Windows: White Screen nach hochfahren des Computers

xalex · 14.03.2014, 14:50

Hallo Trojaner-Broad-Team,
ich habe einen Laptop von Acer mit Windows 7 (Home Premium), der schon einige Strapazen hinter sich hat, jedoch im großen und ganzen immer problemlos funktioniert hat. Vor zwei Tagen ist der Bildschirm während ganz normalem Gebrauch des Computers plötzlich komplett weiß geworden. Die Musik die ich gehört habe ist ganz normal weiter gelaufen und ich konnte den PC sogar über die Tastatur "blind" herunterfahren. Danach ist der Bildschirm jedoch beim hochfahren fast immer ab dem Moment, wo man den Benutzer auswählen kann, weiß geworden. Ein mal hat es jedoch wieder ca. eine Stunde lang funktioniert, danach ist jedoch wieder ein Whitescreen aufgetreten. Im abgesicherten Modus kann man den PC problemlos starten, aber selbst durch mehrmaliges Hoch- und Runterfahren konnte man den normalen Startmodus nicht mehr ohne Whitescreen benutzen. Hoffentlich könnt ihr mit helfen

. ~Alex

M-K-D-B · 14.03.2014, 15:15

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 4 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!
Ich kann Dir niemals eine Garantie geben, dass auch ich alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Starte den Rechner im abgesicherten Modus mit Netzwerkunterstützung und führe dort erst mal FRST aus:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

xalex · 14.03.2014, 16:07

Hi Matthias, vielen Dank für die schnelle Antwort

. Hier die FRST.txt:
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Alex (administrator) on ALEX-PC on 14-03-2014 16:02:42
Running from C:\Users\Alex\AppData\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Safe Mode (with Networking)

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums

==================== Processes (Whitelisted) =================

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-02-06] (Alcor Micro Corp.)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-02-01] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10081312 2010-02-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [877600 2010-02-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2010-03-10] (Acer Incorporated)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2399632 2011-04-13] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Logitech G35] - C:\Logitech\G35.exe [1811800 2010-10-05] (Logitech(c))
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [Sweetpacks Communicator] - C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Iminent] - C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
HKLM-x32\...\Run: [IminentMessenger] - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442712 2013-11-17] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
HKLM-x32\...\Run: [Wondershare Helper Compact] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Spotify Web Helper] - C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-14] (Spotify Ltd)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2013-07-15] ()
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Spotify] - C:\Users\Alex\AppData\Roaming\Spotify\spotify.exe [6118400 2014-01-14] (Spotify Ltd)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408 2013-11-15] (Apple Inc.)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Wondershare Helper Compact] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Browser Infrastructure Helper] - C:\Users\Alex\AppData\Local\Smartbar\Application\QuickShare.exe [26904 2014-03-09] (Smartbar)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\MountPoints2: {07ab37fa-6c39-11e0-b7b2-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\MountPoints2: {07ab3837-6c39-11e0-b7b2-c80aa97c6f2d} - E:\AutoRun.exe
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll => C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\datamngr.dll [1778608 2011-09-19] (MusicLab, LLC)
AppInit_DLLs:  C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll => C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\IEBHO.dll [1790896 2011-09-19] (MusicLab, LLC)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search,
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKCmN--NXUfc66Es7t9XMSUkKMYHPetyvmNWrThoBgdl-g6DSoiaLEvLKZKQYvQjOVccoPrRY0ZQLWaeuWztau9iTyjRnsqFK3MDgvHJ3Z-vMqIpNqKwJvsDUSpnzxj91PdUMED5Q8sP5Q,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Neuer Tab - GIGA
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKCmN--NXUfc66Es7t9XMSUkKMYHPetyvmNWrThoBgdl-g6DSoiaLEvLKZKQYvQjOVccoPrRY0ZQLWaeuWztau9iTyjRnsqFK3MDgvHJ3Z-vMqIpNqKwJvsDUSpnzxj91PdUMED5Q8sP5Q,&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = hxxp://search.bearshare.com/web?src=ieb&appid=291&systemid=2&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKCmN--NXUfc66Es7t9XMSUkKMYHPetyvmNWrThoBgdl-g6DSoiaLEvLKZKQYvQjOVccoPrRY0ZQLWaeuWztau9iTyjRnsqFK3MDgvHJ3Z-vMqIpNqKwJvsDUSpnzxj91PdUMED5Q8sP5Q,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKCmN--NXUfc66Es7t9XMSUkKMYHPetyvmNWrThoBgdl-g6DSoiaLEvLKZKQYvQjOVccoPrRY0ZQLWaeuWztau9iTyjRnsqFK3MDgvHJ3Z-vMqIpNqKwJvsDUSpnzxj91PdUMED5Q8sP5Q,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKCmN--NXUfc66Es7t9XMSUkKMYHPetyvmNWrThoBgdl-g6DSoiaLEvLKZKQYvQjOVccoPrRY0ZQLWaeuWztau9iTyjRnsqFK3MDgvHJ3Z-vMqIpNqKwJvsDUSpnzxj91PdUMED5Q8sP5Q,&q={searchTerms}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKCmN--NXUfc66Es7t9XMSUkKMYHPetyvmNWrThoBgdl-g6DSoiaLEvLKZKQYvQjOVccoPrRY0ZQLWaeuWztau9iTyjRnsqFK3MDgvHJ3Z-vMqIpNqKwJvsDUSpnzxj91PdUMED5Q8sP5Q,&q={searchTerms}
BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120628180932.dll No File
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: SearchCore for Browsers - {B939CF93-F2CB-443d-956C-DC523D85C9DB} - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\BrowserConnection.dll (MusicLab, LLC)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO-x32: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120628180932.dll No File
BHO-x32: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~2\Datamngr\ToolBar\searchqudtx.dll No File
BHO-x32: No Name - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -  No File
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: SearchCore for Browsers - {B939CF93-F2CB-443d-956C-DC523D85C9DB} - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (MusicLab, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - No Name - !{77f8c945-4b74-4bd6-a073-e0d1997edce8} -  No File
Toolbar: HKLM - No Name - !{A13C2648-91D4-4bf3-BC6D-0079707C4389} -  No File
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~2\Datamngr\ToolBar\searchqudtx.dll No File
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - No Name - !{77f8c945-4b74-4bd6-a073-e0d1997edce8} -  No File
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - !{A13C2648-91D4-4bf3-BC6D-0079707C4389} -  No File
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.de/
CHR Extension: (QuickShare Widget) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl [2014-01-01]
CHR Extension: (Games Center) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\dehjbbcmklelglapfndfbomoaooippkb [2014-03-14]
CHR Extension: (SweetIM for Facebook) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2014-03-14]
CHR Extension: (Google Wallet) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Norton Identity Protection) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2014-03-14]
CHR HKCU\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\Alex\AppData\Local\Smartbar/Application\1Extension.crx [2014-03-14]
CHR HKLM-x32\...\Chrome\Extension: [dehjbbcmklelglapfndfbomoaooippkb] - C:\Program Files (x86)\GamesCenter\GamesCenter.crx [2013-02-19]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-09-16]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2014-01-21]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\jmdp\SweetNT.crx [2014-01-21]
CHR HKLM-x32\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2014-01-21]

==================== Services (Whitelisted) =================

S2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [820768 2010-03-10] (Acer Incorporated)
S2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1859376 2014-02-04] ()
S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
S2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [35096 2014-03-09] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
S2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
S2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3890920 2010-06-17] (INCA Internet Co., Ltd.)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-06-11] (Overwolf Ltd)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-02-01] ()
S2 APNMCP; "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe" [X]

==================== Drivers (Whitelisted) ====================

S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
S1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
S1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20140312.001\IDSvia64.sys [524504 2014-03-06] (Symantec Corporation)
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20140313.003\ENG64.SYS [126040 2013-08-31] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20140313.003\EX64.SYS [2099288 2013-08-31] (Symantec Corporation)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
S3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NAVx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 dump_wmimmc; \??\C:\Program Files (x86)\gPotato.eu\FLYFF\GameGuard\dump_wmimmc.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-14 16:02 - 2014-03-14 16:02 - 00000000 ____D () C:\FRST
2014-03-12 18:34 - 2014-03-12 18:34 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-12 18:33 - 2014-03-12 18:34 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-12 18:33 - 2014-03-12 18:34 - 00000000 ____D () C:\Program Files\iTunes
2014-03-12 18:33 - 2014-03-12 18:34 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-12 18:33 - 2014-03-12 18:33 - 00000000 ____D () C:\Program Files\iPod
2014-03-12 18:27 - 2014-03-12 18:27 - 00001809 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-12 18:27 - 2014-03-12 18:27 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-10 14:22 - 2014-03-10 14:24 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-03-10 14:19 - 2014-03-10 14:20 - 00000000 ____D () C:\Users\Alex\AppData\Local\LPT
2014-03-09 17:59 - 2014-03-09 17:59 - 00000154 _____ () C:\Users\Alex\.appletviewer
2014-03-09 17:48 - 2014-03-11 15:25 - 00000000 ____D () C:\Users\Alex\Desktop\ProcessingBlueJB
2014-03-09 17:34 - 2014-03-11 18:08 - 00000000 ____D () C:\Users\Alex\Desktop\Pong
2014-03-08 23:35 - 2014-03-08 23:38 - 00000000 ____D () C:\Users\Alex\Pong
2014-03-08 23:20 - 2014-03-09 17:48 - 00000000 ____D () C:\Users\Alex\Desktop\Snake1Benedikt
2014-03-08 20:52 - 2014-03-08 23:25 - 00000000 ____D () C:\Users\Alex\bluej
2014-03-08 20:51 - 2014-03-08 20:51 - 00001917 _____ () C:\Users\Alex\Desktop\BlueJ.lnk
2014-03-08 20:51 - 2014-03-08 20:51 - 00000000 ____D () C:\Program Files (x86)\BlueJ
2014-03-08 13:43 - 2014-03-08 13:43 - 00000000 ____D () C:\Users\Alex\AppData\Local\Blizzard
2014-03-06 14:32 - 2014-03-12 17:20 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-06 14:32 - 2014-03-06 14:32 - 00001125 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-06 14:14 - 2014-03-13 16:27 - 00000000 ____D () C:\Users\Alex\AppData\Local\Battle.net
2014-03-06 14:14 - 2014-03-06 14:43 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Battle.net
2014-03-06 14:14 - 2014-03-06 14:14 - 00001114 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-06 14:14 - 2014-03-06 14:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-27 20:01 - 2014-02-27 20:01 - 00002712 _____ () C:\{1C3C86E3-7726-4105-AD4C-B8CABE918288}
2014-02-27 20:00 - 2014-02-27 20:00 - 00002600 _____ () C:\{4A9F9369-3E72-4C93-9785-0FD39C9C32A9}
2014-02-27 19:58 - 2014-02-27 19:58 - 00002760 _____ () C:\{DB924E09-F6DE-413C-B76E-75AA7F221833}
2014-02-27 19:56 - 2014-02-27 19:56 - 00002912 _____ () C:\{D2A9F4D8-AE5D-4257-B4C8-584710D0459D}
2014-02-27 19:35 - 2014-02-27 19:35 - 00002368 _____ () C:\{40DDB014-F000-4525-A231-636FF2D92B12}
2014-02-27 17:56 - 2014-02-27 17:56 - 00003104 _____ () C:\{6BBF2738-FCC5-43DC-ACEC-52B761303B52}
2014-02-27 14:09 - 2014-02-27 14:09 - 00000861 _____ () C:\Users\Alex\AppData\Local\recently-used.xbel
2014-02-27 14:09 - 2014-02-27 14:09 - 00000000 ____D () C:\Users\Alex\AppData\Local\gtk-2.0
2014-02-27 14:09 - 2014-02-27 14:09 - 00000000 ____D () C:\Users\Alex\.thumbnails
2014-02-27 14:07 - 2014-02-27 14:18 - 00000000 ____D () C:\Users\Alex\.gimp-2.8
2014-02-27 14:07 - 2014-02-27 14:07 - 00000000 ____D () C:\Users\Alex\AppData\Local\gegl-0.2
2014-02-27 14:02 - 2014-02-27 14:04 - 00000000 ____D () C:\Program Files\GIMP 2
2014-02-27 13:52 - 2014-02-27 13:52 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-23 14:57 - 2014-02-23 14:57 - 00002256 _____ () C:\{03EE9462-17B9-417F-879C-384B6366154F}
2014-02-13 21:09 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 21:09 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 21:08 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 21:08 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 21:08 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 21:08 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 21:08 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 21:08 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 21:08 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 21:08 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 21:08 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 21:08 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 21:08 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 21:08 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 21:08 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 21:08 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 21:08 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 21:08 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 21:08 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 21:08 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 21:08 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 21:08 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 21:08 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 21:08 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 21:08 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 21:08 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 21:08 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 21:08 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 21:08 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 21:08 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 21:08 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 21:08 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 21:08 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 21:08 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 21:08 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 21:08 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 21:08 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 21:08 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 21:08 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 21:08 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 21:08 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 16:29 - 2014-02-13 16:30 - 00004608 _____ () C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-13 14:04 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 14:04 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 14:04 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 14:04 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 14:04 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 14:04 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 14:04 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 14:04 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 14:04 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 14:04 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 14:04 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 14:04 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 14:04 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 14:04 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 14:04 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 14:04 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 14:04 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 14:04 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 14:04 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 14:04 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 14:04 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 14:04 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 14:04 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 14:04 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 14:04 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 14:04 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 14:04 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 14:04 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-14 16:02 - 2014-03-14 16:02 - 00000000 ____D () C:\FRST
2014-03-14 15:56 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-14 15:56 - 2009-07-14 05:51 - 00237471 _____ () C:\Windows\setupact.log
2014-03-14 15:55 - 2010-05-18 15:10 - 00383052 _____ () C:\Windows\PFRO.log
2014-03-14 14:23 - 2012-01-28 13:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-14 14:23 - 2011-02-16 18:10 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Skype
2014-03-14 14:23 - 2010-05-18 15:13 - 02095533 _____ () C:\Windows\WindowsUpdate.log
2014-03-14 14:23 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-14 14:23 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-14 14:22 - 2012-05-12 07:50 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Spotify
2014-03-14 14:20 - 2012-09-15 21:28 - 00000000 ____D () C:\Users\Alex\AppData\Local\LogMeIn Hamachi
2014-03-14 14:20 - 2010-08-20 19:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-13 18:54 - 2012-03-31 08:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-13 16:27 - 2014-03-06 14:14 - 00000000 ____D () C:\Users\Alex\AppData\Local\Battle.net
2014-03-13 16:11 - 2010-08-20 19:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-13 15:54 - 2012-03-31 08:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 15:54 - 2012-03-31 08:42 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 15:54 - 2011-05-26 14:04 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 18:47 - 2012-10-29 17:28 - 00000000 ____D () C:\Users\Alex\AppData\Local\CrashDumps
2014-03-12 18:34 - 2014-03-12 18:34 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-12 18:34 - 2014-03-12 18:33 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-12 18:34 - 2014-03-12 18:33 - 00000000 ____D () C:\Program Files\iTunes
2014-03-12 18:34 - 2014-03-12 18:33 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-12 18:33 - 2014-03-12 18:33 - 00000000 ____D () C:\Program Files\iPod
2014-03-12 18:27 - 2014-03-12 18:27 - 00001809 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-12 18:27 - 2014-03-12 18:27 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-12 17:20 - 2014-03-06 14:32 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-11 18:08 - 2014-03-09 17:34 - 00000000 ____D () C:\Users\Alex\Desktop\Pong
2014-03-11 15:25 - 2014-03-09 17:48 - 00000000 ____D () C:\Users\Alex\Desktop\ProcessingBlueJB
2014-03-10 14:24 - 2014-03-10 14:22 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-03-10 14:20 - 2014-03-10 14:19 - 00000000 ____D () C:\Users\Alex\AppData\Local\LPT
2014-03-10 14:19 - 2013-02-19 14:57 - 00000000 ____D () C:\Users\Alex\AppData\Local\Smartbar
2014-03-10 14:13 - 2012-05-12 07:51 - 00000000 ____D () C:\Users\Alex\AppData\Local\Spotify
2014-03-09 17:59 - 2014-03-09 17:59 - 00000154 _____ () C:\Users\Alex\.appletviewer
2014-03-09 17:59 - 2010-08-20 17:52 - 00000000 ____D () C:\Users\Alex
2014-03-09 17:48 - 2014-03-08 23:20 - 00000000 ____D () C:\Users\Alex\Desktop\Snake1Benedikt
2014-03-08 23:38 - 2014-03-08 23:35 - 00000000 ____D () C:\Users\Alex\Pong
2014-03-08 23:25 - 2014-03-08 20:52 - 00000000 ____D () C:\Users\Alex\bluej
2014-03-08 20:51 - 2014-03-08 20:51 - 00001917 _____ () C:\Users\Alex\Desktop\BlueJ.lnk
2014-03-08 20:51 - 2014-03-08 20:51 - 00000000 ____D () C:\Program Files (x86)\BlueJ
2014-03-08 13:43 - 2014-03-08 13:43 - 00000000 ____D () C:\Users\Alex\AppData\Local\Blizzard
2014-03-06 17:08 - 2011-07-19 14:24 - 00000000 ____D () C:\Users\Alex\Documents\Stronghold Legends
2014-03-06 14:51 - 2010-09-18 19:41 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-03-06 14:43 - 2014-03-06 14:14 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Battle.net
2014-03-06 14:32 - 2014-03-06 14:32 - 00001125 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-06 14:14 - 2014-03-06 14:14 - 00001114 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-06 14:14 - 2014-03-06 14:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-05 13:58 - 2011-05-16 13:23 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\.minecraft
2014-03-04 10:18 - 2012-01-23 16:22 - 00002139 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-02 21:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-27 20:01 - 2014-02-27 20:01 - 00002712 _____ () C:\{1C3C86E3-7726-4105-AD4C-B8CABE918288}
2014-02-27 20:00 - 2014-02-27 20:00 - 00002600 _____ () C:\{4A9F9369-3E72-4C93-9785-0FD39C9C32A9}
2014-02-27 19:58 - 2014-02-27 19:58 - 00002760 _____ () C:\{DB924E09-F6DE-413C-B76E-75AA7F221833}
2014-02-27 19:56 - 2014-02-27 19:56 - 00002912 _____ () C:\{D2A9F4D8-AE5D-4257-B4C8-584710D0459D}
2014-02-27 19:35 - 2014-02-27 19:35 - 00002368 _____ () C:\{40DDB014-F000-4525-A231-636FF2D92B12}
2014-02-27 17:56 - 2014-02-27 17:56 - 00003104 _____ () C:\{6BBF2738-FCC5-43DC-ACEC-52B761303B52}
2014-02-27 14:18 - 2014-02-27 14:07 - 00000000 ____D () C:\Users\Alex\.gimp-2.8
2014-02-27 14:09 - 2014-02-27 14:09 - 00000861 _____ () C:\Users\Alex\AppData\Local\recently-used.xbel
2014-02-27 14:09 - 2014-02-27 14:09 - 00000000 ____D () C:\Users\Alex\AppData\Local\gtk-2.0
2014-02-27 14:09 - 2014-02-27 14:09 - 00000000 ____D () C:\Users\Alex\.thumbnails
2014-02-27 14:07 - 2014-02-27 14:07 - 00000000 ____D () C:\Users\Alex\AppData\Local\gegl-0.2
2014-02-27 14:04 - 2014-02-27 14:02 - 00000000 ____D () C:\Program Files\GIMP 2
2014-02-27 13:52 - 2014-02-27 13:52 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-26 21:02 - 2012-06-17 18:21 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-26 21:02 - 2010-05-19 01:06 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-02-26 21:02 - 2010-05-19 01:06 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-02-26 21:02 - 2009-07-14 06:13 - 01594964 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-25 14:37 - 2014-02-08 12:00 - 00000222 _____ () C:\Users\Alex\Desktop\Call of Duty Black Ops II.url
2014-02-23 14:57 - 2014-02-23 14:57 - 00002256 _____ () C:\{03EE9462-17B9-417F-879C-384B6366154F}
2014-02-21 20:34 - 2013-01-30 15:15 - 00000000 ____D () C:\ProgramData\Origin
2014-02-21 20:20 - 2013-01-30 15:15 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-02-17 18:08 - 2013-07-28 21:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 18:04 - 2011-05-29 09:35 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-13 16:30 - 2014-02-13 16:29 - 00004608 _____ () C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-13 14:06 - 2010-08-20 19:02 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-13 14:06 - 2010-08-20 19:02 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Some content of TEMP:
====================
C:\Users\Alex\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Alex\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Alex\AppData\Local\Temp\umbrella.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-11 18:59

