AdwCleaner Logfile: Code:
# AdwCleaner v4.206 - Bericht erstellt 12/06/2015 um 10:07:59
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-09.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Philip - PHILIP-PC
# Gestarted von : C:\Users\Philip\Downloads\AdwCleaner_4.206.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\Red Sky
Ordner Gelöscht : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Ordner Gelöscht : C:\Users\Philip\AppData\Local\Hola
Ordner Gelöscht : C:\Users\Philip\AppData\LocalLow\AVG Nation toolbar
Ordner Gelöscht : C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Datei Gelöscht : C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\tbqz1tps.default\foxydeal.sqlite
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\sim-packages
Schlüssel Gelöscht : HKCU\Software\9edadcb33dea49
Schlüssel Gelöscht : HKLM\SOFTWARE\9edadcb33dea49
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\vShare.tv
Schlüssel Gelöscht : HKCU\Software\WNLT
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Video downloader
Schlüssel Gelöscht : HKU\.DEFAULT\Software\AVG Nation toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0D3BEDD9-C4BF-4040-BE99-8DA827F265A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Video downloader
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\9DDEB3D0FB4C0404EB99D88A722F567A
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\9DDEB3D0FB4C0404EB99D88A722F567A
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9DDEB3D0FB4C0404EB99D88A722F567A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17801
-\\ Mozilla Firefox v38.0.5 (x86 de)
-\\ Google Chrome v
[C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005&barid={4990CCDC-6B0F-11E2-89F7-14FEB5C29B39}
[C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B84574E50B220491&affID=121563&tsp=4933
[C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=B84574E50B220491&affID=121563&tsp=4933
*************************
AdwCleaner[R0].txt - [18212 Bytes] - [11/06/2015 18:11:35]
AdwCleaner[S0].txt - [17479 Bytes] - [12/06/2015 10:07:59]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17539 Bytes] ########## --- --- ---
[/CODE] Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.9.1 (06.08.2015:1)
OS: Windows 7 Home Premium x64
Ran by Philip on 11.06.2015 at 17:41:51,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\Windows\system32\tasks\PCDoctorBackgroundMonitorTask
Successfully deleted: [Task] C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1922485380-3358746859-1030061101-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{36895792-BC47-495E-9274-21F738A69BBF}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
~~~ Files
Successfully deleted: [File] C:\end
Successfully deleted: [File] C:\Users\Philip\appdata\local\google\chrome\user data\default\local storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
Successfully deleted: [File] C:\Users\Philip\appdata\local\google\chrome\user data\default\local storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage-journal
Successfully deleted: [File] C:\Users\Philip\appdata\local\google\chrome\user data\default\local storage\hxxp_www.delta-search.com_0.localstorage
Successfully deleted: [File] C:\Users\Philip\appdata\local\google\chrome\user data\default\local storage\hxxp_www.delta-search.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Philip\appdata\local\google\chrome\user data\default\local storage\hxxp_www.golsearch.com_0.localstorage
Successfully deleted: [File] C:\Users\Philip\appdata\local\google\chrome\user data\default\local storage\hxxp_www.golsearch.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Philip\appdata\local\google\chrome\user data\default\local storage\hxxp_www.superfish.com_0.localstorage
Successfully deleted: [File] C:\Users\Philip\appdata\local\google\chrome\user data\default\local storage\hxxp_www.superfish.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Philip\appdata\local\google\chrome\user data\default\local storage\hxxps_static.olark.com_0.localstorage
Successfully deleted: [File] C:\Users\Philip\appdata\local\google\chrome\user data\default\local storage\hxxps_static.olark.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Philip\appdata\local\google\chrome\user data\default\local storage\hxxps_www.superfish.com_0.localstorage
Successfully deleted: [File] C:\Users\Philip\appdata\local\google\chrome\user data\default\local storage\hxxps_www.superfish.com_0.localstorage-journal
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Philip\appdata\local\{07D2046E-892B-4A7E-86EB-BC9172184F54}
Successfully deleted: [Empty Folder] C:\Users\Philip\appdata\local\{3AC9A1BD-E899-451E-A31F-1AF9AB77E066}
Successfully deleted: [Empty Folder] C:\Users\Philip\appdata\local\{3F398A83-5F11-4D7D-9981-FEE09F637DAE}
Successfully deleted: [Empty Folder] C:\Users\Philip\appdata\local\{6BFA18E3-FBF4-4FC3-877E-1F292B562C21}
Successfully deleted: [Empty Folder] C:\Users\Philip\appdata\local\{8F0ECFA8-52D2-4CE1-8B0D-86BBC4A863E1}
Successfully deleted: [Empty Folder] C:\Users\Philip\appdata\local\{95D70AD3-4D74-45DC-9E71-CBD9BAFEEF7E}
Successfully deleted: [Empty Folder] C:\Users\Philip\appdata\local\{C5DEC509-2B5E-46DD-8D4C-BEBA0597707E}
