"FREEMIUM Software-Updater"

CohesioN · 30.12.2013, 19:49

Schönen guten Abend erstmal,

Wie ihr an dem Titel sicher schon lesen könnt lautet das Problem "Freemium Software-Updater" lässt sich leider nicht so einfach de-installieren wie ich bereits mitbekommen habe. Habe mir schon einige Threads zu dem Thema durchgelesen aber steige nicht so ganz durch, würde mich sehr über eure hilfe freuen.

#edit : habe Windows 7 64 bit

#
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013 01
Ran by Daniel (administrator) on DANIEL-PC on 30-12-2013 19:44:14
Running from C:\Users\Daniel\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Daniel\AppData\Roaming\Spotify\spotify.exe
() C:\Program Files (x86)\puush\puush.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint II\SetPointII.exe
(Akamai Technologies, Inc.) C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Support\couponsupport.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.Exe [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Freecorder FLV Service] - "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-02-06] (Google Inc.)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-05] (Spotify Ltd)
HKCU\...\Run: [VeodinKeyRocket] - "C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Veodin\KeyRocket.appref-ms"
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [Spotify] - C:\Users\Daniel\AppData\Roaming\Spotify\spotify.exe [5951488 2013-12-05] (Spotify Ltd)
HKCU\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2013-09-24] ()
MountPoints2: {0eb306cc-2e84-11e1-ab0b-806e6f6e6963} - E:\DisneySplash.exe
HKU\Default\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\Default\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\Default User\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\Default User\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\UpdatusUser\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\UpdatusUser\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKU\UpdatusUser\...\Run: [Google Update] - C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-02-06] (Google Inc.)
HKU\UpdatusUser\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\UpdatusUser\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\UpdatusUser\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6B64293A05C1CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN40970929134052857&UM=2&ctid=CT3311268&UP=SP31FB8AEA-5FBF-41C4-8820-03700BF3EE46&SSPV=
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=softpb&chnl=softpb&cd=2XzutAtN2Y1L1Qzuzz0Czzzy0AyDyC0B0E0B0CyCtA0C0CtDtN0D0TzutBtDtCtBtDyBtDzz&cr=1508898375
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=softpb&chnl=softpb&cd=2XzutAtN2Y1L1Qzuzz0Czzzy0AyDyC0B0E0B0CyCtA0C0CtDtN0D0TzutBtDtCtBtDyBtDzz&cr=1508898375
SearchScopes: HKLM-x32 - DefaultScope {51934A98-517C-47D9-B65F-04E20E3A642B} URL = 
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=DE&userid=951801d2-6e3d-4e57-b59e-b4c18316ccc8&searchtype=ds&q={searchTerms}&installDate=05/04/2013
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP31FB8AEA-5FBF-41C4-8820-03700BF3EE46&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP31FB8AEA-5FBF-41C4-8820-03700BF3EE46&q={searchTerms}&SSPV=
SearchScopes: HKCU - {51934A98-517C-47D9-B65F-04E20E3A642B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3311268&CUI=UN40970929134052857&UM=2
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Daniel\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Daniel\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 09 C:\Windows\SysWOW64\tnnssdj39.dll [294912] (Intra Net Communications)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5B90CD70-E56C-4456-B65F-11601705E13B}: [NameServer]192.168.178.29,192.168.178.1
Tcpip\..\Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65}: [NameServer]192.168.178.60,192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default
FF user.js: detected! => C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\user.js
FF DefaultSearchEngine: WhiteSmoke New V6 Customized Web Search
FF NetworkProxy: "autoconfig_url", "file:///C:\\Users\\Daniel\\AppData\\Local\\Temp\\proxtube.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @idsoftware.com/QuakeLive - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\searchplugins\delta.xml
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\Extensions\ffxtlbr@babylon.com
FF Extension: softonic.com - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\Extensions\ffxtlbra@softonic.com
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\Extensions\staged
FF Extension: WhiteSmoke New V6  - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\Extensions\{da7f5ae1-3be3-43c0-8098-c1d183616e97}
FF Extension: BetterAds - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\Extensions\betterads@BetterAds.org.xpi
FF Extension: PutLockerDownloader V3.0 - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ic3dxvxo.default\Extensions\putlockerdownloader3@putlockerdownloader.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru

Chrome: 
=======
CHR HomePage: hxxp://youtube.de/
CHR RestoreOnStartup: "hxxp://youtube.de/"
CHR DefaultSearchURL: hxxp://www.google.com/search?q={searchTerms}
CHR DefaultNewTabURL: 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.0.147) - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 7) - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (ProxMate - Proxy on steroids!) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki\3.1.6_0
CHR Extension: (Blood Moon Akali) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkipcmiifbaeoomjmiphhbadobknjjpo\1.0_0
CHR Extension: (Curling) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp\1.0.10_0
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Daniel\AppData\Local\funmoods-speeddial.crx
CHR HKLM\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Users\Daniel\AppData\Local\funmoods.crx
CHR HKLM-x32\...\Chrome\Extension: [cacclhdpfoingihegojhoipnihfnoaki] - C:\Users\Daniel\AppData\Local\MediaBA\betterads.crx
CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Daniel\AppData\Local\funmoods-speeddial.crx
CHR HKLM-x32\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Users\Daniel\AppData\Local\funmoods.crx
CHR HKLM-x32\...\Chrome\Extension: [ibcgjcbeckcdemelifnledhihpaighfk] - C:\Users\Daniel\AppData\Local\CRE\ibcgjcbeckcdemelifnledhihpaighfk.crx
CHR HKLM-x32\...\Chrome\Extension: [koalekbhpbggkcfhkkbolikjoaobbppi] - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 Dnscache; C:\Windows\System32\pouabtzv7.dll [354304 2012-06-02] (Parental Solutions Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4302576 2012-08-16] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-08-11] ()
S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [297984 2013-12-30] ()
R2 Update-Service; %SystemRoot%\System32\UpdSvc.dll [x]