==================== End Of Log ============================

--- --- ---

--- --- ---

Und hier noch die Addition.txt :FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Alex at 2014-03-14 16:04:12
Running from C:\Users\Alex\AppData\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

AV: Norton AntiVirus (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}

==================== Installed Programs ======================

3D Matrix Screensaver 1.1 (HKLM-x32\...\3D Matrix Screensaver_is1) (Version:  - )
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.60 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.2.0 - Liteon)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.01.3002 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0203.2010 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{E5EABF66-F9C4-430C-B97D-3CF28A58D50B}) (Version: 1.3.17.05006 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.3.17.05006 - Alcor Micro Corp.) Hidden
AMD APP SDK Runtime (Version: 2.4.595.1 - Advanced Micro Devices Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo ClipFinder HD v.2.3.2 (HKLM-x32\...\Ashampoo ClipFinder HD_is1) (Version: 2.3.2 - Ashampoo GmbH & Co. KG)
Ashampoo ClipFinder HD v.2.3.4 (HKLM-x32\...\{0A11EA01-36EF-0070-F54C-E06E25BC1924}_is1) (Version: 2.3.4 - Ashampoo GmbH & Co. KG)
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C0700}) (Version: 12.7.0.15 - APN, LLC) <==== ATTENTION
Astro Gemini Screensaver Manager 2.0 (HKLM-x32\...\Astro Gemini Screensaver Manager_is1) (Version:  - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.24 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{0B674B1E-1905-4830-ABD1-F6892F1C4394}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.5.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.2 - EA Digital Illusions CE AB)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.1 - BlueJ Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Briblo Bildschirmschoner (HKLM-x32\...\Briblo) (Version:  - )
Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version:  - ) <==== ATTENTION
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
CamStudio (HKLM-x32\...\CamStudio) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.0613.2238.38801 - Ihr Firmenname) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0302.2233.40412 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0613.2238.38801 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0613.2238.38801 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0613.2238.38801 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help English (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help French (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help German (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
ccc-utility64 (Version: 2011.0613.2238.38801 - ATI) Hidden
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Cossacks - European Wars (HKLM-x32\...\EW : Cossacks) (Version:  - )
Cossacks - The Art Of War (HKLM-x32\...\Cossacks : The Art Of War) (Version:  - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FileZilla Client 3.7.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.7.0.2 - FileZilla Project)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
GamesCenter (HKLM-x32\...\GamesCenter) (Version:  - GamesCenter)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Team Garry)
Garry's Mod Manager (HKLM-x32\...\Garry's Mod Manager 8.20.0000) (Version: 8.20.0000 - Lansoftware)
Garry's Mod Manager (x32 Version: 8.20.0000 - Lansoftware) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Höllenjob XS (HKLM-x32\...\{21484364-1EF4-4AE0-963A-CC1FEF749ECC}) (Version:  - )
IB Updater Service (HKLM-x32\...\WNLT) (Version: 5.0.3.4 - ) <==== ATTENTION
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Iminent (HKLM-x32\...\IMBoosterARP) (Version: 6.4.56.0 - Iminent) <==== ATTENTION
Iminent (x32 Version: 6.4.56.0 - Iminent) Hidden <==== ATTENTION
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.00.1005 - Intel Corporation)
Internet Explorer Toolbar 4.6 by SweetPacks (HKLM-x32\...\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}) (Version: 4.6.0004 - SweetIM Technologies Ltd.) <==== ATTENTION
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.7 - Acer Inc.)
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
LibreOffice 3.6 (HKLM-x32\...\{C2F438B6-7010-453B-93EC-B2FC053AA97B}) (Version: 3.6.1.2 - The Document Foundation)
Logitech G35 (HKLM\...\{27607A94-33AC-4AA7-AACE-95AF6ACA3E30}) (Version: 1.1.178 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
LPT System Updater Service (HKLM-x32\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION
Matrix Code Emulator 1.50 (HKLM-x32\...\Matrix Code Emulator_is1) (Version:  - Reality Rift Studios)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
MediaBar (HKLM-x32\...\BearShare 2 MediaBar) (Version: 3.0.0.114951 - Musiclab, LLC)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0 - Microsoft) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.206.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
Nic's XviD Decoder (HKLM-x32\...\XviDDec) (Version:  - )
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 20.4.0.40 - Symantec Corporation)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.6.0.27 - Symantec Corporation)
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version:  - Gameforge 4D GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.1.11.2678 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{8CD3A2A9-B25E-4D5D-8D12-724493A45C1A}) (Version: 0.42.248 - Overwolf)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.5.2 - Pando Networks Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickShare (HKLM-x32\...\{11D4FAA0-A577-4FA8-B24E-D24283D861D1}) (Version: 11.24.60.15709 - Linkury Inc.) <==== ATTENTION
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.16.6 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6050 - Realtek Semiconductor Corp.)
Revelations 2012 (HKLM-x32\...\Steam App 201070) (Version:  - )
Runes of Magic (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 6.0.0.2647 - Gameforge Productions GmbH)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.2.10687 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1721.0 - Hi-Rez Studios)
Sniper Elite (HKLM-x32\...\Steam App 3700) (Version:  - Rebellion Developments)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version:  - )
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.19045 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update Manager for SweetPacks 1.1 (HKLM-x32\...\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}) (Version: 1.1.0008 - SweetIM Technologies Ltd.) <==== ATTENTION
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VMN Toolbar (HKLM-x32\...\vmntoolbar) (Version:  - ) <==== ATTENTION
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.01.3002 - Acer Incorporated)
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinMaximizer 1.2.86 (HKLM-x32\...\{6C4BA010-69C2-46C7-B559-DC513EEB0B5F}_is1) (Version:  - Celeritas Software Company)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
Wondershare TunesGo ( Version 4.0.0 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 4.0.0 - Wondershare)

==================== Restore Points  =========================

06-03-2014 09:42:26 Geplanter Prüfpunkt
08-03-2014 19:49:35 Installed BlueJ

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {041715F5-D6C2-4E28-B672-42DD332642E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-20] (Google Inc.)
Task: {1ABA3A87-AA3A-4BF9-A5A7-D6E5B9061FF2} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-04-13] (Microsoft Corporation)
Task: {1F4E37A2-05E6-456B-AFB7-0D8722D9F568} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {434EFD52-71B4-42DA-AC13-E6E7E206ED34} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated)
Task: {5BB4656C-1D11-4D60-A2ED-15285889ABD9} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {7FEA9533-7E0F-4798-95DD-097CC3620CFD} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-06-09] ()
Task: {87A3A6F4-03FB-4F26-B70B-4A78439AC5B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-20] (Google Inc.)
Task: {D1F84C75-44BC-463F-9DBF-ED0DDCD2F7D5} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {D32812D4-0581-44DF-A56C-BAA4F44EEC14} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {E3F48872-20F8-4470-83BE-57DE2205BE0F} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {FB869C9E-A2E6-4CE6-9F1A-735CB15E6294} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/12/2014 06:47:11 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PmmUpdate.exe, Version: 1.1.31.0, Zeitstempel: 0x4b33442a
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0013d169
ID des fehlerhaften Prozesses: 0x15b8
Startzeit der fehlerhaften Anwendung: 0xPmmUpdate.exe0
Pfad der fehlerhaften Anwendung: PmmUpdate.exe1
Pfad des fehlerhaften Moduls: PmmUpdate.exe2
Berichtskennung: PmmUpdate.exe3

Error: (03/12/2014 06:46:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6349

Error: (03/12/2014 06:46:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6349

Error: (03/12/2014 06:46:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/12/2014 06:46:21 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5350

Error: (03/12/2014 06:46:21 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5350

Error: (03/12/2014 06:46:21 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/12/2014 06:46:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4321

Error: (03/12/2014 06:46:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4321

Error: (03/12/2014 06:46:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/14/2014 04:03:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/14/2014 04:03:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/14/2014 04:03:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/14/2014 04:02:34 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/14/2014 04:02:34 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/14/2014 04:02:34 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/14/2014 04:02:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/14/2014 04:02:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/14/2014 04:02:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/14/2014 04:02:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================
Error: (03/12/2014 06:47:11 PM) (Source: Application Error)(User: )
Description: PmmUpdate.exe1.1.31.04b33442aole32.dll6.1.7601.175144ce7b96fc00000050013d16915b801cf3e0dc96a017bC:\Program Files (x86)\EgisTec IPS\PmmUpdate.exeC:\Windows\syswow64\ole32.dll5672d808-aa0e-11e3-88c0-c80aa97c6f2d

Error: (03/12/2014 06:46:22 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6349

Error: (03/12/2014 06:46:22 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6349

Error: (03/12/2014 06:46:22 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/12/2014 06:46:21 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5350

Error: (03/12/2014 06:46:21 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5350

Error: (03/12/2014 06:46:21 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/12/2014 06:46:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4321

Error: (03/12/2014 06:46:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4321

Error: (03/12/2014 06:46:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-03-14 14:23:31.425
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-13 18:46:16.544
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-13 18:16:13.711
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-13 18:05:23.608
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-13 15:08:13.351
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-12 18:45:36.119
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-12 17:12:43.066
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-11 13:11:19.546
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-10 14:17:17.683
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-09 09:39:44.639
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 18%
Total physical RAM: 3828.48 MB
Available physical RAM: 3115.53 MB
Total Pagefile: 7655.15 MB
Available Pagefile: 6973.97 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:284.99 GB) (Free:26.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 98F67714)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

M-K-D-B · 14.03.2014, 17:44

Servus,

erst mal bitte ComboFix im abgesicherten Modus ausführen:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Kannst du nach ComboFix wieder normal booten oder wird der Bildschirm dann immer noch weiß?

xalex · 14.03.2014, 21:23

Norton (mein einziges Anti-Viren-Programm) fordert beim öffnen einen Systemscann, da es der PC sich im abgesicherten Modus befindet, auszuführen, das eigentlich Fenster, in dem man Norton auch deaktivieren kann öffnet sich jedoch nicht. Wenn man den Scann ablehnt, passiert überhaupt nichts, außer das sich die Meldung schließt. Ich habe versucht den Scan zu akzeptieren, dann abzubrechen, jedoch kann man auch in dem "Scannfenster" von Norton dasselbe nicht deaktivieren.
Nebenbei, muss ich auch die Firewall deaktivieren? ~Alex

Ah, es liegt wahrscheinlich daran, dass Norton außer dem Systemscann im abgesicherten Modus nichts tun kann, da es in der Meldung heißt, einige Funktionen könnte Norton hier nicht ausführen. Ist es dann ok, wenn ich Norton soweit in Ruhe lasse, die Firewall ausschalte, und dann ComboFix nutze? ~Alex

M-K-D-B · 15.03.2014, 12:58

Zitat:

Zitat von xalex

Norton (mein einziges Anti-Viren-Programm) fordert beim öffnen einen Systemscann, da es der PC sich im abgesicherten Modus befindet, auszuführen, das eigentlich Fenster, in dem man Norton auch deaktivieren kann öffnet sich jedoch nicht. Wenn man den Scann ablehnt, passiert überhaupt nichts, außer das sich die Meldung schließt. Ich habe versucht den Scan zu akzeptieren, dann abzubrechen, jedoch kann man auch in dem "Scannfenster" von Norton dasselbe nicht deaktivieren.
Nebenbei, muss ich auch die Firewall deaktivieren? ~Alex

Ah, es liegt wahrscheinlich daran, dass Norton außer dem Systemscann im abgesicherten Modus nichts tun kann, da es in der Meldung heißt, einige Funktionen könnte Norton hier nicht ausführen. Ist es dann ok, wenn ich Norton soweit in Ruhe lasse, die Firewall ausschalte, und dann ComboFix nutze? ~Alex

Ja, lass Norton mal in Ruhe und nimm direkt ComboFix im abgesicherten Modus her.

xalex · 15.03.2014, 17:43

Hier bitte: (Ich teste gleich mal Neustart)
Combofix Logfile:

Code:

ATTFilter

ComboFix 14-03-13.01 - Alex 15.03.2014  17:06:41.1.4 - x64 NETWORK
ausgeführt von:: c:\users\Alex\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\briblo.scr
c:\windows\SysWow64\logs
c:\windows\SysWow64\logs\Game - R3d Logs\2012-04-20_22-55-55_r3dlog.txt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-02-15 bis 2014-03-15  ))))))))))))))))))))))))))))))
.
.
2014-03-15 16:26 . 2014-03-15 16:26	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-03-15 16:26 . 2014-03-15 16:26	--------	d-----w-	c:\users\Alex !\AppData\Local\temp
2014-03-15 11:19 . 2014-02-04 02:32	624128	----a-w-	c:\windows\system32\qedit.dll
2014-03-15 11:19 . 2014-02-04 02:04	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2014-03-15 11:19 . 2014-02-04 02:32	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-03-15 11:19 . 2014-02-04 02:04	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2014-03-14 15:02 . 2014-03-14 15:04	--------	d-----w-	C:\FRST
2014-03-12 17:33 . 2014-03-12 17:33	--------	d-----w-	c:\program files\iPod
2014-03-12 17:33 . 2014-03-12 17:34	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-12 17:33 . 2014-03-12 17:34	--------	d-----w-	c:\program files\iTunes
2014-03-12 17:33 . 2014-03-12 17:34	--------	d-----w-	c:\program files (x86)\iTunes
2014-03-12 17:27 . 2014-03-12 17:27	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2014-03-12 17:27 . 2014-03-12 17:27	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2014-03-12 17:27 . 2014-03-12 17:27	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2014-03-12 17:27 . 2014-03-12 17:27	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2014-03-12 17:27 . 2014-03-12 17:27	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2014-03-12 17:27 . 2014-03-12 17:27	--------	d-----w-	c:\program files (x86)\QuickTime
2014-03-10 13:22 . 2014-03-10 13:24	--------	d-----w-	c:\program files (x86)\LPT
2014-03-10 13:19 . 2014-03-10 13:20	--------	d-----w-	c:\users\Alex\AppData\Local\LPT
2014-03-08 22:35 . 2014-03-08 22:38	--------	d-----w-	c:\users\Alex\Pong
2014-03-08 19:52 . 2014-03-08 22:25	--------	d-----w-	c:\users\Alex\bluej
2014-03-08 19:51 . 2014-03-08 19:51	--------	d-----w-	c:\program files (x86)\BlueJ
2014-03-08 12:43 . 2014-03-08 12:43	--------	d-----w-	c:\users\Alex\AppData\Local\Blizzard
2014-03-06 13:32 . 2014-03-15 11:12	--------	d-----w-	c:\program files (x86)\Hearthstone
2014-03-06 13:14 . 2014-03-15 15:18	--------	d-----w-	c:\users\Alex\AppData\Local\Battle.net
2014-03-06 13:14 . 2014-03-06 13:43	--------	d-----w-	c:\users\Alex\AppData\Roaming\Battle.net
2014-03-06 13:14 . 2014-03-06 13:14	--------	d-----w-	c:\program files (x86)\Battle.net
2014-02-27 13:09 . 2014-02-27 13:09	--------	d-----w-	c:\users\Alex\AppData\Local\gtk-2.0
2014-02-27 13:09 . 2014-02-27 13:09	--------	d-----w-	c:\users\Alex\.thumbnails
2014-02-27 13:07 . 2014-02-27 13:07	--------	d-----w-	c:\users\Alex\AppData\Local\fontconfig
2014-02-27 13:07 . 2014-02-27 13:18	--------	d-----w-	c:\users\Alex\.gimp-2.8
2014-02-27 13:07 . 2014-02-27 13:07	--------	d-----w-	c:\users\Alex\AppData\Local\gegl-0.2
2014-02-27 13:02 . 2014-02-27 13:04	--------	d-----w-	c:\program files\GIMP 2
2014-02-27 12:52 . 2014-02-27 12:52	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2014-02-25 17:13 . 2014-02-25 17:13	--------	d-----w-	c:\windows\Migration
2014-02-13 20:09 . 2013-12-21 09:53	548864	----a-w-	c:\windows\system32\vbscript.dll
2014-02-13 20:09 . 2013-12-21 08:56	454656	----a-w-	c:\windows\SysWow64\vbscript.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-13 14:54 . 2012-03-31 07:42	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-13 14:54 . 2011-05-26 13:04	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-17 17:04 . 2011-05-29 08:35	88567024	----a-w-	c:\windows\system32\MRT.exe
2014-02-04 09:28 . 2013-06-02 10:08	1859376	----a-w-	c:\windows\system32\dmwu.exe
2014-02-04 09:23 . 2013-06-02 10:08	34304	----a-w-	c:\windows\system32\ImHttpComm.dll
2014-02-04 08:39 . 2011-08-31 10:54	829264	----a-w-	c:\windows\system32\msvcr100.dll
2014-02-04 08:39 . 2011-08-31 10:54	608080	----a-w-	c:\windows\system32\msvcp100.dll
2014-01-25 10:16 . 2014-01-25 10:16	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2014-01-25 10:16 . 2014-01-25 10:16	942592	----a-w-	c:\windows\system32\jsIntl.dll
2014-01-25 10:16 . 2014-01-25 10:16	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2014-01-25 10:16 . 2014-01-25 10:16	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2014-01-25 10:16 . 2014-01-25 10:16	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2014-01-25 10:16 . 2014-01-25 10:16	84992	----a-w-	c:\windows\system32\mshtmled.dll
2014-01-25 10:16 . 2014-01-25 10:16	83968	----a-w-	c:\windows\system32\MshtmlDac.dll
2014-01-25 10:16 . 2014-01-25 10:16	81408	----a-w-	c:\windows\system32\icardie.dll
2014-01-25 10:16 . 2014-01-25 10:16	774144	----a-w-	c:\windows\system32\jscript.dll
2014-01-25 10:16 . 2014-01-25 10:16	77312	----a-w-	c:\windows\system32\tdc.ocx
2014-01-25 10:16 . 2014-01-25 10:16	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2014-01-25 10:16 . 2014-01-25 10:16	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-01-25 10:16 . 2014-01-25 10:16	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2014-01-25 10:16 . 2014-01-25 10:16	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2014-01-25 10:16 . 2014-01-25 10:16	62464	----a-w-	c:\windows\system32\pngfilt.dll
2014-01-25 10:16 . 2014-01-25 10:16	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2014-01-25 10:16 . 2014-01-25 10:16	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2014-01-25 10:16 . 2014-01-25 10:16	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2014-01-25 10:16 . 2014-01-25 10:16	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2014-01-25 10:16 . 2014-01-25 10:16	48640	----a-w-	c:\windows\system32\mshtmler.dll
2014-01-25 10:16 . 2014-01-25 10:16	48128	----a-w-	c:\windows\system32\imgutil.dll
2014-01-25 10:16 . 2014-01-25 10:16	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2014-01-25 10:16 . 2014-01-25 10:16	413696	----a-w-	c:\windows\system32\html.iec
2014-01-25 10:16 . 2014-01-25 10:16	40448	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2014-01-25 10:16 . 2014-01-25 10:16	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2014-01-25 10:16 . 2014-01-25 10:16	34816	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-01-25 10:16 . 2014-01-25 10:16	337408	----a-w-	c:\windows\SysWow64\html.iec
2014-01-25 10:16 . 2014-01-25 10:16	30208	----a-w-	c:\windows\system32\licmgr10.dll
2014-01-25 10:16 . 2014-01-25 10:16	296960	----a-w-	c:\windows\system32\dxtrans.dll
2014-01-25 10:16 . 2014-01-25 10:16	263376	----a-w-	c:\windows\system32\iedkcs32.dll
2014-01-25 10:16 . 2014-01-25 10:16	247808	----a-w-	c:\windows\system32\msls31.dll
2014-01-25 10:16 . 2014-01-25 10:16	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2014-01-25 10:16 . 2014-01-25 10:16	243200	----a-w-	c:\windows\system32\webcheck.dll
2014-01-25 10:16 . 2014-01-25 10:16	235520	----a-w-	c:\windows\system32\url.dll
2014-01-25 10:16 . 2014-01-25 10:16	235008	----a-w-	c:\windows\system32\elshyph.dll
2014-01-25 10:16 . 2014-01-25 10:16	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2014-01-25 10:16 . 2014-01-25 10:16	167424	----a-w-	c:\windows\system32\iexpress.exe
2014-01-25 10:16 . 2014-01-25 10:16	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2014-01-25 10:16 . 2014-01-25 10:16	147968	----a-w-	c:\windows\system32\occache.dll
2014-01-25 10:16 . 2014-01-25 10:16	143872	----a-w-	c:\windows\system32\wextract.exe
2014-01-25 10:16 . 2014-01-25 10:16	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2014-01-25 10:16 . 2014-01-25 10:16	13824	----a-w-	c:\windows\system32\mshta.exe
2014-01-25 10:16 . 2014-01-25 10:16	135680	----a-w-	c:\windows\system32\iepeers.dll
2014-01-25 10:16 . 2014-01-25 10:16	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2014-01-25 10:16 . 2014-01-25 10:16	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2014-01-25 10:16 . 2014-01-25 10:16	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2014-01-25 10:16 . 2014-01-25 10:16	1228800	----a-w-	c:\windows\system32\mshtmlmedia.dll
2014-01-25 10:16 . 2014-01-25 10:16	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2014-01-25 10:16 . 2014-01-25 10:16	105984	----a-w-	c:\windows\system32\iesysprep.dll
2014-01-25 10:16 . 2014-01-25 10:16	1051136	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2014-01-25 10:16 . 2014-01-25 10:16	101376	----a-w-	c:\windows\system32\inseng.dll
2014-01-17 15:24 . 2014-01-17 15:24	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2014-01-17 15:24 . 2014-01-17 15:24	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
2014-01-14 01:53 . 2014-01-14 01:53	88576	----a-w-	c:\windows\SysWow64\rzdevinfo.dll
2014-01-14 01:53 . 2014-01-14 01:53	296448	----a-w-	c:\windows\SysWow64\rzaudiodll.dll
2013-12-24 23:09 . 2014-02-13 13:04	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2013-12-24 22:48 . 2014-02-13 13:04	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2013-07-04 19:40 . 2013-07-04 19:40	4249600	----a-w-	c:\program files (x86)\GUTE2B.tmp
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
2010-11-05 01:58	297808	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{B939CF93-F2CB-443d-956C-DC523D85C9DB}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2012-07-04 13:03	1310040	----a-r-	c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-07-04 1310040]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:03	120176	----a-w-	c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-02-25 1821888]
"Spotify Web Helper"="c:\users\Alex\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-01-14 1171968]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-11-20 59720]
"puush"="c:\program files (x86)\puush\puush.exe" [2013-07-15 567880]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"Spotify"="c:\users\Alex\AppData\Roaming\Spotify\spotify.exe" [2014-01-14 6118400]
"AppleIEDAV"="c:\program files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe" [2013-11-15 1326408]
"Wondershare Helper Compact"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2013-07-25 1985824]
"Browser Infrastructure Helper"="c:\users\Alex\AppData\Local\Smartbar\Application\QuickShare.exe" [2014-03-09 26904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-24 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-02-01 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"Logitech G35"="c:\logitech\G35.exe" [2010-10-05 1811800]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-05 43848]
"Sweetpacks Communicator"="c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-13 336384]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2013-11-17 442712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Wondershare Helper Compact"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2013-07-25 1985824]
"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2013-07-25 1985824]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-02-26 3814736]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20140214.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [x]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\NAVx64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NAVx64\1404000.028\ccSetx64.sys [x]
R1 ccSet_NST;Norton Identity Safe Settings Manager;c:\windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [x]
R1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20140313.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20140313.001\IDSvia64.sys [x]
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1404000.028\Ironx64.SYS [x]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAVx64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NAVx64\1404000.028\SYMNETS.SYS [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 APNMCP;Ask Aktualisierungsdienst;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [x]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 IBUpdaterService;IBUpdaterService;c:\windows\system32\dmwu.exe;c:\windows\SYSNATIVE\dmwu.exe [x]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
R2 LPTSystemUpdater;LPT System Updater Service;c:\program files (x86)\LPT\srpts.exe;c:\program files (x86)\LPT\srpts.exe [x]
R2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]
R2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe [x]
R2 NCO;Norton Identity Safe;c:\program files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe;c:\program files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [x]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 dc3d;Microsoft-Hardware – Geräteerkennungstreiber;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\gPotato.eu\FLYFF\GameGuard\dump_wmimmc.sys;c:\program files (x86)\gPotato.eu\FLYFF\GameGuard\dump_wmimmc.sys [x]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
R3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfDHP2amd64.sys [x]
R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfSBVMamd64.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1404000.028\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1404000.028\SYMEFA64.SYS [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
S3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-04 09:11	1150280	----a-w-	c:\program files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-03-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 14:54]
.
2014-03-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-20 18:02]
.
2014-03-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-20 18:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:06	137584	----a-w-	c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-02-06 324608]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-02-01 349552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-22 10081312]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-02-22 877600]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-03-10 496160]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 2399632]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\SEARCH~1\SEARCH~1\x64\datamngr.dll c:\progra~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKCmN--NXUfc66Es7t9XMSUkKMYHPetyvmNWrThoBgdl-g6DSoiaLEvLKZKQYvQjOVccoPrRY0ZQLWadiAKMFSLQeFr9ejAY9dciQpjMBCt5fNZArGz9UrBeC-CmWY-PCgRh1jW0Y-QpoI,
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKCmN--NXUfc66Es7t9XMSUkKMYHPetyvmNWrThoBgdl-g6DSoiaLEvLKZKQYvQjOVccoPrRY0ZQLWaeuWztau9iTyjRnsqFK3MDgvHJ3Z-vMqIpNqKwJvsDUSpnzxj91PdUMED5Q8sP5Q,&q={searchTerms}
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~2\SEARCH~2\Datamngr\ToolBar\searchqudtx.dll
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Toolbar-{99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~2\SEARCH~2\Datamngr\ToolBar\searchqudtx.dll
Toolbar-!{77f8c945-4b74-4bd6-a073-e0d1997edce8} - (no file)
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
Wow6432Node-HKCU-Run-com.apple.dav.bookmarks.daemon - c:\program files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
Wow6432Node-HKLM-Run-Iminent - c:\program files (x86)\Iminent\Iminent.exe
Wow6432Node-HKLM-Run-IminentMessenger - c:\program files (x86)\Iminent\Iminent.Messengers.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-ApnTBMon - c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Toolbar-!{77f8c945-4b74-4bd6-a073-e0d1997edce8} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-BearShare 2 MediaBar - c:\program files (x86)\BearShare Applications\MediaBar\Datamngr\ToolBar\uninstallTB.exe
AddRemove-bi_uninstaller - c:\users\Alex\Local Settings\Application Data\Bundled software uninstaller\biclient.exe
AddRemove-Fraps - c:\users\Alex\Desktop\uninstall.exe
AddRemove-IMBoosterARP - c:\program files (x86)\Iminent\inst\Bootstrapper\Bootstrapper.exe
AddRemove-vmntoolbar - c:\program files (x86)\vmntoolbar\uninstall.exe
AddRemove-XviDDec - c:\windows\system32\UninstXviDDec.exe
AddRemove-UnityWebPlayer - c:\users\Alex\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NAV]
"ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NCO]
"ImagePath"="\"c:\program files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe\" /s \"NCO\" /m \"c:\program files (x86)\Norton Identity Safe\Engine\2014.6.0.27\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-03-15  17:28:45
ComboFix-quarantined-files.txt  2014-03-15 16:28
.
Vor Suchlauf: 17 Verzeichnis(se), 30.351.237.120 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 32.682.741.760 Bytes frei
.
- - End Of File - - 827337E566AF95BD2E5CB5BAFF257F24

--- --- ---

Ja, auch bei normalem Boot bleibt der Bildschirm jetzt normal, und ich kann den PC ganz normal nutzen. ~Alex

M-K-D-B · 16.03.2014, 13:54

Servus,

sehr gut.

Dann bitte jetzt im normalen Modus diese vier kleinen Tools ausführen:

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 3
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/

Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen können.
Starte die zoek.exe mit einem Doppelklick.
Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und sollte nicht 1:1 auf andere Computer übernommen werden.
Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
Code:
ATTFilter
```
FFdefaults;
CHRdefaults;
iedefaults;
emptyclsid;
autoclean;
         
```
Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
Wenn das Tool fertig ist, wird sich eine Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:
Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken)

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von JRT,
die Logdatei von MBAM,
die Logdatei von Zoek.

xalex · 17.03.2014, 15:53

Hier die .txt von Schritt 1 ~Alex

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.022 - Bericht erstellt am 17/03/2014 um 14:30:49
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Alex - ALEX-PC
# Gestartet von : C:\Users\Alex\AppData\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : APNMCP
[#] Dienst Gelöscht : IBUpdaterService

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Iminent
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\SweetIM
Ordner Gelöscht : C:\ProgramData\WinMaximizer
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMaximizer
Ordner Gelöscht : C:\Program Files (x86)\SearchCore for Browsers
Ordner Gelöscht : C:\Program Files (x86)\SweetIM
Ordner Gelöscht : C:\Program Files (x86)\WinMaximizer
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gelöscht : C:\Windows\SysWOW64\AI_RecycleBin
Ordner Gelöscht : C:\Windows\SysWOW64\ARFC
Ordner Gelöscht : C:\Windows\SysWOW64\jmdp
Ordner Gelöscht : C:\Windows\SysWOW64\WNLT
Ordner Gelöscht : C:\Windows\System32\ljkb
Ordner Gelöscht : C:\Users\Alex\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Users\Alex\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Alex\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\Alex\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\Alex\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Alex\AppData\LocalLow\searchquband
Ordner Gelöscht : C:\Users\Alex\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\Alex\AppData\LocalLow\Toolbar4
Ordner Gelöscht : C:\Users\Alex\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Ordner Gelöscht : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Datei Gelöscht : C:\Windows\System32\dmwu.exe
Datei Gelöscht : C:\Windows\System32\ImhxxpComm.dll

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2795622
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_teeworlds_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_teeworlds_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B939CF93-F2CB-443D-956C-DC523D85C9DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B939CF93-F2CB-443D-956C-DC523D85C9DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\WinMaximizer
Schlüssel Gelöscht : HKCU\Software\wnlt
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\searchqutoolbar
Schlüssel Gelöscht : HKLM\Software\bearsharemediabartb
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\Umbrella
Schlüssel Gelöscht : HKLM\Software\WinMaximizer
Schlüssel Gelöscht : HKLM\Software\wnlt
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{118D6CE9-5F18-42F9-958A-14676A629FDE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\vmntoolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wnlt
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\SearchCore for Browsers
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\wnlt
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\9EC6D81181F59F2459A84176A626F9ED
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\9EC6D81181F59F2459A84176A626F9ED
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Google Chrome v33.0.1750.154