Successfully deleted: [Empty Folder] C:\Users\Philip\appdata\local\{F6E734C8-4674-47F1-A953-C055A605A0DA}
Successfully deleted: [Empty Folder] C:\Users\Philip\appdata\local\{FE4F515F-0EF9-40B6-B50B-786207D24BC3}
Successfully deleted: [Folder] C:\Program Files (x86)\delta
Successfully deleted: [Folder] C:\Program Files (x86)\sweetim
Successfully deleted: [Folder] C:\Program Files (x86)\sweetpacks bundle uninstaller
Successfully deleted: [Folder] C:\ProgramData\avg security toolbar
Successfully deleted: [Folder] C:\ProgramData\babylon
Successfully deleted: [Folder] C:\ProgramData\bitguard
Successfully deleted: [Folder] C:\ProgramData\pcdr
Successfully deleted: [Folder] C:\ProgramData\sweetim
Successfully deleted: [Folder] C:\Users\Philip\appdata\local\downtango
Successfully deleted: [Folder] C:\Users\Philip\appdata\local\swvupdater
Successfully deleted: [Folder] C:\Users\Philip\AppData\Roaming\babylon
Successfully deleted: [Folder] C:\Users\Philip\AppData\Roaming\delta
Successfully deleted: [Folder] C:\Users\Philip\AppData\Roaming\dvdvideosoftiehelpers
Successfully deleted: [Folder] C:\Users\Philip\AppData\Roaming\opencandy
~~~ FireFox
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Philip\appdata\local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Successfully deleted: [Folder] C:\Users\Philip\appdata\local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp
[C:\Users\Philip\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Philip\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Philip\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Philip\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
eooncjejnppfjjklapaamhcdmjbilmde,
pbiamblgmkgbcgbcgejjgebalncpmhnp
]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.06.2015 at 17:46:50,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 11.06.2015
Suchlauf-Zeit: 17:43:35
Logdatei: MALWARE LOG.txt
Administrator: Ja
Version: 2.01.6.1022
Malware Datenbank: v2015.03.09.05
Rootkit Datenbank: v2015.06.02.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Philip
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 412925
Verstrichene Zeit: 21 Min, 25 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente gefunden)
Module: 0
(Keine schädliche Elemente gefunden)
Registrierungsschlüssel: 107
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [89f09ba8becc45f171e689ccdb28a957],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [89f09ba8becc45f171e689ccdb28a957],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [89f09ba8becc45f171e689ccdb28a957],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}, In Quarantäne, [95e44cf7315943f326ea0c1cb152ef11],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd.1, In Quarantäne, [95e44cf7315943f326ea0c1cb152ef11],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd, In Quarantäne, [95e44cf7315943f326ea0c1cb152ef11],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Updater.AmiUpd, In Quarantäne, [95e44cf7315943f326ea0c1cb152ef11],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Updater.AmiUpd, In Quarantäne, [95e44cf7315943f326ea0c1cb152ef11],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Updater.AmiUpd.1, In Quarantäne, [95e44cf7315943f326ea0c1cb152ef11],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Updater.AmiUpd.1, In Quarantäne, [95e44cf7315943f326ea0c1cb152ef11],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}, In Quarantäne, [95e44cf7315943f326ea0c1cb152ef11],
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{77BEC163-D389-42c1-91A4-C758846296A5}, In Quarantäne, [a6d39aa9dfab54e2820d84d08a7955ab],
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}, In Quarantäne, [a6d39aa9dfab54e2820d84d08a7955ab],
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}, In Quarantäne, [a6d39aa9dfab54e2820d84d08a7955ab],
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}, In Quarantäne, [a6d39aa9dfab54e2820d84d08a7955ab],
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}, In Quarantäne, [a6d39aa9dfab54e2820d84d08a7955ab],
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}, In Quarantäne, [a6d39aa9dfab54e2820d84d08a7955ab],
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}, In Quarantäne, [a6d39aa9dfab54e2820d84d08a7955ab],
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\CLASSES\Extension.ExtensionHelperObject.1, In Quarantäne, [a6d39aa9dfab54e2820d84d08a7955ab],
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\CLASSES\Extension.ExtensionHelperObject, In Quarantäne, [a6d39aa9dfab54e2820d84d08a7955ab],
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Extension.ExtensionHelperObject, In Quarantäne, [a6d39aa9dfab54e2820d84d08a7955ab],
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Extension.ExtensionHelperObject, In Quarantäne, [a6d39aa9dfab54e2820d84d08a7955ab],
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Extension.ExtensionHelperObject.1, In Quarantäne, [a6d39aa9dfab54e2820d84d08a7955ab],
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Extension.ExtensionHelperObject.1, In Quarantäne, [a6d39aa9dfab54e2820d84d08a7955ab],
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{77BEC163-D389-42C1-91A4-C758846296A5}, In Quarantäne, [a6d39aa9dfab54e2820d84d08a7955ab],
