So, hat lange gedauert hab jetzt aber alles gemacht. Hoffentlich auch richtig. Verändert hat sich bisher leider nichts. Hier die Datein: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 20.04.2015
Suchlauf-Zeit: 14:53:36
Logdatei: mbam.txt
Administrator: Ja
Version: 2.01.4.1018
Malware Datenbank: v2015.04.20.02
Rootkit Datenbank: v2015.03.31.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Laura
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 361204
Verstrichene Zeit: 48 Min, 14 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 1
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, 1636, Löschen bei Neustart, [255480c3513994a21e4f84fe72911ce4]
Module: 1
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, Löschen bei Neustart, [255480c3513994a21e4f84fe72911ce4],
Registrierungsschlüssel: 47
Trojan.BHO, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}, In Quarantäne, [55242b18b6d446f0380789a92ed5758b],
Trojan.BHO, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}, In Quarantäne, [55242b18b6d446f0380789a92ed5758b],
Trojan.BHO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}, In Quarantäne, [55242b18b6d446f0380789a92ed5758b],
Trojan.BHO, HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}, In Quarantäne, [55242b18b6d446f0380789a92ed5758b],
Trojan.BHO, HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}, In Quarantäne, [55242b18b6d446f0380789a92ed5758b],
PUP.Optional.Linkey.A, HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, In Quarantäne, [2b4eb68dcebc26103719b36cdb28956b],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, In Quarantäne, [2b4eb68dcebc26103719b36cdb28956b],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\Plus-HD-9.6, In Quarantäne, [b8c155ee5733bf77a24701f60ef5847c],
PUP.Optional.SystemK.A, HKLM\SOFTWARE\WOW6432NODE\SystemK, In Quarantäne, [0e6bdf643753cd6996bc7e4dbf446a96],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, In Quarantäne, [3544f74ce5a5e1559bdbb11d9d66a060],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\19979, In Quarantäne, [bebba79c38521224011cce1b857e5fa1],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, In Quarantäne, [c3b612313c4e3303751f47e6ca3b2ed2],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, In Quarantäne, [4e2bbc87d6b4c76f6e27ea4336cf19e7],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\SYSTEMK\General, In Quarantäne, [7efbf64d19710c2a63e98d5b5aa91ce4],
PUP.Optional.SettingsManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\F06DEFF2-5B9C-490D-910F-35D3A9119622, In Quarantäne, [3c3d360def9ba096a3299f989f668d73],
PUP.Optional.SystemK.A, HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\SOFTWARE\SystemK, In Quarantäne, [c9b00f345d2d75c1deeb34a22ed52ad6],
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nikpibnbobmbdbheedjfogjlikpgpnhp, In Quarantäne, [5128c77c47434fe7ad676d55e51edd23],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\19979, In Quarantäne, [5623cd764842a98da219dae8e122619f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Plus HD, In Quarantäne, [4c2d81c23258e45295304a7c5ea549b7],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Settings Manager, In Quarantäne, [3841e65d2d5d70c6dc580d63b251bc44],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\globalUpdate.OneClickCtrl.10, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\globalUpdate.Update3WebControl.4, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.FoxySecurity.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}, In Quarantäne, [2554d96a404a1b1ba6a44150d42fee12],
PUP.Optional.FoxySecurity.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}, In Quarantäne, [2554d96a404a1b1ba6a44150d42fee12],
PUP.Optional.FoxySecurity.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}, In Quarantäne, [2554d96a404a1b1ba6a44150d42fee12],
PUP.Optional.FoxySecurity.A, HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}, In Quarantäne, [2554d96a404a1b1ba6a44150d42fee12],
PUP.Optional.FoxySecurity.A, HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}, In Quarantäne, [2554d96a404a1b1ba6a44150d42fee12],
Registrierungswerte: 2
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, In Quarantäne, [3544f74ce5a5e1559bdbb11d9d66a060]
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\SYSTEMK|browser, ie ff cr, In Quarantäne, [0871c57e38524fe78bc2af39ee15f010]
Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)
Ordner: 36
PUP.Optional.SystemK.A, C:\ProgramData\systemk, In Quarantäne, [b6c39ea5d2b8dc5a53cf6e79b350a759],
PUP.Optional.OpenCandy, C:\Users\Laura\AppData\Roaming\OpenCandy, In Quarantäne, [ff7adf646525be7886f9da8f3fc49967],
PUP.Optional.OpenCandy, C:\Users\Laura\AppData\Roaming\OpenCandy\8DAFE44D626F418BAD1528E458BB4243, In Quarantäne, [ff7adf646525be7886f9da8f3fc49967],
