"You might enjoy reading" in jedem Browser

TheNeoLP · 22.03.2014, 16:55

Guten Tag!
Ich bekomme seit Tagen in jedem Browser eine Nachricht mit "You might enjoy reading".
Das ganze sieht so aus:

Ich weiß leider nicht woher das kommen könnte.
Ich habe auch das Programm "Malwarebytes" ausprobiert, aber es hat mir nicht geholfen.
Ich habe auch die Browser neuinstalliert, geholfen hat es auch nicht. Ich benutze Google Chrome und Firefox. Mer Infos habe ich leider nicht, weil ich wirklich nicht weiß woher es kommt.

M-K-D-B · 22.03.2014, 17:16

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 4 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!
Ich kann Dir niemals eine Garantie geben, dass auch ich alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Bitte die Logdatei von Malwarebytes' Anti-Malware nachreichen!

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

TheNeoLP · 22.03.2014, 22:21

Hier ist der Logfile von Malwarebytes:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.20.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
Neo :: NEO-PC [Administrator]

22.03.2014 22:02:40
MBAM-log-2014-03-22 (22-07-02).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 253044
Laufzeit: 3 Minute(n), 58 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 41
HKCR\CLSID\{1631550F-191D-4826-B069-D9439253D926} (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
HKCR\PriceFactorIE.PriceGongBHO.1 (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
HKCR\PriceFactorIE.PriceGongBHO (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926} (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926} (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB} (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
HKCR\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4} (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt.
HKCR\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692} (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71} (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
HKCR\PriceGongIE.PriceGongCtrl.1 (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
HKCR\PriceGongIE.PriceGongCtrl (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} (PUP.Optional.ShopperPro.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Object Browser (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
HKCR\CrossriderApp0032850.BHO (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
HKCR\CrossriderApp0032850.BHO.1 (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
HKCR\CrossriderApp0032850.Sandbox (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
HKCR\CrossriderApp0032850.Sandbox.1 (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
HKCR\AppID\PriceGongIE.DLL (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Goobzo\YouTube Accelerator (PUP.Optional.YouTubeAccelerator.A) -> Keine Aktion durchgeführt.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Keine Aktion durchgeführt.
HKCU\Software\Iminent (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt.
HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
HKCU\Software\AppDataLow\Software\PriceGong (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Keine Aktion durchgeführt.
HKCU\Software\InstalledBrowserExtensions\Object Browser (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Object Browser (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Google\Chrome\Extensions\nbdbmopeebalgaeghmjoegpkngglikgn (PUP.Optional.FreeHDSport.A) -> Keine Aktion durchgeführt.
HKLM\SYSTEM\CurrentControlSet\Services\Update FindRight (PUP.Optional.FindRight.A) -> Keine Aktion durchgeführt.
HKLM\Software\Iminent (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311281150} (PUP.Optional.CrossRider.M) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311281150} (PUP.Optional.CrossRider.M) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 3
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0B1G1O1S0V1G1F -> Keine Aktion durchgeführt.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: {97245861-552E-11E2-A552-50465D5048AC} -> Keine Aktion durchgeführt.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: {97245861-552E-11E2-A552-50465D5048AC} -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bösartig: (hxxp://start.mysearchdial.com/?f=1&a=MSD2&cd=2XzuyEtN2Y1L1QzuyDtDyEyCyD0DyDtDyEzz0A0CtCtDzz0EtN0D0Tzu0CyBzztAtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1483791218&ir=) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bösartig: (hxxp://start.mysearchdial.com/?f=1&a=MSD2&cd=2XzuyEtN2Y1L1QzuyDtDyEyCyD0DyDtDyEzz0A0CtCtDzz0EtN0D0Tzu0CyBzztAtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1483791218&ir=) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 24
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\FreeHDSport.TV (PUP.Optional.FreeHDSport.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Roaming\mysearchdial (PUP.Optional.MySearchDial.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Roaming\mysearchdial\icons_2.2.15.1631 (PUP.Optional.MySearchDial.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\IminentToolbar (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Temp\Iminent (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\LyricsFinder (PUP.Optional.AddLyrics.A) -> Keine Aktion durchgeführt.
C:\ProgramData\greatsaver (PUP.Optional.GreatSaver.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0 (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\userCode (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\icons (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\icons\actions (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\api (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\popupResource (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\YoutubeAdblocker (PUP.Optional.Multiplug) -> Keine Aktion durchgeführt.
C:\ProgramData\YoutubeAdblocker (PUP.Optional.YoutubeAdblocker.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\PriceGong (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\PriceGong\2.6.12 (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.

Infizierte Dateien: 151
C:\Program Files (x86)\PriceGong\2.6.12\PriceGongIE.dll (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Temp\ICReinstall_CR_Downloader_fuer_driver---you-are-the-wheelman.exe (PUP.Optional.Freemium.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Temp\nse3C4A.exe (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Temp\nse571D.exe (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Temp\nsj4013.exe (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Temp\nst3E2E.exe (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Temp\nst5901.exe (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Temp\nsz4685.exe (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Temp\nsz5B44.exe (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Temp\utt1A78.tmp.exe (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Temp\Install_26565\shopperpro.exe (PUP.Optional.ShopperPro.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Temp\Install_26565\yta.exe (PUP.Optional.Goobzo.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Temp\SAINST\SA.CAB (PUP.Optional.ShopperPro.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Temp\SAINST\updater.exe (PUP.Optional.ShopperPro.A) -> Keine Aktion durchgeführt.
C:\Windows\Installer\1dd62a6.msi (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Windows\Installer\1dd62ab.msi (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Windows\Installer\1dd62b0.msi (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Windows\Installer\1dd62b5.msi (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong\PriceGong Homepage.lnk (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong\PriceGong Contact Us.lnk (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong\PriceGong Help.lnk (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong\Uninstall PriceGong.lnk (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\FreeHDSport.TV\freehdsporttv10.crx (PUP.Optional.FreeHDSport.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\FreeHDSport.TV\fraextsetup.exe (PUP.Optional.FreeHDSport.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\FreeHDSport.TV\freehdsporttvIE.exe (PUP.Optional.FreeHDSport.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\background.html (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\32850.crx (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\32850.xpi (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\Installer.log (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\Object Browser-bg.exe (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\Object Browser-bho64.dll (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\Object Browser-buttonutil.dll (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\Object Browser-buttonutil.exe (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\Object Browser-buttonutil64.dll (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\Object Browser-buttonutil64.exe (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\Object Browser-chromeinstaller.exe (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\Object Browser-codedownloader.exe (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\Object Browser-enabler.exe (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\Object Browser-firefoxinstaller.exe (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\Object Browser-helper.exe (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\Object Browser-updater.exe (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\Object Browser.ico (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\Uninstall.exe (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Object Browser\utils.exe (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Windows\Tasks\Object Browser-chromeinstaller.job (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Windows\Tasks\Object Browser-codedownloader.job (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Windows\Tasks\Object Browser-enabler.job (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Windows\Tasks\Object Browser-firefoxinstaller.job (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Windows\Tasks\Object Browser-updater.job (PUP.Optional.ObjectBrowser.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Roaming\mysearchdial\icons_2.2.15.1631\62.ico (PUP.Optional.MySearchDial.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Roaming\mysearchdial\icons_2.2.15.1631\80.ico (PUP.Optional.MySearchDial.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\background.html (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\crossriderManifest.json (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\manifest.json (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\popup.html (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\manifest.xml (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins.json (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\102_dealply_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\104_jollywallet_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\105_corticas_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\108_icm_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\117_coupons_intext_ads_5_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\119_similar_web_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\120_luck_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\123_intext_adv_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\125_arcadi2_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\126_revizer_ws_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\127_revizer_p_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\128_superfish_pricora_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\135_arcadi3_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\138_getdeal_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\13_CrossriderAppUtils.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\141_corticas_ru_m.js.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\142_intext_fa_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\14_CrossriderUtils.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\155_ibario_pops_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\159_cortica_rollover_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\171_arcadi2_sourceID_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\175_coolmirage_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\177_crossriderDashboard.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\179_revizer_p_dynamic_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\17_jQuery.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\182_openUrl.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\183_tabsWrapper.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\184_noproblemppc_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\189_active_sanity.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\190_pops_5_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\191_ciuvo_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\194_retargeting_bi_m.js.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\195_icm_convertmedia_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\197_kreapixel_pops_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\198_superfish_no_search_no_coupons_plushd_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\199_superfish_no_coupons_plushd_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\19_CHAppAPIWrapper.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\1_base.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\200_foxydeal_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\204_pricedetect_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\21_debug.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\22_resources.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\28_initializer.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\47_resources_background.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\4_jquery_1_7_1.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\64_appApiMessage.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\72_appApiValidation.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\78_CrossriderInfo.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\7_hooks.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\80_CHPopupAppAPI.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\87_ginyas_wrapper.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\91_monetizationLoader.js.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\93_superfish_no_coupons_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\97_resourceApiWrapper.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\plugins\9_search_engine_hook.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\userCode\background.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\extensionData\userCode\extension.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\icons\icon128.png (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\icons\icon16.png (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\icons\icon48.png (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\icons\actions\1.png (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\background.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\main.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\api\chrome.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\api\cookie.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\api\message.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\api\pageAction.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\api\pageActionBG.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\app_api.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\bg_app_api.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\consts.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\cookie_store.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\crossriderAPI.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\delegate.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\events.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\extensionDataStore.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\installer.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\logFile.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\logging.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\onBGDocumentLoad.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\reports.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\storageWrapper.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\updateManager.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\util.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\xhr.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\popupResource\newPopup.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.128_0\js\lib\popupResource\popup.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\PriceGong\uninst.exe (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\PriceGong\2.6.12\PriceGong.crx (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.