PUP.Optional.BarLchr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}, In Quarantäne, [314888bb23670036f80a65b40bf8d12f],
PUP.Optional.BarLchr.A, HKLM\SOFTWARE\CLASSES\MyNewsBarLauncher.IE5BarLauncherBHO.1, In Quarantäne, [314888bb23670036f80a65b40bf8d12f],
PUP.Optional.BarLchr.A, HKLM\SOFTWARE\CLASSES\MyNewsBarLauncher.IE5BarLauncherBHO, In Quarantäne, [314888bb23670036f80a65b40bf8d12f],
PUP.Optional.BarLchr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MyNewsBarLauncher.IE5BarLauncherBHO, In Quarantäne, [314888bb23670036f80a65b40bf8d12f],
PUP.Optional.BarLchr.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\MyNewsBarLauncher.IE5BarLauncherBHO, In Quarantäne, [314888bb23670036f80a65b40bf8d12f],
PUP.Optional.BarLchr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MyNewsBarLauncher.IE5BarLauncherBHO.1, In Quarantäne, [314888bb23670036f80a65b40bf8d12f],
PUP.Optional.BarLchr.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\MyNewsBarLauncher.IE5BarLauncherBHO.1, In Quarantäne, [314888bb23670036f80a65b40bf8d12f],
PUP.Optional.BarLchr.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}, In Quarantäne, [314888bb23670036f80a65b40bf8d12f],
PUP.Optional.BarLchr.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}, In Quarantäne, [314888bb23670036f80a65b40bf8d12f],
PUP.Optional.VShareRedir, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}, In Quarantäne, [6217251ee3a788ae3fbb42f005fe19e7],
PUP.Optional.VShareRedir, HKLM\SOFTWARE\CLASSES\MyNewsBarLauncher.IE5BarLauncher.1, In Quarantäne, [6217251ee3a788ae3fbb42f005fe19e7],
PUP.Optional.VShareRedir, HKLM\SOFTWARE\CLASSES\MyNewsBarLauncher.IE5BarLauncher, In Quarantäne, [6217251ee3a788ae3fbb42f005fe19e7],
PUP.Optional.VShareRedir, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MyNewsBarLauncher.IE5BarLauncher, In Quarantäne, [6217251ee3a788ae3fbb42f005fe19e7],
PUP.Optional.VShareRedir, HKLM\SOFTWARE\CLASSES\WOW6432NODE\MyNewsBarLauncher.IE5BarLauncher, In Quarantäne, [6217251ee3a788ae3fbb42f005fe19e7],
PUP.Optional.VShareRedir, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MyNewsBarLauncher.IE5BarLauncher.1, In Quarantäne, [6217251ee3a788ae3fbb42f005fe19e7],
PUP.Optional.VShareRedir, HKLM\SOFTWARE\CLASSES\WOW6432NODE\MyNewsBarLauncher.IE5BarLauncher.1, In Quarantäne, [6217251ee3a788ae3fbb42f005fe19e7],
PUP.Optional.VShareRedir, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}, In Quarantäne, [6217251ee3a788ae3fbb42f005fe19e7],
PUP.Optional.VShareRedir, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}, In Quarantäne, [6217251ee3a788ae3fbb42f005fe19e7],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}, In Quarantäne, [89f0a3a0acde06304e09084cca398977],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltadskBnd.1, In Quarantäne, [89f0a3a0acde06304e09084cca398977],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltadskBnd, In Quarantäne, [89f0a3a0acde06304e09084cca398977],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\delta.deltadskBnd, In Quarantäne, [89f0a3a0acde06304e09084cca398977],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\delta.deltadskBnd, In Quarantäne, [89f0a3a0acde06304e09084cca398977],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\delta.deltadskBnd.1, In Quarantäne, [89f0a3a0acde06304e09084cca398977],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\delta.deltadskBnd.1, In Quarantäne, [89f0a3a0acde06304e09084cca398977],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}, In Quarantäne, [89f0a3a0acde06304e09084cca398977],
PUP.Optional.Delta.A, HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{82E1477C-B154-48D3-9891-33D83C26BCD3}, In Quarantäne, [89f0a3a0acde06304e09084cca398977],
PUP.Optional.Delta.A, HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{82E1477C-B154-48D3-9891-33D83C26BCD3}, In Quarantäne, [89f0a3a0acde06304e09084cca398977],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, In Quarantäne, [bdbc44ff6e1c9a9c6fe7da7ad92aae52],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltaHlpr.1, In Quarantäne, [bdbc44ff6e1c9a9c6fe7da7ad92aae52],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltaHlpr, In Quarantäne, [bdbc44ff6e1c9a9c6fe7da7ad92aae52],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\delta.deltaHlpr, In Quarantäne, [bdbc44ff6e1c9a9c6fe7da7ad92aae52],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\delta.deltaHlpr, In Quarantäne, [bdbc44ff6e1c9a9c6fe7da7ad92aae52],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\delta.deltaHlpr.1, In Quarantäne, [bdbc44ff6e1c9a9c6fe7da7ad92aae52],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\delta.deltaHlpr.1, In Quarantäne, [bdbc44ff6e1c9a9c6fe7da7ad92aae52],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, In Quarantäne, [bdbc44ff6e1c9a9c6fe7da7ad92aae52],
PUP.Optional.Delta.A, HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, In Quarantäne, [bdbc44ff6e1c9a9c6fe7da7ad92aae52],
PUP.Optional.Delta.A, HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, In Quarantäne, [bdbc44ff6e1c9a9c6fe7da7ad92aae52],
PUP.Optional.Babylon.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [accd82c1dfaba690b6378596c83b3dc3],
PUP.Optional.Babylon.A, HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}, In Quarantäne, [accd82c1dfaba690b6378596c83b3dc3],
