17:15 - 00044718 _____ () C:\Users\julian\Downloads\ubuntu-14.10-desktop-amd64.iso.torrent
2015-01-20 19:59 - 2015-01-20 19:59 - 00039580 _____ () C:\Users\julian\Downloads\ubuntu-14.04.1-desktop-amd64.iso.torrent
2015-01-20 19:56 - 2015-01-20 19:56 - 00014134 _____ () C:\Users\julian\Downloads\++demonoid.pw++-Samsung_Galaxy_S3_GAPPS_4_4_kk.TORRENT
2015-01-20 18:31 - 2015-01-20 20:10 - 528838868 _____ () C:\Users\julian\Downloads\WPA-PSK WORDLIST 3 Final (13 GB).rar
2015-01-20 18:28 - 2015-01-20 18:28 - 00027937 _____ () C:\Users\julian\Downloads\NUSHORs_WPA_WORDLIST_v2-((demonoid.pw)).TORRENT
2015-01-20 18:27 - 2015-01-20 18:27 - 00172785 _____ () C:\Users\julian\Downloads\wpa_wordlist_(90GB)-_demonoid.pw_-.TORRENT
2015-01-20 18:24 - 2015-01-20 18:24 - 00028036 _____ () C:\Users\julian\Downloads\[[demonoid.pw]]-Wordlist_Collection.TORRENT
2015-01-14 18:00 - 2015-01-14 18:03 - 257973006 ____R () C:\Users\julian\Downloads\crackstation-human-only.txt.gz
2015-01-14 17:57 - 2015-01-14 17:57 - 46679553 ____R () C:\Users\julian\Downloads\Cracking WPA & WPA2 key with Reaver on Kali Linux No Dictionary Wordlist).mp4
2015-01-14 17:49 - 2015-01-14 17:49 - 00000000 ____D () C:\Users\julian\Downloads\WPA Wordlists
2015-01-14 17:44 - 2015-01-14 17:44 - 02374320 _____ (PeerBlock, LLC ) C:\Users\julian\Downloads\PeerBlock-Setup_v1.2_r693.exe
2015-01-14 17:43 - 2015-01-14 17:43 - 00021049 _____ () C:\Users\julian\Downloads\MONOVA.ORG darksell.com_RESEED_-_Hacker_BruteForce_Wordlist_5_chars_a-z_A-Z.torrent
2015-01-14 17:40 - 2015-01-14 17:40 - 00020970 _____ () C:\Users\julian\Downloads\[www.seedpeer.eu] Darksell Com Reseed Hacker Bruteforce Wordlist 5 Chars A Z A Z.SEEDPEER.torrent
2015-01-14 17:39 - 2015-02-12 16:59 - 00001199 _____ () C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-01-14 17:39 - 2015-02-12 16:59 - 00001175 _____ () C:\Users\julian\Desktop\µTorrent.lnk
2015-01-14 17:38 - 2015-02-12 16:59 - 00000000 ____D () C:\Users\julian\AppData\Roaming\uTorrent
2015-01-14 17:38 - 2015-01-14 17:38 - 01678928 _____ (BitTorrent Inc.) C:\Users\julian\Downloads\uTorrent.exe
2015-01-14 17:38 - 2015-01-14 17:38 - 00000000 ____D () C:\ProgramData\APN
2015-01-14 16:44 - 2015-01-31 12:12 - 00000598 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-01-14 16:43 - 2015-01-14 16:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-14 16:43 - 2015-01-14 16:43 - 00000000 ____D () C:\Windows\Options
2015-01-14 16:43 - 2015-01-14 16:43 - 00000000 ____D () C:\Program Files (x86)\Atheros
2015-01-14 16:43 - 2012-04-26 23:39 - 00073472 ____N () C:\Windows\system32\athrextx.cat
2015-01-14 16:43 - 2012-04-19 22:56 - 02811392 ____N (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\athrx.sys
2015-01-14 16:43 - 2012-04-19 22:56 - 02811392 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2015-01-14 16:42 - 2015-01-14 16:43 - 00000184 _____ () C:\setup.log
2015-01-14 16:42 - 2015-01-14 16:43 - 00000000 ____D () C:\ProgramData\Atheros
2015-01-14 16:38 - 2015-01-14 16:38 - 00008360 _____ () C:\Windows\ykinstutil.log
2015-01-14 16:38 - 2015-01-14 16:38 - 00000369 ____R () C:\Windows\YukonInstall.log
2015-01-14 16:38 - 2015-01-14 16:38 - 00000000 ____D () C:\Program Files (x86)\Marvell
2015-01-14 16:33 - 2015-01-14 16:33 - 00000000 ____D () C:\Users\julian\AppData\Local\MyRouter_Inc
2015-01-14 16:30 - 2015-01-14 16:33 - 00000000 ____D () C:\Program Files (x86)\MyRouter
2015-01-14 16:30 - 2015-01-14 16:30 - 03309904 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-14 16:30 - 2015-01-14 16:30 - 00001007 _____ () C:\Users\test\Desktop\MyRouter.lnk
2015-01-14 16:30 - 2015-01-14 16:30 - 00001007 _____ () C:\Users\julian\Desktop\MyRouter.lnk
2015-01-14 16:30 - 2015-01-14 16:30 - 00000000 ____D () C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyRouter
2015-01-14 16:30 - 2015-01-14 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyRouter
2015-01-14 16:27 - 2009-11-25 12:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-01-14 16:27 - 2009-11-25 12:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-01-14 16:27 - 2009-11-25 12:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2015-01-14 16:27 - 2009-11-25 12:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2015-01-14 16:27 - 2009-11-25 12:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2015-01-14 16:27 - 2009-11-25 12:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2015-01-14 16:27 - 2009-11-25 12:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2015-01-14 16:27 - 2009-11-25 12:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2015-01-14 16:27 - 2009-11-25 12:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2015-01-14 16:27 - 2009-11-25 12:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2015-01-14 16:22 - 2015-01-14 16:22 - 00000000 ____D () C:\Users\julian\AppData\Local\Chris_Pietschmann_(http__
2015-01-14 16:22 - 2015-01-14 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Router
2015-01-14 16:22 - 2010-06-06 23:02 - 00000000 ____D () C:\Program Files (x86)\Virtual Router
2015-01-14 16:21 - 2015-01-14 16:21 - 01373696 _____ () C:\Users\julian\Downloads\VirtualRouterInstaller_1.0.msi
2015-01-14 16:05 - 2015-01-14 16:05 - 00000000 ____D () C:\Users\julian\Desktop\I9300XXUGNG3-DBT
2015-01-14 15:58 - 2015-01-14 16:03 - 00000000 ____D () C:\Users\julian\Desktop\backup s3
2015-01-14 15:57 - 2015-01-14 15:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-01-14 15:57 - 2015-01-14 15:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2015-01-14 15:54 - 2015-01-14 15:54 - 00000000 ____D () C:\Users\julian\Desktop\Odin_3.10.0
2015-01-14 15:54 - 2010-09-17 18:42 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2015-01-14 15:54 - 2010-09-17 18:42 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2015-01-14 15:54 - 2010-09-17 18:42 - 00201280 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2015-01-14 15:54 - 2010-09-17 18:42 - 00079680 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2015-01-14 15:53 - 2015-01-14 15:54 - 01004639 _____ () C:\Users\julian\Downloads\Odin_3.10.0.zip
2015-01-14 15:53 - 2015-01-14 15:53 - 00000000 ____D () C:\ProgramData\Samsung
2015-01-14 15:53 - 2015-01-14 15:53 - 00000000 ____D () C:\Program Files\SAMSUNG
2015-01-14 15:52 - 2015-01-14 15:52 - 26551126 _____ () C:\Users\julian\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.zip
2015-01-14 15:51 - 2015-01-14 15:50 - 973773246 _____ () C:\Users\julian\Desktop\I9300XXUGNG3-DBT.zip
2015-01-14 15:34 - 2015-01-14 15:50 - 973773246 _____ () C:\Users\julian\Downloads\I9300XXUGNG3-DBT.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-12 17:47 - 2014-12-04 20:48 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2015-02-12 17:47 - 2014-12-04 20:48 - 00002840 _____ () C:\Windows\System32\Tasks\SlimDrivers Startup
2015-02-12 17:47 - 2014-12-04 20:48 - 00000412 _____ () C:\Windows\Tasks\SlimDrivers Startup.job
2015-02-12 17:47 - 2014-12-04 20:46 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-12 17:47 - 2014-12-04 20:43 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-12 17:11 - 2014-12-04 20:46 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-12 16:45 - 2010-06-06 23:36 - 00161979 _____ () C:\Windows\WindowsUpdate.log
2015-02-12 16:43 - 2014-12-04 20:54 - 00000000 ____D () C:\Users\test
2015-02-12 16:29 - 2014-08-10 11:35 - 00000000 ____D () C:\Users\test\Desktop\xRAT 2.0 RELEASE3
2015-02-12 16:05 - 2014-12-04 20:55 - 00000000 ____D () C:\Users\test\AppData\Local\VirtualStore
2015-02-12 16:03 - 2009-10-24 17:10 - 00729292 _____ () C:\Windows\system32\perfh010.dat
2015-02-12 16:03 - 2009-10-24 17:10 - 00145174 _____ () C:\Windows\system32\perfc010.dat
2015-02-12 16:03 - 2009-10-24 17:01 - 00734756 _____ () C:\Windows\system32\perfh00C.dat