==================== Drivers (Whitelisted) ====================

S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 1394hub; C:\Windows\SysWow64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S0 nvpciflt; system32\DRIVERS\nvpciflt.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-30 19:23 - 2013-12-30 19:24 - 00033195 _____ C:\Users\Daniel\Downloads\Addition.txt
2013-12-30 19:22 - 2013-12-30 19:44 - 00023194 _____ C:\Users\Daniel\Downloads\FRST.txt
2013-12-30 19:22 - 2013-12-30 19:22 - 01931302 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2013-12-30 19:22 - 2013-12-30 19:22 - 00000000 ____D C:\FRST
2013-12-30 19:21 - 2013-12-30 19:21 - 01064199 _____ (Farbar) C:\Users\Daniel\Downloads\FRST.exe
2013-12-27 14:39 - 2013-12-27 14:39 - 00000000 ____D C:\Users\Daniel\AppData\Local\SoftwareUpdater
2013-12-26 22:34 - 2013-12-26 22:34 - 00001536 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-12-26 22:34 - 2013-12-26 22:34 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DVDVideoSoft
2013-12-26 22:34 - 2013-12-26 22:34 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-12-26 22:33 - 2013-12-26 22:33 - 34115288 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Daniel\Downloads\FreeYouTube19ToMP3Converter.exe
2013-12-26 22:31 - 2013-12-30 18:54 - 00004208 _____ C:\Windows\System32\Tasks\Software Updater
2013-12-26 22:31 - 2013-12-30 18:54 - 00004172 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-12-26 22:31 - 2013-12-30 18:50 - 00000358 ____H C:\Windows\Tasks\couponsupport-S-649636217.job
2013-12-26 22:31 - 2013-12-26 22:33 - 00000000 ____D C:\Support
2013-12-26 22:31 - 2013-12-26 22:31 - 00002604 _____ C:\Windows\System32\Tasks\couponsupport-S-649636217
2013-12-26 22:31 - 2013-12-26 22:31 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2013-12-26 22:31 - 2013-12-26 22:31 - 00000000 ____D C:\Users\Administrator
2013-12-26 22:31 - 2013-12-26 22:31 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-12-26 22:29 - 2013-12-26 22:29 - 00666088 _____ C:\Users\Daniel\Downloads\tubebox_4.4_de-DE.exe
2013-12-26 22:29 - 2013-12-26 22:29 - 00000000 ____D C:\Users\Daniel\AppData\Local\DownloadGuide
2013-12-26 22:26 - 2013-12-26 22:26 - 00000000 ____D C:\Program Files (x86)\GreenTree Applications
2013-12-26 22:25 - 2013-12-26 22:25 - 11617048 _____ C:\Users\Daniel\Downloads\YTD471Setup.exe
2013-12-26 20:21 - 2013-12-26 20:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\DayZ
2013-12-26 20:21 - 2013-12-26 20:21 - 00000000 ____D C:\Users\Daniel\Documents\DayZ
2013-12-26 19:53 - 2013-12-26 19:53 - 00000222 _____ C:\Users\Daniel\Desktop\DayZ.url
2013-12-26 12:13 - 2013-12-26 12:13 - 00000219 _____ C:\Users\Daniel\Desktop\Left 4 Dead 2.url
2013-12-25 19:28 - 2013-12-25 19:28 - 00000000 ____D C:\Users\Daniel\Desktop\Arkosia2
2013-12-25 19:03 - 2013-12-25 19:27 - 1507763763 _____ C:\Users\Daniel\Downloads\Arkosia2.rar
2013-12-24 21:41 - 2013-12-24 21:41 - 74862095 _____ C:\Users\Daniel\Desktop\screenshot.rar
2013-12-24 21:41 - 2013-12-24 21:41 - 00000000 ____D C:\Users\Daniel\Desktop\screenshot
2013-12-22 21:21 - 2013-12-22 21:22 - 149955351 _____ C:\Users\Daniel\Desktop\Tinie Tempah - Demonstration (2013)_320 kbps {Aryan_l33t} [LittleFairyRG].rar
2013-12-22 20:31 - 2013-12-22 20:31 - 00000222 _____ C:\Users\Daniel\Desktop\Guns of Icarus Online.url
2013-12-22 13:34 - 2013-12-22 13:34 - 00351691 _____ C:\Users\Daniel\Desktop\Sprachmemo 003.m4a
2013-12-21 12:51 - 2013-12-21 12:51 - 00000000 ____D C:\Users\Daniel\Desktop\CloudDownloaderVersion2.0
2013-12-21 12:49 - 2013-12-21 12:49 - 00560306 _____ C:\Users\Daniel\Downloads\CloudDownloaderVersion2.0.zip
2013-12-21 12:46 - 2013-12-21 12:46 - 00008462 _____ C:\Users\Daniel\Desktop\calling-all-the-monsters-1.htm
2013-12-21 12:45 - 2013-12-21 12:45 - 00008462 _____ C:\Users\Daniel\Downloads\calling-all-the-monsters-1.htm
2013-12-15 17:30 - 2013-12-15 17:37 - 00000000 ____D C:\Users\Daniel\Downloads\Rihanna - Unapologetic
2013-12-15 17:25 - 2013-12-15 17:29 - 105545478 _____ C:\Users\Daniel\Downloads\Rihanna - Unapologetic.zip
2013-12-12 21:50 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 21:50 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 21:50 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 21:50 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 21:49 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 21:49 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 21:49 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 21:49 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 21:49 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 21:49 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 21:49 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 21:49 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 21:49 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 21:49 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 21:49 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 21:49 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 21:49 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 21:49 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 21:49 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 21:49 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 21:49 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 21:49 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 21:49 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 21:49 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 21:49 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 21:49 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 21:49 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 21:49 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 21:49 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 21:49 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 21:49 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 21:49 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 21:49 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 21:49 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 21:49 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 15:00 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 15:00 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 15:00 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 15:00 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 15:00 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 15:00 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 15:00 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 15:00 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 15:00 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 15:00 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 15:00 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-12 14:59 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 14:59 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 14:59 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 14:59 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 14:59 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 14:59 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 14:59 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 14:59 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 16:08 - 2013-12-12 15:11 - 00000000 ____D C:\Users\Daniel\Documents\DragonNest
2013-12-11 16:03 - 2013-12-11 16:03 - 00002169 _____ C:\Users\Daniel\Desktop\Dragon Nest Europe.lnk
2013-12-11 16:03 - 2013-12-11 16:03 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SDGi Europe
2013-12-11 15:57 - 2013-12-11 15:57 - 00000000 ____D C:\Program Files (x86)\SDGi Europe
2013-12-10 22:20 - 2013-12-10 22:45 - 3858935200 _____ C:\Users\Daniel\Downloads\DragonNestEUSetup63.exe
2013-12-07 19:39 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-12-07 19:39 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-12-07 19:39 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-07 19:39 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-12-07 19:39 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-12-07 19:39 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-12-07 19:39 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-12-06 19:29 - 2013-12-06 19:29 - 00000221 _____ C:\Users\Daniel\Desktop\Borderlands 2.url