PUP.Optional.Datamngr.A, C:\Users\Laura\AppData\LocalLow\DataMngr, In Quarantäne, [4a2f390a800ad95df2baaec17b8822de],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.6, In Quarantäne, [d3a630131278e15548c64b2523e0ab55],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk, In Quarantäne, [3841e65d2d5d70c6dc580d63b251bc44],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64, In Quarantäne, [3841e65d2d5d70c6dc580d63b251bc44],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\content, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, Löschen bei Neustart, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, Löschen bei Neustart, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download\{2D75D52B-0D70-42A9-A317-E5345921BEDB}, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download\{2D75D52B-0D70-42A9-A317-E5345921BEDB}\1.3.25.27, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{0DC56CE8-36C3-41AB-A53B-A13F60211F4A}, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\images, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\de, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\en, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\es, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\fr, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\it, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\ja, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\nl, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\pl, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\pt, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\ru, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\tr, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\zh_CN, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\zh_TW, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.FoxySecurity.A, C:\Users\Laura\AppData\LocalLow\systems ie bho, In Quarantäne, [2554d96a404a1b1ba6a44150d42fee12],
Dateien: 120
Trojan.BHO, C:\Users\Laura\AppData\LocalLow\systems ie bho\bho.dll, In Quarantäne, [55242b18b6d446f0380789a92ed5758b],
PUP.Optional.CrossRider.A, C:\Users\Laura\AppData\Roaming\r3NDJCZJimHHmAgkE.exe, In Quarantäne, [80f9350e69219f97b6f9163f926e9f61],
PUP.Optional.Softonic, C:\Users\Laura\SoftonicDownloader_fuer_freemind.exe, In Quarantäne, [e19853f0a1e945f1c5dbc96654ad7c84],
Spyware.Password, C:\Windows\Installer\692ed9e.msi, In Quarantäne, [a4d5f64d3f4b7abc3925b6f3768a7090],
Spyware.Password, C:\Windows\Installer\{89AA1D37-D45E-4BF3-9D1D-CB27D3F80546}\Icon89AA1D37.exe, In Quarantäne, [e792b88be9a1092d98c67039a15f10f0],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\0d79c1ad-7dd4-41c7-99d4-7c1d0cb2686b-3, In Quarantäne, [6514390ab9d1b97d363b9a3456ad2ed2],
PUP.Optional.SystemK.A, C:\ProgramData\systemk\general.cfg, In Quarantäne, [b6c39ea5d2b8dc5a53cf6e79b350a759],
PUP.Optional.SystemK.A, C:\ProgramData\systemk\coordinator.cfg, In Quarantäne, [b6c39ea5d2b8dc5a53cf6e79b350a759],
PUP.Optional.SystemK.A, C:\ProgramData\systemk\S-1-5-21-3317952785-2531906290-1392633749-1000.cfg, In Quarantäne, [b6c39ea5d2b8dc5a53cf6e79b350a759],
PUP.Optional.DefaultSearch.A, C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\5pzbrf4u.default\searchplugins\default-search.xml, In Quarantäne, [413895aef595a591da6b28c0f1128c74],
PUP.Optional.DefaultSearch.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml, In Quarantäne, [3e3b2d16b3d72412b88e22c6ea1916ea],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\0d79c1ad-7dd4-41c7-99d4-7c1d0cb2686b-3.job, In Quarantäne, [25549ea50f7b37ff73fa0625df268779],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, In Quarantäne, [710871d2dcae3df9e59788a348bd48b8],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, In Quarantäne, [1c5d73d04f3b3cfa67161e0d4bba50b0],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, In Quarantäne, [bcbd083b61293204c8b674b7f411f808],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, In Quarantäne, [2059350eddadd95d037cd259ce3717e9],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc2.cfg, In Quarantäne, [3c3d360def9ba096a3299f989f668d73],
PUP.Optional.OpenCandy, C:\Users\Laura\AppData\Roaming\OpenCandy\8DAFE44D626F418BAD1528E458BB4243\driverscannerDE.exe, In Quarantäne, [ff7adf646525be7886f9da8f3fc49967],
PUP.Optional.Datamngr.A, C:\Users\Laura\AppData\LocalLow\DataMngr\{99BB1406-1CFB-488C-90D1-2D978E04F707}64, In Quarantäne, [4a2f390a800ad95df2baaec17b8822de],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.6\1293297481.mxaddon, In Quarantäne, [d3a630131278e15548c64b2523e0ab55],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.6\360-57304.crx, In Quarantäne, [d3a630131278e15548c64b2523e0ab55],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.6\57304.crx, In Quarantäne, [d3a630131278e15548c64b2523e0ab55],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.6\57304.xpi, In Quarantäne, [d3a630131278e15548c64b2523e0ab55],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\favicon.ico, In Quarantäne, [3841e65d2d5d70c6dc580d63b251bc44],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\systemkmgrc2.cfg, In Quarantäne, [3841e65d2d5d70c6dc580d63b251bc44],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\Uninstall.exe, In Quarantäne, [3841e65d2d5d70c6dc580d63b251bc44],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\chrome.manifest, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\install.rdf, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF14.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF.xpt, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF10.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF11.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF12.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF13.