Dauernder Absturz von Google Chrome, veranlasst durch Norton

Trojanhater3 · 03.02.2014, 18:32

Hallo liebe Community,
Ich hab seit neustem das Problem, dass Google Chrome nach einer gewissen, kurzen Zeit abstürzt, weil NIS CBE 2013 immer wieder einer Website hindert 3 Daten auf meinen Rechner zu laden.
Die Warnung jedes mal lautet: Fake App Attack, Misleading Application File Download 3
Und die Seite die ständig auf mich zugreifen will lautet: www.senddatastarscan.info
Das ganze geschieht nur bei Chrome. Explorer ist davon nicht betroffen.
Habe Chrome schon mehrfach deinstalliert und alle Daten gelöscht und dann wieder reinstalliert.
Trotzdem immer das selbe.
Im Internet wird diese Seite als angeblich sicher angeprangert, was man sich, mit gesundem Verstand, nicht vorstellen kann, wenn genau diese Seite immer wieder versucht 3 Dateien auf den Rechner zu laden.
Ich war auf keiner Streaming Seite oder sonstigen. Ich öffnete nur GMX und auf einmal ging der Mist los.
Meine Frage num.
Hat jemand von euch schon mal damit Erfahrungen gemacht und wie bekommt man diesen Mist wieder weg.
MfG

cosinus · 03.02.2014, 18:54

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Trojanhater3 · 03.02.2014, 19:41

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 04
Ran by Daniel (administrator) on DANIEL-GAMER on 03-02-2014 19:15:26
Running from C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y9IW8WZ4
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Realtek) C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\RtlService.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\RtWLan.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
() C:\ProgramData\BetterSoft\EasyLife Updater\EasyLife Updater.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
() C:\Windows\SysWOW64\WinService.exe
() C:\Users\Daniel\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
() C:\Program Files (x86)\RightSurf\updateRightSurf.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
() C:\Program Files (x86)\RightSurf\bin\utilRightSurf.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Conduit) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(Gainward Co. Ltd.) C:\Program Files (x86)\EXPERTool\TBPanel.exe
(Conduit) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Conduit) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccsvchst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccsvchst.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\af_proxy_cmd.exe
() C:\Program Files (x86)\Hotspot Shield\bin\openvpn.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\FBWMgr.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\FBW.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\FBW.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\FBW.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() H:\SteamLibrary\SteamApps\SteamApps\SteamApps\common\GarrysMod\hl2.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Awesomium Technologies) H:\SteamLibrary\SteamApps\SteamApps\SteamApps\common\GarrysMod\bin\awesomium_process.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [828960 2009-08-06] (Acer Incorporated)
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320 2000-01-01] (VIA)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-15] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ExpoThemes-Driver] - C:\Program Files (x86)\ExpoThemes\expothemes_core.exe [108544 2013-08-22] (ExpoThemes)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320 2000-01-01] (VIA)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442200 2013-09-28] (Razer Inc.)
HKLM-x32\...\Run: [Razer Blackwidow Driver] - C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe [887712 2012-05-09] (Razer USA Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-1119768418-3556732592-1963311031-1000\...\Run: [TBPanel] - C:\Program Files (x86)\EXPERTool\TBPanel.exe [2160936 2013-07-03] (Gainward Co. Ltd.)
HKU\S-1-5-21-1119768418-3556732592-1963311031-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-25] (Google Inc.)
HKU\S-1-5-21-1119768418-3556732592-1963311031-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe [524680 2013-10-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-1119768418-3556732592-1963311031-1000\...\MountPoints2: {1ff7a0fd-5510-11e2-ae5f-001fc63fb021} - G:\PlayDiskStart.exe
HKU\S-1-5-21-1119768418-3556732592-1963311031-1000\...\MountPoints2: {60608b40-74a2-11e2-ac7a-806e6f6e6963} - F:\Setup.exe
HKU\S-1-5-21-1119768418-3556732592-1963311031-1000\...\MountPoints2: {70617797-50d5-11e2-8515-001fc63fb021} - I:\LaunchU3.exe -a
HKU\S-1-5-21-1119768418-3556732592-1963311031-1000\...\MountPoints2: {f6c1ceca-a12e-11e2-8006-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-21-1119768418-3556732592-1963311031-1000\...\Winlogon: [Shell] explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-1119768418-3556732592-1963311031-1007\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [162336 2009-07-22] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1344800 2014-01-29] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1037600 2014-01-29] (Conduit)
AppInit_DLLs-x32: c:\progra~2\easylife\sprote~1.dll => C:\Program Files (x86)\EasyLife\sprotector.dll [1050112 2013-01-24] ()
AppInit_DLLs-x32: c:\progra~2\browse~1\sprote~1.dll => C:\Program Files (x86)\BrowseToSave\sprotector.dll [1050112 2013-01-24] ()
AppInit_DLLs-x32: c:\progra~2\websea~1\sprote~1.dll => C:\Program Files (x86)\WebSearch\sprotector.dll [1044480 2013-01-24] ()

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8555
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPE2265FD0-F72E-4518-A0B9-D1302DD41D59&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=121561&tt=190313_wctrl&babsrc=HP_ss&mntrId=764700184DAB0433
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchURL = hxxp://home.microsoft.com/access/autosearch.asp?p=%s
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX&q={searchTerms}
SearchScopes: HKLM-x32 - {01bd49d7-c76b-4310-8beb-14d7e5f322c6} URL = hxxp://search.easylifeapp.com/?q={searchTerms}&abc=ie&pid=34&r=2013/02/10&hid=808149289&lg=EN&cc=DE
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX&q={searchTerms}
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.helpmefindyour.info/?l=1&q={searchTerms}&pid=658&r=2013/04/11&hid=668093504&lg=EN&cc=DE
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPE2265FD0-F72E-4518-A0B9-D1302DD41D59&q={searchTerms}&SSPV=
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPE2265FD0-F72E-4518-A0B9-D1302DD41D59&q={searchTerms}&SSPV=
SearchScopes: HKCU - {01bd49d7-c76b-4310-8beb-14d7e5f322c6} URL = hxxp://search.easylifeapp.com/?q={searchTerms}&abc=ie&pid=34&r=2013/02/10&hid=808149289&lg=EN&cc=DE
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=121561&tt=190313_wctrl&babsrc=SP_ss&mntrId=764700184DAB0433
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX&q={searchTerms}
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_deDE514
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.helpmefindyour.info/?l=1&q={searchTerms}&pid=658&r=2013/04/11&hid=668093504&lg=EN&cc=DE
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: RightSurf - {88be1aa9-6740-461c-9e3e-f35eb8fa741c} - C:\Program Files (x86)\RightSurf\RightSurfbho.dll (RightSurf)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.179.1
Tcpip\..\Interfaces\{A3FF0FEE-F422-4BC9-9202-EE92063961D9}: [NameServer]8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default
FF user.js: detected! => C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\user.js
FF NewTab: hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SPE2265FD0-F72E-4518-A0B9-D1302DD41D59
FF DefaultSearchEngine: Conduit Search
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF SelectedSearchEngine: Conduit Search
FF Homepage: hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPE2265FD0-F72E-4518-A0B9-D1302DD41D59
FF Keyword.URL: hxxp://websearch.helpmefindyour.info/?pid=658&r=2013/04/11&hid=668093504&lg=EN&cc=DE&l=1&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @protectdisc.com/NPMPDRM - C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\searchplugins\conduit-search-1.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\searchplugins\conduit-search-2.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\searchplugins\EasyLife.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\searchplugins\safesearch.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF Extension: FireJump - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\Extensions\firejump@firejump.net [2013-01-04]
FF Extension: StumbleUpon - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\Extensions\toolbar@stumbleupon.com [2013-03-13]
FF Extension: DHL Packstation Bestellhelfer - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\Extensions\{b8cbd8e0-e642-11dd-ba2f-0800200c9a66} [2013-03-14]
FF Extension: Preispilot - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\Extensions\extension@preispilot.com.xpi [2013-01-04]
FF Extension: NoScript - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-11-28]
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2012-12-28]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2013-02-12]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2013-02-12]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFF [2013-10-10]
FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\extensions\firejump@firejump.net
FF Extension: FireJump - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\extensions\firejump@firejump.net [2013-01-04]
FF HKCU\...\Firefox\Extensions: [{0F827075-B026-42F3-885D-98981EE7B1AE}] - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
FF HKCU\...\Firefox\Extensions: [{8f5010e2-9577-4aed-ad42-f2098ea15def}] - C:\Program Files (x86)\LyricsPal\133.xpi
FF Extension: Lyrics-Pal - C:\Program Files (x86)\LyricsPal\133.xpi [2013-09-14]

Chrome: 
=======
CHR HomePage: 
CHR RestoreOnStartup: ""
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-03]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-03]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-03]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-03]
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-03]
CHR Extension: (Norton Identity Protection) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-02-03]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-03]
CHR Extension: (StumbleUpon) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgifblbjgdjhcelbanblbhkhmbnnmhfg [2014-02-03]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-03]
CHR Extension: (Lyrics-Pal) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnbbffeddnekkhjmokkhdebbfbibbflc [2014-02-03]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\Exts\Chrome.crx [2014-02-03]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx [2014-02-03]
CHR HKLM-x32\...\Chrome\Extension: [pgifblbjgdjhcelbanblbhkhmbnnmhfg] - C:\Users\Daniel\AppData\LocalLow\StumbleUpon\CHROME\StumbleUpon.crx [2011-11-22]
CHR HKLM-x32\...\Chrome\Extension: [pkndmigholgfjlniaohblojbhgjbkakn] - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2011-11-22]
CHR HKLM-x32\...\Chrome\Extension: [pnbbffeddnekkhjmokkhdebbfbibbflc] - C:\Program Files (x86)\LyricsPal\133.crx [2013-09-11]

==================== Services (Whitelisted) =================

R2 AsusSE; C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\RtlService.exe [36864 2012-04-09] (Realtek)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2301216 2014-01-29] (Conduit)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [844320 2009-08-06] (Acer Incorporated)
R2 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-06-04] (Acer Incorporated)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [831272 2013-06-21] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-06-21] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [548136 2013-06-21] ()
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [508016 2014-01-14] (Cherished Technololgy LIMITED)
R2 NIS; C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [62720 2009-08-21] (NewTech Infosystems, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-12-03] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-11-20] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe [71832 2009-06-15] (SiSoftware)
R2 SCM_Service; C:\Windows\SysWOW64\WinService.exe [186848 2010-05-10] ()
R2 StumbleUponUpdater; C:\Users\Daniel\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [18432 2011-11-22] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-09-09] (TuneUp Software)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH)
R2 Update RightSurf; C:\Program Files (x86)\RightSurf\updateRightSurf.exe [103200 2014-02-01] ()
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer)
R2 Util RightSurf; C:\Program Files (x86)\RightSurf\bin\utilRightSurf.exe [103200 2014-02-02] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2000-01-01] (VIA Technologies, Inc.)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [493568 2014-02-02] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

S3 AIDA64Driver; C:\Users\Daniel\Downloads\aida64extreme_build_2419_txgzqv3nwh\kerneld.x64 [31576 2013-04-15] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-02] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-25] (Symantec Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-06-21] (AnchorFree Inc.)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20140131.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20140202.003\ENG64.SYS [126040 2013-11-25] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20140202.003\EX64.SYS [2099288 2013-11-25] (Symantec Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2012-01-18] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2012-01-18] ()
S3 RTL8187; C:\Windows\System32\DRIVERS\wg111v2.sys [450048 2010-04-06] (NETGEAR Inc.)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39096 2013-09-13] (Razer Inc)
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [154624 2011-05-12] (Razer USA Ltd)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-02-12] (Duplex Secure Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-11-02] ()
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-20] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [43680 2013-03-05] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
U3 ay98anc3; C:\Windows\System32\Drivers\ay98anc3.sys [0 ] (Advanced Micro Devices)
S3 dgderdrv; System32\drivers\dgderdrv.sys [x]
U5 Ps2; C:\Windows\System32\Drivers\Ps2.sys [19072 2010-03-18] (Hewlett-Packard Company)
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-03 19:06 - 2014-02-03 19:15 - 00000000 ____D () C:\FRST
2014-02-03 18:42 - 2014-02-03 18:42 - 00000020 ___SH () C:\Users\fbwuser\ntuser.ini
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\Vorlagen
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\Startmenü
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\Netzwerkumgebung
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\Lokale Einstellungen
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\Eigene Dateien
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\Druckumgebung
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\Documents\Eigene Musik
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\Documents\Eigene Bilder
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\AppData\Local\Verlauf
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\AppData\Local\Anwendungsdaten
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\Anwendungsdaten
2014-02-03 18:42 - 2013-11-03 23:50 - 00000000 ____D () C:\Users\fbwuser\AppData\Local\Microsoft Help
2014-02-03 18:42 - 2013-03-13 16:15 - 00002126 _____ () C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-02-03 18:42 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-03 18:42 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-03 18:38 - 2014-02-03 18:38 - 00000000 ____D () C:\ProgramData\Hotspot Shield
2014-02-03 18:37 - 2014-02-03 18:40 - 00000000 ____D () C:\Program Files (x86)\Hotspot Shield
2014-02-03 18:36 - 2014-02-03 18:36 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Hotspot Shield
2014-02-02 22:06 - 2014-02-02 22:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-02 22:06 - 2014-02-02 22:06 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-02 22:06 - 2014-02-02 22:06 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-02 22:06 - 2014-02-02 22:06 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-02 22:01 - 2014-02-02 22:06 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 21:37 - 2014-02-02 21:37 - 00000000 ____D () C:\ProgramData\WPM
2014-02-02 21:37 - 2014-02-02 21:37 - 00000000 ____D () C:\ProgramData\IePluginService
2014-02-02 21:37 - 2014-02-02 21:37 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-02-02 21:31 - 2014-02-03 15:03 - 00000000 ____D () C:\Program Files (x86)\RightSurf
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Windows Live Writer
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Windows Live Writer
2014-01-11 17:28 - 2014-01-11 17:28 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-01-11 14:24 - 2014-01-11 14:24 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-01-11 14:15 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-11 14:15 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00357152 _____ () C:\Windows\system32\NvIFROpenGL.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00314656 _____ () C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-01-11 14:15 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-01-11 14:15 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-01-11 14:15 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-01-11 14:09 - 2014-01-11 14:09 - 00000000 ____D () C:\NVIDIA
2014-01-09 17:14 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-01-09 17:14 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-01-07 21:05 - 2014-01-07 21:05 - 00000000 ____D () C:\Users\Daniel\Documents\FLiNGTrainer
2014-01-07 18:47 - 2014-01-07 18:47 - 00000000 ____D () C:\Users\Daniel\Documents\NBGI
2014-01-07 18:46 - 2014-01-07 18:46 - 00000000 ____D () C:\Users\Daniel\AppData\Local\NBGI
2014-01-04 18:25 - 2014-01-04 18:26 - 00000000 ____D () C:\Users\Daniel\AppData\Local\PAYDAY 2