==================== One Month Modified Files and Folders =======

2013-12-30 19:44 - 2013-12-30 19:22 - 00023194 _____ C:\Users\Daniel\Downloads\FRST.txt
2013-12-30 19:42 - 2011-12-24 16:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2013-12-30 19:24 - 2013-12-30 19:23 - 00033195 _____ C:\Users\Daniel\Downloads\Addition.txt
2013-12-30 19:23 - 2012-07-27 11:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-30 19:22 - 2013-12-30 19:22 - 01931302 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2013-12-30 19:22 - 2013-12-30 19:22 - 00000000 ____D C:\FRST
2013-12-30 19:21 - 2013-12-30 19:21 - 01064199 _____ (Farbar) C:\Users\Daniel\Downloads\FRST.exe
2013-12-30 19:17 - 2012-02-06 18:21 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002UA.job
2013-12-30 18:57 - 2009-07-14 05:45 - 00017152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-30 18:57 - 2009-07-14 05:45 - 00017152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-30 18:54 - 2013-12-26 22:31 - 00004208 _____ C:\Windows\System32\Tasks\Software Updater
2013-12-30 18:54 - 2013-12-26 22:31 - 00004172 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-12-30 18:54 - 2011-12-24 16:12 - 01495295 _____ C:\Windows\WindowsUpdate.log
2013-12-30 18:51 - 2012-09-04 18:06 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Spotify
2013-12-30 18:51 - 2012-09-04 18:06 - 00000000 ____D C:\Users\Daniel\AppData\Local\Spotify
2013-12-30 18:50 - 2013-12-26 22:31 - 00000358 ____H C:\Windows\Tasks\couponsupport-S-649636217.job
2013-12-30 18:50 - 2012-01-13 11:44 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-30 18:49 - 2013-02-19 13:53 - 00635966 _____ C:\Windows\PFRO.log
2013-12-30 18:49 - 2013-02-18 14:41 - 00054880 _____ C:\Windows\setupact.log
2013-12-30 18:49 - 2011-09-05 23:24 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-30 18:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-29 19:37 - 2013-03-10 15:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TS3Client
2013-12-29 12:16 - 2012-02-06 18:21 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002Core.job
2013-12-27 14:39 - 2013-12-27 14:39 - 00000000 ____D C:\Users\Daniel\AppData\Local\SoftwareUpdater
2013-12-26 22:34 - 2013-12-26 22:34 - 00001536 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-12-26 22:34 - 2013-12-26 22:34 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DVDVideoSoft
2013-12-26 22:34 - 2013-12-26 22:34 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-12-26 22:34 - 2012-08-12 21:15 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\OpenCandy
2013-12-26 22:33 - 2013-12-26 22:33 - 34115288 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Daniel\Downloads\FreeYouTube19ToMP3Converter.exe
2013-12-26 22:33 - 2013-12-26 22:31 - 00000000 ____D C:\Support
2013-12-26 22:31 - 2013-12-26 22:31 - 00002604 _____ C:\Windows\System32\Tasks\couponsupport-S-649636217
2013-12-26 22:31 - 2013-12-26 22:31 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2013-12-26 22:31 - 2013-12-26 22:31 - 00000000 ____D C:\Users\Administrator
2013-12-26 22:31 - 2013-12-26 22:31 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-12-26 22:29 - 2013-12-26 22:29 - 00666088 _____ C:\Users\Daniel\Downloads\tubebox_4.4_de-DE.exe
2013-12-26 22:29 - 2013-12-26 22:29 - 00000000 ____D C:\Users\Daniel\AppData\Local\DownloadGuide
2013-12-26 22:26 - 2013-12-26 22:26 - 00000000 ____D C:\Program Files (x86)\GreenTree Applications
2013-12-26 22:25 - 2013-12-26 22:25 - 11617048 _____ C:\Users\Daniel\Downloads\YTD471Setup.exe
2013-12-26 20:27 - 2013-12-26 20:21 - 00000000 ____D C:\Users\Daniel\AppData\Local\DayZ
2013-12-26 20:21 - 2013-12-26 20:21 - 00000000 ____D C:\Users\Daniel\Documents\DayZ
2013-12-26 19:53 - 2013-12-26 19:53 - 00000222 _____ C:\Users\Daniel\Desktop\DayZ.url