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF15.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF16.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF17.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF18.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF19.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF2.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF20.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF21.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF22.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF23.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF24.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF25.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF26.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF27.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF28.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF29.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF30.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF4.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF5.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF6.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF7.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF8.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF9.dll, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\content\DnsBHO.js, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\content\Error404BHO.js, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\content\MainBHO.js, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\content\NativeHelper.js, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\content\NewTabBHO.js, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\content\overlay.js, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\content\overlay.xul, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\content\RelatedSearch.js, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\content\RequestPreserver.js, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\content\SearchBHO.js, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.SystemK.A, C:\Users\Laura\AppData\Roaming\Settings Manager\systemk\content\SettingManager.js, In Quarantäne, [c3b66ed5b2d872c4ab2c3f3eee15966a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Löschen bei Neustart, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, Löschen bei Neustart, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download\{2D75D52B-0D70-42A9-A317-E5345921BEDB}\1.3.25.27\setup.exe, In Quarantäne, [255480c3513994a21e4f84fe72911ce4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\background.html, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\background.js, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\dvs_freeyoutubedownload.css, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\dvs_freeyoutubedownload.js, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\dvs_logo.ico, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\dvs_logo_128.png, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\dvs_logo_32.png, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\dvs_logo_48.png, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\errorRunProgramm.html, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\manifest.json, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\np_dvs_plugin.dll, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\options.html, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\options.js, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\page_action.html, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\images\backbar.png, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\images\download.png, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\images\fs.png, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\images\headphone.png, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\images\logo.png, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\images\manager.png, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\images\YoutubeDownloader.png, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\images\YoutubeToMp3.png, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\de\messages.json, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\en\messages.json, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\es\messages.json, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\fr\messages.json, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\it\messages.json, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\ja\messages.json, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\nl\messages.json, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\pl\messages.json, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\pt\messages.json, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\ru\messages.json, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\tr\messages.json, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\zh_CN\messages.json, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\_locales\zh_TW\messages.json, In Quarantäne, [66131033c6c4bd79ef5d2a653bc84cb4],
PUP.Optional.FoxySecurity.A, C:\Users\Laura\AppData\LocalLow\systems ie bho\bho.dll, In Quarantäne, [2554d96a404a1b1ba6a44150d42fee12],