PUP.Optional.SweetPacks.A, HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}, In Quarantäne, [afca73d0375351e55f80382046bdc040],
PUP.Optional.SweetPacks.A, HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EEE6C35B-6118-11DC-9C72-001320C79847}, In Quarantäne, [3a3f93b0c0ca2b0bcd3aa770f112ed13],
PUP.Optional.SweetPacks.A, HKLM\SOFTWARE\CLASSES\SWEETIE.IEToolbar, In Quarantäne, [3a3f93b0c0ca2b0bcd3aa770f112ed13],
PUP.Optional.SweetPacks.A, HKLM\SOFTWARE\CLASSES\SWEETIE.IEToolbar.1, In Quarantäne, [3a3f93b0c0ca2b0bcd3aa770f112ed13],
PUP.Optional.SweetPacks.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SWEETIE.IEToolbar, In Quarantäne, [3a3f93b0c0ca2b0bcd3aa770f112ed13],
PUP.Optional.SweetPacks.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SWEETIE.IEToolbar.1, In Quarantäne, [3a3f93b0c0ca2b0bcd3aa770f112ed13],
PUP.Optional.SweetPacks.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\SWEETIE.IEToolbar, In Quarantäne, [3a3f93b0c0ca2b0bcd3aa770f112ed13],
PUP.Optional.SweetPacks.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\SWEETIE.IEToolbar.1, In Quarantäne, [3a3f93b0c0ca2b0bcd3aa770f112ed13],
PUP.Optional.SweetPacks.A, HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EEE6C35B-6118-11DC-9C72-001320C79847}, In Quarantäne, [3a3f93b0c0ca2b0bcd3aa770f112ed13],
PUP.Optional.SweetPacks, HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EEE6C35C-6118-11DC-9C72-001320C79847}, In Quarantäne, [285151f2eaa06ec8962c54ce63a004fc],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\Toolbar3.SWEETIE, In Quarantäne, [285151f2eaa06ec8962c54ce63a004fc],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\Toolbar3.SWEETIE.1, In Quarantäne, [285151f2eaa06ec8962c54ce63a004fc],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar3.SWEETIE, In Quarantäne, [285151f2eaa06ec8962c54ce63a004fc],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar3.SWEETIE.1, In Quarantäne, [285151f2eaa06ec8962c54ce63a004fc],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Toolbar3.SWEETIE, In Quarantäne, [285151f2eaa06ec8962c54ce63a004fc],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Toolbar3.SWEETIE.1, In Quarantäne, [285151f2eaa06ec8962c54ce63a004fc],
PUP.Optional.SweetPacks, HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EEE6C35C-6118-11DC-9C72-001320C79847}, In Quarantäne, [285151f2eaa06ec8962c54ce63a004fc],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}, In Quarantäne, [98e1a3a0f59569cddb70391c17ec2ad6],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1231839B-064E-4788-B865-465A1B5266FD}, In Quarantäne, [98e174cfe4a6a1954313540146bd639d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}, In Quarantäne, [4c2d89bac7c3ca6cbb9bee67ca39e21e],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{2DAC2231-CC35-482B-97C5-CED1D4185080}, In Quarantäne, [4c2d89bac7c3ca6cbb9bee67ca39e21e],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}, In Quarantäne, [4c2d89bac7c3ca6cbb9bee67ca39e21e],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}, In Quarantäne, [4c2d89bac7c3ca6cbb9bee67ca39e21e],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}, In Quarantäne, [4c2d89bac7c3ca6cbb9bee67ca39e21e],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{57C91446-8D81-4156-A70E-624551442DE9}, In Quarantäne, [4c2d89bac7c3ca6cbb9bee67ca39e21e],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}, In Quarantäne, [4c2d89bac7c3ca6cbb9bee67ca39e21e],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}, In Quarantäne, [4c2d89bac7c3ca6cbb9bee67ca39e21e],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{97DD820D-2E20-40AD-B01E-6730B2FCE630}, In Quarantäne, [4c2d89bac7c3ca6cbb9bee67ca39e21e],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B177446D-54A4-4869-BABC-8566110B4BE0}, In Quarantäne, [4c2d89bac7c3ca6cbb9bee67ca39e21e],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}, In Quarantäne, [4c2d89bac7c3ca6cbb9bee67ca39e21e],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}, In Quarantäne, [4c2d89bac7c3ca6cbb9bee67ca39e21e],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F05B12E1-ADE8-4485-B45B-898748B53C37}, In Quarantäne, [4c2d89bac7c3ca6cbb9bee67ca39e21e],
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{77BEC163-D389-42c1-91A4-C758846296A5}_is1, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook, In Quarantäne, [c1b801420c7ec373a6e2ef2127decf31],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook.1, In Quarantäne, [a8d197ac315951e56721e03020e522de],
PUP.Optional.Babylon.A, HKLM\SOFTWARE\WOW6432NODE\babylontoolbar, In Quarantäne, [2a4f4300b1d9ca6c2f6edc300ef74fb1],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SweetIM, In Quarantäne, [a7d254eff694aa8c7a4a4f649370fe02],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook, In Quarantäne, [4f2a9ba8365453e3f098927e11f4f907],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook.1, In Quarantäne, [8eeb2c17305a350130581bf50203a15f],
PUP.Optional.Delta.A, HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\SOFTWARE\delta LTD, In Quarantäne, [760395ae0f7b280ee5b9a86411f40cf4],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\SOFTWARE\SweetIM, In Quarantäne, [0f6a74cf840665d1e2e1f3c0689b9d63],
PUP.Optional.Babylon.A, HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\SOFTWARE\BABSOLUTION\Updater, In Quarantäne, [d7a2db68a7e30432d91d5bb0c73e629e],