==================== One Month Modified Files and Folders =======

2014-02-03 19:15 - 2014-02-03 19:06 - 00000000 ____D () C:\FRST
2014-02-03 19:05 - 2013-05-22 13:59 - 00000000 ____D () C:\Users\Daniel\AppData\Local\CrashDumps
2014-02-03 18:48 - 2012-12-12 21:21 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-03 18:42 - 2014-02-03 18:42 - 00000020 ___SH () C:\Users\fbwuser\ntuser.ini
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\Vorlagen
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\Startmenü
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\Netzwerkumgebung
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\Lokale Einstellungen
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\Eigene Dateien
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\Druckumgebung
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\Documents\Eigene Musik
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\Documents\Eigene Bilder
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\AppData\Local\Verlauf
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\AppData\Local\Anwendungsdaten
2014-02-03 18:42 - 2014-02-03 18:42 - 00000000 _SHDL () C:\Users\fbwuser\Anwendungsdaten
2014-02-03 18:42 - 2012-12-12 17:46 - 01733701 _____ () C:\Windows\WindowsUpdate.log
2014-02-03 18:40 - 2014-02-03 18:37 - 00000000 ____D () C:\Program Files (x86)\Hotspot Shield
2014-02-03 18:38 - 2014-02-03 18:38 - 00000000 ____D () C:\ProgramData\Hotspot Shield
2014-02-03 18:36 - 2014-02-03 18:36 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Hotspot Shield
2014-02-03 18:17 - 2012-12-13 15:22 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Google
2014-02-03 17:55 - 2009-08-25 05:00 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-03 16:31 - 2012-12-13 02:35 - 00708352 _____ () C:\Windows\system32\perfh007.dat
2014-02-03 16:31 - 2012-12-13 02:35 - 00153388 _____ () C:\Windows\system32\perfc007.dat
2014-02-03 16:31 - 2009-07-14 06:13 - 01644996 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-03 15:14 - 2009-07-14 05:45 - 00030704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-03 15:14 - 2009-07-14 05:45 - 00030704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-03 15:04 - 2013-11-15 15:42 - 00012069 _____ () C:\Windows\setupact.log
2014-02-03 15:04 - 2013-07-30 18:53 - 00000438 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-02-03 15:03 - 2014-02-02 21:31 - 00000000 ____D () C:\Program Files (x86)\RightSurf
2014-02-03 15:03 - 2013-11-18 15:02 - 00010092 _____ () C:\Windows\PFRO.log
2014-02-03 15:03 - 2013-02-10 14:43 - 00000442 ____H () C:\Windows\Tasks\schedule!1818212897.job
2014-02-03 15:03 - 2012-12-12 21:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-03 15:03 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-02 22:42 - 2013-06-01 19:03 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-02-02 22:06 - 2014-02-02 22:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-02 22:06 - 2014-02-02 22:06 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-02 22:06 - 2014-02-02 22:06 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-02 22:06 - 2014-02-02 22:06 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-02 22:06 - 2014-02-02 22:01 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 22:06 - 2013-04-21 12:11 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-02 22:06 - 2013-01-18 20:49 - 00000000 ___RD () C:\Users\Daniel\Desktop\Games
2014-02-02 22:06 - 2012-12-12 22:55 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-02-02 21:50 - 2012-12-28 02:47 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-02-02 21:37 - 2014-02-02 21:37 - 00000000 ____D () C:\ProgramData\WPM
2014-02-02 21:37 - 2014-02-02 21:37 - 00000000 ____D () C:\ProgramData\IePluginService
2014-02-02 21:37 - 2014-02-02 21:37 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-02-02 21:37 - 2013-04-11 14:14 - 00001615 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-02 17:08 - 2013-07-30 19:41 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\.minecraft
2014-02-02 17:05 - 2013-12-22 16:20 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Craften Terminal
2014-02-02 16:33 - 2013-07-30 15:54 - 00000000 ____D () C:\Program Files (x86)\Craften Terminal
2014-01-29 22:27 - 2013-02-15 14:55 - 00000000 ____D () C:\FFOutput
2014-01-29 20:30 - 2013-10-06 10:56 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-01-26 21:43 - 2012-12-13 16:21 - 00000000 ____D () C:\Users\Daniel\AppData\Local\SKIDROW
2014-01-26 18:14 - 2013-01-03 00:10 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ship Simulator Extremes
2014-01-20 20:02 - 2013-03-20 15:18 - 00000000 ____D () C:\ProgramData\Steam
2014-01-20 19:53 - 2013-03-10 19:06 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\uTorrent
2014-01-18 19:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-01-18 17:47 - 2013-11-01 12:15 - 00000000 ____D () C:\Users\Daniel\Downloads\Battlefield_4_Theme
2014-01-15 22:27 - 2013-03-13 16:12 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Windows Live
2014-01-14 23:05 - 2013-10-04 16:09 - 00000000 ____D () C:\Fraps
2014-01-13 15:17 - 2013-11-03 23:24 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Windows Live Writer
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Windows Live Writer
2014-01-12 17:10 - 2012-12-27 15:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-12 11:52 - 2012-12-27 15:46 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-12 11:51 - 2012-12-27 15:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-12 11:51 - 2012-12-27 15:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-11 17:28 - 2014-01-11 17:28 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-01-11 14:24 - 2014-01-11 14:24 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-01-11 14:24 - 2012-12-12 21:19 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-11 14:09 - 2014-01-11 14:09 - 00000000 ____D () C:\NVIDIA
2014-01-09 17:43 - 2013-07-02 13:55 - 00000000 ____D () C:\Users\Daniel\AppData\Local\NVIDIA
2014-01-09 17:19 - 2013-10-31 18:11 - 00000000 ____D () C:\Users\Daniel\AppData\Local\NVIDIA Corporation
2014-01-09 17:18 - 2012-12-12 21:19 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-01-09 17:16 - 2012-12-12 21:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-01-08 21:25 - 2013-03-27 15:46 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\TS3Client
2014-01-07 21:05 - 2014-01-07 21:05 - 00000000 ____D () C:\Users\Daniel\Documents\FLiNGTrainer
2014-01-07 18:47 - 2014-01-07 18:47 - 00000000 ____D () C:\Users\Daniel\Documents\NBGI
2014-01-07 18:46 - 2014-01-07 18:46 - 00000000 ____D () C:\Users\Daniel\AppData\Local\NBGI
2014-01-07 18:45 - 2013-11-18 18:26 - 00072085 _____ () C:\Windows\DirectX.log
2014-01-05 23:04 - 2013-06-01 19:03 - 00000000 ____D () C:\ProgramData\Origin
2014-01-04 18:26 - 2014-01-04 18:25 - 00000000 ____D () C:\Users\Daniel\AppData\Local\PAYDAY 2
2014-01-04 18:15 - 2014-01-03 17:08 - 00008738 _____ () C:\Users\Daniel\Documents\TombRaider.log

Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Daniel\AppData\Local\Temp\nvStInst.exe
C:\Users\Daniel\AppData\Local\Temp\sonarinst.exe
C:\Users\Daniel\AppData\Local\Temp\SPSetup.exe
C:\Users\Daniel\AppData\Local\Temp\ubiFE6B.tmp.exe
C:\Users\Daniel\AppData\Local\Temp\Uninstall.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-18 19:06

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2014 04
Ran by Daniel at 2014-02-03 19:16:40
Running from C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y9IW8WZ4
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security CBE (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security CBE (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security CBE (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