PUP.Optional.FoxySecurity.A, C:\Users\Laura\AppData\LocalLow\systems ie bho\ie.ini, In Quarantäne, [2554d96a404a1b1ba6a44150d42fee12],
PUP.Optional.DefaultSearch.A, C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: ( "homepage" : "hxxp://www.default-search.net?sid=476&aid=122&itype=a&ver=13337&tm=348&src=hmp",), Ersetzt,[e495a69d1c6e1a1cf2bbe23ccb3bf10f]
PUP.Optional.DefaultSearch, C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\5pzbrf4u.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.selectedEngine", "default-search.net");), Ersetzt,[a3d66bd80d7da2947086908d21e55da3]
PUP.Optional.DefaultSearch.A, C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\5pzbrf4u.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://www.default-search.net/search?sid=476&aid=122&itype=a&ver=13337&tm=348&src=ds&p=");), Ersetzt,[d7a29da6711949ede805110d0ff754ac]
Physische Sektoren: 0
(Keine schädliche Elemente gefunden)
(end) Code:
# AdwCleaner v4.201 - Bericht erstellt 20/04/2015 um 16:50:57
# Aktualisiert 08/04/2015 von Xplode
# Datenbank : 2015-04-19.4 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Laura - LAURA-PC
# Gestarted von : C:\Users\Laura\Desktop\AdwCleaner_4.201.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : bupService
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\Settings Manager
Ordner Gelöscht : C:\Program Files (x86)\fun coupons
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Users\Laura\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Laura\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Laura\AppData\Roaming\BupSystem
Ordner Gelöscht : C:\Users\Laura\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Laura\AppData\Roaming\Security Systems
Ordner Gelöscht : C:\Users\Laura\AppData\Roaming\Settings Manager
Ordner Gelöscht : C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\5pzbrf4u.default\Extensions\jid0-HYNmqxA9zQGfJADREri4n2AHKSI@jetpack
Ordner Gelöscht : C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\5pzbrf4u.default\Extensions\N0h76Q@gmail.com
Ordner Gelöscht : C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabecdockfoneeopmgofaobjpgbinpdl
Ordner Gelöscht : C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdpibhkfkahcjfaebebkiphgenajknae
Datei Gelöscht : C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\5pzbrf4u.default\searchplugins\ask-search.xml
Datei Gelöscht : C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\5pzbrf4u.default\user.js
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKU\.DEFAULT\Software\AskPartnerNetwork
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v37.0.1 (x86 de)
[5pzbrf4u.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.order.1", "default-search.net");
[5pzbrf4u.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.selectedEngine", "default-search.net");
[5pzbrf4u.default\prefs.js] - Zeile Gelöscht : user_pref("keyword.URL", "hxxp://www.default-search.net/search?sid=476&aid=122&itype=a&ver=13337&tm=348&src=ds&p=");
-\\ Google Chrome v41.0.2272.118
[C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.default-search.net/search?sid=476&aid=122&itype=a&ver=13337&tm=348&src=ds&p={searchTerms}
*************************
AdwCleaner[R0].txt - [13447 Bytes] - [20/04/2015 16:48:48]
AdwCleaner[S0].txt - [12140 Bytes] - [20/04/2015 16:50:57]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12200 Bytes] ########## Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.9 (04.19.2015:1)
OS: Windows 7 Home Premium x64
Ran by Laura on 20.04.2015 at 16:58:39,61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] C:\windows\s.bat
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Laura\appdata\local\{4CC7798E-3D24-434C-8D8B-8B8F82AABF5E}
Successfully deleted: [Empty Folder] C:\Users\Laura\appdata\local\{8BEF52F9-FEC2-4245-A5FF-1CD76918F125}
Successfully deleted: [Empty Folder] C:\Users\Laura\appdata\local\{9EDDB357-9B4A-41CC-8A34-40BB37D8FDA7}
Successfully deleted: [Empty Folder] C:\Users\Laura\appdata\local\{BC95CD1F-0146-488E-A776-82067DAB9C3A}
Successfully deleted: [Empty Folder] C:\Users\Laura\appdata\local\{D96D0289-2DC4-4C5C-9AAC-1E948E3E0609}
Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec
~~~ FireFox
Emptied folder: C:\Users\Laura\AppData\Roaming\mozilla\firefox\profiles\5pzbrf4u.default\minidumps [320 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.04.2015 at 17:02:12,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-04-2015 01
Ran by Laura (administrator) on LAURA-PC on 20-04-2015 17:02:49
Running from C:\Users\Laura\Desktop
Loaded Profiles: Laura (Available profiles: Laura)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11772520 2011-01-04] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2011-02-14] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9768352 2012-08-16] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5940128 2012-08-16] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-08-16] (Lenovo)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [PLTSR] => C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe [364400 2010-10-22] (Egis Technology Inc. )
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [333416 2012-09-05] (McAfee, Inc.)