[ Datei : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [37150 octets] - [17/03/2014 14:29:45]
AdwCleaner[S0].txt - [34510 octets] - [17/03/2014 14:30:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [34571 octets] ##########

--- --- ---

Hier die JRT:JRT Logfile:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Alex on 17.03.2014 at 14:39:33,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1720175286-4088662769-2618409241-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim



~~~ Files

Successfully deleted: [File] "C:\Users\Alex\appdata\locallow\SkwConfig.bin"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Alex\appdata\locallow\datamngr"



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Alex\appdata\local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.03.2014 at 14:47:02,74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---

Hier Malware:

Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free Anti-Malware

Datenbank Version: v2014.03.17.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
Alex :: ALEX-PC [Administrator]

17.03.2014 14:56:03
mbam-log-2014-03-17 (14-56-03).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 260270
Laufzeit: 7 Minute(n), 33 Sekunde(n)

Infizierte Speicherprozesse: 2
C:\Users\Alex\AppData\Local\LPT\srptm.exe (PUP.Optional.Linkury.A) -> 3316 -> Löschen bei Neustart.
C:\Program Files (x86)\LPT\srpts.exe (PUP.Optional.Linkury.A) -> 2076 -> Löschen bei Neustart.

Infizierte Speichermodule: 21
C:\Users\Alex\AppData\Local\LPT\Newtonsoft.Json.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\Smartbar.Common.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\Smartbar.Communication.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\Smartbar.Communication.NamedPipe.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyService.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\Smartbar.Personalization.Common.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\sppsm.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\spusm.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\srbs.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\srbu.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\srpdm.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\srpt.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\srptc.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\srut.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Program Files (x86)\LPT\Smartbar.Common.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Program Files (x86)\LPT\Smartbar.Communication.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Program Files (x86)\LPT\Smartbar.Communication.NamedPipe.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Program Files (x86)\LPT\srpt.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Program Files (x86)\LPT\srptc.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.

Infizierte Registrierungsschlüssel: 4
HKCR\CLSID\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} (PUP.Optional.BearshareTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\LPTSystemUpdater (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\BearShareIEHelper.DNSGuard (PUP.Optional.BearshareTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\BearShareIEHelper.DNSGuard.1 (PUP.Optional.BearshareTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 1
HKLM\SYSTEM\CurrentControlSet\Services\LPTSystemUpdater|ImagePath (PUP.Optional.Linkury.A) -> Daten: "C:\Program Files (x86)\LPT\srpts.exe" -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 6
C:\Users\Alex\AppData\Local\LPT (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\Configs (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Local\LPT\Resources (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Program Files (x86)\LPT\Configs (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\Resources (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 75
C:\Windows\Installer\2760266.msi (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\276026b.msi (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\2bd3a9.msi (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\4ad0f.msi (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Local\LPT\PublisherSettings.xml (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Local\LPT\FiddlerCore.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Local\LPT\HtmlAgilityPack.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Local\LPT\linmsl.exe (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Local\LPT\LPTInstaller.msi (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Local\LPT\lrrot.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Local\LPT\NewConfig.txt (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Local\LPT\Newtonsoft.Json.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\Smartbar.Common.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\Smartbar.Communication.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\Smartbar.Communication.NamedPipe.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyRemover.exe (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyService.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\Smartbar.Personalization.Common.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\sppsm.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\spusm.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\srbs.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\srbu.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\sreu.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Local\LPT\srpdm.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\srprl.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Local\LPT\srpt.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\srptc.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\srptm.exe (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\srptm.exe.config (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Local\LPT\srut.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Users\Alex\AppData\Local\LPT\UserSettings.xml (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Local\LPT\XMLOperations.xml (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Local\LPT\Configs\BrowserSettings.xml (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Local\LPT\Configs\LPTMapping.xml (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Local\LPT\Configs\Timers.xml (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Local\LPT\Resources\LPT.xml (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\PublisherSettings.xml (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\FiddlerCore.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\HtmlAgilityPack.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\linmsl.exe (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\LPTInstaller.msi (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\lrrot.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\NewConfig.txt (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\Newtonsoft.Json.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\Smartbar.Common.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Program Files (x86)\LPT\Smartbar.Communication.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Program Files (x86)\LPT\Smartbar.Communication.NamedPipe.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Program Files (x86)\LPT\Smartbar.Infrastructure.Utilities.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\Smartbar.Monetization.Proxy.ProxyRemover.exe (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\Smartbar.Monetization.Proxy.ProxyService.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\Smartbar.Personalization.Common.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\sppsm.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\spusm.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\srbs.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\srbu.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\sreu.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\srpdm.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\srprl.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\srpt.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Program Files (x86)\LPT\srptc.dll (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Program Files (x86)\LPT\srptm.exe (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\srptm.exe.config (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\srpts.exe (PUP.Optional.Linkury.A) -> Löschen bei Neustart.
C:\Program Files (x86)\LPT\srut.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\System.Data.SQLite.dll (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\UserSettings.xml (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\XMLOperations.xml (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\Configs\BrowserSettings.xml (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\Configs\LPTMapping.xml (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\Configs\Timers.xml (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LPT\Resources\LPT.xml (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alex\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} (PUP.Optional.Searchqu.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Und hier noch zoek (MBAM konnte ich nicht als Code schicken, weiß auch nicht warum, tut mir leid :P):

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Alex on 17.03.2014 at 15:26:48,46.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Alex\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

17.03.2014 15:33:52 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1720175286-4088662769-2618409241-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-1720175286-4088662769-2618409241-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-1720175286-4088662769-2618409241-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_USERS\S-1-5-21-1720175286-4088662769-2618409241-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1720175286-4088662769-2618409241-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{77f8c945-4b74-4bd6-a073-e0d1997edce8} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{D19CA586-DD6C-4a0a-96F8-14644F340D60} deleted successfully

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

"C:\Windows\Installer\2bd3a9.msi" not found
C:\PROGRA~2\GUTE2B.tmp deleted
C:\PROGRA~2\GUME2A.tmp deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\autoconfig.js deleted
C:\PROGRA~2\Wondershare deleted
C:\found.000 deleted
C:\Users\Alex\AppData\Roaming\Wondershare deleted
C:\PROGRA~3\OberonGameConsole deleted
C:\PROGRA~3\WoW Worldwide Software LTD deleted
C:\PROGRA~3\InstallMate deleted
C:\Users\Alex\AppData\Local\Wondershare deleted
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\Windows\Installer\{118D6CE9-5F18-42F9-958A-14676A629FDE} deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted
"C:\Users\Alex\AppData\Local\{F9CEE124-1F7E-4C9F-8EB2-627C0741FAF0}" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted
"C:\PROGRA~2\COMMON~1\Wondershare" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\IPSFF" [10.10.2013 13:22]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dehjbbcmklelglapfndfbomoaooippkb - C:\Program Files (x86)\GamesCenter\GamesCenter.crx[19.02.2013 14:58]
nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx[21.01.2014 05:03]
pljcgbedjplidkdjahbaalanadmjfgop - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx[]

Games Center - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\dehjbbcmklelglapfndfbomoaooippkb
Norton Identity Protection - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Search Page"="hxxp://www.google.com"
"Search Bar"="hxxp://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://www.google.com"
"SearchAssistant"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="hxxp://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EC6D81181F59F2459A84176A626F9ED deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{80D9E8F0-4989-95E7-FA79-EFABD1B54F5F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pljcgbedjplidkdjahbaalanadmjfgop deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Alex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Alex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WXUTV50Z will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=387 folders=55 71094808 bytes)

==== Empty Temp Folders ======================

C:\Users\Alex\AppData\Local\Temp will be emptied at reboot
C:\Users\Alex !\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Alex\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Alex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WXUTV50Z" not found

==== EOF on 17.03.2014 at 15:50:59,54 ======================

M-K-D-B · 17.03.2014, 19:45

Servus,

Wir spüren die letzten Reste auf, damit wir sie später entfernen können:

Kontrollscan mit FRST
Führe wie zuvor beschrieben einen Scan mit FRST aus.
Setze dazu einen Haken bei Addition.txt rechts unten und klicke auf Scan.
Es werden zwei Logdateien erzeugt. Poste mir diese.

Gibt es noch Probleme mit Malware? Wenn ja, welche?
Wie läuft der Rechner derzeit?

Bitte poste mit deiner nächsten Antwort

die zwei Logdateien von FRST,
die Beantwortung der gestellten Fragen.

xalex · 18.03.2014, 16:16

Hier FRST:
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Alex (administrator) on ALEX-PC on 18-03-2014 16:11:12
Running from C:\Users\Alex\AppData\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
() C:\Program Files (x86)\puush\puush.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Alex\AppData\Roaming\Spotify\spotify.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
() C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Logitech(c)) C:\Logitech\G35.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-02-06] (Alcor Micro Corp.)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-02-01] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10081312 2010-02-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [877600 2010-02-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2010-03-10] (Acer Incorporated)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2399632 2011-04-13] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Logitech G35] - C:\Logitech\G35.exe [1811800 2010-10-05] (Logitech(c))
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442712 2013-11-17] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Spotify Web Helper] - C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-14] (Spotify Ltd)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2013-07-15] ()
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Spotify] - C:\Users\Alex\AppData\Roaming\Spotify\spotify.exe [6118400 2014-01-14] (Spotify Ltd)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408 2013-11-15] (Apple Inc.)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - !{A13C2648-91D4-4bf3-BC6D-0079707C4389} -  No File
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - !{A13C2648-91D4-4bf3-BC6D-0079707C4389} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-17]
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-17]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-17]
CHR Extension: (Google-Suche) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-17]
CHR Extension: (Games Center) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\dehjbbcmklelglapfndfbomoaooippkb [2014-03-17]
CHR Extension: (Google Wallet) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Norton Identity Protection) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2014-03-17]
CHR Extension: (Google Mail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-17]
CHR HKLM-x32\...\Chrome\Extension: [dehjbbcmklelglapfndfbomoaooippkb] - C:\Program Files (x86)\GamesCenter\GamesCenter.crx [2013-02-19]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2014-01-21]

==================== Services (Whitelisted) =================

R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [820768 2010-03-10] (Acer Incorporated)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3890920 2010-06-17] (INCA Internet Co., Ltd.)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-06-11] (Overwolf Ltd)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-02-01] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20140317.001\IDSvia64.sys [524504 2014-03-06] (Symantec Corporation)
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20140318.001\ENG64.SYS [126040 2013-08-31] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20140318.001\EX64.SYS [2099288 2013-08-31] (Symantec Corporation)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dump_wmimmc; \??\C:\Program Files (x86)\gPotato.eu\FLYFF\GameGuard\dump_wmimmc.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-17 15:48 - 2014-03-17 15:26 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-17 15:32 - 2014-03-17 15:50 - 00010796 _____ () C:\zoek-results.log
2014-03-17 15:18 - 2014-03-17 15:46 - 00000000 ____D () C:\zoek_backup
2014-03-17 15:17 - 2014-03-17 15:17 - 01285120 _____ () C:\Users\Alex\Desktop\zoek.exe
2014-03-17 14:54 - 2014-03-17 14:54 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Malwarebytes
2014-03-17 14:53 - 2014-03-17 14:53 - 00001077 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-17 14:53 - 2014-03-17 14:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 14:53 - 2014-03-17 14:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-17 14:53 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-17 14:47 - 2014-03-17 14:47 - 00001199 _____ () C:\Users\Alex\Desktop\JRT.txt
2014-03-17 14:39 - 2014-03-17 14:39 - 00000000 ____D () C:\Windows\ERUNT
2014-03-17 14:29 - 2014-03-17 14:31 - 00000000 ____D () C:\AdwCleaner
2014-03-15 17:45 - 2014-03-15 17:45 - 00000000 ____D () C:\Users\Alex\AppData\Local\Blizzard Entertainment
2014-03-15 17:28 - 2014-03-15 17:28 - 00034695 _____ () C:\ComboFix.txt
2014-03-15 17:04 - 2014-03-15 17:28 - 00000000 ____D () C:\Qoobox
2014-03-15 17:04 - 2014-03-15 17:27 - 00000000 ____D () C:\Windows\erdnt
2014-03-15 17:04 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-15 17:04 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-15 17:04 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-15 17:04 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-15 17:04 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-15 17:04 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-15 17:04 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-15 17:04 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-15 12:20 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-15 12:20 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-15 12:20 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-15 12:20 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-15 12:20 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-15 12:20 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-15 12:20 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-15 12:20 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-15 12:20 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-15 12:20 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-15 12:20 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-15 12:20 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-15 12:20 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-15 12:20 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-15 12:20 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-15 12:20 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-15 12:20 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-15 12:20 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-15 12:20 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-15 12:20 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-15 12:20 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-15 12:20 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-15 12:20 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-15 12:20 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-15 12:20 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-15 12:20 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-15 12:20 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-15 12:20 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-15 12:20 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-15 12:20 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-15 12:20 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-15 12:20 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-15 12:20 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-15 12:20 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-15 12:20 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-15 12:20 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-15 12:20 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-15 12:20 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-15 12:20 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-15 12:20 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-15 12:20 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-15 12:20 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-15 12:20 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-15 12:20 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-15 12:19 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-15 12:19 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-15 12:19 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-15 12:19 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-15 12:08 - 2014-03-15 12:08 - 00005896 _____ () C:\Users\Alex\Desktop\Pong.zip
2014-03-14 17:50 - 2014-03-14 17:50 - 05190279 ____R (Swearware) C:\Users\Alex\Desktop\ComboFix.exe
2014-03-14 16:02 - 2014-03-18 16:11 - 00000000 ____D () C:\FRST
2014-03-12 18:34 - 2014-03-12 18:34 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-12 18:33 - 2014-03-12 18:34 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-12 18:33 - 2014-03-12 18:34 - 00000000 ____D () C:\Program Files\iTunes
2014-03-12 18:33 - 2014-03-12 18:34 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-12 18:33 - 2014-03-12 18:33 - 00000000 ____D () C:\Program Files\iPod
2014-03-12 18:27 - 2014-03-12 18:27 - 00001809 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-12 18:27 - 2014-03-12 18:27 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-09 17:59 - 2014-03-09 17:59 - 00000154 _____ () C:\Users\Alex\.appletviewer
2014-03-09 17:48 - 2014-03-11 15:25 - 00000000 ____D () C:\Users\Alex\Desktop\ProcessingBlueJB