"Truck Tycoon" (x32 Version: Version 1.0 - Nikita/1C)
µTorrent (HKCU Version: 3.3.2.30303 - BitTorrent Inc.)
2011 BMW 1M version 1.0 (x32 Version: 1.0 - MSM)
7-Zip 9.20 (x32 Version:  - )
A2A B17 Accusim (x32 Version:  - )
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1.3 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.5.5 MUI (x32 Version: 9.5.5 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Age of Empires III Gold Edition 1.00 (x32 Version:  - )
AI Carriers (x32 Version:  - )
Alice Greenfingers (x32 Version:  - Oberon Media)
Alps Pointing-device for VAIO (Version:  - ALPS ELECTRIC CO., LTD.)
Amazonia (x32 Version:  - Oberon Media)
ARMA 2 Operation Arrowhead Uninstall (x32 Version:  - )
ArmA 2 Uninstall (x32 Version:  - )
Armarize 1.4.0.0 (x32 Version: 1.4.0.0 - Johannes Meyer)
Ashampoo Burning Studio 2013 v.11.0.6 (x32 Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Assassins Creed IV Black Flag Deluxe Edition (x32 Version:  - Ubisoft)
ASUS PCE-N15 WLAN Card Utilities & Driver (x32 Version: 1.0.0.8 - )
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.22 - Atheros Communications Inc.)
B-25J "Briefing Time" for FSX (x32 Version:  - )
Backup Manager Basic (x32 Version: 2.0.0.22 - NewTech Infosystems) Hidden
Battlefield 3™ (x32 Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (x32 Version: 1.0.0.1 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.3.2 - EA Digital Illusions CE AB)
Battlestations: Pacific (x32 Version: 1.00.0000 - Eidos plc)
BattlEye for OA Uninstall (x32 Version:  - )
BattlEye Uninstall (x32 Version:  - )
Bierbuden Autoupdate (remove only) (HKCU Version:  - )
BrowseToSave (Version: 1.0 - ) <==== ATTENTION
BSP Ripper (x32 Version:  - timetraveller)
BSPKMBeta0.2 Installer (x32 Version:  - )
CCleaner (Version: 4.07 - Piriform)
CDBurnerXP (x32 Version: 4.5.1.3868 - CDBurnerXP)
Cheat Engine 6.2 (x32 Version:  - Dark Byte)
Cheatbook Database 2013 (x32 Version:  - )
Chicken Invaders 2 (x32 Version:  - Oberon Media)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Counter-Strike: Global Offensive (x32 Version:  - )
Craften Terminal 3.5.3 (x32 Version: 3.5.3 - Craften.de)
Crysis®3 (x32 Version: 1.0.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (x32 Version: 4.46.1.0327 - DT Soft Ltd)
Dairy Dash (x32 Version:  - Oberon Media)
Dark Souls: Prepare to Die Edition (x32 Version:  - FromSoftware)
DayZ Commander (x32 Version: 0.92.79 - Dotjosh Studios)
Delta Chrome Toolbar (x32 Version:  - Visual Tools) <==== ATTENTION
Delta toolbar   (x32 Version: 1.8.10.0 - Delta) <==== ATTENTION
Desktop Icon für Amazon (Version: 1.0.1 (de) - )
Die Sims™ 3 (x32 Version: 1.50.56 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (x32 Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (x32 Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Showtime (x32 Version: 12.0.273 - Electronic Arts)
Dream Day First Home (x32 Version:  - Oberon Media)
EasyLife Gadget (Version: 1.0 - EasyLife Gadget)
EasyLife Search 1.74 (x32 Version:  - )
EasyLife Updater (Version: 1.0 - BetterSoft)
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 (x32 Version: 1.1.1 - SCS Software)
EVEREST Home Edition v2.20 (x32 Version: 2.20 - Lavalys Inc)
EXPERTool v8.9 (x32 Version: 8.9.5.0 - Gainward Co. Ltd.)
Far Cry 3 (x32 Version: 1.04 - Ubisoft)
Farm Frenzy 2 (x32 Version:  - Oberon Media)
FireJump (x32 Version: 1.0.2.5 - FireJump.net)
FlipTIB (x32 Version:  - )
FormatFactory 3.0.1 (x32 Version: 3.0.1 - Free Time)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (x32 Version:  - )
Garry's Mod (x32 Version:  - Facepunch Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (x32 Version: 32.0.1700.102 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Grand Theft Auto(TM): San Andreas (x32 Version:  - Rockstar)
Granny In Paradise (x32 Version:  - Oberon Media)
GTK+ 2.10.13 runtime environment (x32 Version:  - Tor Lillqvist)
Hamachi 1.0.1.5 (x32 Version:  - )
Heroes of Hellas (x32 Version:  - Oberon Media)
Hotspot Shield 3.09 (x32 Version: 3.09 - AnchorFree Inc.)
Identity Card (x32 Version: 1.00.3001 - Packard Bell)
IePluginService12.27.0.3326 (x32 Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Installer (x32 Version: 1.0.0 - Sierra Entertainment, Inc.) Hidden
Internet Explorer Toolbar 4.6 by SweetPacks (x32 Version: 4.6.0004 - SweetIM Technologies Ltd.) <==== ATTENTION
IsoBuster 3.1 (x32 Version: 3.1 - Smart Projects)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 10 (x32 Version: 1.7.0.100 - Oracle)
JDownloader Packages (HKCU Version:  - ) <==== ATTENTION
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Launch Manager (x32 Version: 3.0.02 - Packard Bell)
Loadout Editor For ArmA2 Combined Operations & ACE 2 version 1.4 Update 4, build 1.4.74 (x32 Version: 1.4 Update 4, build 1.4.74 - The [S.o.E] team)
Logitech Gaming Software 5.10 (Version: 5.10.127 - Logitech)
Lyrics-Pal (x32 Version:  - LyricsPal Soft. LTD) <==== ATTENTION
Magic ISO Maker v5.5 (build 0281) (x32 Version:  - )
MegaTrainer eXperience V1.1.2.6c (x32 Version:  - )
Merriam Websters Spell Jam (x32 Version:  - Oberon Media)
Metaboli (x32 Version: 1.00.0006 - Packard Bell)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5 Beta (Version: 4.5.50131 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Flight Simulator X (x32 Version: 10.0.60905 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X: Acceleration (x32 Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration (x32 Version: 10.0.61637.0 - Microsoft Game Studios) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (x32 Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Works (x32 Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0 - Microsoft)
MiniTool Partition Wizard Home Edition 7.1 (x32 Version:  - MiniTool Solution Ltd.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (x32 Version: 4.20.9818.0 - Microsoft Corporation)
Mustang P51-D Restored Part 1 (x32 Version:  - )
MyFreeCodec (HKCU Version:  - )
Need for Speed™ Most Wanted (x32 Version: 1.5.0.0 - Electronic Arts)
Nero 9 Essentials (x32 Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.9.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.201 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.209 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.1.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.10.505 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NETGEAR WG111v2 wireless USB 2.0 adapter (x32 Version: 1.0.0.133 - NETGEAR)
NetOn 1.0 (x32 Version:  - Rct-Net.de)
Norton Internet Security CBE (x32 Version: 20.4.0.40 - Symantec Corporation)
Norton Online Backup (x32 Version: 1.2.0.36 - Symantec)
NVIDIA 3D Vision Controller-Treiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19 - NVIDIA Corporation)
OpenAL (x32 Version:  - )
Origin (x32 Version: 9.1.3.2637 - Electronic Arts, Inc.)
Packard Bell GameZone Console (x32 Version: 5.1.2.3 - Oberon Media, Inc.)
Packard Bell InfoCentre (x32 Version: 3.02.3000 - Packard Bell)
Packard Bell MyBackup (x32 Version: 2.0.0.22 - NewTech Infosystems)
Packard Bell Power Management (x32 Version: 4.05.3002 - Packard Bell)
Packard Bell Recovery Management (x32 Version: 4.05.3003 - Packard Bell)
Packard Bell Registration (x32 Version: 1.02.3004 - Packard Bell)
Packard Bell ScreenSaver (x32 Version: 1.4.0730 - Packard Bell Incorporated)
Packard Bell Updater (x32 Version: 1.01.3014 - Packard Bell)
PAYDAY 2 (x32 Version:  - OVERKILL - a Starbreeze Studio.)
PCSX2 - Playstation 2 Emulator (x32 Version:  - )
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pinnacle VideoSpin (x32 Version: 2.0.0.669 - Pinnacle Systems)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Play withSIX (x32 Version: 1.30.0464 - SIX Networks)
PowerISO (x32 Version: 5.5 - Power Software Ltd)
Preispilot für Firefox (x32 Version: 2.0 - Preispilot)
PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.)
Python 2.7.3 (64-bit) (Version: 2.7.3150 - Python Software Foundation)
Quake 4(TM) (x32 Version: 1.0 - Activision) Hidden
Quake 4(TM) (x32 Version: 1.0.4 - Activision)
Quake 4(TM) 1.0.4 Patch (x32 Version: 1.0 - Activision) Hidden
Quick Memory Editor 5.7 (x32 Version:  - softcows.com)
Race Injection (x32 Version:  - )
Razer BlackWidow Ultimate (x32 Version: 1.05.00 - Razer USA Ltd.)
Razer Synapse 2.0 (x32 Version: 1.14.4 - Razer Inc.)
RealFlight F6F Hellcat 3 and 5 for FSX (x32 Version:  - komu)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5904 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7100.30095 - Realtek Semiconductor Corp.)
Recovery Toolbox for CD Free 1.1 (x32 Version:  - Recovery Toolbox, Inc.)
Red Faction Guerrilla (x32 Version: 1.00.0000 - Ihr Firmenname)
Red Faction Guerrilla (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
RightSurf (Version: 2014.02.01.021226 - RightSurf) <==== ATTENTION
RollerCoaster Tycoon 2 Triple Thrill Pack (x32 Version:  - GOG.com)
RollerCoaster Tycoon 3 Platinum (x32 Version:  - GOG.com)
RTE Capture 1.60 (x32 Version:  - )
Saints Row IV (x32 Version:  - Deep Silver Volition)
Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (x32 Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
San Andreas Mod Installer (x32 Version: 1.1 - cpmusick)
SBD Dauntless FSX (HKCU Version:  - )
Schwarzwaldbahnen (x32 Version:  - )
Scribblenauts Unlimited (x32 Version:  - )
Scribblenauts Unmasked A DC Comics Adventure (x32 Version:  - )
Search Assistant WebSearch 1.74 (x32 Version:  - ) <==== ATTENTION
Search Protect (x32 Version: 2.9.62.1 - Conduit) <==== ATTENTION
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Ship Simulator Extremes (x32 Version:  - )
SiSoftware Sandra Lite 2013.SP4 (Version: 19.50.2013.7 - SiSoftware)
SlimDrivers (x32 Version: 2.2.28413 - SlimWare Utilities, Inc.)
Smart File Advisor 1.1.1 (x32 Version: 1.1.1 - Filefacts.net)
Sniper Elite V2 (x32 Version:  - )
Sniper Elite: Nazi Zombie Army (x32 Version:  - )
SpeedFan (remove only) (x32 Version:  - )
SSF Realism Mod (x32 Version:  - )
Star Defender 4 (x32 Version:  - Oberon Media)
State of Decay (x32 Version:  - Microsoft Game Studios)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
SupTab (x32 Version: 1.1.1.0 - ) <==== ATTENTION
SWAT 4 - The Stetchkov Syndicate (x32 Version: 1.0.0 - Sierra Entertainment, Inc.)
SWAT 4 (x32 Version: 1.0.31973 - Sierra Entertainment, Inc.)
SWAT 4 (x32 Version: 1.0.31973 - Sierra Entertainment, Inc.) Hidden
Synthesia (x32 Version: 8.4 - Synthesia LLC)
System Requirements Lab for Intel (x32 Version: 4.5.13.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKCU Version: 3.0.13.1 - TeamSpeak Systems GmbH)
Test Drive Unlimited 2 (x32 Version:  - )
The Simpsons Hit & Run(TM) (x32 Version: 1.00.000 - )
The Unsung vietnam war mod version 2.5 (x32 Version: 2.5 - Unsung)
The Walking Dead (x32 Version:  - )
The Walking Dead Survival Instinct (c) Activision version 1 (x32 Version: 1 - )
The Walking Dead: Season Two (x32 Version:  - Telltale Games)
The War Z (x32 Version:  - )
Thief - Deadly Shadows (x32 Version: 1.0 - )
Thief - Deadly Shadows Collective Texture Pack by John P., ver. 1.0.3 (x32 Version:  - John P.)
Tom Clancy's Rainbow Six Vegas 2 (x32 Version: 1.03 - Ubisoft)
Tom Clancy's Splinter Cell® Blacklist™ (x32 Version: 1.03 - Ubisoft)
Tomb Raider (x32 Version:  - Crystal Dynamics)
Tony Hawk's Pro Skater 3® (x32 Version: 1.0 - Activision Publishing, Inc.)
Tony Hawks Pro Skater 4 (x32 Version: 1.00.0000 - Aspyr Media)
Train Simulator 2014 (x32 Version:  - RailSimulator.com)
TransMac version 10.4 (x32 Version: 10.4 - Acute Systems)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.110 - TuneUp Software) Hidden
TuneUp Utilities 2014 (x32 Version: 14.0.1000.110 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.110 - TuneUp Software) Hidden
Tunngle beta (x32 Version:  - Tunngle.net GmbH)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
Update Manager for SweetPacks 1.1 (x32 Version: 1.1.0008 - SweetIM Technologies Ltd.) <==== ATTENTION
Uplay (x32 Version: 2.0 - Ubisoft)
VIA Plattform-Geräte-Manager (x32 Version: 1.34 - VIA Technologies, Inc.)
VLC media player 2.0.4 (Version: 2.0.4 - VideoLAN)
VRS F/A-18E Superbug X (x32 Version: 1.0.5.1 - Vertical Reality Simulations)
VRS TacPack (x32 Version: 1.3.2.1 - Vertical Reality Simulations)
War Thunder Launcher 1.0.1.278 (x32 Version:  - 2013 Gaijin Entertainment Corporation)
Wargame AirLand Battle (c) Focus Home Interactive version RLD! (x32 Version: RLD! - )
Weapon for FSX 1.0 (x32 Version: 1.0.00 - © 1999-2011 Captain Sim)
Welcome Center (x32 Version: 1.00.3005 - Packard Bell)
Westermann Industriemechaniker (x32 Version: 27840 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Alps Touch Pad Driver (07/23/2009 7.202.505.108) (Version: 07/23/2009 7.202.505.108 - Alps)
Windows-Treiberpaket - Intel hdc  (08/05/2009 9.1.1.1016) (Version: 08/05/2009 9.1.1.1016 - Intel)
Windows-Treiberpaket - Intel hdc  (10/05/2012 9.1.9.1002) (Version: 10/05/2012 9.1.9.1002 - Intel)
Windows-Treiberpaket - Intel System  (01/30/2008 8.6.1.1001) (Version: 01/30/2008 8.6.1.1001 - Intel)
Windows-Treiberpaket - Intel System  (08/05/2009 9.1.1.1016) (Version: 08/05/2009 9.1.1.1016 - Intel)
Windows-Treiberpaket - Intel System  (10/05/2012 9.1.9.1002) (Version: 10/05/2012 9.1.9.1002 - Intel)
Windows-Treiberpaket - Intel USB  (08/05/2009 9.1.1.1016) (Version: 08/05/2009 9.1.1.1016 - Intel)
Windows-Treiberpaket - Intel USB  (10/05/2012 9.1.9.1002) (Version: 10/05/2012 9.1.9.1002 - Intel)
Wings of POWER II:  B17 (x32 Version:  - )
WinLauncherXP 2.0.4 beta (x32 Version:  - GamerOffice)
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
WinUAE 2.5.1 (x32 Version: 2.5.1 - Arabuusimiehet)
Wise Registry Cleaner 7.89 (x32 Version: 7.89 - WiseCleaner.com, Inc.)
Wondershare Photo Recovery (build 3.0.2) (x32 Version:  - Wondershare Software Co., Ltd.)
WPM17.8.0.3325 (x32 Version: 17.8.0.3325 - Cherished Technololgy LIMITED) <==== ATTENTION
wxPython 2.8.12.1 (unicode) for Python 2.7 (Version: 2.8.12.1-unicode - Total Control Software)

==================== Restore Points  =========================

02-02-2014 20:59:41 Installed Java 7 Update 51
02-02-2014 21:04:21 Removed Java 7 Update 51
02-02-2014 21:05:17 Installed Java 7 Update 51
03-02-2014 17:37:24 Gerätetreiber-Paketinstallation: Anchorfree Inc Netzwerkdienst
03-02-2014 17:39:18 Gerätetreiber-Paketinstallation: Anchorfree HSS VPN Adapter Netzwerkadapter

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-08-27 23:46 - 00444830 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	www.10sek.com
127.0.0.1	10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	www.123fporn.info
127.0.0.1	123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {00D03A3D-F082-40E8-B0AF-68D1C0186247} - System32\Tasks\{AD8CA157-0818-47AA-A776-4C49352924AE} => H:\Age of Empires 3\Age of Empires III Gold Edition\aoe3-114-german (1).exe
Task: {01EEE456-6D4C-4E93-8B17-58AA1B15A397} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {0C27BEA4-208F-4797-9768-CBA899EB273E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-09-09] (TuneUp Software)
Task: {10E5A892-FE8A-4954-8643-752CE324BBFF} - System32\Tasks\schedule!1818212897 => C:\ProgramData\BetterSoft\EasyLife Updater\EasyLife Updater.exe [2013-01-23] () <==== ATTENTION
Task: {2790CEB4-C192-4B15-B957-6EC6FFDCAC64} - System32\Tasks\{53CD7279-78C2-484F-8E11-57E3BDC73438} => C:\Program Files (x86)\JoWooD\King\king.exe
Task: {2F315BA7-F3B5-4173-85E4-83671EA54738} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {351EC057-0B89-46F2-87DE-5FAB1D4EBA30} - System32\Tasks\{0157C634-853E-4D7F-84AC-8A9D125A82F2} => C:\Program Files (x86)\JoWooD\King\king.exe
Task: {3D93D6A1-944E-4F1E-A32B-09510DFC2890} - System32\Tasks\{FF209A0A-618A-4306-940A-18A286C600D0} => H:\Downloads\Thief3_Patch11\Thief Deadly Shadows Patch.exe [2007-02-17] ()
Task: {41AAA413-4D2D-4E76-AEF2-C2810BEEF18C} - System32\Tasks\{CD5AB24F-7AD5-48B5-8BFB-9C4CA2D1B1AC} => F:\setup.exe
Task: {44821434-EC62-4913-A051-89F31684A662} - System32\Tasks\{D4AB506C-AB45-4C4B-88C0-A09CEFCFE238} => F:\install.exe
Task: {453D17BC-8304-4584-B9BF-AA857F4435E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-17] (Google Inc.)
Task: {4B66EC8E-49A9-4195-836C-89274DBBDFDB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-17] (Google Inc.)
Task: {52EF355B-0E46-4F9F-A796-F88C0BBDA6DA} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Task: {5CFAA3E1-8252-4FC1-B0E6-5178C7B08495} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {5E3EED47-D749-4F60-98D5-185D52DCC4B6} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {69BE14BD-D7ED-4D83-B740-278EC5201975} - System32\Tasks\{74AA2145-464B-4A52-9FA1-5B7A9294C33D} => F:\install.exe
Task: {6DAD6AFF-0D81-481B-96F3-96BEC3D2F1A6} - System32\Tasks\{49F22B28-C6D8-49A7-B25A-E0841514E6FB} => H:\Age of Empires 3\Age of Empires III Gold Edition\aoe3-114-german (1).exe
Task: {75213718-40AD-4712-B609-08780B25E21D} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-03-29] (SlimWare Utilities, Inc.)
Task: {75B278C9-687C-4E28-9610-5C47FEE07447} - System32\Tasks\{A2DA23C0-69C8-4B3B-8A3D-F3BB2B523588} => F:\setup.exe
Task: {81859949-B647-4C4C-988B-CAE76BA900F1} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {8673E097-D82E-42DE-8E8C-6DFF47CF009C} - System32\Tasks\{05D90A2B-0EC3-46CC-945D-0ED8B27640C4} => C:\Program Files (x86)\JoWooD\King\king.exe
Task: {936B4FF1-8CC9-477C-BC1E-73BBDD0400E7} - System32\Tasks\{18B88D1C-2D61-4163-923C-0D671D15FC3B} => F:\setup.exe
Task: {946757F6-E817-43DC-9A01-811E4C99F0F7} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {94AECBD2-C470-4620-9878-D15C2E072645} - System32\Tasks\{7CAC1C2E-1F78-40D8-A8FC-DF49742186F3} => F:\install.exe
Task: {AF7C2BD6-190E-450A-A39D-F099F67C57FB} - System32\Tasks\{C08E20F5-C069-4E62-B6B7-C7EC97B2B1D3} => C:\Program Files (x86)\JoWooD\King\king.exe
Task: {B460F6E1-FC96-49C1-96BB-CDCA9DA25EA0} - System32\Tasks\{1C3ECF66-4E24-4424-BF4A-9676C0E15CFF} => C:\Program Files (x86)\Thief - Deadly Shadows\System\t3.exe [2013-07-05] (Ion Storm, L.P.)
Task: {B52C46CF-6BD6-4253-82E1-58A1BD4BFB38} - System32\Tasks\{B2603232-69A9-417B-822F-9D9249801BFB} => C:\Program Files (x86)\JoWooD\King\king.exe
Task: {B937AFF1-00F3-40F9-B901-CCD3CA3B287C} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {B9FABB4E-0D88-45E0-B9C9-7F8DFB0F6C51} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {BDD4759C-B39C-4A70-9ABC-A23F0B446D5B} - System32\Tasks\{B8F46D44-E117-4A8D-86DA-7765F6CBA4D9} => C:\Program Files (x86)\JoWooD\King\king.exe
Task: {CC6ED2E5-90CC-4C2C-A5E1-7047C7346D25} - System32\Tasks\{A6848A01-BB69-4173-A5B2-352F5F50E7C9} => C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe [2007-09-26] (Microsoft Corp.)
Task: {E18BFD26-F41A-44FC-8683-30E34368F5B3} - System32\Tasks\{BA848A39-E2D1-4A33-A6CF-7033B4384549} => C:\Program Files (x86)\JoWooD\King\king.exe
Task: {F677D0FB-58C6-476F-B674-50293C6F6D08} - System32\Tasks\{ECC8DE39-415B-4457-9584-2622582A994A} => C:\Program Files (x86)\JoWooD\King\king.exe
Task: {FCACD65A-452D-42CC-A67A-64026086A665} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-12] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\schedule!1818212897.job => C:\ProgramData\BetterSoft\EasyLife Updater\EasyLife Updater.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe

==================== Loaded Modules (whitelisted) =============

2012-12-12 21:19 - 2013-12-19 19:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-04-10 15:02 - 2000-01-01 01:00 - 00078456 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-04-10 15:02 - 2000-01-01 01:00 - 00386168 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2013-09-09 14:29 - 2013-09-09 14:29 - 00757048 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2013-07-25 14:10 - 2012-04-09 14:21 - 00126976 _____ () C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\EnumDevLib.dll
2009-02-03 01:33 - 2009-02-03 01:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\sqlite3.dll
2008-09-29 01:55 - 2008-09-29 01:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\ACE.dll
2013-06-18 14:22 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY CBE\ENGINE\20.4.0.40\wincfi39.dll
2013-06-21 01:46 - 2013-06-21 01:46 - 00749352 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2013-06-21 01:19 - 2013-06-21 01:19 - 00135976 _____ () C:\Program Files (x86)\Hotspot Shield\bin\cfghlp.dll
2009-03-27 21:02 - 2009-03-27 21:02 - 01554920 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libeay32.dll
2009-03-27 21:02 - 2009-03-27 21:02 - 00332254 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libssl32.dll
2014-01-08 15:59 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-08 15:59 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-03-12 17:10 - 2014-01-11 00:33 - 00717312 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2012-12-12 21:43 - 2014-01-27 20:02 - 01138088 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-12-12 21:43 - 2014-01-11 00:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-12-12 21:43 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-12-12 21:43 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-12-12 21:43 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00157696 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\launcher.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00246272 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\tier0.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00164352 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\vstdlib.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00893952 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\filesystem_stdio.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 04214272 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\engine.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00103936 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\inputsystem.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 01139200 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\materialsystem.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00232960 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\datacache.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00517120 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\studiorender.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00914344 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\vphysics.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 01345024 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\vguimatsurface.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00353792 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\vgui2.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00937472 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\shaderapidx9.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00147968 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\stdshader_dbg.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00228864 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\stdshader_dx6.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00160768 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\stdshader_dx7.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00346112 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\stdshader_dx8.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00559104 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\stdshader_dx9.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00156160 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\garrysmod\bin\game_shader_generic_garrysmod.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00070056 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\unicode.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 06708224 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\garrysmod\bin\client.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 10023936 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\garrysmod\bin\server.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00119808 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\soundemittersystem.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00071680 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\scenefilecache.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00453632 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\garrysmod\bin\lua_shared.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 02038784 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\garrysmod\bin\menusystem.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00880640 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\garrysmod\bin\resources.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00082944 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\garrysmod\bin\gmhtml.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00080384 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\gmod_audio.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 02051584 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\GameUI.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00897536 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\serverbrowser.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00171432 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\vaudio_speex.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 01099704 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\avcodec-53.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00123320 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\avutil-51.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00190904 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\avformat-53.dll
2013-01-24 12:16 - 2013-01-24 12:16 - 01050112 _____ () C:\Program Files (x86)\EasyLife\sprotector.dll
2013-01-24 12:16 - 2013-01-24 12:16 - 01050112 _____ () C:\Program Files (x86)\BrowseToSave\sprotector.dll
2013-01-24 12:25 - 2013-01-24 12:25 - 01044480 _____ () C:\Program Files (x86)\WebSearch\sprotector.dll
2013-06-18 14:22 - 2012-05-30 07:51 - 00699280 ____R () C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\wincfi39.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
Description: Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros
Service: L1E
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Alps Pointing-device
Description: Alps Pointing-device
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Alps Electric
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Launch Manager
Description: Launch Manager
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: Packard Bell
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/03/2014 07:05:02 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16750, Zeitstempel: 0x5269c643
Name des fehlerhaften Moduls: urlmon.dll, Version: 10.0.9200.16750, Zeitstempel: 0x5269c672
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00003baa
ID des fehlerhaften Prozesses: 0x24c0
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (02/03/2014 06:47:41 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (02/03/2014 06:44:42 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16750, Zeitstempel: 0x5269c643
Name des fehlerhaften Moduls: urlmon.dll, Version: 10.0.9200.16750, Zeitstempel: 0x5269c672
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00003baa
ID des fehlerhaften Prozesses: 0x1c2c
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (02/03/2014 06:38:48 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16750, Zeitstempel: 0x5269c643
Name des fehlerhaften Moduls: urlmon.dll, Version: 10.0.9200.16750, Zeitstempel: 0x5269c672
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00003baa
ID des fehlerhaften Prozesses: 0x1238
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (02/03/2014 05:57:52 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 32.0.1700.102, Zeitstempel: 0x52e09b23
Name des fehlerhaften Moduls: sprote~1.dll, Version: 0.0.0.0, Zeitstempel: 0x51011a0e
Ausnahmecode: 0xc0000417
Fehleroffset: 0x000b22c3
ID des fehlerhaften Prozesses: 0x12bc
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (02/03/2014 05:49:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 32.0.1700.102, Zeitstempel: 0x52e09b23
Name des fehlerhaften Moduls: sprote~1.dll, Version: 0.0.0.0, Zeitstempel: 0x51011a0e
Ausnahmecode: 0xc0000417
Fehleroffset: 0x000b22c3
ID des fehlerhaften Prozesses: 0x1dac
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (02/03/2014 05:43:16 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 32.0.1700.102, Zeitstempel: 0x52e09b23
Name des fehlerhaften Moduls: sprote~1.dll, Version: 0.0.0.0, Zeitstempel: 0x51011a0e
Ausnahmecode: 0xc0000417
Fehleroffset: 0x000b22c3
ID des fehlerhaften Prozesses: 0x2050
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (02/03/2014 04:40:56 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/03/2014 04:05:01 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (02/03/2014 03:14:34 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 32.0.1700.102, Zeitstempel: 0x52e09b23
Name des fehlerhaften Moduls: chrome.dll, Version: 32.0.1700.102, Zeitstempel: 0x52e094f7
Ausnahmecode: 0x80000003
Fehleroffset: 0x003c398f
ID des fehlerhaften Prozesses: 0x1108
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3


System errors:
=============
Error: (02/03/2014 06:43:11 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (02/03/2014 06:43:04 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (02/03/2014 06:38:33 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (02/03/2014 04:23:18 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (02/03/2014 03:03:54 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HsfXAudioService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/03/2014 03:03:54 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst HsfXAudioService erreicht.

Error: (02/03/2014 03:03:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (02/02/2014 04:06:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/02/2014 04:06:41 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (02/02/2014 02:15:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HsfXAudioService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-10-04 16:49:22.607
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Daniel\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-10-04 16:49:22.528
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Daniel\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-10-04 16:49:21.483
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-10-04 16:49:21.405
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-27 13:30:20.622
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-27 13:30:20.513
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-27 13:23:20.499
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-27 13:23:20.410
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-27 13:22:57.419
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-27 13:22:57.336
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 66%
Total physical RAM: 4095.18 MB
Available physical RAM: 1355.2 MB
Total Pagefile: 8188.54 MB
Available Pagefile: 4403.03 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:298.09 GB) (Free:22.11 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (IM) (CDROM) (Total:0.22 GB) (Free:0 GB) CDFS
Drive h: (OS2) (Fixed) (Total:931.5 GB) (Free:530.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: F618F618)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 6EC25B35)
Partition 1: (Not Active) - (Size=931 GB) - (Type=OF Extended)

==================== End Of Log ============================

Danke für die schnelle Antwort. Ich hoffe du kannst damit was anfangen.
MfG

cosinus · 03.02.2014, 21:47

Dann bitte jetzt Combofix ausführen:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Trojanhater3 · 03.02.2014, 23:00

So und hier mal die Combofix

Code:

ATTFilter

ComboFix 14-02-03.01 - Daniel 03.02.2014  22:31:41.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.4095.2483 [GMT 1:00]
ausgeführt von:: c:\users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3DPYB02\ComboFix.exe
AV: Norton Internet Security CBE *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security CBE *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security CBE *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\packardbell.ico
c:\program files (x86)\EasyLife
c:\program files (x86)\EasyLife\sprotector.dll
c:\program files (x86)\EasyLife\uninstall.exe
c:\program files (x86)\LyricsPal
c:\program files (x86)\LyricsPal\01.crx
c:\program files (x86)\LyricsPal\01a.xpi
c:\program files (x86)\LyricsPal\133.crx
c:\program files (x86)\LyricsPal\133.dat
c:\program files (x86)\LyricsPal\133.dll
c:\program files (x86)\LyricsPal\133.xpi
c:\program files (x86)\LyricsPal\Lyrics.exe
c:\program files (x86)\LyricsPal\sqlite3.dll
c:\program files (x86)\LyricsPal\Uninstall.exe
c:\program files (x86)\SearchProtect
c:\program files (x86)\SearchProtect\EULA.txt
c:\program files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
c:\program files (x86)\SearchProtect\Main\bin\CltMngSvc.exe_1391457940410
c:\program files (x86)\SearchProtect\Main\bin\SPTool.dll
c:\program files (x86)\SearchProtect\Main\bin\SPtool.dll_1381162331932
c:\program files (x86)\SearchProtect\Main\bin\SPtool.dll_1381162332198
c:\program files (x86)\SearchProtect\Main\bin\SPtool.dll_1382454165450
c:\program files (x86)\SearchProtect\Main\bin\SPtool.dll_1382454165453
c:\program files (x86)\SearchProtect\Main\bin\SPtool.dll_1384450724304
c:\program files (x86)\SearchProtect\Main\bin\SPtool.dll_1384450726390
c:\program files (x86)\SearchProtect\Main\bin\SPtool.dll_1386065614994
c:\program files (x86)\SearchProtect\Main\bin\SPtool.dll_1387547211742
c:\program files (x86)\SearchProtect\Main\bin\SPtool.dll_1387547211748
c:\program files (x86)\SearchProtect\Main\bin\SPtool.dll_1389821964601
c:\program files (x86)\SearchProtect\Main\bin\SPtool.dll_1389821964604
c:\program files (x86)\SearchProtect\Main\bin\SPtool.dll_1390851092357
c:\program files (x86)\SearchProtect\Main\bin\SPtool.dll_1390851092373
c:\program files (x86)\SearchProtect\Main\bin\SPtool.dll_1391023827157
c:\program files (x86)\SearchProtect\Main\bin\SPtool.dll_1391023827160
c:\program files (x86)\SearchProtect\Main\bin\SPtool.dll_1391457939485
c:\program files (x86)\SearchProtect\Main\bin\uninstall.exe
c:\program files (x86)\SearchProtect\Main\rep\SystemRepository.dat
c:\program files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
c:\program files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe_1391457940392
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll_1391457940449
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll_1391457940483
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
c:\program files (x86)\SearchProtect\UI\bin\cltmngui.exe
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\text-field.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\v.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\x.png
c:\program files (x86)\SearchProtect\UI\dialogs\libs\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\main.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.css
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.html
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js
c:\program files (x86)\SearchProtect\UI\dialogs\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.css
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.js
c:\program files (x86)\SearchProtect\UI\dialogs\style.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js
c:\programdata\IePluginService
c:\programdata\IePluginService\PluginService.exe
c:\users\Daniel\AppData\Local\TempDIR
c:\users\Daniel\AppData\Local\TempDIR\PIP2691_NDV2_.exe
c:\users\Daniel\AppData\Roaming\BabMaint.exe
c:\users\Daniel\AppData\Roaming\Roaming
c:\users\Daniel\AppData\Roaming\Roaming\Quest3D\ShipSimExtreme\channels.lst
c:\windows\SysWow64\frapsvid.dll
H:\install.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_IePluginService
-------\Service_IePluginService
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-01-03 bis 2014-02-03  ))))))))))))))))))))))))))))))
.
.
2014-02-03 18:06 . 2014-02-03 18:17	--------	d-----w-	C:\FRST
2014-02-02 21:06 . 2014-02-02 21:06	--------	d-----w-	c:\program files (x86)\Common Files\Java
2014-02-02 21:06 . 2014-02-02 21:06	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-02-02 21:01 . 2014-02-02 21:06	--------	d-----w-	c:\programdata\Oracle
2014-02-02 20:37 . 2014-02-02 20:37	--------	d-----w-	c:\program files (x86)\SupTab
2014-02-02 20:37 . 2014-02-02 20:37	--------	d-----w-	c:\programdata\WPM
2014-02-02 20:31 . 2014-02-03 14:03	--------	d-----w-	c:\program files (x86)\RightSurf
2014-01-12 16:29 . 2014-01-12 16:29	--------	d-----w-	c:\users\Daniel\AppData\Local\Windows Live Writer
2014-01-12 16:29 . 2014-01-12 16:29	--------	d-----w-	c:\users\Daniel\AppData\Roaming\Windows Live Writer
2014-01-11 16:28 . 2014-01-11 16:28	--------	d-----w-	c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-01-11 16:28 . 2014-01-11 16:28	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2014-01-11 13:24 . 2014-01-11 13:24	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2014-01-11 13:09 . 2014-01-11 13:09	--------	d-----w-	C:\NVIDIA
2014-01-09 16:14 . 2013-12-05 08:42	39200	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2014-01-09 16:14 . 2013-12-05 08:42	32544	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2014-01-07 17:46 . 2014-01-07 17:46	--------	d-----w-	c:\users\Daniel\AppData\Local\NBGI
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-12 10:51 . 2012-12-27 14:46	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-12 10:51 . 2012-12-27 14:46	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-21 17:16 . 2013-04-11 14:09	90708896	----a-w-	c:\windows\system32\MRT.exe
2013-12-19 20:33 . 2013-11-02 15:04	18310112	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-12-19 20:33 . 2013-11-02 15:04	15230352	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2013-12-19 20:33 . 2013-11-02 15:03	1436528	----a-w-	c:\windows\system32\nvumdshimx.dll
2013-12-19 20:33 . 2012-12-25 20:14	2698272	----a-w-	c:\windows\SysWow64\nvapi.dll
2013-12-19 20:33 . 2012-12-12 20:19	61216	----a-w-	c:\windows\system32\OpenCL.dll
2013-12-19 20:33 . 2012-12-12 20:19	53024	----a-w-	c:\windows\SysWow64\OpenCL.dll
2013-12-19 20:33 . 2012-12-12 20:18	3071656	----a-w-	c:\windows\system32\nvapi64.dll
2013-12-19 18:53 . 2012-12-12 20:19	6671648	----a-w-	c:\windows\system32\nvcpl.dll
2013-12-19 18:53 . 2012-12-12 20:19	3490080	----a-w-	c:\windows\system32\nvsvc64.dll
2013-12-19 18:53 . 2012-12-12 20:19	922912	----a-w-	c:\windows\system32\nvvsvc.exe
2013-12-19 18:53 . 2012-12-12 20:19	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-12-19 18:53 . 2012-12-12 20:19	386336	----a-w-	c:\windows\system32\nvmctray.dll
2013-12-19 18:53 . 2012-12-12 20:19	2559776	----a-w-	c:\windows\system32\nvsvcr.dll
2013-12-19 11:20 . 2013-12-19 11:20	590112	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2013-12-19 05:01 . 2012-12-12 20:19	3539040	----a-w-	c:\windows\system32\nvcoproc.bin
2013-12-10 02:13 . 2013-10-31 14:16	982232	----a-w-	c:\windows\SysWow64\nvspcap.dll
2013-12-10 02:13 . 2013-10-31 14:16	1100248	----a-w-	c:\windows\system32\nvspcap64.dll
2013-12-07 18:28 . 2012-12-25 19:18	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-12-07 17:35 . 2012-12-25 19:18	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-12-05 08:42 . 2013-07-31 12:10	35104	----a-w-	c:\windows\system32\nvaudcap64v.dll
2013-12-03 12:42 . 2013-12-03 12:42	76888	----a-w-	c:\windows\system32\PnkBstrA.exe
2013-11-29 17:38 . 2013-11-29 17:38	275360	----a-w-	c:\windows\system32\DreamScene.dll
2013-11-23 18:26 . 2013-12-21 17:14	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-21 17:14	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-11-20 20:19 . 2012-12-25 19:18	75136	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2013-11-20 19:39 . 2013-09-14 15:06	3123272	----a-w-	c:\windows\SysWow64\pbsvc.exe
2013-11-12 02:23 . 2013-12-21 17:14	2048	----a-w-	c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-21 17:14	2048	----a-w-	c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
2014-01-14 09:04	513136	----a-w-	c:\program files (x86)\SupTab\SupTab.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{88be1aa9-6740-461c-9e3e-f35eb8fa741c}]
2014-02-01 03:23	249632	----a-w-	c:\program files (x86)\RightSurf\RightSurfBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-13 15:15	220632	----a-w-	c:\users\Daniel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-13 15:15	220632	----a-w-	c:\users\Daniel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-13 15:15	220632	----a-w-	c:\users\Daniel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"TBPanel"="c:\program files (x86)\EXPERTool\TBPanel.exe" [2013-07-03 2160936]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-25 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2000-01-01 5299320]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2013-09-28 442200]
"Razer Blackwidow Driver"="c:\program files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe" [2012-05-09 887712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"KiesTrayAgent"=c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
"PWRISOVM.EXE"=c:\program files (x86)\PowerISO\PWRISOVM.EXE -startup
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 CltMngSvc;Search Protect by Conduit Service;c:\progra~2\SearchProtect\Main\bin\CltMngSvc.exe;c:\progra~2\SearchProtect\Main\bin\CltMngSvc.exe [x]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\users\Daniel\Downloads\aida64extreme_build_2419_txgzqv3nwh\kerneld.x64;c:\users\Daniel\Downloads\aida64extreme_build_2419_txgzqv3nwh\kerneld.x64 [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys;c:\windows\SYSNATIVE\DRIVERS\wg111v2.sys [x]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe;c:\program files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys;c:\windows\SYSNATIVE\DRIVERS\scmndisp.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20140121.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [x]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\ccSetx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20140131.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20140131.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1404000.028\SYMNETS.SYS [x]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [x]
S2 AsusSE;AsusSE;c:\program files (x86)\ASUS\PCE-N15 WLAN Card Utilities\RtlService.exe;c:\program files (x86)\ASUS\PCE-N15 WLAN Card Utilities\RtlService.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Packard Bell\Registration\GregHSRW.exe;c:\program files (x86)\Packard Bell\Registration\GregHSRW.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccSvcHst.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SCM_Service;SCM_Service;c:\windows\SysWOW64\WinService.exe;c:\windows\SysWOW64\WinService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 StumbleUponUpdater;StumbleUpon Updater;c:\users\Daniel\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe;c:\users\Daniel\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 Update RightSurf;Update RightSurf;c:\program files (x86)\RightSurf\updateRightSurf.exe;c:\program files (x86)\RightSurf\updateRightSurf.exe [x]
S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
S2 Util RightSurf;Util RightSurf;c:\program files (x86)\RightSurf\bin\utilRightSurf.exe;c:\program files (x86)\RightSurf\bin\utilRightSurf.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S2 Wpm;Wpm Service;c:\programdata\WPM\wprotectmanager.exe;c:\programdata\WPM\wprotectmanager.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys;c:\windows\SYSNATIVE\DRIVERS\RzSynapse.sys [x]
S3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-03 16:55	1211672	----a-w-	c:\program files (x86)\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-27 10:51]
.
2013-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-17 18:50]
.
2013-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-17 18:50]
.
2014-02-03 c:\windows\Tasks\schedule!1818212897.job
- c:\programdata\BetterSoft\EasyLife Updater\EasyLife Updater.exe [2013-02-10 19:58]
.
2013-11-03 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2013-03-29 14:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-13 15:15	244696	----a-w-	c:\users\Daniel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-13 15:15	244696	----a-w-	c:\users\Daniel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-13 15:15	244696	----a-w-	c:\users\Daniel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2009-08-06 828960]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2000-01-01 5299320]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-10-18 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
"ExpoThemes-Driver"="c:\program files (x86)\ExpoThemes\expothemes_core.exe" [2013-08-22 108544]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPE2265FD0-F72E-4518-A0B9-D1302DD41D59&SSPV=
mDefault_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX&q={searchTerms}
mDefault_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX
mStart Page = hxxp://www.sweet-page.com/?type=hp&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX&q={searchTerms}
mSearchAssistant = hxxp://www.sweet-page.com/web/?type=ds&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX&q={searchTerms}
mCustomizeSearch = hxxp://www.sweet-page.com/web/?type=ds&ts=1391373079&from=cor&uid=HitachiXHDT725032VLA360_VFH200R2DXEPBTDXEPBTX&q={searchTerms}
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.179.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
Toolbar-Locked - (no file)
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-IePlugins - c:\programdata\IePluginService\PluginService.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-SearchProtect - c:\progra~2\SearchProtect\Main\bin\uninstall.exe
AddRemove-SP_d33a5824 - c:\program files (x86)\EasyLife\uninstall.exe
AddRemove-{5526d33c-7120-4326-9097-defcbdfa0dbc} - c:\program files (x86)\LyricsPal\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\users\Daniel\Downloads\aida64extreme_build_2419_txgzqv3nwh\kerneld.x64"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1119768418-3556732592-1963311031-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1119768418-3556732592-1963311031-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-1119768418-3556732592-1963311031-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2E119F3E-F25F-FA94-3A97-36AED6499F1D}*]
"oaapigmgmoikjaclimdlfjkphbjfod"=hex:69,61,6b,65,68,6f,6c,69,68,6a,68,6d,6f,64,
   62,61,64,67,00,00
"pakpcikolcejbmjkdmajllgmndkflcob"=hex:69,61,6b,65,68,6f,6c,69,68,6a,68,6d,6f,
   64,62,61,64,67,00,00
.
[HKEY_USERS\S-1-5-21-1119768418-3556732592-1963311031-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9C86DA9C-177B-7720-D07D-0951A4559652}*]
"papbogpahlfgbikpjogdlhnbjjholiod"=hex:69,61,61,70,6f,68,70,63,61,6b,61,6a,64,
   6e,64,6c,6d,6f,00,00
"oafbannmglhiingflihbmeeanofiea"=hex:69,61,6b,6f,61,69,6a,6c,62,65,6c,6c,70,6a,
   61,67,64,66,00,00
.
[HKEY_USERS\S-1-5-21-1119768418-3556732592-1963311031-1000\Software\SecuROM\License information*]
"datasecu"=hex:8b,f4,9a,a3,b0,e7,2b,e2,4d,f1,10,f0,a5,f2,32,e0,a2,b5,7d,c6,34,
   cd,59,5a,cb,70,fc,4d,93,60,06,a4,92,f4,27,f9,08,31,6e,2b,8c,9f,5d,cb,93,d6,\
"rkeysecu"=hex:9d,85,06,89,db,86,0d,97,8d,1b,91,81,ad,62,08,76
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\PCE-N15 WLAN Card Utilities\RtWlan.exe
c:\windows\system32\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-02-03  22:58:08 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-02-03 21:58
.
Vor Suchlauf: 24 Verzeichnis(se), 23.227.285.504 Bytes frei
Nach Suchlauf: 32 Verzeichnis(se), 23.414.116.352 Bytes frei
.
- - End Of File - - 55604072AA36895D341C2C91EE9F288C
A36C5E4F47E84449FF07ED3517B43A31