Registrierungswerte: 6
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{77BEC163-D389-42C1-91A4-C758846296A5}, C:\Program Files\Video downloader\Firefox, In Quarantäne, [a6d39aa9dfab54e2820d84d08a7955ab]
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{77BEC163-D389-42C1-91A4-C758846296A5}, C:\Program Files\Video downloader\Firefox, In Quarantäne, [a6d39aa9dfab54e2820d84d08a7955ab]
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS\{77BEC163-D389-42c1-91A4-C758846296A5}, In Quarantäne, [dc9d2b188ffbe6504a45fb598b7822de],
PUP.Optional.VideoDownloader.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS\{77BEC163-D389-42c1-91A4-C758846296A5}, In Quarantäne, [e594be85ccbef73ff9964d07a95a49b7],
PUP.BProtector, HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, hxxp://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=B84574E50B220491&affID=121563&tsp=4933, In Quarantäne, [43368db67d0d55e1d71df911c63f10f0]
PUP.BProtector, HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [d0a9ff44d2b86dc909ec9377c5409d63]
Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)
Ordner: 13
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox\chrome, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox\chrome\content, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox\chrome\content\libraries, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox\chrome\content\resources, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox\chrome\locale, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox\chrome\locale\en-US, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox\chrome\skin, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox\defaults, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox\defaults\preferences, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\libraries, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\resources, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
Dateien: 20
PUP.Optional.OpenCandy, C:\Users\Philip\Downloads\veetle-0.9.18.exe, In Quarantäne, [67121f243f4b34026cbd11f714f2fa06],
PUP.Optional.DownTango.A, C:\Users\Philip\Downloads\Kool_Savas_-_Die_John_Bello_Story_(2005)_downloader.exe, In Quarantäne, [6514281bc2c862d43ce6fac1ae53ff01],
PUP.Optional.SweetIM, C:\Windows\Installer\2626c69.msi, In Quarantäne, [2d4c1033a9e116200cae27e0749260a0],
PUP.Optional.SweetIM, C:\Windows\Installer\2626c6e.msi, In Quarantäne, [d8a166ddb1d9ab8bd0eaa364a165c937],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\source.crx, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\unins000.dat, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\unins000.exe, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox\chrome.manifest, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox\icon.png, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox\install.rdf, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox\chrome\content\main.xul, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox\chrome\content\libraries\DataExchangeScript.js, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox\chrome\content\resources\localscript.js, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox\chrome\locale\en-US\overlay.dtd, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox\chrome\skin\overlay.css, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\Firefox\defaults\preferences\defaults.js, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\libraries\DataExchangeScript.js, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.VideoDownloader.A, C:\Program Files\Video downloader\resources\localscript.js, In Quarantäne, [3e3b41026327d0662d0897722adbfd03],
PUP.Optional.BProtector.A, C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data, In Quarantäne, [e69355eeb0da90a6a595c5499e67fe02],
PUP.Optional.BProtector.A, C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences, In Quarantäne, [1366e85b7911a39391aabe50ce37728e],
Physische Sektoren: 0
(Keine schädliche Elemente gefunden)
(end)
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Philip (administrator) on PHILIP-PC on 12-06-2015 10:31:19
Running from C:\Users\Philip\Downloads
Loaded Profiles: Philip (Available Profiles: UpdatusUser & Philip)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
(Spotify Ltd) C:\Users\Philip\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Philip\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Philip\AppData\Roaming\Spotify\Spotify.exe
(Dropbox, Inc.) C:\Users\Philip\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
(Akamai Technologies, Inc.) C:\Users\Philip\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(CyberLink Corp.) C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Spotify Ltd) C:\Users\Philip\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Philip\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2010-12-17] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-19] (Realtek Semiconductor)
HKLM\...\Run: [NVHotkey] => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4479648 2011-01-25] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [66872 2012-02-06] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-26] (Dell, Inc.)