(Ende)

Ich würde auch die anderen Logs in einen Code einfügen, aber dann wäre der Text zu lang.
Deshalb musste ich die beiden Logs von FRST Anhängen.

M-K-D-B · 23.03.2014, 10:18

Servus,

du hast jede Menge Werbesoftware drauf, wir kümmern uns die nächsten Tage darum.

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 3
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/

Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen können.
Starte die zoek.exe mit einem Doppelklick.
Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und sollte nicht 1:1 auf andere Computer übernommen werden.
Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
Code:
ATTFilter
```
FFdefaults;
CHRdefaults;
iedefaults;
emptyclsid;
autoclean;
         
```
Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
Wenn das Tool fertig ist, wird sich eine Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:
Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken)

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von JRT,
die Logdatei von MBAM,
die Logdatei von Zoek.

TheNeoLP · 23.03.2014, 15:21

Log von AdwCleaner:

Code:

ATTFilter

# AdwCleaner v3.022 - Bericht erstellt am 23/03/2014 um 14:30:58
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Neo - NEO-PC
# Gestartet von : C:\Users\Neo\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : Update FindRight
[#] Dienst Gelöscht : Util FindRight

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\simplitec
Ordner Gelöscht : C:\ProgramData\YoutubeAdblocker
Ordner Gelöscht : C:\ProgramData\greatsaver
Ordner Gelöscht : C:\ProgramData\Greatssaveir
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
Ordner Gelöscht : C:\Program Files (x86)\BrowseToSave
Ordner Gelöscht : C:\Program Files (x86)\FindLyrics
Ordner Gelöscht : C:\Program Files (x86)\FirstRowSportApp.com
Ordner Gelöscht : C:\Program Files (x86)\Fluendo
Ordner Gelöscht : C:\Program Files (x86)\FreeHDSport.TV
Ordner Gelöscht : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\Program Files (x86)\IminentToolbar
Ordner Gelöscht : C:\Program Files (x86)\LyricsFinder
Ordner Gelöscht : C:\Program Files (x86)\PriceGong
Ordner Gelöscht : C:\Program Files (x86)\ShopperPro
Ordner Gelöscht : C:\Program Files (x86)\TornTV.com
Ordner Gelöscht : C:\Program Files (x86)\YoutubeAdblocker
Ordner Gelöscht : C:\Program Files (x86)\Object Browser
Ordner Gelöscht : C:\Program Files (x86)\greatsaver
Ordner Gelöscht : C:\Program Files (x86)\Greatssaveir
Ordner Gelöscht : C:\Users\Neo\AppData\Local\Moovida
Ordner Gelöscht : C:\Users\Neo\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Neo\AppData\Local\torch
Ordner Gelöscht : C:\Users\Neo\AppData\Local\Temp\Iminent
Ordner Gelöscht : C:\Users\Neo\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Neo\AppData\LocalLow\FlagFox
Ordner Gelöscht : C:\Users\Neo\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Neo\AppData\LocalLow\Object Browser
Ordner Gelöscht : C:\Users\Neo\AppData\Roaming\moovida-1
Ordner Gelöscht : C:\Users\Neo\AppData\Roaming\Mysearchdial
Ordner Gelöscht : C:\Users\Neo\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FirstRowSportApp.com
Ordner Gelöscht : C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Ordner Gelöscht : C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com
Ordner Gelöscht : C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Neo\AppData\Local\Temp\Uninstall.exe
Datei Gelöscht : C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\invalidprefs.js
Datei Gelöscht : C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\searchplugins\conduit-search.xml
Datei Gelöscht : C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\searchplugins\Mysearchdial.xml
Datei Gelöscht : C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\user.js
Datei Gelöscht : C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal
Datei Gelöscht : C:\Windows\Tasks\Object Browser-chromeinstaller.job
Datei Gelöscht : C:\Windows\System32\Tasks\Object Browser-chromeinstaller
Datei Gelöscht : C:\Windows\Tasks\Object Browser-codedownloader.job
Datei Gelöscht : C:\Windows\System32\Tasks\Object Browser-codedownloader
Datei Gelöscht : C:\Windows\Tasks\Object Browser-enabler.job
Datei Gelöscht : C:\Windows\System32\Tasks\Object Browser-enabler
Datei Gelöscht : C:\Windows\Tasks\Object Browser-firefoxinstaller.job
Datei Gelöscht : C:\Windows\System32\Tasks\Object Browser-firefoxinstaller
Datei Gelöscht : C:\Windows\Tasks\Object Browser-updater.job
Datei Gelöscht : C:\Windows\System32\Tasks\Object Browser-updater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\cfdfamfnacokbbbnmpdfmhonipnhmbid
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\nbdbmopeebalgaeghmjoegpkngglikgn
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LyricsFinder_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LyricsFinder_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LyricsFinderUpdater_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LyricsFinderUpdater_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_4e24eecb
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_f2a323db
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0032850.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0032850.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0032850.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0032850.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_jdownloader_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_jdownloader_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{50F7F0BE-31BA-4145-BD8B-6B0DECFED804}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA7B8F39-DF7F-4A98-83E9-57CE6ED9CA24}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322282250}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355285550}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366286650}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344284450}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA7B8F39-DF7F-4A98-83E9-57CE6ED9CA24}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA7B8F39-DF7F-4A98-83E9-57CE6ED9CA24}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA7B8F39-DF7F-4A98-83E9-57CE6ED9CA24}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ce54b23-e41e-4f18-a84a-24c15afe4b0e}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4584f24d-30a4-4790-9880-ced43470c43b}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{781ca9c2-d268-4e2e-be4e-1ffe5517196e}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c00372ca-6cf7-414d-b4de-ca9b69f422bf}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ec16d2f3-860a-4a84-952a-e19ddec256b0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322282250}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355285550}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366286650}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ce54b23-e41e-4f18-a84a-24c15afe4b0e}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4584f24d-30a4-4790-9880-ced43470c43b}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{781ca9c2-d268-4e2e-be4e-1ffe5517196e}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c00372ca-6cf7-414d-b4de-ca9b69f422bf}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ec16d2f3-860a-4a84-952a-e19ddec256b0}
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\Moovida
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Object Browser
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Trymedia Systems
Schlüssel Gelöscht : HKLM\Software\Object Browser
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Object Browser
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\B6EF34C0188ECFA43B48A4BE9C00748E
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\B6EF34C0188ECFA43B48A4BE9C00748E