cosinus · 03.02.2014, 23:43

Adware/Junkware/Toolbars entfernen

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Trojanhater3 · 04.02.2014, 16:04

Code:

ATTFilter

# AdwCleaner v3.018 - Bericht erstellt am 04/02/2014 um 14:33:15
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Daniel - DANIEL-GAMER
# Gestartet von : C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y9IW8WZ4\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : CltMngSvc
Dienst Gelöscht : StumbleUponUpdater

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BetterSoft
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Browse2Save
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\RightClick
Ordner Gelöscht : C:\ProgramData\SoftSafe
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browse2Save
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\BrowseToSave
Ordner Gelöscht : C:\Program Files (x86)\Delta
Ordner Gelöscht : C:\Program Files (x86)\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\WebSearch
Ordner Gelöscht : C:\Windows\SysWOW64\Searchprotect
Ordner Gelöscht : C:\Users\Daniel\AppData\Local\eSupport.com
Ordner Gelöscht : C:\Users\Daniel\AppData\Local\Searchprotect
Ordner Gelöscht : C:\Users\Daniel\AppData\LocalLow\Browse2Save
Ordner Gelöscht : C:\Users\Daniel\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Daniel\AppData\LocalLow\StumbleUpon
Ordner Gelöscht : C:\Users\Daniel\AppData\LocalLow\SweetIM
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Delta
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\SendSpace
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\SweetPacksToolbarData
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\Extensions\firejump@firejump.net
Ordner Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgifblbjgdjhcelbanblbhkhmbnnmhfg
Ordner Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnbbffeddnekkhjmokkhdebbfbibbflc
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\searchplugins\conduit-search.xml
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\searchplugins\EasyLife.xml
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\searchplugins\safesearch.xml
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\searchplugins\WebSearch.xml
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\BrowserProtect

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support\Contact.lnk
Verknüpfung Desinfiziert : C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{0F827075-B026-42F3-885D-98981EE7B1AE}]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [firejump@firejump.net]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pgifblbjgdjhcelbanblbhkhmbnnmhfg
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pnbbffeddnekkhjmokkhdebbfbibbflc
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\StumbleUpon.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\StumbleUpon.QTimeCpio
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\StumbleUpon.QTimeCpio.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Lyrics_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Lyrics_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_4e24eecb
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_d33a5824
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_f2a323db
Schlüssel Gelöscht : HKCU\Software\5c0dadee03fe544
Schlüssel Gelöscht : HKLM\SOFTWARE\5c0dadee03fe544
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_battlefield-3-theme_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_battlefield-3-theme_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_paragon-partition-manager-12_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_paragon-partition-manager-12_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_paragon-partition-manager_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_paragon-partition-manager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_partition-wizard_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_partition-wizard_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{50F7F0BE-31BA-4145-BD8B-6B0DECFED804}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FFA865B3-D6B7-00D2-D6F7-C7CAF43F0AF2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFA865B3-D6B7-00D2-D6F7-C7CAF43F0AF2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FFA865B3-D6B7-00D2-D6F7-C7CAF43F0AF2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{01BD49D7-C76B-4310-8BEB-14D7E5F322C6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{01BD49D7-C76B-4310-8BEB-14D7E5F322C6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\anchorfree
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StumbleUpon
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\lyricspal
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\StumbleUpon
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\SearchProtect
Schlüssel Gelöscht : HKLM\Software\SP Global
Schlüssel Gelöscht : HKLM\Software\SProtector
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16750

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v

[ Datei : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\prefs.js ]

Zeile gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Zeile gelöscht : user_pref("aol_toolbar.default.search.check", false);
Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SPE2265FD0-F72E-4518-A0B9-D1302DD41D59");
Zeile gelöscht : user_pref("browser.search.defaultenginename,S", "WebSearch");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://websearch.helpmefindyour.info/?pid=658&r=2013/04/11&hid=668093504&lg=EN&cc=DE&l=1&q=");
Zeile gelöscht : user_pref("browser.search.order.1", "WebSearch");
Zeile gelöscht : user_pref("browser.search.order.1,S", "WebSearch");
Zeile gelöscht : user_pref("browser.search.selectedEngine,S", "WebSearch");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.id", "7647d39500000000000000184dab0433");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15796");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.10.0");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.10.021:44:43");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.10.0");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://websearch.helpmefindyour.info/?pid=658&r=2013/04/11&hid=668093504&lg=EN&cc=DE&l=1&q=");
Zeile gelöscht : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
Zeile gelöscht : user_pref("sweetim.toolbar.Visibility.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Zeile gelöscht : user_pref("sweetim.toolbar.cargo", "3.1010000.10025");
Zeile gelöscht : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.cda.returnValue", "none");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version=$ITEM_VERSION;&crg=$cargo;");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Zeile gelöscht : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube.com/.*|.*.yahoo.com/.*|.[...]
Zeile gelöscht : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Zeile gelöscht : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Zeile gelöscht : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Zeile gelöscht : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Zeile gelöscht : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Zeile gelöscht : user_pref("sweetim.toolbar.mode.debug", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.newtab.created", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.newtab.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Zeile gelöscht : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.callback", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
Zeile gelöscht : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Zeile gelöscht : user_pref("sweetim.toolbar.search.history.capacity", "10");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.simapp_id", "{8BA58EB7-508F-11E2-9026-001FC63FB021}");
Zeile gelöscht : user_pref("sweetim.toolbar.version", "1.9.0.0");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPE2265FD0-F72E-4518-A0B9-D1302DD41D59");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Conduit Search");

-\\ Google Chrome v32.0.1700.102

[ Datei : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [33661 octets] - [04/02/2014 14:32:09]
AdwCleaner[S0].txt - [30437 octets] - [04/02/2014 14:33:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [30498 octets] ##########

	Code: 

 ATTFilter

  
	         
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Ultimate x64
Ran by Daniel on 04.02.2014 at 15:45:27,32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] Util RightSurf 
Successfully deleted: [Service] Util RightSurf 
Failed to stop: [Service] Update RightSurf 



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88be1aa9-6740-461c-9e3e-f35eb8fa741c}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{88be1aa9-6740-461c-9e3e-f35eb8fa741c}



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\Program Files (x86)\RightSurf"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.02.2014 at 15:54:49,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2014
Ran by Daniel (administrator) on DANIEL-GAMER on 04-02-2014 15:59:09
Running from C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V0HZFE2N
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek) C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\RtlService.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\RtWLan.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccsvchst.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccsvchst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\SysWOW64\WinService.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(Gainward Co. Ltd.) C:\Program Files (x86)\EXPERTool\TBPanel.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() H:\SteamLibrary\SteamApps\SteamApps\SteamApps\common\GarrysMod\hl2.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
() C:\Program Files (x86)\RightSurf\updateRightSurf.exe
(Awesomium Technologies) H:\SteamLibrary\SteamApps\SteamApps\SteamApps\common\GarrysMod\bin\awesomium_process.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [828960 2009-08-06] (Acer Incorporated)
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320 2000-01-01] (VIA)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-15] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ExpoThemes-Driver] - C:\Program Files (x86)\ExpoThemes\expothemes_core.exe [108544 2013-08-22] (ExpoThemes)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320 2000-01-01] (VIA)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442200 2013-09-28] (Razer Inc.)
HKLM-x32\...\Run: [Razer Blackwidow Driver] - C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe [887712 2012-05-09] (Razer USA Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-1119768418-3556732592-1963311031-1000\...\Run: [TBPanel] - C:\Program Files (x86)\EXPERTool\TBPanel.exe [2160936 2013-07-03] (Gainward Co. Ltd.)
HKU\S-1-5-21-1119768418-3556732592-1963311031-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-25] (Google Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchURL = hxxp://home.microsoft.com/access/autosearch.asp?p=%s
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_deDE514
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @protectdisc.com/NPMPDRM - C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\searchplugins\conduit-search-1.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\searchplugins\conduit-search-2.xml
FF Extension: StumbleUpon - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\Extensions\toolbar@stumbleupon.com [2013-03-13]
FF Extension: DHL Packstation Bestellhelfer - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\Extensions\{b8cbd8e0-e642-11dd-ba2f-0800200c9a66} [2013-03-14]
FF Extension: Preispilot - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\Extensions\extension@preispilot.com.xpi [2013-01-04]
FF Extension: NoScript - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ro0fc8jr.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-11-28]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2013-02-12]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2013-02-12]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFF [2013-10-10]
FF HKCU\...\Firefox\Extensions: [{8f5010e2-9577-4aed-ad42-f2098ea15def}] - C:\Program Files (x86)\LyricsPal\133.xpi

Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-03]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-03]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-03]
CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-03]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-03]
CHR Extension: (Norton Identity Protection) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-02-03]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-03]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-03]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\Exts\Chrome.crx [2014-02-03]
CHR HKLM-x32\...\Chrome\Extension: [pkndmigholgfjlniaohblojbhgjbkakn] - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-02-03]

==================== Services (Whitelisted) =================

R2 AsusSE; C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\RtlService.exe [36864 2012-04-09] (Realtek)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [844320 2009-08-06] (Acer Incorporated)
R2 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-06-04] (Acer Incorporated)
R2 NIS; C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [62720 2009-08-21] (NewTech Infosystems, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-12-03] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-11-20] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe [71832 2009-06-15] (SiSoftware)
R2 SCM_Service; C:\Windows\SysWOW64\WinService.exe [186848 2010-05-10] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-09-09] (TuneUp Software)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH)
R2 Update RightSurf; C:\Program Files (x86)\RightSurf\updateRightSurf.exe [103200 2014-02-01] ()
S2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2000-01-01] (VIA Technologies, Inc.)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [493568 2014-02-02] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

S3 AIDA64Driver; C:\Users\Daniel\Downloads\aida64extreme_build_2419_txgzqv3nwh\kerneld.x64 [31576 2013-04-15] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-02] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-25] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20140203.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20140203.019\ENG64.SYS [126040 2013-11-25] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20140203.019\EX64.SYS [2099288 2013-11-25] (Symantec Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2012-01-18] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2012-01-18] ()
S3 RTL8187; C:\Windows\System32\DRIVERS\wg111v2.sys [450048 2010-04-06] (NETGEAR Inc.)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39096 2013-09-13] (Razer Inc)
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [154624 2011-05-12] (Razer USA Ltd)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-02-12] (Duplex Secure Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-11-02] ()
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-20] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [43680 2013-03-05] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
U3 agn6bqec; C:\Windows\System32\Drivers\agn6bqec.sys [0 ] (Advanced Micro Devices)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U5 Ps2; C:\Windows\System32\Drivers\Ps2.sys [19072 2010-03-18] (Hewlett-Packard Company)
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-04 15:54 - 2014-02-04 15:54 - 00001416 _____ () C:\Users\Daniel\Desktop\JRT.txt
2014-02-04 15:18 - 2014-02-04 15:18 - 00003028 _____ () C:\Windows\avmadd32.log
2014-02-04 15:18 - 2014-02-04 15:18 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box
2014-02-04 15:18 - 2006-12-14 13:42 - 00069120 ____R (AVM Berlin) C:\Windows\SysWOW64\avmadd32.dll
2014-02-04 14:32 - 2014-02-04 14:33 - 00000000 ____D () C:\AdwCleaner
2014-02-04 14:31 - 2014-02-04 14:31 - 00000000 ____D () C:\Windows\ERUNT
2014-02-03 22:58 - 2014-02-03 22:58 - 00039115 _____ () C:\ComboFix.txt
2014-02-03 22:29 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-03 22:29 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-03 22:29 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-03 22:29 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-03 22:29 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-03 22:29 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-03 22:29 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-03 22:29 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-03 22:26 - 2014-02-03 22:58 - 00000000 ____D () C:\Qoobox
2014-02-03 22:25 - 2014-02-03 22:55 - 00000000 ____D () C:\Windows\erdnt
2014-02-03 19:06 - 2014-02-04 15:59 - 00000000 ____D () C:\FRST
2014-02-02 22:06 - 2014-02-02 22:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-02 22:06 - 2014-02-02 22:06 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-02 22:06 - 2014-02-02 22:06 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-02 22:06 - 2014-02-02 22:06 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-02 22:01 - 2014-02-02 22:06 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 21:37 - 2014-02-02 21:37 - 00000000 ____D () C:\ProgramData\WPM
2014-02-02 21:37 - 2014-02-02 21:37 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-02-02 21:31 - 2014-02-04 15:48 - 00000000 ____D () C:\Program Files (x86)\RightSurf
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Windows Live Writer
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Windows Live Writer
2014-01-11 17:28 - 2014-01-11 17:28 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-01-11 14:24 - 2014-01-11 14:24 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-01-11 14:15 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-11 14:15 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00357152 _____ () C:\Windows\system32\NvIFROpenGL.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00314656 _____ () C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-01-11 14:15 - 2013-12-19 21:33 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-01-11 14:15 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-01-11 14:15 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-01-11 14:15 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-01-11 14:09 - 2014-01-11 14:09 - 00000000 ____D () C:\NVIDIA
2014-01-09 17:14 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-01-09 17:14 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-01-07 21:05 - 2014-01-07 21:05 - 00000000 ____D () C:\Users\Daniel\Documents\FLiNGTrainer
2014-01-07 18:47 - 2014-01-07 18:47 - 00000000 ____D () C:\Users\Daniel\Documents\NBGI
2014-01-07 18:46 - 2014-01-07 18:46 - 00000000 ____D () C:\Users\Daniel\AppData\Local\NBGI

==================== One Month Modified Files and Folders =======

2014-02-04 15:59 - 2014-02-03 19:06 - 00000000 ____D () C:\FRST
2014-02-04 15:54 - 2014-02-04 15:54 - 00001416 _____ () C:\Users\Daniel\Desktop\JRT.txt
2014-02-04 15:48 - 2014-02-02 21:31 - 00000000 ____D () C:\Program Files (x86)\RightSurf
2014-02-04 15:48 - 2012-12-12 21:21 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-04 15:23 - 2012-12-12 17:46 - 01770567 _____ () C:\Windows\WindowsUpdate.log
2014-02-04 15:18 - 2014-02-04 15:18 - 00003028 _____ () C:\Windows\avmadd32.log
2014-02-04 15:18 - 2014-02-04 15:18 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box
2014-02-04 14:44 - 2009-07-14 05:45 - 00030704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-04 14:44 - 2009-07-14 05:45 - 00030704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-04 14:37 - 2013-07-30 18:53 - 00000438 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-02-04 14:36 - 2013-11-15 15:42 - 00012573 _____ () C:\Windows\setupact.log
2014-02-04 14:36 - 2013-02-10 14:43 - 00000442 ____H () C:\Windows\Tasks\schedule!1818212897.job
2014-02-04 14:36 - 2012-12-12 21:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-04 14:36 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-04 14:33 - 2014-02-04 14:32 - 00000000 ____D () C:\AdwCleaner
2014-02-04 14:33 - 2013-04-11 14:14 - 00000959 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-04 14:31 - 2014-02-04 14:31 - 00000000 ____D () C:\Windows\ERUNT
2014-02-04 14:25 - 2013-05-22 13:59 - 00000000 ____D () C:\Users\Daniel\AppData\Local\CrashDumps
2014-02-04 14:21 - 2013-11-18 15:02 - 00019054 _____ () C:\Windows\PFRO.log
2014-02-03 22:58 - 2014-02-03 22:58 - 00039115 _____ () C:\ComboFix.txt
2014-02-03 22:58 - 2014-02-03 22:26 - 00000000 ____D () C:\Qoobox
2014-02-03 22:55 - 2014-02-03 22:25 - 00000000 ____D () C:\Windows\erdnt
2014-02-03 22:50 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-03 22:47 - 2009-07-14 03:34 - 86507520 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-02-03 22:47 - 2009-07-14 03:34 - 22020096 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-02-03 22:47 - 2009-07-14 03:34 - 04980736 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-02-03 22:47 - 2009-07-14 03:34 - 00065536 _____ () C:\Windows\system32\config\SAM.bak
2014-02-03 22:47 - 2009-07-14 03:34 - 00028672 _____ () C:\Windows\system32\config\SECURITY.bak
2014-02-03 18:17 - 2012-12-13 15:22 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Google
2014-02-03 17:55 - 2009-08-25 05:00 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-03 16:31 - 2012-12-13 02:35 - 00708352 _____ () C:\Windows\system32\perfh007.dat
2014-02-03 16:31 - 2012-12-13 02:35 - 00153388 _____ () C:\Windows\system32\perfc007.dat
2014-02-03 16:31 - 2009-07-14 06:13 - 01644996 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-02 22:42 - 2013-06-01 19:03 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-02-02 22:06 - 2014-02-02 22:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-02 22:06 - 2014-02-02 22:06 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-02 22:06 - 2014-02-02 22:06 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-02 22:06 - 2014-02-02 22:06 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-02 22:06 - 2014-02-02 22:01 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 22:06 - 2013-04-21 12:11 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-02 22:06 - 2013-01-18 20:49 - 00000000 ___RD () C:\Users\Daniel\Desktop\Games
2014-02-02 22:06 - 2012-12-12 22:55 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-02-02 21:50 - 2012-12-28 02:47 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-02-02 21:37 - 2014-02-02 21:37 - 00000000 ____D () C:\ProgramData\WPM
2014-02-02 21:37 - 2014-02-02 21:37 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-02-02 17:08 - 2013-07-30 19:41 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\.minecraft
2014-02-02 17:05 - 2013-12-22 16:20 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Craften Terminal
2014-02-02 16:33 - 2013-07-30 15:54 - 00000000 ____D () C:\Program Files (x86)\Craften Terminal
2014-01-29 22:27 - 2013-02-15 14:55 - 00000000 ____D () C:\FFOutput
2014-01-26 21:43 - 2012-12-13 16:21 - 00000000 ____D () C:\Users\Daniel\AppData\Local\SKIDROW
2014-01-26 18:14 - 2013-01-03 00:10 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ship Simulator Extremes
2014-01-20 20:02 - 2013-03-20 15:18 - 00000000 ____D () C:\ProgramData\Steam
2014-01-20 19:53 - 2013-03-10 19:06 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\uTorrent
2014-01-18 19:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-01-18 17:47 - 2013-11-01 12:15 - 00000000 ____D () C:\Users\Daniel\Downloads\Battlefield_4_Theme
2014-01-15 22:27 - 2013-03-13 16:12 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Windows Live
2014-01-14 23:05 - 2013-10-04 16:09 - 00000000 ____D () C:\Fraps
2014-01-13 15:17 - 2013-11-03 23:24 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Windows Live Writer
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Windows Live Writer
2014-01-12 17:10 - 2012-12-27 15:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-12 11:52 - 2012-12-27 15:46 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-12 11:51 - 2012-12-27 15:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-12 11:51 - 2012-12-27 15:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-11 17:28 - 2014-01-11 17:28 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-01-11 14:24 - 2014-01-11 14:24 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-01-11 14:24 - 2012-12-12 21:19 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-11 14:09 - 2014-01-11 14:09 - 00000000 ____D () C:\NVIDIA
2014-01-09 17:43 - 2013-07-02 13:55 - 00000000 ____D () C:\Users\Daniel\AppData\Local\NVIDIA
2014-01-09 17:19 - 2013-10-31 18:11 - 00000000 ____D () C:\Users\Daniel\AppData\Local\NVIDIA Corporation
2014-01-09 17:18 - 2012-12-12 21:19 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-01-09 17:16 - 2012-12-12 21:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-01-08 21:25 - 2013-03-27 15:46 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\TS3Client
2014-01-07 21:05 - 2014-01-07 21:05 - 00000000 ____D () C:\Users\Daniel\Documents\FLiNGTrainer
2014-01-07 18:47 - 2014-01-07 18:47 - 00000000 ____D () C:\Users\Daniel\Documents\NBGI
2014-01-07 18:46 - 2014-01-07 18:46 - 00000000 ____D () C:\Users\Daniel\AppData\Local\NBGI
2014-01-07 18:45 - 2013-11-18 18:26 - 00072085 _____ () C:\Windows\DirectX.log
2014-01-05 23:04 - 2013-06-01 19:03 - 00000000 ____D () C:\ProgramData\Origin

Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-18 19:06

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2014
Ran by Daniel at 2014-02-04 16:03:20
Running from C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V0HZFE2N
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security CBE (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security CBE (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security CBE (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