HKLM-x32\...\Run: [ShStatEXE] => C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE [215656 2012-08-14] (McAfee, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\...\Run: [Spotify Web Helper] => C:\Users\Laura\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-01-15] (Spotify Ltd)
HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-08-16] (Apple Inc.)
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
Lsa: [Notification Packages] scecli EgisPLPwdFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-04-28]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-06-05] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20140111133415.dll [2014-01-11] (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-04] (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20140111133415.dll [2014-01-11] (McAfee, Inc.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-04] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3317952785-2531906290-1392633749-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\5pzbrf4u.default
FF Homepage: https://www.google.de/?gws_rd=ssl
FF NetworkProxy: "autoconfig_url", "https://napo.fu-berlin.de/"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-20] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-20] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-11] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-10-25] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\5pzbrf4u.default\Extensions\2020Player_IKEA@2020Technologies.com [2013-02-02]
FF Extension: jid1AVgCeF1zoVzMjAjetpack - C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\5pzbrf4u.default\Extensions\jid1-AVgCeF1zoVzMjA@jetpack [2015-04-19]
FF Extension: Foxy Security - C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\5pzbrf4u.default\Extensions\sys@foxysecurity.com [2014-05-15]
FF Extension: No Name - C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\5pzbrf4u.default\Extensions\uGqKQ@gmail.com [2015-04-19]
FF Extension: No Name - C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\5pzbrf4u.default\Extensions\WtY38Iy@gmail.com [2015-04-19]
FF Extension: c151d79ee61b4a90a8875a46d38fba99 - C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\5pzbrf4u.default\Extensions\{c151d79e-e61b-4a90-a887-5a46d38fba99} [2015-04-19]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\5pzbrf4u.default\Extensions\adblockpopups@jessehakanen.net.xpi [2013-05-01]
FF Extension: Add to Search Bar - C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\5pzbrf4u.default\Extensions\add-to-searchbox@maltekraus.de.xpi [2014-05-20]
FF Extension: Video DownloadHelper - C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\5pzbrf4u.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-14]
FF Extension: Adblock Plus - C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\5pzbrf4u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-29]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: IDS_SS_NAME - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2014-01-11]
FF HKU\S-1-5-21-3317952785-2531906290-1392633749-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR Profile: C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (fbiodiodggnlakggeeckkjccjhhjndnb) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbiodiodggnlakggeeckkjccjhhjndnb [2015-04-17]
CHR Extension: (suprize) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gijpiklekffjdhakddncmmfoljbopjka [2015-04-19]
CHR Extension: (kmkpokpaimeklljpdkakobjepcnpmhok) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmkpokpaimeklljpdkakobjepcnpmhok [2015-04-19]
CHR Extension: (ledmjlnkdlappilhaaihfhanlpdjjalm) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ledmjlnkdlappilhaaihfhanlpdjjalm [2015-04-19]
CHR Extension: (Google Wallet) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-30]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
S2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [327024 2010-10-22] (Egis Technology Inc. )
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [132712 2012-09-05] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [201864 2014-01-11] (McAfee, Inc.)
S2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exe [210056 2012-08-14] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [170440 2014-01-11] (McAfee, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2012-03-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2012-03-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2012-03-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2012-03-02] (LG Electronics Inc.)
S3 ASPI; C:\windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [160952 2014-01-11] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [274880 2014-01-11] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [665768 2014-01-11] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [101200 2014-01-11] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [303464 2014-01-11] (McAfee, Inc.)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8200552 2010-12-15] (Realtek Semiconductor Corp.)