HKLM-x32\...\Run: [RemoteControl9] => c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-18] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2010-10-29] (cyberlink)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-12-16] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-10-16] (Cisco Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\...\Run: [Spotify Web Helper] => C:\Users\Philip\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-06-11] (Spotify Ltd)
HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Philip\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\...\Run: [Spotify] => C:\Users\Philip\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-06-11] (Spotify Ltd)
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [226920 2011-04-22] (NVIDIA Corporation)
Startup: C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-08-26]
ShortcutTarget: Dropbox.lnk -> C:\Users\Philip\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk [2011-09-25]
ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philip\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1922485380-3358746859-1030061101-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=de&l=de&s=gen
SearchScopes: HKLM -> {36895792-BC47-495E-9274-21F738A69BBF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {74F5BA96-2160-4A22-AC07-08CB352DE763} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-10] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-10] (Oracle Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\tbqz1tps.default
FF NetworkProxy: "ftp", "83.220.42.106"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "83.220.42.106"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "83.220.42.106"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-04-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-04-21] (NVIDIA Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll No File
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [2011-07-28] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [2010-09-21] (Veetle Inc)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1922485380-3358746859-1030061101-1001: @hola.org/vlc,version=1.7.860 -> C:\Users\Philip\AppData\Local\Hola\firefox\app\vlc No File
FF Plugin HKU\S-1-5-21-1922485380-3358746859-1030061101-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Philip\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-1922485380-3358746859-1030061101-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Philip\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nation-secure-search.xml [2014-05-04]
FF Extension: YouTube Unblocker - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\tbqz1tps.default\Extensions\youtubeunblocker@unblocker.yt [2015-05-30]
FF Extension: LeechBlock - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\tbqz1tps.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387} [2013-08-23]
FF Extension: ProxTube - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\tbqz1tps.default\Extensions\ich@maltegoetz.de.xpi [2014-09-12]
FF Extension: Video DivX Plugin Pro - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\tbqz1tps.default\Extensions\{06afe5d4-f602-4fd9-abc7-32b3c41d9f45}.xpi [2013-11-06]
FF Extension: {5b01e423-0042-4c95-9a60-802989a08839} - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\tbqz1tps.default\Extensions\{5b01e423-0042-4c95-9a60-802989a08839}.xpi [2013-11-01]
FF Extension: LeechBlock - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\tbqz1tps.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi [2013-08-23]
FF Extension: Adblock Plus - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\tbqz1tps.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-08]
FF Extension: Adblock Edge - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\tbqz1tps.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2013-08-17]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR Profile: C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-14]
CHR Extension: (Adblock Plus) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-07-02]
CHR Extension: (Google Search) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-14]
CHR Extension: (AdBlock) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-07-09]
CHR Extension: (Bookmark Manager) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-27]
CHR Extension: (ProxMate - Improve your Internet!) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm [2013-07-02]
CHR Extension: (Video downloader) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\khldgopgjjapmbkgflpoclebjjmkmbnk [2013-01-30]
CHR Extension: (Google Wallet) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Vidoq.com Unblock Youtube without Proxy) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\omllpgbpadjdabgocjgkbdejahnkdhab [2015-04-19]
CHR Extension: (Gmail) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 appdrvrem01; C:\Windows\System32\appdrvrem01.exe [538000 2013-03-15] (Protection Technology)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
S2 CLKMSVC10_9EC60124; c:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [236016 2010-10-29] (CyberLink)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2967864 2015-05-15] (AVG Technologies)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [3147368 2013-03-15] (Protection Technology)
R3 AVer7231_x64; C:\Windows\System32\DRIVERS\AVer7231_x64.sys [1799808 2010-06-11] (AVerMedia TECHNOLOGIES, Inc.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-10-20] (AVG Technologies CZ, s.r.o.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc.)
S3 NvStUSB; C:\Windows\system32\drivers\nvstusb.sys [121960 2010-12-12] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2015-05-15] (TuneUp Software)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-10-16] (Cisco Systems, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-11 18:40 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-11 18:40 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-11 18:40 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-11 18:40 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-11 18:40 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-11 18:40 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-11 18:40 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-11 18:40 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-11 18:40 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-11 18:40 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-11 18:40 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-11 18:40 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-11 18:40 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-11 18:40 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-11 18:40 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-11 18:40 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-11 18:40 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-11 18:40 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-11 18:40 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-11 18:40 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-11 18:40 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-11 18:40 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-11 18:40 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-11 18:40 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-11 18:40 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-11 18:40 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-11 18:40 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-11 18:40 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-11 18:40 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-11 18:40 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-11 18:40 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-11 18:40 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-11 18:40 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-11 18:40 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-11 18:40 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-11 18:40 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-11 18:40 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-11 18:40 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-11 18:40 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-11 18:40 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-11 18:40 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-11 18:40 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-11 18:40 