2013-12-26 19:53 - 2012-01-13 19:28 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-26 12:13 - 2013-12-26 12:13 - 00000219 _____ C:\Users\Daniel\Desktop\Left 4 Dead 2.url
2013-12-25 19:28 - 2013-12-25 19:28 - 00000000 ____D C:\Users\Daniel\Desktop\Arkosia2
2013-12-25 19:27 - 2013-12-25 19:03 - 1507763763 _____ C:\Users\Daniel\Downloads\Arkosia2.rar
2013-12-24 21:41 - 2013-12-24 21:41 - 74862095 _____ C:\Users\Daniel\Desktop\screenshot.rar
2013-12-24 21:41 - 2013-12-24 21:41 - 00000000 ____D C:\Users\Daniel\Desktop\screenshot
2013-12-24 17:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-24 14:08 - 2013-09-14 18:58 - 00055533 _____ C:\Windows\DirectX.log
2013-12-22 21:22 - 2013-12-22 21:21 - 149955351 _____ C:\Users\Daniel\Desktop\Tinie Tempah - Demonstration (2013)_320 kbps {Aryan_l33t} [LittleFairyRG].rar
2013-12-22 20:31 - 2013-12-22 20:31 - 00000222 _____ C:\Users\Daniel\Desktop\Guns of Icarus Online.url
2013-12-22 13:34 - 2013-12-22 13:34 - 00351691 _____ C:\Users\Daniel\Desktop\Sprachmemo 003.m4a
2013-12-21 12:51 - 2013-12-21 12:51 - 00000000 ____D C:\Users\Daniel\Desktop\CloudDownloaderVersion2.0
2013-12-21 12:49 - 2013-12-21 12:49 - 00560306 _____ C:\Users\Daniel\Downloads\CloudDownloaderVersion2.0.zip
2013-12-21 12:46 - 2013-12-21 12:46 - 00008462 _____ C:\Users\Daniel\Desktop\calling-all-the-monsters-1.htm
2013-12-21 12:45 - 2013-12-21 12:45 - 00008462 _____ C:\Users\Daniel\Downloads\calling-all-the-monsters-1.htm
2013-12-15 20:23 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-15 17:37 - 2013-12-15 17:30 - 00000000 ____D C:\Users\Daniel\Downloads\Rihanna - Unapologetic
2013-12-15 17:29 - 2013-12-15 17:25 - 105545478 _____ C:\Users\Daniel\Downloads\Rihanna - Unapologetic.zip
2013-12-15 00:54 - 2013-08-14 15:22 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 00:52 - 2011-07-18 21:31 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-13 15:24 - 2011-05-16 15:04 - 00654150 _____ C:\Windows\system32\perfh007.dat
2013-12-13 15:24 - 2011-05-16 15:04 - 00130022 _____ C:\Windows\system32\perfc007.dat
2013-12-13 15:24 - 2009-07-14 06:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-13 15:18 - 2009-07-14 05:45 - 05137424 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 21:50 - 2012-01-27 20:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 19:33 - 2013-08-15 23:22 - 00000000 ____D C:\Users\Daniel\Desktop\Musik
2013-12-12 19:32 - 2012-02-04 13:48 - 00000000 ____D C:\Users\Daniel\Desktop\Alles drinn
2013-12-12 15:11 - 2013-12-11 16:08 - 00000000 ____D C:\Users\Daniel\Documents\DragonNest
2013-12-11 17:23 - 2012-07-27 11:48 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 17:23 - 2012-07-27 11:48 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 17:23 - 2011-08-10 20:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 16:03 - 2013-12-11 16:03 - 00002169 _____ C:\Users\Daniel\Desktop\Dragon Nest Europe.lnk
2013-12-11 16:03 - 2013-12-11 16:03 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SDGi Europe
2013-12-11 15:57 - 2013-12-11 15:57 - 00000000 ____D C:\Program Files (x86)\SDGi Europe
2013-12-10 22:45 - 2013-12-10 22:20 - 3858935200 _____ C:\Users\Daniel\Downloads\DragonNestEUSetup63.exe
2013-12-10 15:04 - 2013-02-06 13:43 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-10 15:04 - 2011-12-24 16:25 - 00000000 ____D C:\ProgramData\Skype
2013-12-06 20:09 - 2013-02-22 20:29 - 00000000 ____D C:\Users\Daniel\Documents\My Games
2013-12-06 19:29 - 2013-12-06 19:29 - 00000221 _____ C:\Users\Daniel\Desktop\Borderlands 2.url
2013-12-06 10:19 - 2012-02-06 18:21 - 00002366 _____ C:\Users\Daniel\Desktop\Google Chrome.lnk
2013-12-04 12:12 - 2012-02-06 18:21 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002UA
2013-12-04 12:12 - 2012-02-06 18:21 - 00003700 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002Core
2013-12-01 19:56 - 2012-07-04 11:48 - 00000000 ____D C:\Nexon

Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\2472073_.exe
C:\Users\Daniel\AppData\Local\Temp\2f90b32_.exe
C:\Users\Daniel\AppData\Local\Temp\77687516_.exe
C:\Users\Daniel\AppData\Local\Temp\betterads.exe
C:\Users\Daniel\AppData\Local\Temp\bootstrapper.exe
C:\Users\Daniel\AppData\Local\Temp\dlLogic.exe
C:\Users\Daniel\AppData\Local\Temp\drm_dyndata_7410004.dll
C:\Users\Daniel\AppData\Local\Temp\DropDownDeals_Setup-C4_2013_03_14.exe
C:\Users\Daniel\AppData\Local\Temp\Installer.exe
C:\Users\Daniel\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Daniel\AppData\Local\Temp\NGMDll.dll
C:\Users\Daniel\AppData\Local\Temp\NGMResource.dll
C:\Users\Daniel\AppData\Local\Temp\NGMSetup.exe
C:\Users\Daniel\AppData\Local\Temp\nscE50C.exe
C:\Users\Daniel\AppData\Local\Temp\nsf8AE0.exe
C:\Users\Daniel\AppData\Local\Temp\nsgA64F.exe
C:\Users\Daniel\AppData\Local\Temp\nsh865B.exe
C:\Users\Daniel\AppData\Local\Temp\nshB59F.exe
C:\Users\Daniel\AppData\Local\Temp\nshE356.exe
C:\Users\Daniel\AppData\Local\Temp\nsv8794.exe
C:\Users\Daniel\AppData\Local\Temp\nsv8969.exe
C:\Users\Daniel\AppData\Local\Temp\nsvA351.exe
C:\Users\Daniel\AppData\Local\Temp\nsvA7E5.exe
C:\Users\Daniel\AppData\Local\Temp\nsxB784.exe
C:\Users\Daniel\AppData\Local\Temp\nsxB90B.exe
C:\Users\Daniel\AppData\Local\Temp\nsxE710.exe
C:\Users\Daniel\AppData\Local\Temp\nsz36EF.exe
C:\Users\Daniel\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_32.exe
C:\Users\Daniel\AppData\Local\Temp\setup__3862.exe
C:\Users\Daniel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Daniel\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Daniel\AppData\Local\Temp\tbWhit.dll
C:\Users\Daniel\AppData\Local\Temp\unicows.dll
C:\Users\Daniel\AppData\Local\Temp\uninst1.exe
C:\Users\Daniel\AppData\Local\Temp\utt2325.tmp.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-21 16:18

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

#Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2013 01
Ran by Daniel at 2013-12-30 19:44:46
Running from C:\Users\Daniel\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