2014-03-09 17:34 - 2014-03-11 18:08 - 00000000 ____D () C:\Users\Alex\Desktop\Pong
2014-03-08 23:35 - 2014-03-08 23:38 - 00000000 ____D () C:\Users\Alex\Pong
2014-03-08 23:20 - 2014-03-09 17:48 - 00000000 ____D () C:\Users\Alex\Desktop\Snake1Benedikt
2014-03-08 20:52 - 2014-03-08 23:25 - 00000000 ____D () C:\Users\Alex\bluej
2014-03-08 20:51 - 2014-03-08 20:51 - 00001917 _____ () C:\Users\Alex\Desktop\BlueJ.lnk
2014-03-08 20:51 - 2014-03-08 20:51 - 00000000 ____D () C:\Program Files (x86)\BlueJ
2014-03-08 13:43 - 2014-03-08 13:43 - 00000000 ____D () C:\Users\Alex\AppData\Local\Blizzard
2014-03-06 14:32 - 2014-03-15 12:12 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-06 14:32 - 2014-03-06 14:32 - 00001125 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-06 14:14 - 2014-03-17 17:49 - 00000000 ____D () C:\Users\Alex\AppData\Local\Battle.net
2014-03-06 14:14 - 2014-03-06 14:43 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Battle.net
2014-03-06 14:14 - 2014-03-06 14:14 - 00001114 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-06 14:14 - 2014-03-06 14:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-27 14:09 - 2014-02-27 14:09 - 00000861 _____ () C:\Users\Alex\AppData\Local\recently-used.xbel
2014-02-27 14:09 - 2014-02-27 14:09 - 00000000 ____D () C:\Users\Alex\AppData\Local\gtk-2.0
2014-02-27 14:09 - 2014-02-27 14:09 - 00000000 ____D () C:\Users\Alex\.thumbnails
2014-02-27 14:07 - 2014-02-27 14:18 - 00000000 ____D () C:\Users\Alex\.gimp-2.8
2014-02-27 14:07 - 2014-02-27 14:07 - 00000000 ____D () C:\Users\Alex\AppData\Local\gegl-0.2
2014-02-27 14:02 - 2014-02-27 14:04 - 00000000 ____D () C:\Program Files\GIMP 2
2014-02-27 13:52 - 2014-02-27 13:52 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi

==================== One Month Modified Files and Folders =======

2014-03-18 16:11 - 2014-03-14 16:02 - 00000000 ____D () C:\FRST
2014-03-18 16:11 - 2010-08-20 19:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-18 16:08 - 2012-05-12 07:50 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Spotify
2014-03-18 16:05 - 2011-02-16 18:10 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Skype
2014-03-18 15:54 - 2012-03-31 08:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-18 15:15 - 2012-10-29 17:28 - 00000000 ____D () C:\Users\Alex\AppData\Local\CrashDumps
2014-03-18 14:13 - 2010-05-18 15:13 - 01800946 _____ () C:\Windows\WindowsUpdate.log
2014-03-18 14:11 - 2010-08-20 19:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-18 12:39 - 2012-09-15 21:28 - 00000000 ____D () C:\Users\Alex\AppData\Local\LogMeIn Hamachi
2014-03-18 12:38 - 2012-01-28 13:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-18 12:34 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-18 12:34 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-18 12:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-18 12:27 - 2009-07-14 05:51 - 00238255 _____ () C:\Windows\setupact.log
2014-03-17 17:49 - 2014-03-06 14:14 - 00000000 ____D () C:\Users\Alex\AppData\Local\Battle.net
2014-03-17 17:31 - 2011-05-16 13:23 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\.minecraft
2014-03-17 15:53 - 2012-05-12 07:51 - 00000000 ____D () C:\Users\Alex\AppData\Local\Spotify
2014-03-17 15:50 - 2014-03-17 15:32 - 00010796 _____ () C:\zoek-results.log
2014-03-17 15:50 - 2010-05-18 15:10 - 00395610 _____ () C:\Windows\PFRO.log
2014-03-17 15:46 - 2014-03-17 15:18 - 00000000 ____D () C:\zoek_backup
2014-03-17 15:26 - 2014-03-17 15:48 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-17 15:17 - 2014-03-17 15:17 - 01285120 _____ () C:\Users\Alex\Desktop\zoek.exe
2014-03-17 14:54 - 2014-03-17 14:54 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Malwarebytes
2014-03-17 14:53 - 2014-03-17 14:53 - 00001077 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-17 14:53 - 2014-03-17 14:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 14:53 - 2014-03-17 14:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-17 14:47 - 2014-03-17 14:47 - 00001199 _____ () C:\Users\Alex\Desktop\JRT.txt
2014-03-17 14:39 - 2014-03-17 14:39 - 00000000 ____D () C:\Windows\ERUNT
2014-03-17 14:31 - 2014-03-17 14:29 - 00000000 ____D () C:\AdwCleaner
2014-03-16 11:39 - 2011-02-16 18:10 - 00000000 ____D () C:\ProgramData\Skype
2014-03-15 18:16 - 2012-01-23 16:22 - 00002139 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-15 17:45 - 2014-03-15 17:45 - 00000000 ____D () C:\Users\Alex\AppData\Local\Blizzard Entertainment
2014-03-15 17:28 - 2014-03-15 17:28 - 00034695 _____ () C:\ComboFix.txt
2014-03-15 17:28 - 2014-03-15 17:04 - 00000000 ____D () C:\Qoobox
2014-03-15 17:27 - 2014-03-15 17:04 - 00000000 ____D () C:\Windows\erdnt
2014-03-15 17:26 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-15 16:40 - 2009-07-14 05:45 - 00402264 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-15 16:37 - 2012-05-14 15:30 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 16:37 - 2012-05-14 15:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-15 12:12 - 2014-03-06 14:32 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-15 12:08 - 2014-03-15 12:08 - 00005896 _____ () C:\Users\Alex\Desktop\Pong.zip
2014-03-14 17:50 - 2014-03-14 17:50 - 05190279 ____R (Swearware) C:\Users\Alex\Desktop\ComboFix.exe
2014-03-13 15:54 - 2012-03-31 08:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 15:54 - 2012-03-31 08:42 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 15:54 - 2011-05-26 14:04 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 18:34 - 2014-03-12 18:34 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-12 18:34 - 2014-03-12 18:33 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-12 18:34 - 2014-03-12 18:33 - 00000000 ____D () C:\Program Files\iTunes
2014-03-12 18:34 - 2014-03-12 18:33 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-12 18:33 - 2014-03-12 18:33 - 00000000 ____D () C:\Program Files\iPod
2014-03-12 18:27 - 2014-03-12 18:27 - 00001809 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-12 18:27 - 2014-03-12 18:27 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-11 18:08 - 2014-03-09 17:34 - 00000000 ____D () C:\Users\Alex\Desktop\Pong
2014-03-11 15:25 - 2014-03-09 17:48 - 00000000 ____D () C:\Users\Alex\Desktop\ProcessingBlueJB
2014-03-11 10:27 - 2011-08-31 11:54 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-03-11 10:27 - 2011-08-31 11:54 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2014-03-09 17:59 - 2014-03-09 17:59 - 00000154 _____ () C:\Users\Alex\.appletviewer
2014-03-09 17:59 - 2010-08-20 17:52 - 00000000 ____D () C:\Users\Alex
2014-03-09 17:48 - 2014-03-08 23:20 - 00000000 ____D () C:\Users\Alex\Desktop\Snake1Benedikt
2014-03-08 23:38 - 2014-03-08 23:35 - 00000000 ____D () C:\Users\Alex\Pong
2014-03-08 23:25 - 2014-03-08 20:52 - 00000000 ____D () C:\Users\Alex\bluej
2014-03-08 20:51 - 2014-03-08 20:51 - 00001917 _____ () C:\Users\Alex\Desktop\BlueJ.lnk
2014-03-08 20:51 - 2014-03-08 20:51 - 00000000 ____D () C:\Program Files (x86)\BlueJ
2014-03-08 13:43 - 2014-03-08 13:43 - 00000000 ____D () C:\Users\Alex\AppData\Local\Blizzard
2014-03-06 17:08 - 2011-07-19 14:24 - 00000000 ____D () C:\Users\Alex\Documents\Stronghold Legends
2014-03-06 14:51 - 2010-09-18 19:41 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-03-06 14:43 - 2014-03-06 14:14 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Battle.net
2014-03-06 14:32 - 2014-03-06 14:32 - 00001125 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-06 14:14 - 2014-03-06 14:14 - 00001114 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-06 14:14 - 2014-03-06 14:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-02 21:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-03-01 07:05 - 2014-03-15 12:20 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-15 12:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-15 12:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-15 12:20 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-15 12:20 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-15 12:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-15 12:20 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-15 12:20 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-15 12:20 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-15 12:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-15 12:20 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-15 12:20 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-15 12:20 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-15 12:20 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-15 12:20 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-15 12:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-15 12:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-15 12:20 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-15 12:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-15 12:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-15 12:20 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-15 12:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-15 12:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-15 12:20 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-15 12:20 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-15 12:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-15 12:20 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-15 12:20 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-15 12:20 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-15 12:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-15 12:20 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-15 12:20 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-15 12:20 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-15 12:20 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-15 12:20 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-15 12:20 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-15 12:20 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-15 12:20 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-15 12:20 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-15 12:20 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-27 14:18 - 2014-02-27 14:07 - 00000000 ____D () C:\Users\Alex\.gimp-2.8
2014-02-27 14:09 - 2014-02-27 14:09 - 00000861 _____ () C:\Users\Alex\AppData\Local\recently-used.xbel
2014-02-27 14:09 - 2014-02-27 14:09 - 00000000 ____D () C:\Users\Alex\AppData\Local\gtk-2.0
2014-02-27 14:09 - 2014-02-27 14:09 - 00000000 ____D () C:\Users\Alex\.thumbnails
2014-02-27 14:07 - 2014-02-27 14:07 - 00000000 ____D () C:\Users\Alex\AppData\Local\gegl-0.2
2014-02-27 14:04 - 2014-02-27 14:02 - 00000000 ____D () C:\Program Files\GIMP 2
2014-02-27 13:52 - 2014-02-27 13:52 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-26 21:02 - 2012-06-17 18:21 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-26 21:02 - 2010-05-19 01:06 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-02-26 21:02 - 2010-05-19 01:06 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-02-26 21:02 - 2009-07-14 06:13 - 01594964 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-25 14:37 - 2014-02-08 12:00 - 00000222 _____ () C:\Users\Alex\Desktop\Call of Duty Black Ops II.url
2014-02-21 20:34 - 2013-01-30 15:15 - 00000000 ____D () C:\ProgramData\Origin
2014-02-21 20:20 - 2013-01-30 15:15 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-02-17 18:08 - 2013-07-28 21:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 18:04 - 2011-05-29 09:35 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-11 18:59

==================== End Of Log ============================

--- --- ---

--- --- ---

Hier Addition:FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Alex at 2014-03-18 16:12:23
Running from C:\Users\Alex\AppData\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton AntiVirus (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}

==================== Installed Programs ======================

3D Matrix Screensaver 1.1 (HKLM-x32\...\3D Matrix Screensaver_is1) (Version:  - )
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.60 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.2.0 - Liteon)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.01.3002 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0203.2010 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{E5EABF66-F9C4-430C-B97D-3CF28A58D50B}) (Version: 1.3.17.05006 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.3.17.05006 - Alcor Micro Corp.) Hidden
AMD APP SDK Runtime (Version: 2.4.595.1 - Advanced Micro Devices Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo ClipFinder HD v.2.3.2 (HKLM-x32\...\Ashampoo ClipFinder HD_is1) (Version: 2.3.2 - Ashampoo GmbH & Co. KG)
Ashampoo ClipFinder HD v.2.3.4 (HKLM-x32\...\{0A11EA01-36EF-0070-F54C-E06E25BC1924}_is1) (Version: 2.3.4 - Ashampoo GmbH & Co. KG)
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C0700}) (Version: 12.7.0.15 - APN, LLC) <==== ATTENTION
Astro Gemini Screensaver Manager 2.0 (HKLM-x32\...\Astro Gemini Screensaver Manager_is1) (Version:  - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.24 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{0B674B1E-1905-4830-ABD1-F6892F1C4394}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.5.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.2 - EA Digital Illusions CE AB)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.1 - BlueJ Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Briblo Bildschirmschoner (HKLM-x32\...\Briblo) (Version:  - )
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
CamStudio (HKLM-x32\...\CamStudio) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.0613.2238.38801 - Ihr Firmenname) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0302.2233.40412 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0613.2238.38801 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0613.2238.38801 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0613.2238.38801 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help English (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help French (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help German (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
ccc-utility64 (Version: 2011.0613.2238.38801 - ATI) Hidden
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Cossacks - European Wars (HKLM-x32\...\EW : Cossacks) (Version:  - )
Cossacks - The Art Of War (HKLM-x32\...\Cossacks : The Art Of War) (Version:  - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FileZilla Client 3.7.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.7.0.2 - FileZilla Project)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
GamesCenter (HKLM-x32\...\GamesCenter) (Version:  - GamesCenter)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Team Garry)
Garry's Mod Manager (HKLM-x32\...\Garry's Mod Manager 8.20.0000) (Version: 8.20.0000 - Lansoftware)
Garry's Mod Manager (x32 Version: 8.20.0000 - Lansoftware) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Höllenjob XS (HKLM-x32\...\{21484364-1EF4-4AE0-963A-CC1FEF749ECC}) (Version:  - )
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.00.1005 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.7 - Acer Inc.)
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
LibreOffice 3.6 (HKLM-x32\...\{C2F438B6-7010-453B-93EC-B2FC053AA97B}) (Version: 3.6.1.2 - The Document Foundation)
Logitech G35 (HKLM\...\{27607A94-33AC-4AA7-AACE-95AF6ACA3E30}) (Version: 1.1.178 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
LPT System Updater Service (HKLM-x32\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Matrix Code Emulator 1.50 (HKLM-x32\...\Matrix Code Emulator_is1) (Version:  - Reality Rift Studios)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
MediaBar (HKLM-x32\...\BearShare 2 MediaBar) (Version: 3.0.0.114951 - Musiclab, LLC)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0 - Microsoft) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.206.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
Nic's XviD Decoder (HKLM-x32\...\XviDDec) (Version:  - )
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 20.4.0.40 - Symantec Corporation)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.6.0.27 - Symantec Corporation)
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version:  - Gameforge 4D GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.1.11.2678 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{8CD3A2A9-B25E-4D5D-8D12-724493A45C1A}) (Version: 0.42.248 - Overwolf)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.5.2 - Pando Networks Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickShare (HKLM-x32\...\{11D4FAA0-A577-4FA8-B24E-D24283D861D1}) (Version: 11.24.60.15709 - Linkury Inc.) <==== ATTENTION
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.16.6 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6050 - Realtek Semiconductor Corp.)
Revelations 2012 (HKLM-x32\...\Steam App 201070) (Version:  - )
Runes of Magic (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 6.0.0.2647 - Gameforge Productions GmbH)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.2.10687 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1721.0 - Hi-Rez Studios)
Sniper Elite (HKLM-x32\...\Steam App 3700) (Version:  - Rebellion Developments)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version:  - )
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.19045 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.01.3002 - Acer Incorporated)
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinMaximizer 1.2.86 (HKLM-x32\...\{6C4BA010-69C2-46C7-B559-DC513EEB0B5F}_is1) (Version:  - Celeritas Software Company)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
Wondershare TunesGo ( Version 4.0.0 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 4.0.0 - Wondershare)

==================== Restore Points  =========================

17-03-2014 14:32:44 zoek.exe restore point

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-03-15 17:26 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {041715F5-D6C2-4E28-B672-42DD332642E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-20] (Google Inc.)
Task: {1ABA3A87-AA3A-4BF9-A5A7-D6E5B9061FF2} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-04-13] (Microsoft Corporation)
Task: {1F4E37A2-05E6-456B-AFB7-0D8722D9F568} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {434EFD52-71B4-42DA-AC13-E6E7E206ED34} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated)
Task: {5BB4656C-1D11-4D60-A2ED-15285889ABD9} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {7FEA9533-7E0F-4798-95DD-097CC3620CFD} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-06-09] ()
Task: {87A3A6F4-03FB-4F26-B70B-4A78439AC5B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-20] (Google Inc.)
Task: {D1F84C75-44BC-463F-9DBF-ED0DDCD2F7D5} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {D32812D4-0581-44DF-A56C-BAA4F44EEC14} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {E3F48872-20F8-4470-83BE-57DE2205BE0F} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {FB869C9E-A2E6-4CE6-9F1A-735CB15E6294} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-01-23 18:50 - 2013-02-01 14:32 - 00076888 ____N () C:\Windows\SysWOW64\PnkBstrA.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-04-05 16:40 - 2013-07-15 12:26 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe
2013-09-23 12:40 - 2014-01-14 13:04 - 00603648 _____ () C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-26 16:53 - 2013-05-26 16:53 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-09 01:13 - 2010-03-09 01:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-04-19 11:25 - 2009-12-24 01:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-01-10 13:54 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-10 13:54 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-03-12 17:10 - 2014-02-11 03:34 - 00751616 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2012-01-28 13:34 - 2014-02-25 22:57 - 01135296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-01-28 13:34 - 2014-01-11 00:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-03-19 17:27 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-03-19 17:27 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-03-19 17:27 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2012-05-12 07:51 - 2014-01-14 13:04 - 36967424 _____ () C:\Users\Alex\AppData\Roaming\Spotify\Data\libcef.dll
2010-04-19 12:09 - 2009-05-20 07:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2013-09-23 12:40 - 2014-01-14 13:04 - 00887808 _____ () C:\Users\Alex\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-23 12:40 - 2014-01-14 13:04 - 00109568 _____ () C:\Users\Alex\AppData\Roaming\Spotify\Data\libegl.dll
2014-03-15 18:16 - 2014-03-15 01:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-15 18:16 - 2014-03-15 01:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 18:16 - 2014-03-15 01:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-15 18:16 - 2014-03-15 01:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 18:16 - 2014-03-15 01:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 18:16 - 2014-03-15 01:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-03-15 18:16 - 2014-03-15 01:50 - 13637448 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/18/2014 03:15:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Name des fehlerhaften Moduls: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Ausnahmecode: 0xc0000005
Fehleroffset: 0x003e871f
ID des fehlerhaften Prozesses: 0x18b8
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3


System errors:
=============
Error: (03/17/2014 05:49:53 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (03/17/2014 03:49:05 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (03/17/2014 03:45:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/17/2014 03:45:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/17/2014 03:45:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/17/2014 03:45:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/17/2014 03:45:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/17/2014 03:29:54 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (03/17/2014 03:22:06 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (03/17/2014 03:05:02 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


Microsoft Office Sessions:
=========================