2015-02-12 16:03 - 2009-10-24 17:01 - 00147678 _____ () C:\Windows\system32\perfc00C.dat
2015-02-12 16:03 - 2009-10-24 16:51 - 00696370 _____ () C:\Windows\system32\perfh007.dat
2015-02-12 16:03 - 2009-10-24 16:51 - 00147634 _____ () C:\Windows\system32\perfc007.dat
2015-02-12 16:03 - 2009-07-14 06:13 - 03367664 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-12 15:21 - 2009-07-14 05:45 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-12 15:21 - 2009-07-14 05:45 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-12 10:21 - 2014-12-04 20:54 - 00002136 _____ () C:\Windows\PFRO.log
2015-02-11 19:46 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\addins
2015-02-11 19:46 - 2009-07-14 05:45 - 00293320 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-10 21:19 - 2014-12-04 20:47 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-10 20:56 - 2014-12-04 20:45 - 00063568 _____ () C:\Users\julian\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-10 20:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-30 21:46 - 2006-06-27 06:10 - 00000000 _RSHD () C:\Users\test\AppData\Roaming\install
2015-01-28 19:54 - 2014-12-04 20:55 - 00000000 ____D () C:\Users\test\AppData\Local\Google
2015-01-23 20:05 - 2014-12-04 20:46 - 00000000 ____D () C:\Users\julian\AppData\Local\Google
2015-01-23 20:05 - 2014-12-04 20:46 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-23 17:00 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
==================== Files in the root of some directories =======
2015-02-10 21:04 - 2015-02-10 21:04 - 0000236 _____ () C:\Users\julian\AppData\Local\LaunchHomeCenter.log
Some content of TEMP:
====================
C:\Users\julian\AppData\Local\Temp\bdfilters.dll
C:\Users\julian\AppData\Local\Temp\MyRouter.exe
C:\Users\julian\AppData\Local\Temp\utt1B76.tmp.exe
C:\Users\julian\AppData\Local\Temp\utt2306.tmp.exe
C:\Users\julian\AppData\Local\Temp\{C66E3193-C0FA-4704-9CA5-FF685E1A7846}.exe
C:\Users\test\AppData\Local\Temp\USkinDLL.dll
C:\Users\test\AppData\Local\Temp\Virus Maker V 4.0 Beta.exe.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-29 19:30
==================== End Of Log ============================
Code:
Users shortcut scan result (x64) Version: 11-02-2015 02
Ran by julian at 2015-02-12 17:48:56
Running from C:\Users\julian\Desktop
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1031-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Router\Virtual Router Manager.lnk -> C:\Windows\Installer\{BE905C46-2B34-4D73-AEE1-769ED138E0FF}\_83B54E4F1B8BB4A43AE5AB.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows\Utilities\Add a new TAP virtual ethernet adapter.lnk -> C:\Program Files\TAP-Windows\bin\addtap.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows\Utilities\Delete ALL TAP virtual ethernet adapters.lnk -> C:\Program Files\TAP-Windows\bin\deltapall.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers\SlimDrivers.lnk -> C:\Windows\Installer\{A5457401-D56A-43F2-9524-78E54A7FC07A}\Icon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker\Resource Hacker.lnk -> C:\Program Files (x86)\Resource Hacker\ResHacker.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2\PE Viewer.lnk -> C:\Program Files\Process Hacker 2\peview.exe (wj32)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2\Process Hacker 2.lnk -> C:\Program Files\Process Hacker 2\ProcessHacker.exe (wj32)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2\Uninstall Process Hacker 2.lnk -> C:\Program Files\Process Hacker 2\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2\Help and Support\Changelog.lnk -> C:\Program Files\Process Hacker 2\CHANGELOG.