==================== Installed Programs ======================

ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Adobe After Effects CS6 (x32 Version: 11 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.1 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (x32 Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) MUI (x32 Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.3.633 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU Version: - Akamai Technologies, Inc)
Akamai NetSession Interface Service (x32 Version: - Akamai Technologies, Inc)
Apple Application Support (x32 Version: 2.3.4 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.12.5.0 - Asmedia Technology)
Borderlands 2 (x32 Version: - Gearbox Software)
Call of Duty: Black Ops II - Multiplayer (x32 Version: - )
Call of Duty: Modern Warfare 3 - Multiplayer (x32 Version: - Infinity Ward - Sledgehammer Games)
CCleaner (Version: 3.26 - Piriform)
Complitly (x32 Version: - Complitly)
Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation)
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation)
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation)
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation)
Counter-Strike: Source (x32 Version: - Valve)
CouponSupport (x32 Version: 2.1.0.1590 - CouponSupport)
CyberLink PowerRecover (x32 Version: 5.5.4125 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft)
DayZ (x32 Version: - Bohemia Interactive)
Dragon Nest Europe (x32 Version: - )
erLT (x32 Version: 1.20.0137 - Logitech, Inc.)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Fraps (remove only) (x32 Version: - )
Free YouTube to MP3 Converter version 3.12.19.1219 (x32 Version: 3.12.19.1219 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Gameforge Live 1.9.0 "Legend" (x32 Version: 1.9.0 - Gameforge)
Google Chrome (HKCU Version: 31.0.1650.63 - Google Inc.)
Guns of Icarus Online (x32 Version: - Muse Games)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 10.5.0.1026 - Intel Corporation)
Java 7 Update 25 (x32 Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.)
Java(TM) 6 Update 30 (x32 Version: 6.0.300 - Oracle)
Java(TM) 7 (64-bit) (Version: 7.0.0 - Oracle)
JavaFX 2.1.0 (x32 Version: 2.1.0 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (x32 Version: 15.4.5722.2 - Microsoft Corporation)
League of Legends (x32 Version: 1.3 - Riot Games)
Left 4 Dead 2 (x32 Version: - Valve)
Logitech SetPoint 5.20 (Version: 5.20 - Logitech)
Magic Bullet Suite 64-bit (Version: 11.1.0 - Red Giant Software)
Magic Bullet Suite 64-bit (x32 Version: 11.1.0 - Red Giant Software)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Metin2 (x32 Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe)
Mozilla Firefox 14.0.1 (x86 de) (x32 Version: 14.0.1 - Mozilla)
Mozilla Maintenance Service (x32 Version: 14.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft)
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft)
NewBlue 3D Explosions for Windows (x32 Version: - )
NewBlue 3D Transformations for Windows (x32 Version: - )
NewBlue Art Blends for Windows (x32 Version: - )
NewBlue Art Effects for Windows (x32 Version: - )
NewBlue Film Effects for Windows (x32 Version: - )
NewBlue Motion Blends for Windows (x32 Version: - )
NewBlue Motion Effects for Windows (x32 Version: - )
NewBlue Paint Blends for Windows (x32 Version: - )
NewBlue Paint Effects for Windows (x32 Version: - )
NewBlue Sampler Pack for Windows (x32 Version: - )
NewBlue Video Essentials for Windows (x32 Version: - )
NewBlue Video Essentials II for Windows (x32 Version: - )
NewBlue Video Essentials III for Windows (x32 Version: - )
Nexon Game Manager (x32 Version: - )
NVIDIA 3D Vision Controller-Treiber 301.42 (Version: 301.42 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.16.0 (Version: 1.3.16.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0213 (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation)
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation)
Origin (x32 Version: 9.1.13.85 - Electronic Arts, Inc.)
Pamela RME 2.0 (x32 Version: 2.0 - Scendix Software-Vertriebsges. mbH)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated)
PlayReady PC Runtime amd64 (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.)
puush (x32 Version: 1.0.0.0 - Dean Herbert)
Quake Live Mozilla Plugin (x32 Version: 1.0.520 - id Software)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader X (x32 Version: 10.0.0 - Adobe Systems Incorporated)
Spotify (HKCU Version: 0.9.6.81.gd359a796 - Spotify AB)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc)
TeamSpeak 3 Client (x32 Version: 3.0.11.1 - TeamSpeak Systems GmbH)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
User's Guides (Version: 1.20.0000 - Logitech)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Vegas Pro 9.0 (64-bit) (Version: 9.0.1146 - Sony)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation)
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Liven asennustyökalu (x32 Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
WinRAR 4.01 (64-Bit) (Version: 4.01.0 - win.rar GmbH)
XSplit (x32 Version: 1.1.1210.3101 - SplitMediaLabs)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation)

==================== Restore Points =========================

26-12-2013 21:30:25 TubeBox
26-12-2013 21:32:17 TubeBox
26-12-2013 21:51:06 Removed Apple Software Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0D1C9FC8-F00F-4ACC-8A10-49057E2393A8} - System32\Tasks\Google Updater and Installer => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-06] (Google Inc.)
Task: {28128847-4C9C-4E12-8DDF-73377CC2621C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {5DDB60FA-766A-49A4-9C68-F06D0D19AC95} - System32\Tasks\{D69CA72F-13CA-4498-A608-132FE47312E1} => C:\Users\Daniel\Downloads\Launcher (2)\Harmonia3 Patcher\Launcher.exe [2013-07-29] ()
Task: {8E73F256-1A9E-4DB3-AEA3-B57354C95BFB} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-11-29] ()
Task: {B5AB72CF-B219-4A78-AF92-31F9EA6682A6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002Core => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-06] (Google Inc.)
Task: {B6E29397-8159-4399-BCED-F8BE021FC23A} - System32\Tasks\couponsupport-S-649636217 => C:\Support\couponsupport.exe [2013-12-26] ()
Task: {E01CF95A-2028-47F6-9C27-9CD22CD54584} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {F3B569B7-A2BC-4582-BD46-56570FD1D8A4} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-12-26] ()
Task: {FEBD1607-47C5-4846-87E1-DB16A103F1FE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002UA => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-06] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\couponsupport-S-649636217.job => c:\support\couponsupport.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002Core.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365012384-4195050554-2744055927-1002UA.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-08-11 18:22 - 2013-01-18 16:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-12-26 12:19 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-03-25 13:23 - 2013-11-06 22:48 - 00691200 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2012-01-13 11:45 - 2013-12-11 20:40 - 01135016 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-01-13 11:45 - 2013-11-06 22:48 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-03-18 11:57 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-03-18 11:57 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-03-18 11:57 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 08358400 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 00151040 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-51.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 01152512 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 00333824 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 00026112 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
2012-09-04 18:06 - 2013-12-05 22:32 - 36967424 _____ () C:\Users\Daniel\AppData\Roaming\Spotify\Data\libcef.dll
2013-09-26 10:08 - 2013-12-05 22:32 - 00887808 _____ () C:\Users\Daniel\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-26 10:08 - 2013-12-05 22:32 - 00109568 _____ () C:\Users\Daniel\AppData\Roaming\Spotify\Data\libegl.dll
2013-12-11 17:23 - 2013-12-11 17:23 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
2013-08-14 23:12 - 2013-08-14 23:12 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f60b3ee2de3f41a024920486d46d49f2\IsdiInterop.ni.dll
2011-08-11 21:01 - 2011-04-30 08:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-12-06 10:19 - 2013-12-04 03:47 - 00702416 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-06 10:19 - 2013-12-04 03:47 - 00099792 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-06 10:19 - 2013-12-04 03:48 - 04055504 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-06 10:19 - 2013-12-04 03:48 - 00399312 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-06 10:19 - 2013-12-04 03:47 - 01619408 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp

6FC93CF

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (12/29/2013 06:52:31 PM) (Source: Application Hang) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f58

Startzeit: 01cf04beb606132d

Endzeit: 2

Anwendungspfad: C:\Riot Games\League of Legends\League of Legends\RADS\system\rads_user_kernel.exe

Berichts-ID: fb1d7034-70b1-11e3-8ccb-8c89a56bebc6

Error: (12/26/2013 01:57:27 PM) (Source: Application Hang) (User: )
Description: Programm left4dead2.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1538

Startzeit: 01cf0232cc33e577

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe

Berichts-ID:

Error: (12/26/2013 00:17:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LolClient.exe, Version: 0.0.0.0, Zeitstempel: 0x515663e0
Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.7.0.1530, Zeitstempel: 0x5156646c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0006dd76
ID des fehlerhaften Prozesses: 0x1a38
Startzeit der fehlerhaften Anwendung: 0xLolClient.exe0
Pfad der fehlerhaften Anwendung: LolClient.exe1
Pfad des fehlerhaften Moduls: LolClient.exe2
Berichtskennung: LolClient.exe3

Error: (12/24/2013 04:55:23 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/13/2013 09:48:21 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LolClient.exe, Version: 0.0.0.0, Zeitstempel: 0x515663e0
Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.7.0.1530, Zeitstempel: 0x5156646c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0006dd76
ID des fehlerhaften Prozesses: 0x1628
Startzeit der fehlerhaften Anwendung: 0xLolClient.exe0
Pfad der fehlerhaften Anwendung: LolClient.exe1
Pfad des fehlerhaften Moduls: LolClient.exe2
Berichtskennung: LolClient.exe3

Error: (12/09/2013 10:29:21 PM) (Source: Application Hang) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 23a0

Startzeit: 01cef525b37d372c

Endzeit: 1

Anwendungspfad: C:\Riot Games\League of Legends\League of Legends\RADS\system\rads_user_kernel.exe

Berichts-ID: f6654ff3-6118-11e3-8e06-8c89a56bebc6

Error: (12/09/2013 07:06:52 PM) (Source: Application Hang) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 324

Startzeit: 01cef50969c427ba

Endzeit: 2

Anwendungspfad: C:\Riot Games\League of Legends\League of Legends\RADS\system\rads_user_kernel.exe

Berichts-ID: ac89279d-60fc-11e3-8e06-8c89a56bebc6

Error: (12/09/2013 03:58:58 PM) (Source: Application Hang) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1bd0

Startzeit: 01cef4ef2a3630c8

Endzeit: 1

Anwendungspfad: C:\Riot Games\League of Legends\League of Legends\RADS\system\rads_user_kernel.exe

Berichts-ID: 6d0c47ec-60e2-11e3-8e06-8c89a56bebc6

Error: (12/09/2013 02:52:06 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Updater.exe, Version: 6.8.1.61523, Zeitstempel: 0x52284f88
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00a600c4
ID des fehlerhaften Prozesses: 0x3f8
Startzeit der fehlerhaften Anwendung: 0xUpdater.exe0
Pfad der fehlerhaften Anwendung: Updater.exe1
Pfad des fehlerhaften Moduls: Updater.exe2
Berichtskennung: Updater.exe3

Error: (12/08/2013 03:19:01 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 3.14.0.738, Zeitstempel: 0x52945869
Name des fehlerhaften Moduls: League of Legends.exe, Version: 3.14.0.738, Zeitstempel: 0x52945869
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0042c7b0
ID des fehlerhaften Prozesses: 0x1aa4
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3

System errors:
=============
Error: (12/30/2013 06:52:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (12/30/2013 06:52:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (12/29/2013 04:27:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (12/29/2013 04:27:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (12/29/2013 11:37:12 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (12/29/2013 11:37:12 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (12/28/2013 05:51:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (12/28/2013 05:51:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (12/28/2013 00:39:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (12/28/2013 00:39:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Microsoft Office Sessions:
=========================

cosinus · 30.12.2013, 20:05

Hallo und

Zitat:

Adobe Photoshop CS6 (x32 Version: 13.0 - Adobe Systems Incorporated)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)

Ist das ein gewerblich genutztes System?