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\prefs.js ]

Zeile gelöscht : user_pref("extensions.YdprV130ZgC.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.match(/re[...]
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.InstallationThankYouPage", false);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.InstallationTime", 1388332079);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850_dbWasSet", true);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850_dbWasSet_FF25_FIX", true[...]
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.active", true);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.addressbar", "NA");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.addressbarenhanced", "");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncdb.was_copied", "true");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncdb_dbWasSet", true);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncdb_dbWasSet_FF25_FIX", true);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncinternaldb.was_copied", "true");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncinternaldb_dbWasSet", true);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.asyncinternaldb_dbWasSet_FF25_FIX", true);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.backgroundver", 1);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.certdomaininstaller", "");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.changeprevious", false);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.InstallationTime.value", "%221388332079%22");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22000046%22%2C%22sub_id%22%3A%220%22%2C%22uz[...]
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.jw_token.value", "%22e29e77c5-201b-ec82-1c6c-6321be49153d%22");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.uc.expiration", "Sun Mar 30 2014 05:46:40 GMT+0200");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.cookie.uc.value", "%22%5C%22DE%5C%22%22");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.description", "Browser enhancer");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.domain", "");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.enablesearch", false);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.homepage", "");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.iframe", false);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22A5A4D2E053C24EB1BC2E551659582[...]
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22000046%22%2C%22sub_id%22%3A%220%22%2C%[...]
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000046%22%2C%22sub_id%22%3A%220%2[...]
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%22A5A4D2E053C24EB1BC2E[...]
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_appVer.value", "172");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_lastVersion.value", "1");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_meta.value", "%7B%7D");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_nextCheck.expiration", "Sun Mar 23 2014 20:22:24 GMT+0100");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_nextCheck.value", "true");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_queue.value", "%7B%7D");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%22A5A4D2E0[...]
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin_bundledWithHash.value", "null");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.lastDailyReport", "1395580944108");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.lastUpdate", "1395580943767");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.manifesturl", "");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.name", "Object Browser");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.newtab", "");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.opensearch", "");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/32850/plugins/094/ff/plugins.json");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.pluginsversion", 137);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.publisher", "Object Browser");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.searchstatus", 0);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.setnewtab", false);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.thankyou", "");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.updateinterval", 360);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.ver", 172);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.FilesValidatorDueTime", "1395581003276");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.apps", "32850");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.bic", "143366b0a30ffe9774a937c72d550558");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.cid", 32850);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.firstrun", false);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.hadappinstalled", true);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.installationdate", 1392169711);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.modetype", "production");
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.reportInstall", true);
Zeile gelöscht : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.statsDailyCounter", 22);
Zeile gelöscht : user_pref("extensions.crossrider.bic", "143366b0a30ffe9774a937c72d550558");
Zeile gelöscht : user_pref("extensions.mysearchdial.AL", 2);
Zeile gelöscht : user_pref("extensions.mysearchdial.aflt", "MSD2");
Zeile gelöscht : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Zeile gelöscht : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuyDtDyEyCyD0DyDtDyEzz0A0CtCtDzz0EtN0D0Tzu0CyBzztAtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R");
Zeile gelöscht : user_pref("extensions.mysearchdial.cr", "1483791218");
Zeile gelöscht : user_pref("extensions.mysearchdial.dfltLng", "");
Zeile gelöscht : user_pref("extensions.mysearchdial.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.mysearchdial.dnsErr", true);
Zeile gelöscht : user_pref("extensions.mysearchdial.excTlbr", false);
Zeile gelöscht : user_pref("extensions.mysearchdial.hmpg", true);
Zeile gelöscht : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=MSD2&cd=2XzuyEtN2Y1L1QzuyDtDyEyCyD0DyDtDyEzz0A0CtCtDzz0EtN0D0Tzu0CyBzztAtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDt[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.id", "50465D5048AC108E");
Zeile gelöscht : user_pref("extensions.mysearchdial.instlDay", "16122");
Zeile gelöscht : user_pref("extensions.mysearchdial.instlRef", "");
Zeile gelöscht : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=MSD2&cd=2XzuyEtN2Y1L1QzuyDtDyEyCyD0DyDtDyEzz0A0CtCtDzz0EtN0D0Tzu0CyBzztAtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAt[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Zeile gelöscht : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Zeile gelöscht : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Zeile gelöscht : user_pref("extensions.mysearchdial.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=MSD2&cd=2XzuyEtN2Y1L1QzuyDtDyEyCyD0DyDtDyEzz0A0CtCtDzz0EtN0D0Tzu0CyBzztAtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBt[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
Zeile gelöscht : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
Zeile gelöscht : user_pref("extensions.mysearchdial_i.hmpg", true);
Zeile gelöscht : user_pref("extensions.mysearchdial_i.newTab", false);
Zeile gelöscht : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.015:46:30");
Zeile gelöscht : user_pref("extensions.vR1NsBAVWnH.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.match(/re[...]

-\\ Google Chrome v33.0.1750.154

[ Datei : C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [27828 octets] - [20/03/2014 21:33:39]
AdwCleaner[R1].txt - [44420 octets] - [23/03/2014 14:28:34]
AdwCleaner[S0].txt - [39973 octets] - [23/03/2014 14:30:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [40034 octets] ##########

Log von JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Neo on 23.03.2014 at 14:39:03,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyricstab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-100367103-78040337-3239847000-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311281150}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\FindLyrics_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\FindLyrics_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\FindLyrics_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\FindLyrics_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311281150}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Neo\AppData\Roaming\mozilla\firefox\profiles\l81e5ck0.default-1363043703712\prefs.js

user_pref("extensions.YdprV130ZgC.url", "hxxp://jpi-proxy.info/sync2/?q=hfZ9ofV9CShEAen0rHC6tMqLDe49CNU0mwkMCMlNhd9FqdaFrTsErdr8qdYMBzqUojw9rdsFrdaGrdnFrih7hfs0pihPBMn0rjU6qdk
Emptied folder: C:\Users\Neo\AppData\Roaming\mozilla\firefox\profiles\l81e5ck0.default-1363043703712\minidumps [63 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.03.2014 at 14:44:17,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log von Malwarebytes Anti-Malware

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.23.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
Neo :: NEO-PC [Administrator]