"Truck Tycoon" (x32 Version: Version 1.0 - Nikita/1C)
µTorrent (HKCU Version: 3.3.2.30303 - BitTorrent Inc.)
2011 BMW 1M version 1.0 (x32 Version: 1.0 - MSM)
7-Zip 9.20 (x32 Version:  - )
A2A B17 Accusim (x32 Version:  - )
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1.3 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.5.5 MUI (x32 Version: 9.5.5 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Age of Empires III Gold Edition 1.00 (x32 Version:  - )
AI Carriers (x32 Version:  - )
Alice Greenfingers (x32 Version:  - Oberon Media)
Alps Pointing-device for VAIO (Version:  - ALPS ELECTRIC CO., LTD.)
Amazonia (x32 Version:  - Oberon Media)
ARMA 2 Operation Arrowhead Uninstall (x32 Version:  - )
ArmA 2 Uninstall (x32 Version:  - )
Armarize 1.4.0.0 (x32 Version: 1.4.0.0 - Johannes Meyer)
Ashampoo Burning Studio 2013 v.11.0.6 (x32 Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Assassins Creed IV Black Flag Deluxe Edition (x32 Version:  - Ubisoft)
ASUS PCE-N15 WLAN Card Utilities & Driver (x32 Version: 1.0.0.8 - )
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.22 - Atheros Communications Inc.)
AVM FRITZ!Box Dokumentation (x32 Version:  - AVM Berlin)
B-25J "Briefing Time" for FSX (x32 Version:  - )
Backup Manager Basic (x32 Version: 2.0.0.22 - NewTech Infosystems) Hidden
Battlefield 3™ (x32 Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (x32 Version: 1.0.0.1 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.3.2 - EA Digital Illusions CE AB)
Battlestations: Pacific (x32 Version: 1.00.0000 - Eidos plc)
BattlEye for OA Uninstall (x32 Version:  - )
BattlEye Uninstall (x32 Version:  - )
Bierbuden Autoupdate (remove only) (HKCU Version:  - )
BrowseToSave (Version: 1.0 - ) <==== ATTENTION
BSP Ripper (x32 Version:  - timetraveller)
BSPKMBeta0.2 Installer (x32 Version:  - )
CCleaner (Version: 4.07 - Piriform)
CDBurnerXP (x32 Version: 4.5.1.3868 - CDBurnerXP)
Cheat Engine 6.2 (x32 Version:  - Dark Byte)
Cheatbook Database 2013 (x32 Version:  - )
Chicken Invaders 2 (x32 Version:  - Oberon Media)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Counter-Strike: Global Offensive (x32 Version:  - )
Craften Terminal 3.5.3 (x32 Version: 3.5.3 - Craften.de)
Crysis®3 (x32 Version: 1.0.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (x32 Version: 4.46.1.0327 - DT Soft Ltd)
Dairy Dash (x32 Version:  - Oberon Media)
Dark Souls: Prepare to Die Edition (x32 Version:  - FromSoftware)
DayZ Commander (x32 Version: 0.92.79 - Dotjosh Studios)
Die Sims™ 3 (x32 Version: 1.50.56 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (x32 Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (x32 Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Showtime (x32 Version: 12.0.273 - Electronic Arts)
Dream Day First Home (x32 Version:  - Oberon Media)
EasyLife Gadget (Version: 1.0 - EasyLife Gadget)
EasyLife Updater (Version: 1.0 - BetterSoft)
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 (x32 Version: 1.1.1 - SCS Software)
EVEREST Home Edition v2.20 (x32 Version: 2.20 - Lavalys Inc)
EXPERTool v8.9 (x32 Version: 8.9.5.0 - Gainward Co. Ltd.)
Far Cry 3 (x32 Version: 1.04 - Ubisoft)
Farm Frenzy 2 (x32 Version:  - Oberon Media)
FlipTIB (x32 Version:  - )
FormatFactory 3.0.1 (x32 Version: 3.0.1 - Free Time)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (x32 Version:  - )
Garry's Mod (x32 Version:  - Facepunch Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (x32 Version: 32.0.1700.102 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Grand Theft Auto(TM): San Andreas (x32 Version:  - Rockstar)
Granny In Paradise (x32 Version:  - Oberon Media)
GTK+ 2.10.13 runtime environment (x32 Version:  - Tor Lillqvist)
Hamachi 1.0.1.5 (x32 Version:  - )
Heroes of Hellas (x32 Version:  - Oberon Media)
Identity Card (x32 Version: 1.00.3001 - Packard Bell)
IePluginService12.27.0.3326 (x32 Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Installer (x32 Version: 1.0.0 - Sierra Entertainment, Inc.) Hidden
IsoBuster 3.1 (x32 Version: 3.1 - Smart Projects)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 10 (x32 Version: 1.7.0.100 - Oracle)
JDownloader Packages (HKCU Version:  - ) <==== ATTENTION
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Launch Manager (x32 Version: 3.0.02 - Packard Bell)
Loadout Editor For ArmA2 Combined Operations & ACE 2 version 1.4 Update 4, build 1.4.74 (x32 Version: 1.4 Update 4, build 1.4.74 - The [S.o.E] team)
Logitech Gaming Software 5.10 (Version: 5.10.127 - Logitech)
Lyrics-Pal (x32 Version:  - LyricsPal Soft. LTD) <==== ATTENTION
Magic ISO Maker v5.5 (build 0281) (x32 Version:  - )
MegaTrainer eXperience V1.1.2.6c (x32 Version:  - )
Merriam Websters Spell Jam (x32 Version:  - Oberon Media)
Metaboli (x32 Version: 1.00.0006 - Packard Bell)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5 Beta (Version: 4.5.50131 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Flight Simulator X (x32 Version: 10.0.60905 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X: Acceleration (x32 Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration (x32 Version: 10.0.61637.0 - Microsoft Game Studios) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (x32 Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Works (x32 Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0 - Microsoft)
MiniTool Partition Wizard Home Edition 7.1 (x32 Version:  - MiniTool Solution Ltd.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (x32 Version: 4.20.9818.0 - Microsoft Corporation)
Mustang P51-D Restored Part 1 (x32 Version:  - )
Need for Speed™ Most Wanted (x32 Version: 1.5.0.0 - Electronic Arts)
Nero 9 Essentials (x32 Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.9.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.201 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.209 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.1.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.10.505 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NETGEAR WG111v2 wireless USB 2.0 adapter (x32 Version: 1.0.0.133 - NETGEAR)
NetOn 1.0 (x32 Version:  - Rct-Net.de)
Norton Internet Security CBE (x32 Version: 20.4.0.40 - Symantec Corporation)
Norton Online Backup (x32 Version: 1.2.0.36 - Symantec)
NVIDIA 3D Vision Controller-Treiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19 - NVIDIA Corporation)
OpenAL (x32 Version:  - )
Origin (x32 Version: 9.1.3.2637 - Electronic Arts, Inc.)
Packard Bell GameZone Console (x32 Version: 5.1.2.3 - Oberon Media, Inc.)
Packard Bell InfoCentre (x32 Version: 3.02.3000 - Packard Bell)
Packard Bell MyBackup (x32 Version: 2.0.0.22 - NewTech Infosystems)
Packard Bell Power Management (x32 Version: 4.05.3002 - Packard Bell)
Packard Bell Recovery Management (x32 Version: 4.05.3003 - Packard Bell)
Packard Bell Registration (x32 Version: 1.02.3004 - Packard Bell)
Packard Bell ScreenSaver (x32 Version: 1.4.0730 - Packard Bell Incorporated)
Packard Bell Updater (x32 Version: 1.01.3014 - Packard Bell)
PAYDAY 2 (x32 Version:  - OVERKILL - a Starbreeze Studio.)
PCSX2 - Playstation 2 Emulator (x32 Version:  - )
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pinnacle VideoSpin (x32 Version: 2.0.0.669 - Pinnacle Systems)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Play withSIX (x32 Version: 1.30.0464 - SIX Networks)
PowerISO (x32 Version: 5.5 - Power Software Ltd)
Preispilot für Firefox (x32 Version: 2.0 - Preispilot)
PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.)
Python 2.7.3 (64-bit) (Version: 2.7.3150 - Python Software Foundation)
Quake 4(TM) (x32 Version: 1.0 - Activision) Hidden
Quake 4(TM) (x32 Version: 1.0.4 - Activision)
Quake 4(TM) 1.0.4 Patch (x32 Version: 1.0 - Activision) Hidden
Quick Memory Editor 5.7 (x32 Version:  - softcows.com)
Race Injection (x32 Version:  - )
Razer BlackWidow Ultimate (x32 Version: 1.05.00 - Razer USA Ltd.)
Razer Synapse 2.0 (x32 Version: 1.14.4 - Razer Inc.)
RealFlight F6F Hellcat 3 and 5 for FSX (x32 Version:  - komu)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5904 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7100.30095 - Realtek Semiconductor Corp.)
Recovery Toolbox for CD Free 1.1 (x32 Version:  - Recovery Toolbox, Inc.)
Red Faction Guerrilla (x32 Version: 1.00.0000 - Ihr Firmenname)
Red Faction Guerrilla (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
RightSurf (Version: 2014.02.01.021226 - RightSurf) <==== ATTENTION
RollerCoaster Tycoon 2 Triple Thrill Pack (x32 Version:  - GOG.com)
RollerCoaster Tycoon 3 Platinum (x32 Version:  - GOG.com)
RTE Capture 1.60 (x32 Version:  - )
Saints Row IV (x32 Version:  - Deep Silver Volition)
Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (x32 Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
San Andreas Mod Installer (x32 Version: 1.1 - cpmusick)
SBD Dauntless FSX (HKCU Version:  - )
Schwarzwaldbahnen (x32 Version:  - )
Scribblenauts Unlimited (x32 Version:  - )
Scribblenauts Unmasked A DC Comics Adventure (x32 Version:  - )
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Ship Simulator Extremes (x32 Version:  - )
SiSoftware Sandra Lite 2013.SP4 (Version: 19.50.2013.7 - SiSoftware)
SlimDrivers (x32 Version: 2.2.28413 - SlimWare Utilities, Inc.)
Smart File Advisor 1.1.1 (x32 Version: 1.1.1 - Filefacts.net)
Sniper Elite V2 (x32 Version:  - )
Sniper Elite: Nazi Zombie Army (x32 Version:  - )
SpeedFan (remove only) (x32 Version:  - )
SSF Realism Mod (x32 Version:  - )
Star Defender 4 (x32 Version:  - Oberon Media)
State of Decay (x32 Version:  - Microsoft Game Studios)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
SupTab (x32 Version: 1.1.1.0 - ) <==== ATTENTION
SWAT 4 - The Stetchkov Syndicate (x32 Version: 1.0.0 - Sierra Entertainment, Inc.)
SWAT 4 (x32 Version: 1.0.31973 - Sierra Entertainment, Inc.)
SWAT 4 (x32 Version: 1.0.31973 - Sierra Entertainment, Inc.) Hidden
Synthesia (x32 Version: 8.4 - Synthesia LLC)
System Requirements Lab for Intel (x32 Version: 4.5.13.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKCU Version: 3.0.13.1 - TeamSpeak Systems GmbH)
Test Drive Unlimited 2 (x32 Version:  - )
The Simpsons Hit & Run(TM) (x32 Version: 1.00.000 - )
The Unsung vietnam war mod version 2.5 (x32 Version: 2.5 - Unsung)
The Walking Dead (x32 Version:  - )
The Walking Dead Survival Instinct (c) Activision version 1 (x32 Version: 1 - )
The Walking Dead: Season Two (x32 Version:  - Telltale Games)
The War Z (x32 Version:  - )
Thief - Deadly Shadows (x32 Version: 1.0 - )
Thief - Deadly Shadows Collective Texture Pack by John P., ver. 1.0.3 (x32 Version:  - John P.)
Tom Clancy's Rainbow Six Vegas 2 (x32 Version: 1.03 - Ubisoft)
Tom Clancy's Splinter Cell® Blacklist™ (x32 Version: 1.03 - Ubisoft)
Tomb Raider (x32 Version:  - Crystal Dynamics)
Tony Hawk's Pro Skater 3® (x32 Version: 1.0 - Activision Publishing, Inc.)
Tony Hawks Pro Skater 4 (x32 Version: 1.00.0000 - Aspyr Media)
Train Simulator 2014 (x32 Version:  - RailSimulator.com)
TransMac version 10.4 (x32 Version: 10.4 - Acute Systems)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.110 - TuneUp Software) Hidden
TuneUp Utilities 2014 (x32 Version: 14.0.1000.110 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.110 - TuneUp Software) Hidden
Tunngle beta (x32 Version:  - Tunngle.net GmbH)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
Uplay (x32 Version: 2.0 - Ubisoft)
VIA Plattform-Geräte-Manager (x32 Version: 1.34 - VIA Technologies, Inc.)
VLC media player 2.0.4 (Version: 2.0.4 - VideoLAN)
VRS F/A-18E Superbug X (x32 Version: 1.0.5.1 - Vertical Reality Simulations)
VRS TacPack (x32 Version: 1.3.2.1 - Vertical Reality Simulations)
War Thunder Launcher 1.0.1.278 (x32 Version:  - 2013 Gaijin Entertainment Corporation)
Wargame AirLand Battle (c) Focus Home Interactive version RLD! (x32 Version: RLD! - )
Weapon for FSX 1.0 (x32 Version: 1.0.00 - © 1999-2011 Captain Sim)
Welcome Center (x32 Version: 1.00.3005 - Packard Bell)
Westermann Industriemechaniker (x32 Version: 27840 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Alps Touch Pad Driver (07/23/2009 7.202.505.108) (Version: 07/23/2009 7.202.505.108 - Alps)
Windows-Treiberpaket - Intel hdc  (08/05/2009 9.1.1.1016) (Version: 08/05/2009 9.1.1.1016 - Intel)
Windows-Treiberpaket - Intel hdc  (10/05/2012 9.1.9.1002) (Version: 10/05/2012 9.1.9.1002 - Intel)
Windows-Treiberpaket - Intel System  (01/30/2008 8.6.1.1001) (Version: 01/30/2008 8.6.1.1001 - Intel)
Windows-Treiberpaket - Intel System  (08/05/2009 9.1.1.1016) (Version: 08/05/2009 9.1.1.1016 - Intel)
Windows-Treiberpaket - Intel System  (10/05/2012 9.1.9.1002) (Version: 10/05/2012 9.1.9.1002 - Intel)
Windows-Treiberpaket - Intel USB  (08/05/2009 9.1.1.1016) (Version: 08/05/2009 9.1.1.1016 - Intel)
Windows-Treiberpaket - Intel USB  (10/05/2012 9.1.9.1002) (Version: 10/05/2012 9.1.9.1002 - Intel)
Wings of POWER II:  B17 (x32 Version:  - )
WinLauncherXP 2.0.4 beta (x32 Version:  - GamerOffice)
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
WinUAE 2.5.1 (x32 Version: 2.5.1 - Arabuusimiehet)
Wise Registry Cleaner 7.89 (x32 Version: 7.89 - WiseCleaner.com, Inc.)
Wondershare Photo Recovery (build 3.0.2) (x32 Version:  - Wondershare Software Co., Ltd.)
WPM17.8.0.3325 (x32 Version: 17.8.0.3325 - Cherished Technololgy LIMITED) <==== ATTENTION
wxPython 2.8.12.1 (unicode) for Python 2.7 (Version: 2.8.12.1-unicode - Total Control Software)

==================== Restore Points  =========================

02-02-2014 20:59:41 Installed Java 7 Update 51
02-02-2014 21:04:21 Removed Java 7 Update 51
02-02-2014 21:05:17 Installed Java 7 Update 51
03-02-2014 17:37:24 Gerätetreiber-Paketinstallation: Anchorfree Inc Netzwerkdienst
03-02-2014 17:39:18 Gerätetreiber-Paketinstallation: Anchorfree HSS VPN Adapter Netzwerkadapter