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintProjects\ PrintProjects deinstallieren.lnk -> C:\Program Files (x86)\PrintProjects\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintProjects\PrintProjects.lnk -> C:\Program Files (x86)\PrintProjects\PhotoProduct.exe (Visan / RocketLife)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock\PeerBlock.lnk -> C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock\Uninstall PeerBlock.lnk -> C:\Program Files\PeerBlock\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock\Help and Support\ReadMe.lnk -> C:\Program Files\PeerBlock\readme.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\OpenVPN GUI.lnk -> C:\Program Files\OpenVPN\bin\openvpn-gui.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Uninstall OpenVPN.lnk -> C:\Program Files\OpenVPN\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Shortcuts\OpenVPN configuration file directory.lnk -> C:\Program Files\OpenVPN\config ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Shortcuts\OpenVPN log file directory.lnk -> C:\Program Files\OpenVPN\log ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Shortcuts\OpenVPN Sample Configuration Files.lnk -> C:\Program Files\OpenVPN\sample-config ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Documentation\OpenVPN Manual Page.lnk -> C:\Program Files\OpenVPN\doc\openvpn.8.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Documentation\OpenVPN Windows Notes.lnk -> C:\Program Files\OpenVPN\doc\INSTALL-win32.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Base.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sbase.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Calc.lnk -> C:\Program Files (x86)\OpenOffice 4\program\scalc.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Draw.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Impress.lnk -> C:\Program Files (x86)\OpenOffice 4\program\simpress.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Math.lnk -> C:\Program Files (x86)\OpenOffice 4\program\smath.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Writer.lnk -> C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyRouter\MyRouter.lnk -> C:\Program Files (x86)\MyRouter\MyRouter.exe (MyRouter Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyRouter\Uninstall.lnk -> C:\Program Files (x86)\MyRouter\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyRouter\Website.lnk -> C:\Program Files (x86)\MyRouter\MyRouter.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware entfernen.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak\KODAK AiO Home Center.lnk -> C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak\KODAK AiO*Drucker-Tools.lnk -> C:\Program Files (x86)\Kodak\AiO\Center\AiOPrinterTools.exe (Eastman Kodak Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak\Kodak Druckereinrichtungs-Dienstprogramm.lnk -> C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe (Eastman Kodak Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule\eMule.lnk -> C:\Program Files (x86)\eMule\emule.exe (http://www.emule-project.net)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule\LinkCreator.lnk -> C:\Program Files (x86)\eMule\LinkCreator.exe (eMule-Project.net)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule\Uninstall eMule.lnk -> C:\Program Files (x86)\eMule\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam\Bandicam.lnk -> C:\Program Files (x86)\Bandicam\bdcam.exe (www.Bandisoft.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam\BandiFix.lnk -> C:\Program Files (x86)\Bandicam\bdfix.exe (Bandisoft.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam\Uninstall.lnk -> C:\Program Files (x86)\Bandicam\uninstall.exe (Bandisoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\Links\Desktop.lnk -> C:\Users\julian\Desktop ()
Shortcut: C:\Users\julian\Links\Downloads.lnk -> C:\Users\julian\Downloads ()
Shortcut: C:\Users\julian\Desktop\Bandicam.lnk -> C:\Program Files (x86)\Bandicam\bdcam.exe (www.Bandisoft.com)
Shortcut: C:\Users\julian\Desktop\MyRouter.lnk -> C:\Program Files (x86)\MyRouter\MyRouter.exe (MyRouter Inc.)