23.03.2014 14:47:06
mbam-log-2014-03-23 (14-47-06).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 253760
Laufzeit: 4 Minute(n), 15 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCU\SOFTWARE\Goobzo\YouTube Accelerator (PUP.Optional.YouTubeAccelerator.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 17
C:\Users\Neo\AppData\Local\Temp\ICReinstall_CR_Downloader_fuer_driver---you-are-the-wheelman.exe (PUP.Optional.Freemium.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Neo\AppData\Local\Temp\nse3C4A.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Neo\AppData\Local\Temp\nse571D.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Neo\AppData\Local\Temp\nsj4013.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Neo\AppData\Local\Temp\nst3E2E.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Neo\AppData\Local\Temp\nst5901.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Neo\AppData\Local\Temp\nsz4685.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Neo\AppData\Local\Temp\nsz5B44.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Neo\AppData\Local\Temp\utt1A78.tmp.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Neo\AppData\Local\Temp\Install_26565\shopperpro.exe (PUP.Optional.ShopperPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Neo\AppData\Local\Temp\Install_26565\yta.exe (PUP.Optional.Goobzo.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Neo\AppData\Local\Temp\SAINST\SA.CAB (PUP.Optional.ShopperPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Neo\AppData\Local\Temp\SAINST\updater.exe (PUP.Optional.ShopperPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\1dd62a6.msi (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\1dd62ab.msi (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\1dd62b0.msi (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\1dd62b5.msi (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Und Log von zoek

Code:

ATTFilter

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Neo on 23.03.2014 at 15:01:42,29.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Neo\Downloads\zoek.exe    [Scan all users] [Script inserted] 

==== System Restore Info ======================

23.03.2014 15:04:47 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-100367103-78040337-3239847000-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311301136} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311281150} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311281150} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110411821192} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-100367103-78040337-3239847000-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-100367103-78040337-3239847000-1000\Software\Mozilla\Firefox\Extensions\YTKaraoke@DacSoft.org deleted successfully
HKEY_USERS\S-1-5-21-100367103-78040337-3239847000-1000\Software\Mozilla\Firefox\Extensions\D7C802E4-BDDC-4A1F-A790-F4C9D43DA9FD deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{BBDA0591-3099-440a-AA10-41764D9DB4DB} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\prefs.js:
user_pref("browser.search.selectedEngine,S", "");
user_pref("browser.search.suggest.enabled", false);
user_pref("browser.search.useDBForOrder", "false");

Added to C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712

user.js not found
---- Lines mysearch removed from prefs.js ----
user_pref("extensions.irmysearch.aflt", "MSD2");
user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzuyDtDyEyCyD0DyDtDyEzz0A0CtCtDzz0EtN0D0Tzu0CyBzztAtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1
user_pref("extensions.irmysearch.cr", "1483791218");
user_pref("extensions.irmysearch.instlRef", "");
---- Lines extensions.516a0e79dc306 removed from prefs.js ----
user_pref("extensions.516a0e79dc306.epoch", "1369078089");
user_pref("extensions.516a0e79dc306.url", "hxxp://jpiproxy.info/sync/?ext=btos&pid=658&country=DE&regd=130414020337&lsd=130519192432&ind=1381872381&ss
---- Lines extensions.QI0OrIx45v removed from prefs.js ----
user_pref("extensions.QI0OrIx45v.epoch", "1390437362");
user_pref("extensions.QI0OrIx45v.scode", "(function(){try{if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};}catch(e){};if(window.s
user_pref("extensions.QI0OrIx45v.url", "hxxp://proxy5-jpi.info/sync2/?q=hfZ9oeDGDzrMCyVUojr6qGhTB6lKDzt4okmxtNtVh7n0rjnErjsGrdaHqjnEtMFHhd9FqdaFrTsErd
---- Lines extensions.YdprV130ZgC removed from prefs.js ----
user_pref("extensions.YdprV130ZgC.epoch", "1392084284");
---- Lines extensions.vR1NsBAVWnH removed from prefs.js ----
user_pref("extensions.vR1NsBAVWnH.epoch", "1392084284");
user_pref("extensions.vR1NsBAVWnH.url", "hxxp://jpisyncer.info/sync2/?q=hfZ9oeDGDzrMCyVUojr6qGhTB6lKDzt4okmxtNtVh7n0rjnErjsGrdsFrTrEtMFHhd9FqdaGrjaErT
---- FireFox user.js and prefs.js backups ---- 

prefs__1510_.backup

==== Batch Command(s) Run By Tool======================


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


==== Deleting Files \ Folders ======================

"C:\Windows\Installer\1dd62a6.msi" not found
C:\PROGRA~2\YouTube Accelerator deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\found.000 deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\jetpack deleted
"C:\ProgramData\droidcam-settings" deleted
"C:\PROGRA~3\330af20d3d5791ed\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted
"C:\PROGRA~3\330af20d3d5791ed\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.old" deleted
"C:\PROGRA~3\330af20d3d5791ed\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}" deleted
"C:\PROGRA~3\330af20d3d5791ed\{CA41BB14-E67B-1653-C57B-5CA99418A866}" deleted
"C:\PROGRA~3\330af20d3d5791ed\{CA41BB14-E67B-1653-C57B-5CA99418A866}.old" deleted
"C:\PROGRA~3\330af20d3d5791ed\{E32743D3-5789-6E4F-3998-06FB87C9214B}" deleted
"C:\PROGRA~3\330af20d3d5791ed" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [11.08.2013 19:52]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712
- MySearchDial - %ProfilePath%\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712
F6D12679B9112358AC705A1308156F59	- C:\Users\Neo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll -	Unity Player
95812430959AE88CDD0301AB3A71913B	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll -	Shockwave Flash
87132527E2256CF6683A18C4EB34DD3B	- C:\Windows\system32\Wat\npWatWeb.dll -	Windows Activation Technologies


==== Deleted Firefox Extensions ======================

C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[11.05.2013 11:37]
lbbbdmbjkgojacipgefbifkiebpcdjhn - C:\Program Files (x86)\Movie2KDownloader.com\m2kDownloader10.crx[]
lgnhgbflngpggpmpfdkhmhmfdophhepe - C:\Program Files (x86)\YTKaraoke\Chrome.crx[]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\Extensions\Chrome.crx[25.05.2011 19:06]

YTBookMairK - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh
Best Flash Play - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel
YoutubeAdblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb
grEatsaver - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie
greatsaver - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp
YTBookMairK - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh
Best Flash Play - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel
YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb
grEatsaver - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie
greatsaver - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp
YTBookMairK - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh
Best Flash Play - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel
YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb
grEatsaver - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie
greatsaver - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp
YTBookMairK - Administrator\AppData\Local\Torch\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh
Best Flash Play - Administrator\AppData\Local\Torch\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel
YoutubeAdblocker - Administrator\AppData\Local\Torch\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb
grEatsaver - Administrator\AppData\Local\Torch\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie
greatsaver - Administrator\AppData\Local\Torch\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp
YTBookMairK - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh
Best Flash Play - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel
YoutubeAdblocker - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb
grEatsaver - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie
greatsaver - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp
YTBookMairK - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh
Best Flash Play - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel
YoutubeAdblocker - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb
grEatsaver - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie
greatsaver - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp
YTBookMairK - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh
Best Flash Play - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel
YoutubeAdblocker - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb
grEatsaver - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie
greatsaver - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp
YTBookMairK - Gast\AppData\Local\Torch\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh
Best Flash Play - Gast\AppData\Local\Torch\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel
YoutubeAdblocker - Gast\AppData\Local\Torch\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb
grEatsaver - Gast\AppData\Local\Torch\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie
greatsaver - Gast\AppData\Local\Torch\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp
YTBookMairK - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh
Best Flash Play - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb
grEatsaver - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie
greatsaver - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp
YTBookMairK - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh
Best Flash Play - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb
grEatsaver - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie
greatsaver - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp
YTBookMairK - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh
Best Flash Play - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb
grEatsaver - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie
greatsaver - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp
YTBookMairK - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh
Best Flash Play - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb
grEatsaver - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie
greatsaver - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp
YTBookMairK - Neo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh
Best Flash Play - Neo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel
YoutubeAdblocker - Neo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb
grEatsaver - Neo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie
greatsaver - Neo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp
AdBlock - Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Don't Starve - Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc
YTBookMairK - Neo\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh
Best Flash Play - Neo\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel
YoutubeAdblocker - Neo\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb
Object Browser - Neo\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan
grEatsaver - Neo\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie
greatsaver - Neo\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp

==== Chrome Fix ======================

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb deleted successfully
C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb deleted successfully
C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb deleted successfully
C:\Users\Neo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb deleted successfully
C:\Users\Neo\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ekmpcenbglogkdeefphkaikjeedfdgbb deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie deleted successfully
C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie deleted successfully
C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie deleted successfully
C:\Users\Neo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie deleted successfully
C:\Users\Neo\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mffdfkoladbpaccjpiapndndagnhmnie deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp deleted successfully
C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp deleted successfully
C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp deleted successfully
C:\Users\Neo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp deleted successfully
C:\Users\Neo\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\niojjnhicpjomkegcmobdaecdflfngmp deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh deleted successfully
C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh deleted successfully
C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh deleted successfully
C:\Users\Neo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh deleted successfully
C:\Users\Neo\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\amjmajoachahkjmijhfcfpeabbgdbjlh deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel deleted successfully
C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel deleted successfully
C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel deleted successfully
C:\Users\Neo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel deleted successfully
C:\Users\Neo\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel deleted successfully
C:\Users\Neo\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan deleted successfully
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kfgaibfbmkjgmimhbbaikfnpkkjkpoan_0.localstorage deleted successfully
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kfgaibfbmkjgmimhbbaikfnpkkjkpoan_0.localstorage-journal deleted successfully
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_kfgaibfbmkjgmimhbbaikfnpkkjkpoan_0 deleted successfully
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kfgaibfbmkjgmimhbbaikfnpkkjkpoan deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{515A1997-298E-2C57-787B-13853EBDCB75} deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lbbbdmbjkgojacipgefbifkiebpcdjhn deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lgnhgbflngpggpmpfdkhmhmfdophhepe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Blackmagic CheckVersion deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Neo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Neo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R7C1AN26 will be deleted at reboot
C:\Users\Neo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\REW2LXDH will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Neo\AppData\Local\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=650 folders=202 33231770 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\hedev\AppData\Local\Temp emptied successfully
C:\Users\Neo\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Neo\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Neo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R7C1AN26" not found
"C:\Users\Neo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\REW2LXDH" not found

==== EOF on 23.03.2014 at 15:17:18,72 ======================

M-K-D-B · 24.03.2014, 12:01

Servus,

Wir spüren die letzten Reste auf, damit wir sie später entfernen können:

Schritt 1
Kontrollscan mit FRST
Führe wie zuvor beschrieben einen Scan mit FRST aus.
Setze dazu einen Haken bei Addition.txt rechts unten und klicke auf Scan.
Es werden zwei Logdateien erzeugt. Poste mir diese.

Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)

Doppelklicke auf die SystemLook.exe, um das Tool zu starten.

Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

Code:

ATTFilter

:regfind
FindRight
YoutubeAdblocker
greatsaver
Greatssaveir
BrowseToSave
FindLyrics
FirstRowSportApp
Fluendo
FreeHDSport
Iminent
ShopperPro
Moovida
Mysearchdial
Object Browser
Movie2KDownloader
YTKaraoke

Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.

Gibt es noch Probleme mit der Meldung in jedem Browser? Wenn ja, in welchem Browser tritt die Meldung noch auf?
Wie läuft der Rechner derzeit?

Bitte poste mit deiner nächsten Antwort

die zwei Logdateien von FRST,
die Logdatei von SystemLook,
die Beantwortung der gestellten Fragen.

TheNeoLP · 24.03.2014, 16:29

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Neo (administrator) on NEO-PC on 24-03-2014 16:13:45
Running from C:\Users\Neo\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files\DCE\dce.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
() C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\BMDStreamingServer.exe
(Blackmagic Design) C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\CheckVersionPCI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
() C:\Program Files (x86)\puush\puush.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Blackmagic Design\Blackmagic Media Express\MediaExpress.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Launch LgDeviceAgent] - C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415752 2009-08-13] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] - C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4195848 2009-08-13] (Logitech Inc.)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [Blackmagic Streaming Server] - C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\BMDStreamingServer.exe [1103360 2012-03-15] ()
HKLM\...\Run: [Blackmagic CheckVersion PCI] - C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\CheckVersionPCI.exe [25207936 2012-03-15] (Blackmagic Design)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-05] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-07] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Blackmagic CheckVersion] - C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\CheckVersion.exe
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-27] (Microsoft Corporation)
HKU\S-1-5-21-100367103-78040337-3239847000-1000\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-100367103-78040337-3239847000-1000\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2013-11-03] ()
HKU\S-1-5-21-100367103-78040337-3239847000-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-100367103-78040337-3239847000-1000\...\MountPoints2: {40944dc9-331f-11e2-9357-806e6f6e6963} - D:\Bin\ASSETUP.exe
HKU\S-1-5-21-100367103-78040337-3239847000-1000\...\MountPoints2: {ddf02445-ad8e-11e2-81ab-50465d5048ac} - I:\setup.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x06F05102AB2CCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\MP3 Skype Recorder\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Neo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-10]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-05-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-18]