CohesioN · 30.12.2013, 20:08

1. Jop 2. wärst du so freundlich mir zu helfen?

cosinus · 30.12.2013, 20:13

Firmenrechner werden hier eigentlich nicht bereinigt

Siehe => http://www.trojaner-board.de/108422-...-anfragen.html

Zitat:

3. Grundsätzlich bereinigen wir keine gewerblich genutzten Rechner. Dafür ist die IT Abteilung eurer Firma zuständig.

Bei Kleinunternehmen, welche keinen IT Support haben, machen wir da eine Ausnahme und helfen gerne ( kleine Spende hilft auch uns ).
Voraussetzung: Ihr teilt uns dies in eurer ersten Antwort mit.

Bedenkt jedoch, dass Logfiles viele heikle Informationen enthalten können ( Kundendaten, Bankdaten, etc ) sowie das Malware die Möglichkeit besitzt, diese auszuspähen und zu missbrauchen. Hier legen wir euch ein Formatieren und Neuaufsetzen nahe.

CohesioN · 30.12.2013, 20:15

WAAAS das ist kein Firmen PC hab ich wohl was falsch verstanden haha.

Nein ich sitze hier grad zuhause an meinem pc in meinem Zimmer, ich arbeite des öfteren als Hobby mit Programmen wie Photoshop,Sony Vegas und Adobe After Effects. Dachte gewerbliche nutzung heißt das ich das nur für mich benutze

cosinus · 30.12.2013, 20:18

Ich hab dich gefragt ob das ein gewerblich genutztes System sei und du hast das bestätigt

Was soll ich denn danach sonst posten

Wo hast du denn das Enterprise Office her, das gibt es nur als teure Volumenlizenz für Firmenkunden!

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

CohesioN · 30.12.2013, 20:49

Alles klar wird gemacht, Office hab ich auf dem PC seitdem ich ihn bekommen habe oô aber Ich benutze das nie :|

Hat soweit geklappt, nach dem neustart ging das Programm nichtmehr auf !

Falls du nichtmehr antworten solltest oder erst antwortest wenn ich nichtmehr da bin :

Vielen dank für die schnelle Hilfe echt klasse von dir !

Und schonmal einen guten Rutsch ins neue Jahr !!

cosinus · 30.12.2013, 21:12

Log posten!!

CohesioN · 30.12.2013, 21:12

ok wird gefixt

cosinus · 30.12.2013, 21:15

Falsches Log

bitte die Anleitung richtig lesen und umsetzen

CohesioN · 30.12.2013, 21:18

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org

Database version: v2013.12.30.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Daniel :: DANIEL-PC [administrator]

30.12.2013 20:23:51
mbar-log-2013-12-30 (20-23-51).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 276845
Time elapsed: 17 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Daniel\AppData\Local\DownloadGuide\PallySoft_ShoppingChip.exe (Adware.Linkular) -> Delete on reboot.


Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus · 30.12.2013, 21:24

Mehr hat der nicht gefunden?

CohesioN · 30.12.2013, 21:26

der hat nen keygen gefunden den ich seit 2 jahren aufm pc habe aber der kanns ja nicht sein denn das Programm öffnete sich erst vor ner Woche zum ersten mal, nach dem reboot grade ist es komischerweise auch nicht mehr aufgegangen also geh ich davon aus das es gefixxt ist oder?

Ich weiß ausserdem auch genau woher ich den trojaner habe, war als zusatzinstallation bei einem Youtube2Mp3 Converter dabei und ich konnte nichtmal sehn das, dieses "Software-Updater ding" mit installiert wird.

Nutze diesen Converter sowieso nicht weiß garnicht wieso ich so doof bin und sowas installiere statt einfach per online converter direkt runterzuladen..

ja ich weiß ich sollte lieber auf iTunes gehn und kaufen und das hab ich jetzt davon :|

cosinus · 30.12.2013, 21:57

Zitat:

der hat nen keygen gefunden den ich seit 2 jahren aufm pc habe aber der kanns ja nicht sein

Wenn du Hilfe willst bitte alle Logs vollständig posten. Und noch was:

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

CohesioN · 31.12.2013, 11:22

Alles klar.

Trojaner wieder aufgetaucht. Ich lasse den Scanner nochma durchlaufen und cleane erneut, poste daraufhin den kompletten Log erneut.

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org

Database version: v2013.12.31.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Daniel :: DANIEL-PC [administrator]

31.12.2013 10:59:46
mbar-log-2013-12-31 (10-59-46).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 276557
Time elapsed: 18 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

neuer plan?

30.12.2013, 21:12	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	"FREEMIUM Software-Updater" Log posten!! __________________ Logfiles bitte immer in CODE-Tags posten

30.12.2013, 21:15	#10
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	"FREEMIUM Software-Updater" Falsches Log bitte die Anleitung richtig lesen und umsetzen __________________ Logfiles bitte immer in CODE-Tags posten

30.12.2013, 21:24	#12
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	"FREEMIUM Software-Updater" Mehr hat der nicht gefunden? __________________ Logfiles bitte immer in CODE-Tags posten

"FREEMIUM Software-Updater"

Plagegeister aller Art und deren Bekämpfung: "FREEMIUM Software-Updater"