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-11 18:40 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-11 18:40 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-11 18:40 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-11 18:40 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-11 18:40 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-11 18:40 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-11 18:40 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-11 18:40 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-11 18:40 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-11 18:40 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-11 18:40 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-11 18:40 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-11 18:40 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-11 18:40 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-11 18:40 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-11 18:40 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-11 18:40 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-11 18:29 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-11 18:29 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-11 18:29 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-11 18:29 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-11 18:29 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-11 18:29 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-11 18:29 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-11 18:29 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-11 18:29 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-11 18:29 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-11 18:28 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-11 18:28 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-11 18:28 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-11 18:28 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-11 18:28 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-11 18:28 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-11 18:28 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-11 18:28 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-11 18:28 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-11 18:28 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-11 18:28 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-11 18:28 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-11 18:28 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-11 18:28 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-11 18:28 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-11 18:28 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-11 18:28 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-11 18:28 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-11 18:28 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-11 18:28 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-11 18:28 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-11 18:28 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-11 18:28 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-11 18:28 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-11 18:28 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-11 18:28 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-11 18:28 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-11 18:28 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-11 18:28 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-11 18:28 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-11 18:28 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-11 18:28 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-11 18:28 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-11 18:28 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-11 18:28 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-11 18:28 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-11 18:28 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-11 18:28 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-11 18:28 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-11 18:28 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-11 18:28 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-11 18:28 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-11 18:28 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-11 18:28 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-11 18:28 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-11 18:28 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-11 18:28 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-11 18:28 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-11 18:28 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-11 18:28 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-11 18:28 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-11 18:28 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-11 18:28 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-11 18:28 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-11 18:28 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-11 18:28 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-11 18:28 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-11 18:28 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-11 18:28 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-11 18:28 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-11 18:21 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-11 18:21 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-11 18:20 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-11 18:16 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-11 18:11 - 2015-06-12 10:08 - 00000000 ____D C:\AdwCleaner
2015-06-11 17:46 - 2015-06-11 17:46 - 00007592 _____ C:\Users\Philip\Desktop\JRT.txt
2015-06-11 17:43 - 2015-06-12 10:28 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-11 17:42 - 2015-06-11 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-11 17:42 - 2015-06-11 17:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-11 17:42 - 2015-06-11 17:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-11 17:42 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-11 17:42 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-11 17:42 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-11 17:41 - 2015-06-11 17:41 - 00000207 _____ C:\Windows\tweaking.com-regbackup-PHILIP-PC-Windows-7-Home-Premium-(64-bit).dat
2015-06-11 17:41 - 2015-06-11 17:41 - 00000000 ____D C:\RegBackup
2015-06-11 17:30 - 2015-06-11 17:30 - 02943663 _____ (Thisisu) C:\Users\Philip\Downloads\JRT.exe
2015-06-11 17:30 - 2015-06-11 17:30 - 00001270 _____ C:\Users\Philip\Desktop\Revo Uninstaller.lnk
2015-06-11 17:30 - 2015-06-11 17:30 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-06-11 17:13 - 2015-06-11 17:19 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Philip\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-11 17:13 - 2015-06-11 17:13 - 02231296 _____ C:\Users\Philip\Downloads\AdwCleaner_4.206.exe
2015-06-11 17:12 - 2015-06-11 17:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Philip\Downloads\revosetup95.exe
2015-06-09 22:51 - 2015-06-09 22:51 - 00002762 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2015-06-09 16:55 - 2015-06-09 16:56 - 00054804 _____ C:\Users\Philip\Downloads\Addition.txt
2015-06-09 16:53 - 2015-06-12 10:32 - 00025136 _____ C:\Users\Philip\Downloads\FRST.txt
2015-06-09 16:53 - 2015-06-12 10:31 - 00000000 ____D C:\FRST
2015-06-09 16:52 - 2015-06-09 16:52 - 02108928 _____ (Farbar) C:\Users\Philip\Downloads\FRST64.exe
2015-06-09 15:45 - 2015-06-09 15:45 - 00000000 ____D C:\Program Files (x86)\ESET
2015-06-09 15:44 - 2015-06-09 15:44 - 00000000 _____ C:\Windows\setuperr.log
2015-06-09 15:43 - 2015-06-09 15:44 - 02870984 _____ (ESET) C:\Users\Philip\Downloads\esetsmartinstaller_deu.exe
2015-06-08 17:08 - 2015-06-08 17:08 - 00003842 _____ C:\Windows\System32\Tasks\Google Update
2015-06-08 17:08 - 2015-06-08 17:08 - 00003694 _____ C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2015-06-08 16:58 - 2015-06-08 16:58 - 00002231 _____ C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk
2015-06-08 16:58 - 2015-06-08 16:58 - 00002219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2015-06-08 16:58 - 2015-06-08 16:58 - 00002207 _____ C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk
2015-06-08 16:58 - 2015-06-08 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015