S3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [10240 2013-10-18] (SMART Technologies) [File not signed]
S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [9216 2013-10-18] (SMART Technologies) [File not signed]
S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [22184 2013-10-18] (SMART Technologies ULC) [File not signed]
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
U2 IAStorDataMgrSvc; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 nvUpdatusService; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-20 17:02 - 2015-04-20 17:02 - 00001382 _____ () C:\Users\Laura\Desktop\JRT.txt
2015-04-20 16:58 - 2015-04-20 16:58 - 02684539 _____ (Thisisu) C:\Users\Laura\Desktop\JRT.exe
2015-04-20 16:58 - 2015-04-20 16:58 - 00000207 _____ () C:\windows\tweaking.com-regbackup-LAURA-PC-Windows-7-Home-Premium-(64-bit).dat
2015-04-20 16:58 - 2015-04-20 16:58 - 00000000 ____D () C:\RegBackup
2015-04-20 16:54 - 2015-04-20 16:54 - 00012313 _____ () C:\Users\Laura\Desktop\AdwCleaner[S0].txt
2015-04-20 16:48 - 2015-04-20 16:51 - 00000000 ____D () C:\AdwCleaner
2015-04-20 16:48 - 2015-04-20 16:48 - 02217984 _____ () C:\Users\Laura\Desktop\AdwCleaner_4.201.exe
2015-04-20 16:42 - 2015-04-20 16:42 - 00036882 _____ () C:\Users\Laura\Desktop\mbam.txt
2015-04-20 16:36 - 2015-04-20 16:39 - 00000000 ___SD () C:\windows\system32\GWX
2015-04-20 16:36 - 2015-04-20 16:36 - 00000000 ___SD () C:\windows\SysWOW64\GWX
2015-04-20 16:34 - 2015-04-20 16:34 - 00034164 _____ () C:\Users\Laura\Desktop\m.txt
2015-04-20 14:53 - 2015-04-20 16:41 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-20 14:53 - 2015-04-20 14:53 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-20 14:53 - 2015-04-20 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-20 14:53 - 2015-04-20 14:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-20 14:53 - 2015-04-20 14:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-20 14:53 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-04-20 14:53 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-04-20 14:53 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-04-20 14:51 - 2015-04-20 14:52 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Laura\Desktop\mbam-setup-2.1.4.1018.exe
2015-04-20 14:36 - 2015-04-20 16:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-04-20 13:32 - 2015-04-20 13:33 - 00034011 _____ () C:\Users\Laura\Desktop\Addition.txt
2015-04-20 13:30 - 2015-04-20 17:02 - 00020145 _____ () C:\Users\Laura\Desktop\FRST.txt
2015-04-20 13:30 - 2015-04-20 17:02 - 00000000 ____D () C:\FRST
2015-04-20 13:29 - 2015-04-20 13:29 - 02098176 _____ (Farbar) C:\Users\Laura\Desktop\FRST64.exe
2015-04-20 13:21 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-20 13:21 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-20 13:21 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-20 13:21 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-20 13:21 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-20 13:21 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-20 13:21 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-20 13:21 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-20 13:21 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-20 13:21 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-20 13:21 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-20 13:21 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-04-20 13:21 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-04-20 13:21 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-04-20 13:21 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-04-20 13:21 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-04-20 12:09 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-20 12:09 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-20 12:09 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-20 12:09 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-20 12:09 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-20 12:09 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-04-20 12:09 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-20 12:09 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-20 12:09 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-04-20 12:09 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-04-20 12:09 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-04-20 12:09 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-04-20 12:09 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-04-20 12:09 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-04-20 12:08 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-04-20 12:08 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-04-20 12:08 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-04-20 12:08 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-04-20 12:08 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-04-20 12:08 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-04-20 12:08 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-04-20 12:08 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-04-20 12:08 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-04-20 12:08 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-04-20 12:08 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-04-20 12:08 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-04-20 12:08 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-04-20 12:08 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-04-20 12:08 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-04-20 12:08 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-04-20 12:08 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-04-20 12:08 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-04-20 12:08 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-20 12:08 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-04-20 12:07 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-04-20 12:07 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-04-20 12:07 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-04-20 12:07 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-04-20 12:07 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-04-20 12:07 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-04-20 