Error: (03/18/2014 03:15:40 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.4.0.185853214f63League of Legends.exe4.4.0.185853214f63c0000005003e871f18b801cf42ac78874dc2C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exec83d47f7-aea7-11e3-912f-c80aa97c6f2d


CodeIntegrity Errors:
===================================
  Date: 2014-03-18 12:41:37.392
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-17 15:54:18.429
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-17 15:26:31.067
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-17 15:11:36.163
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-17 14:37:57.872
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-17 14:11:48.216
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-16 20:01:32.089
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-16 14:19:39.284
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-15 17:41:42.214
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-15 17:25:37.658
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 63%
Total physical RAM: 3828.48 MB
Available physical RAM: 1414.67 MB
Total Pagefile: 7655.15 MB
Available Pagefile: 4338.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:284.99 GB) (Free:32.74 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 98F67714)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

xalex · 18.03.2014, 16:21

Hier die FRST:
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Alex (administrator) on ALEX-PC on 18-03-2014 16:11:12
Running from C:\Users\Alex\AppData\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
() C:\Program Files (x86)\puush\puush.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Alex\AppData\Roaming\Spotify\spotify.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
() C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Logitech(c)) C:\Logitech\G35.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-02-06] (Alcor Micro Corp.)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-02-01] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10081312 2010-02-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [877600 2010-02-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2010-03-10] (Acer Incorporated)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2399632 2011-04-13] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Logitech G35] - C:\Logitech\G35.exe [1811800 2010-10-05] (Logitech(c))
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442712 2013-11-17] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Spotify Web Helper] - C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-14] (Spotify Ltd)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2013-07-15] ()
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Spotify] - C:\Users\Alex\AppData\Roaming\Spotify\spotify.exe [6118400 2014-01-14] (Spotify Ltd)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408 2013-11-15] (Apple Inc.)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - !{A13C2648-91D4-4bf3-BC6D-0079707C4389} -  No File
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - !{A13C2648-91D4-4bf3-BC6D-0079707C4389} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-17]
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-17]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-17]
CHR Extension: (Google-Suche) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-17]
CHR Extension: (Games Center) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\dehjbbcmklelglapfndfbomoaooippkb [2014-03-17]
CHR Extension: (Google Wallet) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Norton Identity Protection) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2014-03-17]
CHR Extension: (Google Mail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-17]
CHR HKLM-x32\...\Chrome\Extension: [dehjbbcmklelglapfndfbomoaooippkb] - C:\Program Files (x86)\GamesCenter\GamesCenter.crx [2013-02-19]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2014-01-21]

==================== Services (Whitelisted) =================

R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [820768 2010-03-10] (Acer Incorporated)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3890920 2010-06-17] (INCA Internet Co., Ltd.)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-06-11] (Overwolf Ltd)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-02-01] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20140317.001\IDSvia64.sys [524504 2014-03-06] (Symantec Corporation)
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20140318.001\ENG64.SYS [126040 2013-08-31] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20140318.001\EX64.SYS [2099288 2013-08-31] (Symantec Corporation)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dump_wmimmc; \??\C:\Program Files (x86)\gPotato.eu\FLYFF\GameGuard\dump_wmimmc.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-17 15:48 - 2014-03-17 15:26 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-17 15:32 - 2014-03-17 15:50 - 00010796 _____ () C:\zoek-results.log
2014-03-17 15:18 - 2014-03-17 15:46 - 00000000 ____D () C:\zoek_backup
2014-03-17 15:17 - 2014-03-17 15:17 - 01285120 _____ () C:\Users\Alex\Desktop\zoek.exe
2014-03-17 14:54 - 2014-03-17 14:54 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Malwarebytes
2014-03-17 14:53 - 2014-03-17 14:53 - 00001077 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-17 14:53 - 2014-03-17 14:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 14:53 - 2014-03-17 14:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-17 14:53 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-17 14:47 - 2014-03-17 14:47 - 00001199 _____ () C:\Users\Alex\Desktop\JRT.txt
2014-03-17 14:39 - 2014-03-17 14:39 - 00000000 ____D () C:\Windows\ERUNT
2014-03-17 14:29 - 2014-03-17 14:31 - 00000000 ____D () C:\AdwCleaner
2014-03-15 17:45 - 2014-03-15 17:45 - 00000000 ____D () C:\Users\Alex\AppData\Local\Blizzard Entertainment
2014-03-15 17:28 - 2014-03-15 17:28 - 00034695 _____ () C:\ComboFix.txt
2014-03-15 17:04 - 2014-03-15 17:28 - 00000000 ____D () C:\Qoobox
2014-03-15 17:04 - 2014-03-15 17:27 - 00000000 ____D () C:\Windows\erdnt
2014-03-15 17:04 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-15 17:04 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-15 17:04 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-15 17:04 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-15 17:04 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-15 17:04 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-15 17:04 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-15 17:04 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-15 12:20 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-15 12:20 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-15 12:20 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-15 12:20 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-15 12:20 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-15 12:20 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-15 12:20 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-15 12:20 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-15 12:20 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-15 12:20 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-15 12:20 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-15 12:20 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-15 12:20 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-15 12:20 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-15 12:20 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-15 12:20 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-15 12:20 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-15 12:20 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-15 12:20 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-15 12:20 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-15 12:20 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-15 12:20 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-15 12:20 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-15 12:20 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-15 12:20 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-15 12:20 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-15 12:20 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-15 12:20 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-15 12:20 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-15 12:20 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-15 12:20 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-15 12:20 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-15 12:20 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-15 12:20 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-15 12:20 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-15 12:20 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-15 12:20 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-15 12:20 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-15 12:20 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-15 12:20 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-15 12:20 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-15 12:20 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-15 12:20 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-15 12:20 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-15 12:19 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-15 12:19 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-15 12:19 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-15 12:19 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-15 12:08 - 2014-03-15 12:08 - 00005896 _____ () C:\Users\Alex\Desktop\Pong.zip
2014-03-14 17:50 - 2014-03-14 17:50 - 05190279 ____R (Swearware) C:\Users\Alex\Desktop\ComboFix.exe
2014-03-14 16:02 - 2014-03-18 16:11 - 00000000 ____D () C:\FRST
2014-03-12 18:34 - 2014-03-12 18:34 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-12 18:33 - 2014-03-12 18:34 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-12 18:33 - 2014-03-12 18:34 - 00000000 ____D () C:\Program Files\iTunes
2014-03-12 18:33 - 2014-03-12 18:34 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-12 18:33 - 2014-03-12 18:33 - 00000000 ____D () C:\Program Files\iPod
2014-03-12 18:27 - 2014-03-12 18:27 - 00001809 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-12 18:27 - 2014-03-12 18:27 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-09 17:59 - 2014-03-09 17:59 - 00000154 _____ () C:\Users\Alex\.appletviewer
2014-03-09 17:48 - 2014-03-11 15:25 - 00000000 ____D () C:\Users\Alex\Desktop\ProcessingBlueJB
2014-03-09 17:34 - 2014-03-11 18:08 - 00000000 ____D () C:\Users\Alex\Desktop\Pong
2014-03-08 23:35 - 2014-03-08 23:38 - 00000000 ____D () C:\Users\Alex\Pong
2014-03-08 23:20 - 2014-03-09 17:48 - 00000000 ____D () C:\Users\Alex\Desktop\Snake1Benedikt
2014-03-08 20:52 - 2014-03-08 23:25 - 00000000 ____D () C:\Users\Alex\bluej
2014-03-08 20:51 - 2014-03-08 20:51 - 00001917 _____ () C:\Users\Alex\Desktop\BlueJ.lnk
2014-03-08 20:51 - 2014-03-08 20:51 - 00000000 ____D () C:\Program Files (x86)\BlueJ
2014-03-08 13:43 - 2014-03-08 13:43 - 00000000 ____D () C:\Users\Alex\AppData\Local\Blizzard
2014-03-06 14:32 - 2014-03-15 12:12 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-06 14:32 - 2014-03-06 14:32 - 00001125 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-06 14:14 - 2014-03-17 17:49 - 00000000 ____D () C:\Users\Alex\AppData\Local\Battle.net
2014-03-06 14:14 - 2014-03-06 14:43 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Battle.net
2014-03-06 14:14 - 2014-03-06 14:14 - 00001114 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-06 14:14 - 2014-03-06 14:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-27 14:09 - 2014-02-27 14:09 - 00000861 _____ () C:\Users\Alex\AppData\Local\recently-used.xbel
2014-02-27 14:09 - 2014-02-27 14:09 - 00000000 ____D () C:\Users\Alex\AppData\Local\gtk-2.0
2014-02-27 14:09 - 2014-02-27 14:09 - 00000000 ____D () C:\Users\Alex\.thumbnails
2014-02-27 14:07 - 2014-02-27 14:18 - 00000000 ____D () C:\Users\Alex\.gimp-2.8
2014-02-27 14:07 - 2014-02-27 14:07 - 00000000 ____D () C:\Users\Alex\AppData\Local\gegl-0.2
2014-02-27 14:02 - 2014-02-27 14:04 - 00000000 ____D () C:\Program Files\GIMP 2
2014-02-27 13:52 - 2014-02-27 13:52 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi

==================== One Month Modified Files and Folders =======

2014-03-18 16:11 - 2014-03-14 16:02 - 00000000 ____D () C:\FRST
2014-03-18 16:11 - 2010-08-20 19:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-18 16:08 - 2012-05-12 07:50 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Spotify
2014-03-18 16:05 - 2011-02-16 18:10 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Skype
2014-03-18 15:54 - 2012-03-31 08:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-18 15:15 - 2012-10-29 17:28 - 00000000 ____D () C:\Users\Alex\AppData\Local\CrashDumps
2014-03-18 14:13 - 2010-05-18 15:13 - 01800946 _____ () C:\Windows\WindowsUpdate.log
2014-03-18 14:11 - 2010-08-20 19:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-18 12:39 - 2012-09-15 21:28 - 00000000 ____D () C:\Users\Alex\AppData\Local\LogMeIn Hamachi
2014-03-18 12:38 - 2012-01-28 13:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-18 12:34 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-18 12:34 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-18 12:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-18 12:27 - 2009-07-14 05:51 - 00238255 _____ () C:\Windows\setupact.log
2014-03-17 17:49 - 2014-03-06 14:14 - 00000000 ____D () C:\Users\Alex\AppData\Local\Battle.net
2014-03-17 17:31 - 2011-05-16 13:23 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\.minecraft
2014-03-17 15:53 - 2012-05-12 07:51 - 00000000 ____D () C:\Users\Alex\AppData\Local\Spotify
2014-03-17 15:50 - 2014-03-17 15:32 - 00010796 _____ () C:\zoek-results.log
2014-03-17 15:50 - 2010-05-18 15:10 - 00395610 _____ () C:\Windows\PFRO.log
2014-03-17 15:46 - 2014-03-17 15:18 - 00000000 ____D () C:\zoek_backup
2014-03-17 15:26 - 2014-03-17 15:48 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-17 15:17 - 2014-03-17 15:17 - 01285120 _____ () C:\Users\Alex\Desktop\zoek.exe
2014-03-17 14:54 - 2014-03-17 14:54 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Malwarebytes
2014-03-17 14:53 - 2014-03-17 14:53 - 00001077 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-17 14:53 - 2014-03-17 14:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 14:53 - 2014-03-17 14:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-17 14:47 - 2014-03-17 14:47 - 00001199 _____ () C:\Users\Alex\Desktop\JRT.txt
2014-03-17 14:39 - 2014-03-17 14:39 - 00000000 ____D () C:\Windows\ERUNT
2014-03-17 14:31 - 2014-03-17 14:29 - 00000000 ____D () C:\AdwCleaner
2014-03-16 11:39 - 2011-02-16 18:10 - 00000000 ____D () C:\ProgramData\Skype
2014-03-15 18:16 - 2012-01-23 16:22 - 00002139 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-15 17:45 - 2014-03-15 17:45 - 00000000 ____D () C:\Users\Alex\AppData\Local\Blizzard Entertainment
2014-03-15 17:28 - 2014-03-15 17:28 - 00034695 _____ () C:\ComboFix.txt
2014-03-15 17:28 - 2014-03-15 17:04 - 00000000 ____D () C:\Qoobox
2014-03-15 17:27 - 2014-03-15 17:04 - 00000000 ____D () C:\Windows\erdnt
2014-03-15 17:26 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-15 16:40 - 2009-07-14 05:45 - 00402264 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-15 16:37 - 2012-05-14 15:30 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 16:37 - 2012-05-14 15:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-15 12:12 - 2014-03-06 14:32 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-15 12:08 - 2014-03-15 12:08 - 00005896 _____ () C:\Users\Alex\Desktop\Pong.zip
2014-03-14 17:50 - 2014-03-14 17:50 - 05190279 ____R (Swearware) C:\Users\Alex\Desktop\ComboFix.exe
2014-03-13 15:54 - 2012-03-31 08:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 15:54 - 2012-03-31 08:42 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 15:54 - 2011-05-26 14:04 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 18:34 - 2014-03-12 18:34 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-12 18:34 - 2014-03-12 18:33 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-12 18:34 - 2014-03-12 18:33 - 00000000 ____D () C:\Program Files\iTunes
2014-03-12 18:34 - 2014-03-12 18:33 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-12 18:33 - 2014-03-12 18:33 - 00000000 ____D () C:\Program Files\iPod
2014-03-12 18:27 - 2014-03-12 18:27 - 00001809 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-12 18:27 - 2014-03-12 18:27 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-11 18:08 - 2014-03-09 17:34 - 00000000 ____D () C:\Users\Alex\Desktop\Pong
2014-03-11 15:25 - 2014-03-09 17:48 - 00000000 ____D () C:\Users\Alex\Desktop\ProcessingBlueJB
2014-03-11 10:27 - 2011-08-31 11:54 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-03-11 10:27 - 2011-08-31 11:54 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2014-03-09 17:59 - 2014-03-09 17:59 - 00000154 _____ () C:\Users\Alex\.appletviewer
2014-03-09 17:59 - 2010-08-20 17:52 - 00000000 ____D () C:\Users\Alex
2014-03-09 17:48 - 2014-03-08 23:20 - 00000000 ____D () C:\Users\Alex\Desktop\Snake1Benedikt
2014-03-08 23:38 - 2014-03-08 23:35 - 00000000 ____D () C:\Users\Alex\Pong
2014-03-08 23:25 - 2014-03-08 20:52 - 00000000 ____D () C:\Users\Alex\bluej
2014-03-08 20:51 - 2014-03-08 20:51 - 00001917 _____ () C:\Users\Alex\Desktop\BlueJ.lnk
2014-03-08 20:51 - 2014-03-08 20:51 - 00000000 ____D () C:\Program Files (x86)\BlueJ
2014-03-08 13:43 - 2014-03-08 13:43 - 00000000 ____D () C:\Users\Alex\AppData\Local\Blizzard
2014-03-06 17:08 - 2011-07-19 14:24 - 00000000 ____D () C:\Users\Alex\Documents\Stronghold Legends
2014-03-06 14:51 - 2010-09-18 19:41 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-03-06 14:43 - 2014-03-06 14:14 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Battle.net
2014-03-06 14:32 - 2014-03-06 14:32 - 00001125 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-06 14:14 - 2014-03-06 14:14 - 00001114 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-06 14:14 - 2014-03-06 14:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-02 21:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-03-01 07:05 - 2014-03-15 12:20 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-15 12:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-15 12:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-15 12:20 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-15 12:20 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-15 12:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-15 12:20 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-15 12:20 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-15 12:20 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-15 12:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-15 12:20 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-15 12:20 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-15 12:20 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-15 12:20 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-15 12:20 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-15 12:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-15 12:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-15 12:20 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-15 12:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-15 12:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-15 12:20 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-15 12:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-15 12:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-15 12:20 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-15 12:20 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-15 12:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-15 12:20 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-15 12:20 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-15 12:20 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-15 12:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-15 12:20 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-15 12:20 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-15 12:20 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-15 12:20 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-15 12:20 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-15 12:20 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-15 12:20 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-15 12:20 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-15 12:20 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-15 12:20 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-27 14:18 - 2014-02-27 14:07 - 00000000 ____D () C:\Users\Alex\.gimp-2.8
2014-02-27 14:09 - 2014-02-27 14:09 - 00000861 _____ () C:\Users\Alex\AppData\Local\recently-used.xbel
2014-02-27 14:09 - 2014-02-27 14:09 - 00000000 ____D () C:\Users\Alex\AppData\Local\gtk-2.0
2014-02-27 14:09 - 2014-02-27 14:09 - 00000000 ____D () C:\Users\Alex\.thumbnails
2014-02-27 14:07 - 2014-02-27 14:07 - 00000000 ____D () C:\Users\Alex\AppData\Local\gegl-0.2
2014-02-27 14:04 - 2014-02-27 14:02 - 00000000 ____D () C:\Program Files\GIMP 2
2014-02-27 13:52 - 2014-02-27 13:52 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-26 21:02 - 2012-06-17 18:21 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-26 21:02 - 2010-05-19 01:06 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-02-26 21:02 - 2010-05-19 01:06 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-02-26 21:02 - 2009-07-14 06:13 - 01594964 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-25 14:37 - 2014-02-08 12:00 - 00000222 _____ () C:\Users\Alex\Desktop\Call of Duty Black Ops II.url
2014-02-21 20:34 - 2013-01-30 15:15 - 00000000 ____D () C:\ProgramData\Origin
2014-02-21 20:20 - 2013-01-30 15:15 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-02-17 18:08 - 2013-07-28 21:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 18:04 - 2011-05-29 09:35 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-11 18:59

==================== End Of Log ============================

--- --- ---

Und die Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Alex at 2014-03-18 16:12:23
Running from C:\Users\Alex\AppData\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Norton AntiVirus (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}

==================== Installed Programs ======================

3D Matrix Screensaver 1.1 (HKLM-x32\...\3D Matrix Screensaver_is1) (Version: - )