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-23]
CHR Extension: (Google Drive) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-17]
CHR Extension: (YouTube) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-19]
CHR Extension: (Google-Suche) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-19]
CHR Extension: (AdBlock) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-23]
CHR Extension: (Google Wallet) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-07-16]
CHR Extension: (Google Mail) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-19]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-05-11]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\Extensions\Chrome.crx [2012-11-20]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-06-10] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-10] (BlueStack Systems, Inc.)
R2 DCE; C:\Program Files\DCE\dce.exe [59392 2013-12-18] ()
R2 hasplms; C:\Windows\system32\hasplms.exe [4941768 2012-06-28] (SafeNet Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4722728 2013-03-14] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-12] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-12] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-12] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-08-12] ()
R3 BMDDeckLinkAudio; C:\Windows\System32\DRIVERS\deckaud.sys [18432 2012-03-15] (Blackmagic Design)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-06-10] (BlueStack Systems)
R3 DeckLink; C:\Windows\System32\DRIVERS\Intensity.sys [2425344 2012-03-15] (Blackmagic Design)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-26] (DT Soft Ltd)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 deckavs; system32\DRIVERS\deckavs.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-24 01:19 - 2014-03-24 01:19 - 00019752 _____ () C:\Users\Neo\Desktop\ds2 wk.veg
2014-03-23 22:03 - 2014-03-24 01:11 - 01003696 _____ () C:\Users\Neo\Documents\Untitled 07.avi.sfk
2014-03-23 22:02 - 2014-03-24 01:11 - 05411896 _____ () C:\Users\Neo\Documents\Untitled 06.avi.sfk
2014-03-23 22:01 - 2014-03-24 01:11 - 01644864 _____ () C:\Users\Neo\Documents\Untitled 05.avi.sfk
2014-03-23 22:01 - 2014-03-24 01:11 - 00638832 _____ () C:\Users\Neo\Documents\Untitled 04.avi.sfk
2014-03-23 21:49 - 2014-03-23 22:00 - 2751761500 _____ () C:\Users\Neo\Documents\Untitled 07.avi
2014-03-23 20:47 - 2014-03-23 21:47 - 957709404 _____ () C:\Users\Neo\Documents\Untitled 06.avi
2014-03-23 20:26 - 2014-03-23 20:44 - 2111732828 _____ () C:\Users\Neo\Documents\Untitled 05.avi
2014-03-23 20:18 - 2014-03-23 20:26 - 3004591196 _____ () C:\Users\Neo\Documents\Untitled 04.avi
2014-03-23 20:14 - 2014-03-23 20:14 - 21363804 _____ () C:\Users\Neo\Documents\Untitled 03.avi
2014-03-23 15:14 - 2014-03-23 15:01 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-23 15:04 - 2014-03-23 15:17 - 00032790 _____ () C:\zoek-results.log
2014-03-23 15:03 - 2014-03-23 15:03 - 04095370 _____ () C:\Users\Neo\Downloads\zoek.zip
2014-03-23 15:02 - 2014-03-23 15:02 - 04235514 _____ () C:\Users\Neo\Downloads\zoek.rar
2014-03-23 15:01 - 2014-03-23 15:13 - 00000000 ____D () C:\zoek_backup
2014-03-23 15:01 - 2014-03-23 15:01 - 01285120 _____ () C:\Users\Neo\Downloads\zoek.exe
2014-03-23 14:53 - 2014-03-23 14:54 - 00046184 _____ () C:\Users\Neo\Desktop\Post.txt
2014-03-23 14:44 - 2014-03-23 14:44 - 00002295 _____ () C:\Users\Neo\Desktop\JRT.txt
2014-03-23 14:39 - 2014-03-23 14:39 - 00000000 ____D () C:\Windows\ERUNT
2014-03-23 14:38 - 2014-03-23 14:38 - 01037734 _____ (Thisisu) C:\Users\Neo\Downloads\JRT.exe
2014-03-23 14:26 - 2014-03-23 14:26 - 01950720 _____ () C:\Users\Neo\Downloads\adwcleaner.exe
2014-03-22 22:10 - 2014-03-22 22:10 - 00044543 _____ () C:\Users\Neo\Downloads\Addition.txt
2014-03-22 22:09 - 2014-03-24 16:13 - 00020771 _____ () C:\Users\Neo\Downloads\FRST.txt
2014-03-22 22:09 - 2014-03-24 16:13 - 00000000 ____D () C:\FRST
2014-03-22 22:09 - 2014-03-22 22:09 - 02157056 _____ (Farbar) C:\Users\Neo\Downloads\FRST64.exe
2014-03-21 17:23 - 2014-03-21 17:23 - 00000000 ____D () C:\Users\Neo\AppData\Local\Skype
2014-03-21 17:22 - 2014-03-21 17:22 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-20 21:35 - 2014-03-20 21:35 - 00001105 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-20 21:35 - 2014-03-20 21:35 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Malwarebytes
2014-03-20 21:35 - 2014-03-20 21:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-20 21:35 - 2014-03-20 21:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-20 21:35 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-20 21:34 - 2014-03-20 21:34 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Neo\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-20 21:33 - 2014-03-23 14:31 - 00000000 ____D () C:\AdwCleaner
2014-03-20 21:32 - 2014-03-20 21:32 - 00613200 _____ (Chip Digital GmbH) C:\Users\Neo\Downloads\AdwCleaner - CHIP-Downloader.exe
2014-03-20 16:58 - 2014-03-23 03:45 - 00019752 _____ () C:\Users\Neo\Desktop\ds2 lets play.veg
2014-03-20 16:58 - 2014-03-22 05:06 - 00019744 _____ () C:\Users\Neo\Desktop\ds2 lets play.veg.bak
2014-03-19 17:14 - 2014-03-19 17:14 - 00002243 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-19 17:13 - 2014-03-24 15:38 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-19 17:13 - 2014-03-24 05:18 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-19 17:13 - 2014-03-19 17:13 - 00847864 _____ (Google Inc.) C:\Users\Neo\Downloads\ChromeSetup.exe
2014-03-19 17:13 - 2014-03-19 17:13 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-19 17:13 - 2014-03-19 17:13 - 00003848 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-19 02:33 - 2014-03-19 02:33 - 00057296 _____ () C:\Users\Neo\Downloads\optimusprinceps.zip
2014-03-16 04:46 - 2014-03-16 04:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-14 18:52 - 2014-03-14 18:52 - 00003600 _____ () C:\Users\Neo\Documents\Track 3 - 1.sfk
2014-03-13 04:18 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 04:18 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 04:18 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 04:18 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 04:18 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 04:18 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 04:18 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 04:18 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 04:18 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 04:18 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 04:18 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 04:18 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 04:18 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 04:18 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 04:18 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 04:18 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 04:18 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 04:18 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 04:18 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 04:18 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 04:18 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 04:18 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 04:18 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 04:18 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 04:18 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 04:18 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 04:18 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 04:18 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 04:18 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 04:18 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 04:18 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 04:18 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 04:18 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 04:18 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 04:18 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 04:18 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 04:18 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 04:18 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 04:18 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 04:18 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 04:18 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 04:18 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 04:18 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 04:18 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 04:16 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 04:16 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 04:16 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 04:16 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-10 02:43 - 2014-03-10 18:08 - 00000000 ____D () C:\Users\Neo\Desktop\Photoshop
2014-03-08 21:50 - 2014-03-08 21:50 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Day 1 Studios
2014-03-08 20:59 - 2014-03-08 20:59 - 00000221 _____ () C:\Users\Neo\Desktop\F.E.A.R. 3.url
2014-03-06 19:17 - 2014-03-06 19:17 - 00000000 ____D () C:\Program Files (x86)\Blackmagic Design
2014-03-06 18:34 - 2014-03-06 19:18 - 00014960 _____ () C:\Windows\DPINST.LOG
2014-03-04 02:40 - 2014-03-04 02:41 - 00000000 ____D () C:\Users\Neo\Desktop\Metro Saves Backup
2014-03-01 01:02 - 2014-03-01 01:02 - 00001158 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-03-01 01:02 - 2014-03-01 01:02 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-02-27 23:19 - 2014-02-27 23:19 - 00000000 _____ () C:\Users\Neo\Desktop\Neues Textdokument.txt
2014-02-26 18:00 - 2014-03-08 20:58 - 00000000 ____D () C:\Users\Neo\Desktop\Bilder
2014-02-26 15:25 - 2014-02-26 15:25 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-02-26 15:25 - 2014-02-26 15:25 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-26 15:24 - 2014-02-26 15:24 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-26 15:24 - 2014-02-26 15:24 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-26 15:24 - 2014-02-26 15:24 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-26 15:24 - 2014-02-26 15:24 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-26 14:12 - 2014-02-26 14:12 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-26 14:11 - 2014-02-08 17:18 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-02-26 14:09 - 2014-02-08 19:34 - 31432480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 23683360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 17715784 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 15740232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 12324640 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-26 14:09 - 2014-02-08 19:34 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 03142432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 02956576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 02782496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 02410784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00892192 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00875296 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00863520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00844576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00832424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00483104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00408352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00378656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00148528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-02-26 14:09 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-02-26 14:09 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-02-26 14:09 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-02-26 13:59 - 2014-03-24 15:38 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-26 13:58 - 2014-02-08 18:42 - 06712608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-02-26 13:58 - 2014-02-08 18:42 - 03498272 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-02-26 13:58 - 2014-02-08 18:42 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-02-26 13:58 - 2014-02-08 18:42 - 00923936 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-02-26 13:58 - 2014-02-08 18:42 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-02-26 13:58 - 2014-02-08 18:42 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-02-26 13:58 - 2014-02-05 18:52 - 03573739 _____ () C:\Windows\system32\nvcoproc.bin
2014-02-26 02:04 - 2014-02-26 02:05 - 00000000 ____D () C:\Users\Neo\AppData\Local\NVIDIA
2014-02-26 02:04 - 2014-02-26 02:04 - 00001343 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-02-26 02:04 - 2014-02-26 02:04 - 00000000 ____D () C:\Users\Neo\AppData\Local\NVIDIA Corporation
2014-02-26 02:04 - 2014-01-21 03:54 - 01179576 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-02-26 02:04 - 2014-01-21 03:54 - 01048152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-02-26 02:03 - 2013-12-27 19:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-02-26 02:03 - 2013-12-27 19:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-02-26 02:03 - 2013-12-27 19:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-02-25 23:05 - 2014-02-25 23:05 - 1459978240 _____ () C:\Users\Neo\Desktop\Resident Evil Zero (Europe) (En,Fr,De,Es,It) (Disc 2).iso
2014-02-25 19:39 - 2014-02-25 20:12 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\ICQ-Profile