12:07 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-04-20 12:07 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-04-20 12:07 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-04-20 12:07 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-04-20 12:07 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-04-20 12:07 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-04-20 12:07 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-04-20 12:07 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-04-20 12:07 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-04-20 12:07 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-04-20 12:07 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-04-20 12:07 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-04-20 12:07 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-04-20 12:07 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-20 12:07 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-04-20 12:07 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-04-20 12:07 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-04-20 12:07 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-04-20 12:06 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-04-20 12:06 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-04-20 12:06 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-04-20 12:06 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-04-20 12:06 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-04-20 12:06 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-04-20 12:06 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-04-20 12:06 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-04-20 12:06 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-04-20 12:06 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-04-20 12:06 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-04-20 12:06 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-20 12:05 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-04-20 12:05 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-04-20 12:05 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-04-20 12:05 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-04-20 12:05 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-04-20 12:05 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-04-20 12:05 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-20 12:05 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-04-20 12:05 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-04-20 12:05 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-04-20 12:05 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-04-20 12:05 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-04-20 12:05 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-04-20 12:05 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-04-20 12:05 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-04-20 12:05 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-04-20 12:05 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-04-20 12:05 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-04-20 12:05 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-20 12:05 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-04-20 12:05 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-04-20 12:05 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-04-20 12:05 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-20 12:05 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-04-20 12:05 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-04-20 12:05 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-04-20 12:05 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-04-20 12:05 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-04-20 12:05 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-04-20 12:05 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-04-20 12:05 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-04-20 12:05 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-04-20 12:05 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-04-20 12:05 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-04-20 12:05 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-04-20 12:05 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-04-20 12:05 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-04-20 12:05 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-04-20 12:05 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-04-20 12:05 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-04-20 12:05 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-04-20 12:05 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-04-20 12:05 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-20 12:05 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-04-20 12:05 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-04-20 12:05 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-04-20 12:05 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-04-20 12:05 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-04-20 12:05 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-04-20 12:05 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-04-20 12:05 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-04-20 12:05 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-04-20 12:05 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-04-20 12:05 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-04-20 12:05 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-04-20 12:05 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-04-20 12:05 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-04-20 12:05 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-04-20 12:05 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-04-20 12:05 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-20 12:05 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2015-04-19 20:29 - 2015-04-20 16:53 - 00001018 _____ () C:\windows\Tasks\r3NDJCZJimHHmAgkECIKvIE.job
2015-04-19 20:29 - 2015-04-20 16:52 - 00001006 _____ () C:\windows\Tasks\r3NDJCZJimHHmAgkE.job
2015-04-19 20:29 - 2015-04-19 20:29 - 00004044 _____ () C:\windows\System32\Tasks\r3NDJCZJimHHmAgkECIKvIE