2015-06-08 16:58 - 2015-05-15 15:57 - 00041784 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2015-06-08 16:58 - 2015-05-15 15:57 - 00030520 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2015-06-08 16:58 - 2015-05-15 15:57 - 00025912 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2015-06-08 16:20 - 2015-06-08 16:50 - 114047800 _____ (AVG Technologies) C:\Users\Philip\Downloads\avg_tuh_stf_all_2015_518_24c28.exe
2015-06-05 09:41 - 2015-06-05 09:41 - 00000000 ____D C:\Users\Philip\AppData\Local\GWX
2015-06-05 09:40 - 2015-06-11 17:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-19 18:32 - 2015-05-19 18:32 - 00000000 __SHD C:\Users\Philip\AppData\Local\EmieUserList
2015-05-19 18:32 - 2015-05-19 18:32 - 00000000 __SHD C:\Users\Philip\AppData\Local\EmieSiteList
2015-05-19 18:32 - 2015-05-19 18:32 - 00000000 __SHD C:\Users\Philip\AppData\Local\EmieBrowserModeList
2015-05-14 11:36 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 11:36 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 11:03 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 11:03 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 10:57 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 10:57 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 10:57 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 10:57 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 10:56 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 10:56 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 10:56 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 10:55 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 10:55 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 10:55 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 10:55 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 10:55 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 10:55 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 10:55 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 10:55 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 10:55 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 10:55 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 10:55 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-12 10:31 - 2011-08-24 03:05 - 01907623 _____ C:\Windows\WindowsUpdate.log
2015-06-12 10:29 - 2013-08-26 20:10 - 00000000 ___RD C:\Users\Philip\Dropbox
2015-06-12 10:29 - 2013-08-26 20:08 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Dropbox
2015-06-12 10:29 - 2012-08-12 10:47 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-12 10:28 - 2012-06-17 15:39 - 00000000 ____D C:\Users\Philip\AppData\Local\Spotify
2015-06-12 10:28 - 2011-08-24 10:34 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2015-06-12 10:27 - 2011-08-24 03:04 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-12 10:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-12 10:27 - 2009-07-14 06:51 - 00146130 _____ C:\Windows\setupact.log
2015-06-12 10:27 - 2009-07-14 06:45 - 00398192 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-12 10:27 - 2009-07-14 06:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-12 10:27 - 2009-07-14 06:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-12 10:24 - 2015-04-20 09:45 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-12 10:24 - 2014-05-08 10:04 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-12 10:24 - 2010-11-21 05:47 - 00438900 _____ C:\Windows\PFRO.log
2015-06-12 10:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-12 10:21 - 2011-09-25 10:38 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-12 10:18 - 2013-08-20 09:09 - 00000000 ____D C:\Windows\system32\MRT
2015-06-12 10:12 - 2013-01-09 23:31 - 00000000 ____D C:\ProgramData\MFAData
2015-06-12 10:11 - 2012-11-03 22:25 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-12 10:09 - 2009-07-14 04:34 - 00000510 _____ C:\Windows\win.ini
2015-06-12 10:06 - 2013-01-02 13:36 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1922485380-3358746859-1030061101-1001UA.job
2015-06-12 10:05 - 2013-03-19 19:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-11 18:23 - 2011-10-07 17:53 - 00000000 ____D C:\Users\Philip\AppData\Local\Nero
2015-06-11 18:13 - 2012-06-17 15:38 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Spotify
2015-06-11 18:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2015-06-11 17:57 - 2013-03-19 19:07 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-11 17:57 - 2013-03-19 19:07 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-11 17:57 - 2011-08-24 10:13 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-11 17:19 - 2011-09-25 10:29 - 00000422 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2015-06-11 17:18 - 2011-12-10 15:04 - 00003488 _____ C:\Windows\System32\Tasks\PCDEventLauncher
2015-06-11 17:18 - 2011-09-25 10:29 - 00003452 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-06-11 17:02 - 2012-05-06 14:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-09 23:03 - 2011-12-31 18:05 - 00000000 ____D C:\Users\Philip\Documents\Outlook-Dateien
2015-06-09 23:01 - 2012-05-14 11:37 - 00002370 _____ C:\Users\Philip\Desktop\Google Chrome.lnk
2015-06-09 22:56 - 2012-05-04 18:10 - 00000000 ____D C:\Program Files (x86)\Music Editor Free
2015-06-09 15:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-09 15:33 - 2013-01-02 13:36 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1922485380-3358746859-1030061101-1001Core.job
2015-06-08 17:06 - 2012-01-19 00:31 - 00000000 ____D C:\Users\Philip\.thumbnails
2015-06-08 17:06 - 2011-12-01 00:06 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Skype
2015-06-08 17:06 - 2011-09-25 10:38 - 00000000 ____D C:\Users\Philip\AppData\Local\Microsoft Help
2015-06-08 17:06 - 2011-08-24 10:37 - 00000000 ____D C:\ProgramData\Temp
2015-06-08 17:05 - 2011-12-03 16:29 - 00000000 ____D C:\Windows\Minidump
2015-06-08 17:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2015-06-08 16:57 - 2014-11-27 11:20 - 00000000 ____D C:\Users\Philip\AppData\Local\Avg
2015-06-08 16:57 - 2014-03-11 23:24 - 00000000 ____D C:\Users\Philip\AppData\Roaming\AVG
2015-06-08 16:57 - 2013-01-09 23:37 - 00000000 ____D C:\Program Files (x86)\AVG
2015-06-08 16:56 - 2014-03-11 23:23 - 00000000 ____D C:\ProgramData\AVG
2015-05-22 09:31 - 2015-04-10 09:36 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-22 09:31 - 2015-04-10 09:35 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-19 20:03 - 2012-03-08 15:52 - 00000000 ____D C:\ProgramData\Xfire
2015-05-16 11:53 - 2012-10-02 11:56 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-05-16 11:53 - 2011-08-24 10:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-05-15 17:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-05-15 12:39 - 2010-11-21 08:50 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-05-15 12:39 - 2010-11-21 08:50 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-05-15 12:39 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-15 10:32 - 2013-01-02 13:36 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1922485380-3358746859-1030061101-1001UA
2015-05-15 10:32 - 2013-01-02 13:36 - 00003700 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1922485380-3358746859-1030061101-1001Core
2015-05-14 21:50 - 2010-11-21 09:00 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-14 21:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-14 21:49 - 2012-05-20 16:07 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 21:49 - 2012-05-20 16:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 11:36 - 2012-05-20 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
==================== Files in the root of some directories =======
2013-09-29 20:12 - 2014-05-04 13:51 - 0001704 _____ () C:\Program Files (x86)\Mozilla Firefoxnation-secure-search.xml
2012-05-27 02:45 - 2014-01-30 16:45 - 0012800 _____ () C:\Users\Philip\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-10-13 20:26 - 2012-10-13 20:28 - 0017408 _____ () C:\Users\Philip\AppData\Local\WebpageIcons.db
2011-12-01 00:08 - 2011-12-01 00:08 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Some files in TEMP:
====================
C:\Users\Philip\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqv1njx.dll
C:\Users\Philip\AppData\Local\Temp\Quarantine.exe
C:\Users\Philip\AppData\Local\Temp\sqlite3.dll
C:\Users\Philip\AppData\Local\Temp\uninst1.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-06 13:10
==================== End of log ============================ --- --- --- |