==================== One Month Modified Files and Folders =======

2014-03-24 16:13 - 2014-03-22 22:09 - 00020771 _____ () C:\Users\Neo\Downloads\FRST.txt
2014-03-24 16:13 - 2014-03-22 22:09 - 00000000 ____D () C:\FRST
2014-03-24 16:12 - 2012-11-20 22:08 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Skype
2014-03-24 15:46 - 2009-07-14 05:45 - 00017200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-24 15:46 - 2009-07-14 05:45 - 00017200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-24 15:44 - 2012-11-20 15:36 - 01154651 _____ () C:\Windows\WindowsUpdate.log
2014-03-24 15:39 - 2013-05-18 18:28 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-24 15:38 - 2014-03-19 17:13 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-24 15:38 - 2014-02-26 13:59 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-24 15:38 - 2013-12-20 09:14 - 00015611 _____ () C:\Windows\setupact.log
2014-03-24 15:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-24 05:38 - 2013-03-29 19:28 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-24 05:18 - 2014-03-19 17:13 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-24 02:00 - 2012-12-21 10:09 - 00000000 ____D () C:\Users\Neo\AppData\Local\Adobe
2014-03-24 01:19 - 2014-03-24 01:19 - 00019752 _____ () C:\Users\Neo\Desktop\ds2 wk.veg
2014-03-24 01:12 - 2014-02-18 11:20 - 00000000 ____D () C:\Users\Neo\Desktop\MeGUI
2014-03-24 01:11 - 2014-03-23 22:03 - 01003696 _____ () C:\Users\Neo\Documents\Untitled 07.avi.sfk
2014-03-24 01:11 - 2014-03-23 22:02 - 05411896 _____ () C:\Users\Neo\Documents\Untitled 06.avi.sfk
2014-03-24 01:11 - 2014-03-23 22:01 - 01644864 _____ () C:\Users\Neo\Documents\Untitled 05.avi.sfk
2014-03-24 01:11 - 2014-03-23 22:01 - 00638832 _____ () C:\Users\Neo\Documents\Untitled 04.avi.sfk
2014-03-23 22:00 - 2014-03-23 21:49 - 2751761500 _____ () C:\Users\Neo\Documents\Untitled 07.avi
2014-03-23 21:47 - 2014-03-23 20:47 - 957709404 _____ () C:\Users\Neo\Documents\Untitled 06.avi
2014-03-23 20:44 - 2014-03-23 20:26 - 2111732828 _____ () C:\Users\Neo\Documents\Untitled 05.avi
2014-03-23 20:26 - 2014-03-23 20:18 - 3004591196 _____ () C:\Users\Neo\Documents\Untitled 04.avi
2014-03-23 20:14 - 2014-03-23 20:14 - 21363804 _____ () C:\Users\Neo\Documents\Untitled 03.avi
2014-03-23 15:17 - 2014-03-23 15:04 - 00032790 _____ () C:\zoek-results.log
2014-03-23 15:15 - 2013-12-20 09:14 - 00197732 _____ () C:\Windows\PFRO.log
2014-03-23 15:13 - 2014-03-23 15:01 - 00000000 ____D () C:\zoek_backup
2014-03-23 15:03 - 2014-03-23 15:03 - 04095370 _____ () C:\Users\Neo\Downloads\zoek.zip
2014-03-23 15:02 - 2014-03-23 15:02 - 04235514 _____ () C:\Users\Neo\Downloads\zoek.rar
2014-03-23 15:01 - 2014-03-23 15:14 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-23 15:01 - 2014-03-23 15:01 - 01285120 _____ () C:\Users\Neo\Downloads\zoek.exe
2014-03-23 14:54 - 2014-03-23 14:53 - 00046184 _____ () C:\Users\Neo\Desktop\Post.txt
2014-03-23 14:44 - 2014-03-23 14:44 - 00002295 _____ () C:\Users\Neo\Desktop\JRT.txt
2014-03-23 14:39 - 2014-03-23 14:39 - 00000000 ____D () C:\Windows\ERUNT
2014-03-23 14:38 - 2014-03-23 14:38 - 01037734 _____ (Thisisu) C:\Users\Neo\Downloads\JRT.exe
2014-03-23 14:31 - 2014-03-20 21:33 - 00000000 ____D () C:\AdwCleaner
2014-03-23 14:26 - 2014-03-23 14:26 - 01950720 _____ () C:\Users\Neo\Downloads\adwcleaner.exe
2014-03-23 03:45 - 2014-03-20 16:58 - 00019752 _____ () C:\Users\Neo\Desktop\ds2 lets play.veg
2014-03-22 22:10 - 2014-03-22 22:10 - 00044543 _____ () C:\Users\Neo\Downloads\Addition.txt
2014-03-22 22:09 - 2014-03-22 22:09 - 02157056 _____ (Farbar) C:\Users\Neo\Downloads\FRST64.exe
2014-03-22 05:06 - 2014-03-20 16:58 - 00019744 _____ () C:\Users\Neo\Desktop\ds2 lets play.veg.bak
2014-03-21 17:23 - 2014-03-21 17:23 - 00000000 ____D () C:\Users\Neo\AppData\Local\Skype
2014-03-21 17:23 - 2012-11-20 22:08 - 00000000 ____D () C:\ProgramData\Skype
2014-03-21 17:22 - 2014-03-21 17:22 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-21 17:22 - 2013-01-27 05:58 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-20 21:35 - 2014-03-20 21:35 - 00001105 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-20 21:35 - 2014-03-20 21:35 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Malwarebytes
2014-03-20 21:35 - 2014-03-20 21:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-20 21:35 - 2014-03-20 21:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-20 21:34 - 2014-03-20 21:34 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Neo\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-20 21:32 - 2014-03-20 21:32 - 00613200 _____ (Chip Digital GmbH) C:\Users\Neo\Downloads\AdwCleaner - CHIP-Downloader.exe
2014-03-20 16:40 - 2012-12-11 20:12 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Audacity
2014-03-19 22:44 - 2012-11-21 06:41 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\vlc
2014-03-19 17:14 - 2014-03-19 17:14 - 00002243 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-19 17:14 - 2012-11-20 21:42 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-19 17:13 - 2014-03-19 17:13 - 00847864 _____ (Google Inc.) C:\Users\Neo\Downloads\ChromeSetup.exe
2014-03-19 17:13 - 2014-03-19 17:13 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-19 17:13 - 2014-03-19 17:13 - 00003848 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-19 12:13 - 2009-07-14 05:45 - 08051304 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-19 02:34 - 2012-11-20 18:53 - 00116728 _____ () C:\Users\Neo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-19 02:33 - 2014-03-19 02:33 - 00057296 _____ () C:\Users\Neo\Downloads\optimusprinceps.zip
2014-03-18 22:37 - 2012-11-21 15:11 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\avidemux
2014-03-18 21:10 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-18 20:25 - 2013-08-14 02:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 20:21 - 2013-03-29 17:55 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-17 13:50 - 2012-11-22 22:02 - 00000000 ____D () C:\ProgramData\StaxRip
2014-03-17 06:00 - 2013-06-18 01:23 - 00000000 ____D () C:\Users\Neo\AppData\Local\Windows Live
2014-03-16 13:10 - 2013-07-26 11:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-16 04:46 - 2014-03-16 04:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-16 02:48 - 2012-11-20 22:48 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-14 18:52 - 2014-03-14 18:52 - 00003600 _____ () C:\Users\Neo\Documents\Track 3 - 1.sfk
2014-03-14 07:24 - 2013-10-10 02:13 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 07:24 - 2013-10-10 02:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 13:38 - 2013-03-29 19:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 13:38 - 2013-03-29 19:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 13:38 - 2013-03-29 19:28 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-10 18:08 - 2014-03-10 02:43 - 00000000 ____D () C:\Users\Neo\Desktop\Photoshop
2014-03-09 21:36 - 2014-02-08 05:25 - 00000000 ____D () C:\Users\Neo\SimpleJavaYoutubeUploader
2014-03-09 12:51 - 2013-01-22 23:55 - 00001299 _____ () C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
2014-03-08 21:50 - 2014-03-08 21:50 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Day 1 Studios
2014-03-08 20:59 - 2014-03-08 20:59 - 00000221 _____ () C:\Users\Neo\Desktop\F.E.A.R. 3.url
2014-03-08 20:58 - 2014-02-26 18:00 - 00000000 ____D () C:\Users\Neo\Desktop\Bilder
2014-03-07 02:00 - 2012-11-21 03:24 - 00000000 ____D () C:\Lets Play
2014-03-06 19:18 - 2014-03-06 18:34 - 00014960 _____ () C:\Windows\DPINST.LOG
2014-03-06 19:17 - 2014-03-06 19:17 - 00000000 ____D () C:\Program Files (x86)\Blackmagic Design
2014-03-06 18:35 - 2013-06-29 13:23 - 00000000 ____D () C:\Users\Neo\Desktop\Aufnahme & Encodieren
2014-03-04 03:11 - 2013-07-10 19:10 - 00000978 _____ () C:\Users\Neo\Desktop\Nummerierung.vbs
2014-03-04 02:41 - 2014-03-04 02:40 - 00000000 ____D () C:\Users\Neo\Desktop\Metro Saves Backup
2014-03-02 16:28 - 2012-11-27 02:56 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\HandBrake
2014-03-01 07:05 - 2014-03-13 04:18 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 04:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 04:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 04:18 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 04:18 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 04:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 04:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 04:18 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 04:18 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 04:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 04:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 04:18 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 04:18 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 04:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 04:18 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 04:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 04:18 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 04:18 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 04:18 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 04:18 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 04:18 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 04:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 04:18 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 04:18 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 04:18 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 04:18 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 04:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 04:18 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 04:18 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 04:18 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 04:18 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 04:18 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 04:18 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 04:18 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 04:18 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 04:18 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 04:18 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 04:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 04:18 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-01 03:03 - 2012-11-21 02:34 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-01 03:03 - 2009-07-14 18:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-03-01 03:03 - 2009-07-14 18:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-03-01 03:03 - 2009-07-14 06:13 - 01593956 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-01 01:07 - 2013-01-09 23:25 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\TS3Client
2014-03-01 01:02 - 2014-03-01 01:02 - 00001158 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-03-01 01:02 - 2014-03-01 01:02 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-02-27 23:19 - 2014-02-27 23:19 - 00000000 _____ () C:\Users\Neo\Desktop\Neues Textdokument.txt
2014-02-27 21:23 - 2012-12-24 07:55 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-02-26 15:26 - 2012-11-21 01:14 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-02-26 15:25 - 2014-02-26 15:25 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-02-26 15:25 - 2014-02-26 15:25 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-26 15:24 - 2014-02-26 15:24 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-26 15:24 - 2014-02-26 15:24 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-26 15:24 - 2014-02-26 15:24 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-26 15:24 - 2014-02-26 15:24 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-26 15:24 - 2013-02-21 13:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-26 14:12 - 2014-02-26 14:12 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-26 14:12 - 2012-11-20 18:45 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-26 13:59 - 2013-01-12 11:02 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-26 13:58 - 2012-11-20 18:44 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-26 13:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-02-26 02:05 - 2014-02-26 02:04 - 00000000 ____D () C:\Users\Neo\AppData\Local\NVIDIA
2014-02-26 02:04 - 2014-02-26 02:04 - 00001343 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-02-26 02:04 - 2014-02-26 02:04 - 00000000 ____D () C:\Users\Neo\AppData\Local\NVIDIA Corporation
2014-02-25 23:05 - 2014-02-25 23:05 - 1459978240 _____ () C:\Users\Neo\Desktop\Resident Evil Zero (Europe) (En,Fr,De,Es,It) (Disc 2).iso
2014-02-25 20:12 - 2014-02-25 19:39 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\ICQ-Profile
2014-02-25 19:35 - 2013-12-23 11:57 - 00049661 _____ () C:\Windows\DirectX.log
2014-02-22 15:44 - 2013-05-31 21:06 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Electronic Arts
2014-02-22 13:08 - 2013-06-29 13:22 - 00000000 ____D () C:\Users\Neo\Desktop\Spiele