2015-04-19 20:29 - 2015-04-19 20:29 - 00004032 _____ () C:\windows\System32\Tasks\r3NDJCZJimHHmAgkE
2015-04-19 20:28 - 2015-04-20 11:47 - 00000000 ____D () C:\Program Files (x86)\help4u
2015-04-19 18:53 - 2015-04-19 18:53 - 00000000 ____D () C:\Program Files (x86)\suprize
2015-04-08 21:39 - 2015-04-20 17:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-03 15:49 - 2015-04-03 15:49 - 01577472 _____ () C:\Users\Laura\AppData\Roaming\r3NDJCZJimHHmAgkECIKvIE.exe
2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Laura\AppData\Roaming\Tq4Mm6SCaQZox6u5rAi
2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Laura\AppData\Roaming\r3NDJCZJimHHmAgkECIKvIE
2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Laura\AppData\Roaming\jQlVVk0E2tIH6fLV1f
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Laura\AppData\Roaming\r3NDJCZJimHHmAgkE
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Laura\AppData\Roaming\mmt6r5D1qFuze1ld
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Laura\AppData\Roaming\dPRgM7X4UvPwAhhVxfI
2015-03-30 18:41 - 2015-03-30 18:41 - 05409016 _____ (Canneverbe Limited ) C:\Users\Laura\Desktop\cdbxp_setup_4.5.4.5306_minimal.exe
2015-03-30 18:41 - 2015-03-30 18:41 - 00001159 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-03-30 18:41 - 2015-03-30 18:41 - 00001109 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-03-30 18:41 - 2015-03-30 18:41 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Canneverbe Limited
2015-03-30 18:41 - 2015-03-30 18:41 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2015-03-30 18:41 - 2015-03-30 18:41 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2015-03-22 14:24 - 2015-04-20 16:52 - 00073744 _____ () C:\windows\PFRO.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-20 16:59 - 2009-07-14 06:45 - 00028704 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-20 16:59 - 2009-07-14 06:45 - 00028704 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-20 16:58 - 2012-08-15 22:47 - 00699682 _____ () C:\windows\system32\perfh007.dat
2015-04-20 16:58 - 2012-08-15 22:47 - 00149790 _____ () C:\windows\system32\perfc007.dat
2015-04-20 16:58 - 2009-07-14 07:13 - 01620684 _____ () C:\windows\system32\PerfStringBackup.INI
2015-04-20 16:54 - 2012-11-15 23:31 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-04-20 16:53 - 2014-10-29 21:24 - 00000000 ___RD () C:\Users\Laura\iCloudDrive
2015-04-20 16:53 - 2012-08-16 07:58 - 00571373 _____ () C:\windows\system32\fastboot.set
2015-04-20 16:52 - 2015-03-11 15:49 - 00004773 _____ () C:\windows\setupact.log
2015-04-20 16:52 - 2012-11-15 21:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-20 16:52 - 2012-08-16 07:54 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-20 16:52 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-04-20 16:51 - 2012-08-16 06:56 - 01700707 _____ () C:\windows\WindowsUpdate.log
2015-04-20 16:36 - 2014-12-16 22:59 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-20 16:36 - 2014-05-07 15:37 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-20 16:36 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2015-04-20 16:35 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\Resources
2015-04-20 16:34 - 2012-11-15 20:51 - 00000000 ____D () C:\Users\Laura
2015-04-20 16:11 - 2012-08-16 07:54 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-20 15:32 - 2014-01-11 21:58 - 00000000 ____D () C:\QUARANTINE
2015-04-20 15:12 - 2012-11-16 12:55 - 01594964 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2015-04-20 15:08 - 2014-10-28 16:57 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-20 15:08 - 2012-11-15 21:13 - 00000000 ____D () C:\ProgramData\Skype
2015-04-20 11:54 - 2012-11-15 23:31 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-04-20 11:54 - 2012-11-15 23:31 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-20 11:54 - 2012-11-15 23:31 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-04-19 20:24 - 2012-11-15 23:31 - 00000000 ____D () C:\windows\SysWOW64\Macromed
2015-04-19 20:24 - 2012-11-15 23:31 - 00000000 ____D () C:\windows\system32\Macromed
2015-04-19 20:24 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\spool
2015-04-19 20:24 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\servicing
2015-04-19 20:24 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2015-04-19 20:23 - 2014-04-28 19:25 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-04-19 20:23 - 2013-02-14 15:39 - 00000000 ____D () C:\Program Files (x86)\PDF24
2015-04-19 20:23 - 2012-11-15 20:51 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-04-19 20:23 - 2012-08-16 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-19 20:23 - 2012-08-16 07:42 - 00000000 ____D () C:\ProgramData\Port Locker
2015-04-19 20:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-04-19 20:22 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\registration
2015-04-19 20:19 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\AppCompat
2015-04-16 16:59 - 2013-08-15 15:01 - 00000000 ____D () C:\windows\system32\MRT
2015-03-24 21:10 - 2013-02-15 11:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-22 14:24 - 2009-07-14 07:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2015-03-21 22:23 - 2013-09-14 12:53 - 00000000 ____D () C:\Program Files\Microsoft Office 15
==================== Files in the root of some directories =======
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Laura\AppData\Roaming\dPRgM7X4UvPwAhhVxfI
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Laura\AppData\Roaming\jQlVVk0E2tIH6fLV1f
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Laura\AppData\Roaming\mmt6r5D1qFuze1ld
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Laura\AppData\Roaming\r3NDJCZJimHHmAgkE
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Laura\AppData\Roaming\r3NDJCZJimHHmAgkECIKvIE
2015-04-03 15:49 - 2015-04-03 15:49 - 1577472 _____ () C:\Users\Laura\AppData\Roaming\r3NDJCZJimHHmAgkECIKvIE.exe
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Laura\AppData\Roaming\Tq4Mm6SCaQZox6u5rAi
Some content of TEMP:
====================
C:\Users\Laura\AppData\Local\Temp\Quarantine.exe
C:\Users\Laura\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-14 19:45
==================== End Of Log ============================ --- --- --- |