Shortcut: C:\Users\julian\Desktop\PeerBlock.lnk -> C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
Shortcut: C:\Users\julian\Desktop\Process Hacker 2.lnk -> C:\Program Files\Process Hacker 2\ProcessHacker.exe (wj32)
Shortcut: C:\Users\julian\Desktop\µTorrent.lnk -> C:\Users\test\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\test\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC\DUC.lnk -> C:\Program Files (x86)\No-IP\DUC40.exe ()
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC\License.lnk -> C:\Program Files (x86)\No-IP\License.txt ()
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC\Uninstall.lnk -> C:\Program Files (x86)\No-IP\Uninstall.exe ()
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk -> C:\Program Files (x86)\Bandicam\bdcam.exe (www.Bandisoft.com)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> C:\Users\test\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Adobe Reader XI.lnk -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\eMule.lnk -> C:\Program Files (x86)\eMule\emule.exe (http://www.emule-project.net)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Google Earth.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google)
Shortcut: C:\Users\Public\Desktop\KODAK AiO Home Center.lnk -> C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\Users\Public\Desktop\OpenVPN GUI.lnk -> C:\Program Files\OpenVPN\bin\openvpn-gui.exe ()
Shortcut: C:\Users\Public\Desktop\PrintProjects.lnk -> C:\Program Files (x86)\PrintProjects\PhotoProduct.exe (Visan / RocketLife)
Shortcut: C:\Users\Public\Desktop\SlimDrivers.lnk -> C:\Windows\Installer\{A5457401-D56A-43F2-9524-78E54A7FC07A}\Icon.exe ()
Shortcut: C:\Users\test\Links\Desktop.lnk -> C:\Users\julian\Desktop ()
Shortcut: C:\Users\test\Links\Downloads.lnk -> C:\Users\julian\Downloads ()
Shortcut: C:\Users\test\Desktop\Bandicam.lnk -> C:\Program Files (x86)\Bandicam\bdcam.exe (www.Bandisoft.com)
Shortcut: C:\Users\test\Desktop\MyRouter.lnk -> C:\Program Files (x86)\MyRouter\MyRouter.exe (MyRouter Inc.)