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.60 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.2.0 - Liteon)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.01.3002 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0203.2010 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{E5EABF66-F9C4-430C-B97D-3CF28A58D50B}) (Version: 1.3.17.05006 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.3.17.05006 - Alcor Micro Corp.) Hidden
AMD APP SDK Runtime (Version: 2.4.595.1 - Advanced Micro Devices Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo ClipFinder HD v.2.3.2 (HKLM-x32\...\Ashampoo ClipFinder HD_is1) (Version: 2.3.2 - Ashampoo GmbH & Co. KG)
Ashampoo ClipFinder HD v.2.3.4 (HKLM-x32\...\{0A11EA01-36EF-0070-F54C-E06E25BC1924}_is1) (Version: 2.3.4 - Ashampoo GmbH & Co. KG)
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C0700}) (Version: 12.7.0.15 - APN, LLC) <==== ATTENTION
Astro Gemini Screensaver Manager 2.0 (HKLM-x32\...\Astro Gemini Screensaver Manager_is1) (Version: - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.24 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{0B674B1E-1905-4830-ABD1-F6892F1C4394}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.5.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.2 - EA Digital Illusions CE AB)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.1 - BlueJ Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Briblo Bildschirmschoner (HKLM-x32\...\Briblo) (Version: - )
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - Treyarch)
CamStudio (HKLM-x32\...\CamStudio) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.0613.2238.38801 - Ihr Firmenname) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0302.2233.40412 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0613.2238.38801 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0613.2238.38801 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0613.2238.38801 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help English (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help French (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help German (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
ccc-utility64 (Version: 2011.0613.2238.38801 - ATI) Hidden
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Cossacks - European Wars (HKLM-x32\...\EW : Cossacks) (Version: - )
Cossacks - The Art Of War (HKLM-x32\...\Cossacks : The Art Of War) (Version: - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FileZilla Client 3.7.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.7.0.2 - FileZilla Project)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
GamesCenter (HKLM-x32\...\GamesCenter) (Version: - GamesCenter)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Team Garry)
Garry's Mod Manager (HKLM-x32\...\Garry's Mod Manager 8.20.0000) (Version: 8.20.0000 - Lansoftware)
Garry's Mod Manager (x32 Version: 8.20.0000 - Lansoftware) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Höllenjob XS (HKLM-x32\...\{21484364-1EF4-4AE0-963A-CC1FEF749ECC}) (Version: - )
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.00.1005 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.7 - Acer Inc.)
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
LibreOffice 3.6 (HKLM-x32\...\{C2F438B6-7010-453B-93EC-B2FC053AA97B}) (Version: 3.6.1.2 - The Document Foundation)
Logitech G35 (HKLM\...\{27607A94-33AC-4AA7-AACE-95AF6ACA3E30}) (Version: 1.1.178 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
LPT System Updater Service (HKLM-x32\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Matrix Code Emulator 1.50 (HKLM-x32\...\Matrix Code Emulator_is1) (Version: - Reality Rift Studios)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
MediaBar (HKLM-x32\...\BearShare 2 MediaBar) (Version: 3.0.0.114951 - Musiclab, LLC)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0 - Microsoft) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.206.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
Nic's XviD Decoder (HKLM-x32\...\XviDDec) (Version: - )
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 20.4.0.40 - Symantec Corporation)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.6.0.27 - Symantec Corporation)
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version: - Gameforge 4D GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.1.11.2678 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{8CD3A2A9-B25E-4D5D-8D12-724493A45C1A}) (Version: 0.42.248 - Overwolf)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.5.2 - Pando Networks Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickShare (HKLM-x32\...\{11D4FAA0-A577-4FA8-B24E-D24283D861D1}) (Version: 11.24.60.15709 - Linkury Inc.) <==== ATTENTION
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.16.6 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6050 - Realtek Semiconductor Corp.)
Revelations 2012 (HKLM-x32\...\Steam App 201070) (Version: - )
Runes of Magic (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 6.0.0.2647 - Gameforge Productions GmbH)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.2.10687 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1721.0 - Hi-Rez Studios)
Sniper Elite (HKLM-x32\...\Steam App 3700) (Version: - Rebellion Developments)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: - )
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.19045 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.01.3002 - Acer Incorporated)
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinMaximizer 1.2.86 (HKLM-x32\...\{6C4BA010-69C2-46C7-B559-DC513EEB0B5F}_is1) (Version: - Celeritas Software Company)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
Wondershare TunesGo ( Version 4.0.0 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 4.0.0 - Wondershare)

==================== Restore Points =========================

17-03-2014 14:32:44 zoek.exe restore point

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-03-15 17:26 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {041715F5-D6C2-4E28-B672-42DD332642E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-20] (Google Inc.)
Task: {1ABA3A87-AA3A-4BF9-A5A7-D6E5B9061FF2} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-04-13] (Microsoft Corporation)
Task: {1F4E37A2-05E6-456B-AFB7-0D8722D9F568} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {434EFD52-71B4-42DA-AC13-E6E7E206ED34} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated)
Task: {5BB4656C-1D11-4D60-A2ED-15285889ABD9} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {7FEA9533-7E0F-4798-95DD-097CC3620CFD} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-06-09] ()
Task: {87A3A6F4-03FB-4F26-B70B-4A78439AC5B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-20] (Google Inc.)
Task: {D1F84C75-44BC-463F-9DBF-ED0DDCD2F7D5} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {D32812D4-0581-44DF-A56C-BAA4F44EEC14} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {E3F48872-20F8-4470-83BE-57DE2205BE0F} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {FB869C9E-A2E6-4CE6-9F1A-735CB15E6294} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-01-23 18:50 - 2013-02-01 14:32 - 00076888 ____N () C:\Windows\SysWOW64\PnkBstrA.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-04-05 16:40 - 2013-07-15 12:26 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe
2013-09-23 12:40 - 2014-01-14 13:04 - 00603648 _____ () C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-26 16:53 - 2013-05-26 16:53 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-09 01:13 - 2010-03-09 01:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-04-19 11:25 - 2009-12-24 01:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-01-10 13:54 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-10 13:54 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-03-12 17:10 - 2014-02-11 03:34 - 00751616 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2012-01-28 13:34 - 2014-02-25 22:57 - 01135296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-01-28 13:34 - 2014-01-11 00:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-03-19 17:27 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-03-19 17:27 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-03-19 17:27 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2012-05-12 07:51 - 2014-01-14 13:04 - 36967424 _____ () C:\Users\Alex\AppData\Roaming\Spotify\Data\libcef.dll
2010-04-19 12:09 - 2009-05-20 07:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2013-09-23 12:40 - 2014-01-14 13:04 - 00887808 _____ () C:\Users\Alex\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-23 12:40 - 2014-01-14 13:04 - 00109568 _____ () C:\Users\Alex\AppData\Roaming\Spotify\Data\libegl.dll
2014-03-15 18:16 - 2014-03-15 01:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-15 18:16 - 2014-03-15 01:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 18:16 - 2014-03-15 01:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-15 18:16 - 2014-03-15 01:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 18:16 - 2014-03-15 01:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 18:16 - 2014-03-15 01:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-03-15 18:16 - 2014-03-15 01:50 - 13637448 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (03/18/2014 03:15:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Name des fehlerhaften Moduls: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Ausnahmecode: 0xc0000005
Fehleroffset: 0x003e871f
ID des fehlerhaften Prozesses: 0x18b8
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3

System errors:
=============
Error: (03/17/2014 05:49:53 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (03/17/2014 03:49:05 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (03/17/2014 03:45:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/17/2014 03:45:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/17/2014 03:45:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/17/2014 03:45:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/17/2014 03:45:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/17/2014 03:29:54 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (03/17/2014 03:22:06 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (03/17/2014 03:05:02 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Microsoft Office Sessions:
=========================
Error: (03/18/2014 03:15:40 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.4.0.185853214f63League of Legends.exe4.4.0.185853214f63c0000005003e871f18b801cf42ac78874dc2C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exec83d47f7-aea7-11e3-912f-c80aa97c6f2d

CodeIntegrity Errors:
===================================
Date: 2014-03-18 12:41:37.392
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-03-17 15:54:18.429
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-03-17 15:26:31.067
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-03-17 15:11:36.163
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-03-17 14:37:57.872
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-03-17 14:11:48.216
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-03-16 20:01:32.089
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-03-16 14:19:39.284
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-03-15 17:41:42.214
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-03-15 17:25:37.658
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

==================== Memory info ===========================

Percentage of memory in use: 63%
Total physical RAM: 3828.48 MB
Available physical RAM: 1414.67 MB
Total Pagefile: 7655.15 MB
Available Pagefile: 4338.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:284.99 GB) (Free:32.74 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 98F67714)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Rechner läuft wie früher, gut und keine Probleme, jedoch kommt mindestens einmal, wenn ich den PC hochfahre und ihn eine Weile benutze, kurz ein Whitescreen für vielleicht 10-30 sec.. Nach dem zweiten mal FRST weiß ich noch nicht ob es sich verbessert hat, ich schreib es dir sobald ich den PC wieder neugestartet habe und wieder ein kurzer Whitescreen kommt. ~Alex

M-K-D-B · 18.03.2014, 20:42

Servus,

du hast alte Logdateien von FRST gepostet, bitte neue posten:

Kontrollscan mit FRST
Führe wie zuvor beschrieben einen Scan mit FRST aus.
Setze dazu einen Haken bei Addition.txt rechts unten und klicke auf Scan.
Es werden zwei Logdateien erzeugt. Poste mir diese.

xalex · 19.03.2014, 17:53

Musste es dieses mal wieder im abgesicherten Modus machen, da ich wieder einen Whitescreen nach dem hochfahren hatte

. Hier der neue FRST versuch, jetzt müssen es aber die neuen sein:
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Alex (administrator) on ALEX-PC on 19-03-2014 17:34:41
Running from C:\Users\Alex\AppData\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Safe Mode (with Networking)

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums

==================== Processes (Whitelisted) =================

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-02-06] (Alcor Micro Corp.)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-02-01] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10081312 2010-02-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [877600 2010-02-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2010-03-10] (Acer Incorporated)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2399632 2011-04-13] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Logitech G35] - C:\Logitech\G35.exe [1811800 2010-10-05] (Logitech(c))
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442712 2013-11-17] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Spotify Web Helper] - C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-14] (Spotify Ltd)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2013-07-15] ()
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Spotify] - C:\Users\Alex\AppData\Roaming\Spotify\spotify.exe [6118400 2014-01-14] (Spotify Ltd)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408 2013-11-15] (Apple Inc.)
HKU\S-1-5-21-1720175286-4088662769-2618409241-1000\...\Run: [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - !{A13C2648-91D4-4bf3-BC6D-0079707C4389} -  No File
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - !{A13C2648-91D4-4bf3-BC6D-0079707C4389} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-17]
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-17]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-17]
CHR Extension: (Google-Suche) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-17]
CHR Extension: (Games Center) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\dehjbbcmklelglapfndfbomoaooippkb [2014-03-17]
CHR Extension: (Google Wallet) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Norton Identity Protection) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2014-03-17]
CHR Extension: (Google Mail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-17]
CHR HKLM-x32\...\Chrome\Extension: [dehjbbcmklelglapfndfbomoaooippkb] - C:\Program Files (x86)\GamesCenter\GamesCenter.crx [2013-02-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2014-01-21]

==================== Services (Whitelisted) =================

S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
S2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [820768 2010-03-10] (Acer Incorporated)
S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
S2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
S2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3890920 2010-06-17] (INCA Internet Co., Ltd.)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-06-11] (Overwolf Ltd)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-02-01] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
S1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
S1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20140317.001\IDSvia64.sys [524504 2014-03-06] (Symantec Corporation)
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20140318.001\ENG64.SYS [126040 2013-08-31] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20140318.001\EX64.SYS [2099288 2013-08-31] (Symantec Corporation)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
S3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NAVx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dump_wmimmc; \??\C:\Program Files (x86)\gPotato.eu\FLYFF\GameGuard\dump_wmimmc.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-17 15:48 - 2014-03-17 15:26 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-17 15:32 - 2014-03-17 15:50 - 00010796 _____ () C:\zoek-results.log
2014-03-17 15:18 - 2014-03-17 15:46 - 00000000 ____D () C:\zoek_backup
2014-03-17 15:17 - 2014-03-17 15:17 - 01285120 _____ () C:\Users\Alex\Desktop\zoek.exe
2014-03-17 14:54 - 2014-03-17 14:54 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Malwarebytes
2014-03-17 14:53 - 2014-03-17 14:53 - 00001077 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-17 14:53 - 2014-03-17 14:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 14:53 - 2014-03-17 14:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-17 14:53 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-17 14:47 - 2014-03-17 14:47 - 00001199 _____ () C:\Users\Alex\Desktop\JRT.txt
2014-03-17 14:39 - 2014-03-17 14:39 - 00000000 ____D () C:\Windows\ERUNT
2014-03-17 14:29 - 2014-03-17 14:31 - 00000000 ____D () C:\AdwCleaner
2014-03-15 17:45 - 2014-03-15 17:45 - 00000000 ____D () C:\Users\Alex\AppData\Local\Blizzard Entertainment
2014-03-15 17:28 - 2014-03-15 17:28 - 00034695 _____ () C:\ComboFix.txt
2014-03-15 17:04 - 2014-03-15 17:28 - 00000000 ____D () C:\Qoobox
2014-03-15 17:04 - 2014-03-15 17:27 - 00000000 ____D () C:\Windows\erdnt
2014-03-15 17:04 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-15 17:04 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-15 17:04 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-15 17:04 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-15 17:04 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-15 17:04 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-15 17:04 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-15 17:04 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-15 12:20 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-15 12:20 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-15 12:20 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-15 12:20 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-15 12:20 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-15 12:20 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-15 12:20 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-15 12:20 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-15 12:20 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-15 12:20 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-15 12:20 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-15 12:20 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-15 12:20 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-15 12:20 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-15 12:20 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-15 12:20 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-15 12:20 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-15 12:20 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-15 12:20 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-15 12:20 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-15 12:20 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-15 12:20 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-15 12:20 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-15 12:20 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-15 12:20 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-15 12:20 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-15 12:20 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-15 12:20 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-15 12:20 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-15 12:20 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-15 12:20 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-15 12:20 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-15 12:20 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-15 12:20 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-15 12:20 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-15 12:20 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-15 12:20 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-15 12:20 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-15 12:20 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-15 12:20 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-15 12:20 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-15 12:20 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-15 12:20 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-15 12:20 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-15 12:19 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-15 12:19 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-15 12:19 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-15 12:19 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-15 12:08 - 2014-03-15 12:08 - 00005896 _____ () C:\Users\Alex\Desktop\Pong.zip
2014-03-14 17:50 - 2014-03-14 17:50 - 05190279 ____R (Swearware) C:\Users\Alex\Desktop\ComboFix.exe
2014-03-14 16:02 - 2014-03-19 17:34 - 00000000 ____D () C:\FRST
2014-03-12 18:34 - 2014-03-12 18:34 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-12 18:33 - 2014-03-12 18:34 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-12 18:33 - 2014-03-12 18:34 - 00000000 ____D () C:\Program Files\iTunes
2014-03-12 18:33 - 2014-03-12 18:34 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-12 18:33 - 2014-03-12 18:33 - 00000000 ____D () C:\Program Files\iPod
2014-03-12 18:27 - 2014-03-12 18:27 - 00001809 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-12 18:27 - 2014-03-12 18:27 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-09 17:59 - 2014-03-09 17:59 - 00000154 _____ () C:\Users\Alex\.appletviewer
2014-03-09 17:48 - 2014-03-11 15:25 - 00000000 ____D () C:\Users\Alex\Desktop\ProcessingBlueJB
2014-03-09 17:34 - 2014-03-11 18:08 - 00000000 ____D () C:\Users\Alex\Desktop\Pong
2014-03-08 23:35 - 2014-03-08 23:38 - 00000000 ____D () C:\Users\Alex\Pong
2014-03-08 23:20 - 2014-03-09 17:48 - 00000000 ____D () C:\Users\Alex\Desktop\Snake1Benedikt