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-02-03 22:50 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {00D03A3D-F082-40E8-B0AF-68D1C0186247} - System32\Tasks\{AD8CA157-0818-47AA-A776-4C49352924AE} => H:\Age of Empires 3\Age of Empires III Gold Edition\aoe3-114-german (1).exe
Task: {01EEE456-6D4C-4E93-8B17-58AA1B15A397} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {0C27BEA4-208F-4797-9768-CBA899EB273E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-09-09] (TuneUp Software)
Task: {10E5A892-FE8A-4954-8643-752CE324BBFF} - System32\Tasks\schedule!1818212897 => C:\ProgramData\BetterSoft\EasyLife Updater\EasyLife Updater.exe <==== ATTENTION
Task: {2790CEB4-C192-4B15-B957-6EC6FFDCAC64} - System32\Tasks\{53CD7279-78C2-484F-8E11-57E3BDC73438} => C:\Program Files (x86)\JoWooD\King\king.exe
Task: {2F315BA7-F3B5-4173-85E4-83671EA54738} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {351EC057-0B89-46F2-87DE-5FAB1D4EBA30} - System32\Tasks\{0157C634-853E-4D7F-84AC-8A9D125A82F2} => C:\Program Files (x86)\JoWooD\King\king.exe
Task: {3D93D6A1-944E-4F1E-A32B-09510DFC2890} - System32\Tasks\{FF209A0A-618A-4306-940A-18A286C600D0} => H:\Downloads\Thief3_Patch11\Thief Deadly Shadows Patch.exe [2007-02-17] ()
Task: {41AAA413-4D2D-4E76-AEF2-C2810BEEF18C} - System32\Tasks\{CD5AB24F-7AD5-48B5-8BFB-9C4CA2D1B1AC} => F:\setup.exe
Task: {44821434-EC62-4913-A051-89F31684A662} - System32\Tasks\{D4AB506C-AB45-4C4B-88C0-A09CEFCFE238} => F:\install.exe
Task: {453D17BC-8304-4584-B9BF-AA857F4435E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-17] (Google Inc.)
Task: {4B66EC8E-49A9-4195-836C-89274DBBDFDB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-17] (Google Inc.)
Task: {52EF355B-0E46-4F9F-A796-F88C0BBDA6DA} - \BrowserProtect No Task File
Task: {5CFAA3E1-8252-4FC1-B0E6-5178C7B08495} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {5E3EED47-D749-4F60-98D5-185D52DCC4B6} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {69BE14BD-D7ED-4D83-B740-278EC5201975} - System32\Tasks\{74AA2145-464B-4A52-9FA1-5B7A9294C33D} => F:\install.exe
Task: {6DAD6AFF-0D81-481B-96F3-96BEC3D2F1A6} - System32\Tasks\{49F22B28-C6D8-49A7-B25A-E0841514E6FB} => H:\Age of Empires 3\Age of Empires III Gold Edition\aoe3-114-german (1).exe
Task: {75213718-40AD-4712-B609-08780B25E21D} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-03-29] (SlimWare Utilities, Inc.)
Task: {75B278C9-687C-4E28-9610-5C47FEE07447} - System32\Tasks\{A2DA23C0-69C8-4B3B-8A3D-F3BB2B523588} => F:\setup.exe
Task: {81859949-B647-4C4C-988B-CAE76BA900F1} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {8673E097-D82E-42DE-8E8C-6DFF47CF009C} - System32\Tasks\{05D90A2B-0EC3-46CC-945D-0ED8B27640C4} => C:\Program Files (x86)\JoWooD\King\king.exe
Task: {936B4FF1-8CC9-477C-BC1E-73BBDD0400E7} - System32\Tasks\{18B88D1C-2D61-4163-923C-0D671D15FC3B} => F:\setup.exe
Task: {946757F6-E817-43DC-9A01-811E4C99F0F7} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {94AECBD2-C470-4620-9878-D15C2E072645} - System32\Tasks\{7CAC1C2E-1F78-40D8-A8FC-DF49742186F3} => F:\install.exe
Task: {AF7C2BD6-190E-450A-A39D-F099F67C57FB} - System32\Tasks\{C08E20F5-C069-4E62-B6B7-C7EC97B2B1D3} => C:\Program Files (x86)\JoWooD\King\king.exe
Task: {B460F6E1-FC96-49C1-96BB-CDCA9DA25EA0} - System32\Tasks\{1C3ECF66-4E24-4424-BF4A-9676C0E15CFF} => C:\Program Files (x86)\Thief - Deadly Shadows\System\t3.exe [2013-07-05] (Ion Storm, L.P.)
Task: {B52C46CF-6BD6-4253-82E1-58A1BD4BFB38} - System32\Tasks\{B2603232-69A9-417B-822F-9D9249801BFB} => C:\Program Files (x86)\JoWooD\King\king.exe
Task: {B937AFF1-00F3-40F9-B901-CCD3CA3B287C} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {B9FABB4E-0D88-45E0-B9C9-7F8DFB0F6C51} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {BDD4759C-B39C-4A70-9ABC-A23F0B446D5B} - System32\Tasks\{B8F46D44-E117-4A8D-86DA-7765F6CBA4D9} => C:\Program Files (x86)\JoWooD\King\king.exe
Task: {CC6ED2E5-90CC-4C2C-A5E1-7047C7346D25} - System32\Tasks\{A6848A01-BB69-4173-A5B2-352F5F50E7C9} => C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe [2007-09-26] (Microsoft Corp.)
Task: {E18BFD26-F41A-44FC-8683-30E34368F5B3} - System32\Tasks\{BA848A39-E2D1-4A33-A6CF-7033B4384549} => C:\Program Files (x86)\JoWooD\King\king.exe
Task: {F677D0FB-58C6-476F-B674-50293C6F6D08} - System32\Tasks\{ECC8DE39-415B-4457-9584-2622582A994A} => C:\Program Files (x86)\JoWooD\King\king.exe
Task: {FCACD65A-452D-42CC-A67A-64026086A665} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-12] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\schedule!1818212897.job => C:\ProgramData\BetterSoft\EasyLife Updater\EasyLife Updater.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe

==================== Loaded Modules (whitelisted) =============

2012-12-12 21:19 - 2013-12-19 19:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-09 14:29 - 2013-09-09 14:29 - 00757048 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2013-07-25 14:10 - 2012-04-09 14:21 - 00126976 _____ () C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\EnumDevLib.dll
2009-02-03 01:33 - 2009-02-03 01:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\sqlite3.dll
2008-09-29 01:55 - 2008-09-29 01:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\ACE.dll
2013-06-18 14:22 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY CBE\ENGINE\20.4.0.40\wincfi39.dll
2014-01-08 15:59 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-08 15:59 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-03-12 17:10 - 2014-01-11 00:33 - 00717312 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2012-12-12 21:43 - 2014-01-27 20:02 - 01138088 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-12-12 21:43 - 2014-01-11 00:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-12-12 21:43 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-12-12 21:43 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-12-12 21:43 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00157696 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\launcher.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00246272 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\tier0.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00164352 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\vstdlib.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00893952 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\filesystem_stdio.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 04214272 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\engine.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00103936 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\inputsystem.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 01139200 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\materialsystem.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00232960 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\datacache.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00517120 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\studiorender.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00914344 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\vphysics.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 01345024 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\vguimatsurface.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00353792 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\vgui2.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00937472 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\shaderapidx9.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00147968 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\stdshader_dbg.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00228864 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\stdshader_dx6.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00160768 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\stdshader_dx7.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00346112 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\stdshader_dx8.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00559104 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\stdshader_dx9.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00156160 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\garrysmod\bin\game_shader_generic_garrysmod.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00070056 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\unicode.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 06708224 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\garrysmod\bin\client.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 10023936 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\garrysmod\bin\server.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00119808 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\soundemittersystem.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00071680 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\scenefilecache.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00453632 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\garrysmod\bin\lua_shared.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 02038784 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\garrysmod\bin\menusystem.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00880640 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\garrysmod\bin\resources.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00082944 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\garrysmod\bin\gmhtml.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00080384 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\gmod_audio.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 02051584 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\GameUI.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 00897536 _____ () h:\steamlibrary\steamapps\steamapps\steamapps\common\garrysmod\bin\serverbrowser.dll
2014-01-12 11:51 - 2014-01-12 11:51 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
2014-02-02 22:06 - 2014-02-02 22:37 - 01099704 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\avcodec-53.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00123320 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\avutil-51.dll
2014-02-02 22:37 - 2014-02-02 22:37 - 00190904 _____ () H:\SteamLibrary\SteamApps\SteamApps\steamapps\common\GarrysMod\bin\avformat-53.dll
2013-06-18 14:22 - 2012-05-30 07:51 - 00699280 ____R () C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\wincfi39.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
Description: Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros
Service: L1E
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Alps Pointing-device
Description: Alps Pointing-device
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Alps Electric
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Launch Manager
Description: Launch Manager
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: Packard Bell
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-02-03 22:45:21.630
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-03 22:45:21.537
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-10-04 16:49:22.607
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Daniel\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-10-04 16:49:22.528
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Daniel\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-10-04 16:49:21.483
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-10-04 16:49:21.405
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-27 13:30:20.622
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-27 13:30:20.513
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-27 13:23:20.499
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-27 13:23:20.410
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\hamachi.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 68%
Total physical RAM: 4095.18 MB
Available physical RAM: 1293.51 MB
Total Pagefile: 8188.54 MB
Available Pagefile: 4614.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:298.09 GB) (Free:22.55 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive h: (OS2) (Fixed) (Total:931.5 GB) (Free:529.14 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: F618F618)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 6EC25B35)
Partition 1: (Not Active) - (Size=931 GB) - (Type=OF Extended)

==================== End Of Log ============================

So bitte

cosinus · 04.02.2014, 16:24

JRT Log fehlt

Trojanhater3 · 04.02.2014, 16:27

Ups sorry.
hier die JRT

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Ultimate x64
Ran by Daniel on 04.02.2014 at 15:45:27,32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] Util RightSurf 
Successfully deleted: [Service] Util RightSurf 
Failed to stop: [Service] Update RightSurf 



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88be1aa9-6740-461c-9e3e-f35eb8fa741c}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{88be1aa9-6740-461c-9e3e-f35eb8fa741c}



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\Program Files (x86)\RightSurf"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.02.2014 at 15:54:49,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cosinus · 04.02.2014, 16:57

Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM)

Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Trojanhater3 · 06.02.2014, 21:32

endlich geschafft

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=67376f86e4d2a345b9cfab55967add39
# engine=16955
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-05 09:23:50
# local_time=2014-02-05 10:23:50 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 91 171228 154232015 0 0
# compatibility_mode=5893 16776574 100 94 6823242 143265280 0 0
# scanned=187332
# found=2
# cleaned=0
# scan_time=4896
sh=A696C5A0D50145AFDE3D3A71F70B1C3006AC2199 ft=1 fh=da0003b6601dbc17 vn="a variant of Win32/Adware.MultiPlug.I application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Browse2Save\5117a34d62476.dll.vir"
sh=0E7ADC69C61116EF698D27019B7E235216FC0F4A ft=0 fh=0000000000000000 vn="Win32/AdWare.AddLyrics.T application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnbbffeddnekkhjmokkhdebbfbibbflc\1.133_0\c.js.vir"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=67376f86e4d2a345b9cfab55967add39
# engine=16964
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-06 08:26:35
# local_time=2014-02-06 09:26:35 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 91 257793 154314980 0 0
# compatibility_mode=5893 16776574 100 94 6909807 143348245 0 0
# scanned=733135
# found=11
# cleaned=0
# scan_time=22609
sh=A696C5A0D50145AFDE3D3A71F70B1C3006AC2199 ft=1 fh=da0003b6601dbc17 vn="a variant of Win32/Adware.MultiPlug.I application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Browse2Save\5117a34d62476.dll.vir"
sh=0E7ADC69C61116EF698D27019B7E235216FC0F4A ft=0 fh=0000000000000000 vn="Win32/AdWare.AddLyrics.T application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnbbffeddnekkhjmokkhdebbfbibbflc\1.133_0\c.js.vir"
sh=7D85A8A8F04013DFA9E895999CED80D31475C29E ft=1 fh=6ea06a1e9519710f vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="C:\Program Files (x86)\The Walking Dead Survival Instinct\steam_api.dll"
sh=489879551C877644C60EADF3BD50AEB9FEE29E98 ft=0 fh=0000000000000000 vn="Win32/AdWare.AddLyrics.T application" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\LyricsPal\133.crx.vir"
sh=B9AD155B107E0AF6E22ECC35CF794FDB9BF69646 ft=1 fh=81e910bfa453a398 vn="a variant of Win32/AdWare.AddLyrics.T application" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\LyricsPal\133.dll.vir"
sh=CA8BE7ACA422FADD5FF90ECE8B3789D5B0FA46DE ft=1 fh=3ce2787d85b3eaf8 vn="a variant of Win32/AdWare.AddLyrics.T application" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\LyricsPal\Lyrics.exe.vir"
sh=D6CE6F9011EC8AD4D840C7D2DD23680B51D7CEEB ft=1 fh=56a8308eaf76a6e6 vn="a variant of Win32/AdWare.AddLyrics.W application" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\LyricsPal\Uninstall.exe.vir"
sh=2EA01BDDE25D4303699A47C59405AACF07BCE798 ft=1 fh=ff4d777e01df7e28 vn="Win32/StartPage.OPH trojan" ac=I fn="C:\Users\Daniel\Downloads\vlc-2.0.4-win64.exe"
sh=0FBE9C8A789845EBA7CBA09E43CC1B47CC9E6D2F ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.ABD trojan" ac=I fn="H:\brokenarrowcamp\5165121241124-ts14wal\5165121241124-ts14wal\wmt-ts14.iso"
sh=8223EFBA4A5C64047C2A2B2AF1FC91E5BCF11FE9 ft=1 fh=11e7881963618987 vn="a variant of Win32/Packed.VMProtect.ABD trojan" ac=I fn="H:\Downloads\Train.Simulator.2014.Steam.Edition.Fix.Only-3DM\plugins\GameManager.dll"
sh=7D85A8A8F04013DFA9E895999CED80D31475C29E ft=1 fh=6ea06a1e9519710f vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="H:\Wargame AirLand Battle\steam_api.dll"

cosinus · 07.02.2014, 00:38

Zitat:

C:\Program Files (x86)\The Walking Dead Survival Instinct\steam_api.dll
H:\brokenarrowcamp\5165121241124-ts14wal\5165121241124-ts14wal\wmt-ts14.iso
H:\Downloads\Train.Simulator.2014.Steam.Edition.Fix.Only-3DM\plugins\GameManager.dll
H:\Wargame AirLand Battle\steam_api.dll

Wasndas?

Trojanhater3 · 07.02.2014, 05:19

Das sind Überreste von Spielen, die mir ein Arbeitskollege irgendwann mal drauf gemacht hat. Hab die Spiele schon lange nicht mehr

cosinus · 07.02.2014, 10:20

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Program Files (x86)\The Walking Dead Survival Instinct
H:\brokenarrowcamp\5165121241124-ts14wal\5165121241124-ts14wal\wmt-ts14.iso
H:\Downloads\Train.Simulator.2014.Steam.Edition.Fix.Only-3DM
H:\Wargame AirLand Battle

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Trojanhater3 · 07.02.2014, 19:39

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-02-2014
Ran by Daniel at 2014-02-07 19:32:15 Run:1
Running from C:\Users\Daniel\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Program Files (x86)\The Walking Dead Survival Instinct
H:\brokenarrowcamp\5165121241124-ts14wal\5165121241124-ts14wal\wmt-ts14.iso
H:\Downloads\Train.Simulator.2014.Steam.Edition.Fix.Only-3DM
H:\Wargame AirLand Battle
*****************

C:\Program Files (x86)\The Walking Dead Survival Instinct => Moved successfully.
"H:\brokenarrowcamp\5165121241124-ts14wal\5165121241124-ts14wal\wmt-ts14.iso" => File/Directory not found.
"H:\Downloads\Train.Simulator.2014.Steam.Edition.Fix.Only-3DM" => File/Directory not found.
H:\Wargame AirLand Battle => Moved successfully.

==== End of Fixlog ====

bittöö

04.02.2014, 16:24	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Dauernder Absturz von Google Chrome, veranlasst durch Norton JRT Log fehlt __________________ Logfiles bitte immer in CODE-Tags posten

Dauernder Absturz von Google Chrome, veranlasst durch Norton

Plagegeister aller Art und deren Bekämpfung: Dauernder Absturz von Google Chrome, veranlasst durch Norton