Shortcut: C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\test\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk -> C:\Program Files (x86)\Bandicam\bdcam.exe (www.Bandisoft.com)
Shortcut: C:\Users\test\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\test\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\test\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\test\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\test\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\test\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Resource Hacker.lnk -> C:\Program Files (x86)\Resource Hacker\ResHacker.exe ()
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers\SlimDrivers Help.lnk -> C:\Windows\Installer\{A5457401-D56A-43F2-9524-78E54A7FC07A}\Icon.exe () -> -help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Utilities\Generate a static OpenVPN key.lnk -> C:\Program Files\OpenVPN\bin\openvpn.exe (The OpenVPN Project) -> --pause-exit --verb 3 --genkey --secret "C:\Program Files\OpenVPN\config\key.txt"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak\KODAK AiO*Statusmonitor.lnk -> C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak\KODAK All-in-One Software deinstallieren.lnk -> C:\ProgramData\Kodak\Installer\Setup.exe (Eastman Kodak Company) -> /Web /x {E0F274B7-592B-4669-8FB8-8D9825A09858} CompanyName="Eastman Kodak Company" /code 1031
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth im DirectX-Modus starten.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google) -> -setDX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth im OpenGL-Modus starten.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google) -> -setOGL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\julian\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\test\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\test\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2\Help and Support\Process Hacker 2 on the Web.url -> hxxp://processhacker.sourceforge.net/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock\Help and Support\Forums.url -> hxxp://forums.peerblock.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock\Help and Support\Homepage.url -> hxxp://www.peerblock.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock\Help and Support\User Manual.url -> hxxp://www.peerblock.com/userguide
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Documentation\OpenVPN HOWTO.url -> hxxp://openvpn.net/howto.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Documentation\OpenVPN Support.url -> https://community.openvpn.net/openvpn/wiki/GettingHelp
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Documentation\OpenVPN Web Site.url -> hxxp://openvpn.net/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Documentation\OpenVPN Wiki.url -> https://community.openvpn.net/openvpn/wiki/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak\Benutzerhandbuch.url -> hxxp://www.kodak.com/go/manuals?pq-locale=de_DE#aioprinters
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak\KODAK Mobile Solutions.url -> hxxp://www.kodak.com/go/mobileprinting
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule\eMule Home Page.url -> hxxp://www.emule-project.net
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule\Online FAQ.url -> hxxp://www.emule-project.net/faq/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam\Home page.url -> hxxp://www.bandicam.com/
InternetURL: C:\Users\julian\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\julian\Favorites\Windows Live\Windows Live Ideas.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\julian\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\julian\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\julian\Favorites\MSN-Websites\MSN Auto.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72680
InternetURL: C:\Users\julian\Favorites\MSN-Websites\MSN Fernsehen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72659
InternetURL: C:\Users\julian\Favorites\MSN-Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72640
InternetURL: C:\Users\julian\Favorites\MSN-Websites\MSN Nachrichten.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72636
InternetURL: C:\Users\julian\Favorites\MSN-Websites\MSN Sport.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72635
InternetURL: C:\Users\julian\Favorites\MSN-Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72630
InternetURL: C:\Users\julian\Favorites\Microsoft-Websites\IE-Site auf Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\julian\Favorites\Microsoft-Websites\Microsoft Deutschland GmbH.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\julian\Favorites\Microsoft-Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\julian\Favorites\Microsoft-Websites\Microsoft Windows - Start.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\julian\Favorites\Microsoft-Websites\Microsoft zu Hause.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\julian\Favorites\Microsoft-Websites\Microsoft.com durchsuchen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72893
InternetURL: C:\Users\julian\Favorites\Microsoft-Websites\Site für IE Add-Ons.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\julian\Favorites\Links\Vorgeschlagene Sites.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\julian\Favorites\Links\Web Slice-Katalog.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\test\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\test\Favorites\Windows Live\Windows Live Ideas.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\test\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\test\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\test\Favorites\MSN-Websites\MSN Auto.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72680
InternetURL: C:\Users\test\Favorites\MSN-Websites\MSN Fernsehen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72659
InternetURL: C:\Users\test\Favorites\MSN-Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72640
InternetURL: C:\Users\test\Favorites\MSN-Websites\MSN Nachrichten.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72636
InternetURL: C:\Users\test\Favorites\MSN-Websites\MSN Sport.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72635
InternetURL: C:\Users\test\Favorites\MSN-Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72630
InternetURL: C:\Users\test\Favorites\Microsoft-Websites\IE-Site auf Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\test\Favorites\Microsoft-Websites\Microsoft Deutschland GmbH.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\test\Favorites\Microsoft-Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\test\Favorites\Microsoft-Websites\Microsoft Windows - Start.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\test\Favorites\Microsoft-Websites\Microsoft zu Hause.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\test\Favorites\Microsoft-Websites\Microsoft.com durchsuchen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72893
InternetURL: C:\Users\test\Favorites\Microsoft-Websites\Site für IE Add-Ons.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\test\Favorites\Links\Vorgeschlagene Sites.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\test\Favorites\Links\Web Slice-Katalog.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
==================== End of log =============================
|