2014-03-08 20:52 - 2014-03-08 23:25 - 00000000 ____D () C:\Users\Alex\bluej
2014-03-08 20:51 - 2014-03-08 20:51 - 00001917 _____ () C:\Users\Alex\Desktop\BlueJ.lnk
2014-03-08 20:51 - 2014-03-08 20:51 - 00000000 ____D () C:\Program Files (x86)\BlueJ
2014-03-08 13:43 - 2014-03-08 13:43 - 00000000 ____D () C:\Users\Alex\AppData\Local\Blizzard
2014-03-06 14:32 - 2014-03-15 12:12 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-06 14:32 - 2014-03-06 14:32 - 00001125 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-06 14:14 - 2014-03-18 20:50 - 00000000 ____D () C:\Users\Alex\AppData\Local\Battle.net
2014-03-06 14:14 - 2014-03-06 14:43 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Battle.net
2014-03-06 14:14 - 2014-03-06 14:14 - 00001114 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-06 14:14 - 2014-03-06 14:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-27 14:09 - 2014-02-27 14:09 - 00000861 _____ () C:\Users\Alex\AppData\Local\recently-used.xbel
2014-02-27 14:09 - 2014-02-27 14:09 - 00000000 ____D () C:\Users\Alex\AppData\Local\gtk-2.0
2014-02-27 14:09 - 2014-02-27 14:09 - 00000000 ____D () C:\Users\Alex\.thumbnails
2014-02-27 14:07 - 2014-02-27 14:18 - 00000000 ____D () C:\Users\Alex\.gimp-2.8
2014-02-27 14:07 - 2014-02-27 14:07 - 00000000 ____D () C:\Users\Alex\AppData\Local\gegl-0.2
2014-02-27 14:02 - 2014-02-27 14:04 - 00000000 ____D () C:\Program Files\GIMP 2
2014-02-27 13:52 - 2014-02-27 13:52 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi

==================== One Month Modified Files and Folders =======

2014-03-19 17:34 - 2014-03-14 16:02 - 00000000 ____D () C:\FRST
2014-03-19 17:25 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-19 17:25 - 2009-07-14 05:51 - 00238423 _____ () C:\Windows\setupact.log
2014-03-19 17:23 - 2010-05-18 15:10 - 00396318 _____ () C:\Windows\PFRO.log
2014-03-19 17:21 - 2012-05-12 07:50 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Spotify
2014-03-19 17:21 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-19 17:21 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-19 17:20 - 2011-02-16 18:10 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-19 17:20 - 2011-02-16 18:10 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Skype
2014-03-19 17:20 - 2011-02-16 18:10 - 00000000 ____D () C:\ProgramData\Skype
2014-03-19 17:19 - 2012-09-15 21:28 - 00000000 ____D () C:\Users\Alex\AppData\Local\LogMeIn Hamachi
2014-03-19 17:18 - 2012-01-28 13:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-19 17:18 - 2010-08-20 19:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-18 21:11 - 2010-08-20 19:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-18 21:11 - 2010-05-18 15:13 - 01803307 _____ () C:\Windows\WindowsUpdate.log
2014-03-18 20:59 - 2011-05-16 13:23 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\.minecraft
2014-03-18 20:54 - 2012-03-31 08:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-18 20:50 - 2014-03-06 14:14 - 00000000 ____D () C:\Users\Alex\AppData\Local\Battle.net
2014-03-18 15:15 - 2012-10-29 17:28 - 00000000 ____D () C:\Users\Alex\AppData\Local\CrashDumps
2014-03-17 15:53 - 2012-05-12 07:51 - 00000000 ____D () C:\Users\Alex\AppData\Local\Spotify
2014-03-17 15:50 - 2014-03-17 15:32 - 00010796 _____ () C:\zoek-results.log
2014-03-17 15:46 - 2014-03-17 15:18 - 00000000 ____D () C:\zoek_backup
2014-03-17 15:26 - 2014-03-17 15:48 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-17 15:17 - 2014-03-17 15:17 - 01285120 _____ () C:\Users\Alex\Desktop\zoek.exe
2014-03-17 14:54 - 2014-03-17 14:54 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Malwarebytes
2014-03-17 14:53 - 2014-03-17 14:53 - 00001077 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-17 14:53 - 2014-03-17 14:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 14:53 - 2014-03-17 14:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-17 14:47 - 2014-03-17 14:47 - 00001199 _____ () C:\Users\Alex\Desktop\JRT.txt
2014-03-17 14:39 - 2014-03-17 14:39 - 00000000 ____D () C:\Windows\ERUNT
2014-03-17 14:31 - 2014-03-17 14:29 - 00000000 ____D () C:\AdwCleaner
2014-03-15 18:16 - 2012-01-23 16:22 - 00002139 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-15 17:45 - 2014-03-15 17:45 - 00000000 ____D () C:\Users\Alex\AppData\Local\Blizzard Entertainment
2014-03-15 17:28 - 2014-03-15 17:28 - 00034695 _____ () C:\ComboFix.txt
2014-03-15 17:28 - 2014-03-15 17:04 - 00000000 ____D () C:\Qoobox
2014-03-15 17:27 - 2014-03-15 17:04 - 00000000 ____D () C:\Windows\erdnt
2014-03-15 17:26 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-15 16:40 - 2009-07-14 05:45 - 00402264 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-15 16:37 - 2012-05-14 15:30 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 16:37 - 2012-05-14 15:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-15 12:12 - 2014-03-06 14:32 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-15 12:08 - 2014-03-15 12:08 - 00005896 _____ () C:\Users\Alex\Desktop\Pong.zip
2014-03-14 17:50 - 2014-03-14 17:50 - 05190279 ____R (Swearware) C:\Users\Alex\Desktop\ComboFix.exe
2014-03-13 15:54 - 2012-03-31 08:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 15:54 - 2012-03-31 08:42 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 15:54 - 2011-05-26 14:04 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 18:34 - 2014-03-12 18:34 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-12 18:34 - 2014-03-12 18:33 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-12 18:34 - 2014-03-12 18:33 - 00000000 ____D () C:\Program Files\iTunes
2014-03-12 18:34 - 2014-03-12 18:33 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-12 18:33 - 2014-03-12 18:33 - 00000000 ____D () C:\Program Files\iPod
2014-03-12 18:27 - 2014-03-12 18:27 - 00001809 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-12 18:27 - 2014-03-12 18:27 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-11 18:08 - 2014-03-09 17:34 - 00000000 ____D () C:\Users\Alex\Desktop\Pong
2014-03-11 15:25 - 2014-03-09 17:48 - 00000000 ____D () C:\Users\Alex\Desktop\ProcessingBlueJB
2014-03-11 10:27 - 2011-08-31 11:54 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-03-11 10:27 - 2011-08-31 11:54 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2014-03-09 17:59 - 2014-03-09 17:59 - 00000154 _____ () C:\Users\Alex\.appletviewer
2014-03-09 17:59 - 2010-08-20 17:52 - 00000000 ____D () C:\Users\Alex
2014-03-09 17:48 - 2014-03-08 23:20 - 00000000 ____D () C:\Users\Alex\Desktop\Snake1Benedikt
2014-03-08 23:38 - 2014-03-08 23:35 - 00000000 ____D () C:\Users\Alex\Pong
2014-03-08 23:25 - 2014-03-08 20:52 - 00000000 ____D () C:\Users\Alex\bluej
2014-03-08 20:51 - 2014-03-08 20:51 - 00001917 _____ () C:\Users\Alex\Desktop\BlueJ.lnk
2014-03-08 20:51 - 2014-03-08 20:51 - 00000000 ____D () C:\Program Files (x86)\BlueJ
2014-03-08 13:43 - 2014-03-08 13:43 - 00000000 ____D () C:\Users\Alex\AppData\Local\Blizzard
2014-03-06 17:08 - 2011-07-19 14:24 - 00000000 ____D () C:\Users\Alex\Documents\Stronghold Legends
2014-03-06 14:51 - 2010-09-18 19:41 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-03-06 14:43 - 2014-03-06 14:14 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Battle.net
2014-03-06 14:32 - 2014-03-06 14:32 - 00001125 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-06 14:14 - 2014-03-06 14:14 - 00001114 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-03-06 14:14 - 2014-03-06 14:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-02 21:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-03-01 07:05 - 2014-03-15 12:20 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-15 12:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-15 12:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-15 12:20 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-15 12:20 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-15 12:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-15 12:20 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-15 12:20 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-15 12:20 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-15 12:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-15 12:20 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-15 12:20 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-15 12:20 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-15 12:20 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-15 12:20 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-15 12:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-15 12:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-15 12:20 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-15 12:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-15 12:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-15 12:20 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-15 12:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-15 12:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-15 12:20 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-15 12:20 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-15 12:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-15 12:20 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-15 12:20 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-15 12:20 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-15 12:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-15 12:20 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-15 12:20 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-15 12:20 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-15 12:20 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-15 12:20 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-15 12:20 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-15 12:20 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-15 12:20 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-15 12:20 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-15 12:20 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-27 14:18 - 2014-02-27 14:07 - 00000000 ____D () C:\Users\Alex\.gimp-2.8
2014-02-27 14:09 - 2014-02-27 14:09 - 00000861 _____ () C:\Users\Alex\AppData\Local\recently-used.xbel
2014-02-27 14:09 - 2014-02-27 14:09 - 00000000 ____D () C:\Users\Alex\AppData\Local\gtk-2.0
2014-02-27 14:09 - 2014-02-27 14:09 - 00000000 ____D () C:\Users\Alex\.thumbnails
2014-02-27 14:07 - 2014-02-27 14:07 - 00000000 ____D () C:\Users\Alex\AppData\Local\gegl-0.2
2014-02-27 14:04 - 2014-02-27 14:02 - 00000000 ____D () C:\Program Files\GIMP 2
2014-02-27 13:52 - 2014-02-27 13:52 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-26 21:02 - 2012-06-17 18:21 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-26 21:02 - 2010-05-19 01:06 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-02-26 21:02 - 2010-05-19 01:06 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-02-26 21:02 - 2009-07-14 06:13 - 01594964 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-25 14:37 - 2014-02-08 12:00 - 00000222 _____ () C:\Users\Alex\Desktop\Call of Duty Black Ops II.url
2014-02-21 20:34 - 2013-01-30 15:15 - 00000000 ____D () C:\ProgramData\Origin
2014-02-21 20:20 - 2013-01-30 15:15 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-02-17 18:08 - 2013-07-28 21:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 18:04 - 2011-05-29 09:35 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-11 18:59

==================== End Of Log ============================

--- --- ---

--- --- ---
FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Alex at 2014-03-19 17:35:33
Running from C:\Users\Alex\AppData\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

AV: Norton AntiVirus (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}

==================== Installed Programs ======================

3D Matrix Screensaver 1.1 (HKLM-x32\...\3D Matrix Screensaver_is1) (Version:  - )
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.60 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.2.0 - Liteon)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.01.3002 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0203.2010 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{E5EABF66-F9C4-430C-B97D-3CF28A58D50B}) (Version: 1.3.17.05006 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.3.17.05006 - Alcor Micro Corp.) Hidden
AMD APP SDK Runtime (Version: 2.4.595.1 - Advanced Micro Devices Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo ClipFinder HD v.2.3.2 (HKLM-x32\...\Ashampoo ClipFinder HD_is1) (Version: 2.3.2 - Ashampoo GmbH & Co. KG)
Ashampoo ClipFinder HD v.2.3.4 (HKLM-x32\...\{0A11EA01-36EF-0070-F54C-E06E25BC1924}_is1) (Version: 2.3.4 - Ashampoo GmbH & Co. KG)
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C0700}) (Version: 12.7.0.15 - APN, LLC) <==== ATTENTION
Astro Gemini Screensaver Manager 2.0 (HKLM-x32\...\Astro Gemini Screensaver Manager_is1) (Version:  - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.24 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{0B674B1E-1905-4830-ABD1-F6892F1C4394}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.5.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.2 - EA Digital Illusions CE AB)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.1 - BlueJ Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Briblo Bildschirmschoner (HKLM-x32\...\Briblo) (Version:  - )
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
CamStudio (HKLM-x32\...\CamStudio) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.0613.2238.38801 - Ihr Firmenname) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0302.2233.40412 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0613.2238.38801 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0613.2238.38801 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0613.2238.38801 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help English (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help French (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help German (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0613.2237.38801 - ATI) Hidden
ccc-utility64 (Version: 2011.0613.2238.38801 - ATI) Hidden
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Cossacks - European Wars (HKLM-x32\...\EW : Cossacks) (Version:  - )
Cossacks - The Art Of War (HKLM-x32\...\Cossacks : The Art Of War) (Version:  - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FileZilla Client 3.7.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.7.0.2 - FileZilla Project)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
GamesCenter (HKLM-x32\...\GamesCenter) (Version:  - GamesCenter)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Team Garry)
Garry's Mod Manager (HKLM-x32\...\Garry's Mod Manager 8.20.0000) (Version: 8.20.0000 - Lansoftware)
Garry's Mod Manager (x32 Version: 8.20.0000 - Lansoftware) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Höllenjob XS (HKLM-x32\...\{21484364-1EF4-4AE0-963A-CC1FEF749ECC}) (Version:  - )
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.00.1005 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.7 - Acer Inc.)
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
LibreOffice 3.6 (HKLM-x32\...\{C2F438B6-7010-453B-93EC-B2FC053AA97B}) (Version: 3.6.1.2 - The Document Foundation)
Logitech G35 (HKLM\...\{27607A94-33AC-4AA7-AACE-95AF6ACA3E30}) (Version: 1.1.178 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
LPT System Updater Service (HKLM-x32\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Matrix Code Emulator 1.50 (HKLM-x32\...\Matrix Code Emulator_is1) (Version:  - Reality Rift Studios)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
MediaBar (HKLM-x32\...\BearShare 2 MediaBar) (Version: 3.0.0.114951 - Musiclab, LLC)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0 - Microsoft) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.206.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
Nic's XviD Decoder (HKLM-x32\...\XviDDec) (Version:  - )
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 20.4.0.40 - Symantec Corporation)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.6.0.27 - Symantec Corporation)
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version:  - Gameforge 4D GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.1.11.2678 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{8CD3A2A9-B25E-4D5D-8D12-724493A45C1A}) (Version: 0.42.248 - Overwolf)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.5.2 - Pando Networks Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickShare (HKLM-x32\...\{11D4FAA0-A577-4FA8-B24E-D24283D861D1}) (Version: 11.24.60.15709 - Linkury Inc.) <==== ATTENTION
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.16.6 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6050 - Realtek Semiconductor Corp.)
Revelations 2012 (HKLM-x32\...\Steam App 201070) (Version:  - )
Runes of Magic (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 6.0.0.2647 - Gameforge Productions GmbH)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1721.0 - Hi-Rez Studios)
Sniper Elite (HKLM-x32\...\Steam App 3700) (Version:  - Rebellion Developments)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version:  - )
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.19045 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.01.3002 - Acer Incorporated)
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinMaximizer 1.2.86 (HKLM-x32\...\{6C4BA010-69C2-46C7-B559-DC513EEB0B5F}_is1) (Version:  - Celeritas Software Company)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
Wondershare TunesGo ( Version 4.0.0 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 4.0.0 - Wondershare)

==================== Restore Points  =========================

17-03-2014 14:32:44 zoek.exe restore point

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-03-15 17:26 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {041715F5-D6C2-4E28-B672-42DD332642E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-20] (Google Inc.)
Task: {1ABA3A87-AA3A-4BF9-A5A7-D6E5B9061FF2} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-04-13] (Microsoft Corporation)
Task: {1F4E37A2-05E6-456B-AFB7-0D8722D9F568} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {434EFD52-71B4-42DA-AC13-E6E7E206ED34} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated)
Task: {5BB4656C-1D11-4D60-A2ED-15285889ABD9} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {7FEA9533-7E0F-4798-95DD-097CC3620CFD} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-06-09] ()
Task: {87A3A6F4-03FB-4F26-B70B-4A78439AC5B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-20] (Google Inc.)
Task: {D1F84C75-44BC-463F-9DBF-ED0DDCD2F7D5} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {D32812D4-0581-44DF-A56C-BAA4F44EEC14} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {E3F48872-20F8-4470-83BE-57DE2205BE0F} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {FB869C9E-A2E6-4CE6-9F1A-735CB15E6294} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/18/2014 06:53:12 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/18/2014 03:15:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Name des fehlerhaften Moduls: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Ausnahmecode: 0xc0000005
Fehleroffset: 0x003e871f
ID des fehlerhaften Prozesses: 0x18b8
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3


System errors:
=============
Error: (03/19/2014 05:35:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/19/2014 05:35:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/19/2014 05:35:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/19/2014 05:34:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/19/2014 05:34:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/19/2014 05:34:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/19/2014 05:34:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/19/2014 05:34:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/19/2014 05:34:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/19/2014 05:30:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================
Error: (03/18/2014 06:53:12 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (03/18/2014 03:15:40 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.4.0.185853214f63League of Legends.exe4.4.0.185853214f63c0000005003e871f18b801cf42ac78874dc2C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exec83d47f7-aea7-11e3-912f-c80aa97c6f2d


CodeIntegrity Errors:
===================================
  Date: 2014-03-19 17:20:13.330
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-18 12:41:37.392
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-17 15:54:18.429
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-17 15:26:31.067
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-17 15:11:36.163
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-17 14:37:57.872
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-17 14:11:48.216
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-16 20:01:32.089
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-16 14:19:39.284
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-15 17:41:42.214
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 18%
Total physical RAM: 3828.48 MB
Available physical RAM: 3125.41 MB
Total Pagefile: 7655.15 MB
Available Pagefile: 6991.92 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:284.99 GB) (Free:32.32 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 98F67714)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

Komisch, nach Neustart ging`s direkt wieder. Scheint irgendwie von Lust und Laune des PC`s abzuhängen :§. ~Alex

M-K-D-B · 19.03.2014, 17:59

Servus,

ja, ist komisch... ich sehe in der Logdatei von FRST keine Malware... bitte zur Kontrolle noch folgendes ausführen, nicht dass wir was übersehen haben:

Schritt 1
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Bitte poste mit deiner nächsten Antwort

die Logdatei von HitmanPro,
die Logdatei von ESET,
die Logdatei von SecurityCheck.

18.03.2014, 20:42	#13
M-K-D-B /// TB-Ausbilder	Windows: White Screen nach hochfahren des Computers Servus, du hast alte Logdateien von FRST gepostet, bitte neue posten: Kontrollscan mit FRST Führe wie zuvor beschrieben einen Scan mit FRST aus. Setze dazu einen Haken bei Addition.txt rechts unten und klicke auf Scan. Es werden zwei Logdateien erzeugt. Poste mir diese.

Windows: White Screen nach hochfahren des Computers

Plagegeister aller Art und deren Bekämpfung: Windows: White Screen nach hochfahren des Computers