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-20 20:06

==================== End Of Log ============================

--- --- ---

Addition Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Neo at 2014-03-22 22:10:15
Running from C:\Users\Neo\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.03 - Adobe Systems)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.1860 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 8.0.1489.0 - AVAST Software)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.7.8981 - )
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blackmagic Design Desktop Video (HKLM-x32\...\{32770ED5-FADB-432B-8D27-69192B21CADB}) (Version: 9.2.0.0 - Blackmagic Design)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.13.899 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{6397E61B-A6B5-4479-85A4-0F746D6B328F}) (Version: 0.7.13.899 - BlueStack Systems, Inc.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DebugMode FrameServer (HKLM-x32\...\DebugMode FrameServer) (Version:  - )
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Distributed Computing Experiment (HKLM\...\Distributed Computing Experiment) (Version:  - )
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.1 - Dolphin Development Team)
Dream of the Blood Moon (HKLM\...\UDK-f20b66e1-00bd-4f29-bee5-083208f9be0c) (Version:  - Epic Games, Inc.)
Dxtory version 2.0.119 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.119 - Dxtory Software)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
F.E.A.R. 3 (HKLM-x32\...\Steam App 21100) (Version:  - Day 1 Studios)
FAKEFACTORY Cinematic Mod 2013 (HKLM-x32\...\FAKEFACTORY CM2013alpha1) (Version: alpha1 - FAKEFACTORY)
ffdshow v1.2.4489 [2012-10-25] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4489.0 - )
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free FLV Converter V 7.6.1 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.6.1.0 - Koyote Lab Inc.)
Free YouTube Download version 3.2.1.320 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.1.320 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.1.320 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.1.320 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HandBrake 0.9.8 (HKLM-x32\...\HandBrake) (Version: 0.9.8 - )
Helix YUV Codecs (remove only) (HKLM-x32\...\HelixYUVCodecs) (Version:  - )
iFree Skype Recorder 4.0.9 (HKLM-x32\...\iFree Skype Recorder) (Version: 4.0.9 - iFree Skype Recorder)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 7 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417017FF}) (Version: 7.0.170 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\7289-1030-5602-7421) (Version: 0.9 - AppWork GmbH)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
Logitech GamePanel Software 3.03.133 (HKLM\...\{6CC95B76-D380-46B2-9022-9353938E48BA}) (Version: 3.03.133 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (HKLM-x32\...\MAGIX_{CA77A094-1554-4395-ACF7-3F50C9CA5FEB}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Premium (HKLM-x32\...\MAGIX_{8040CA6C-16F1-47B5-BB2E-E63F32B7E67F}) (Version: 19.0.1.36 - MAGIX AG)
MAGIX Music Maker 2013 Premium (Version: 19.0.1.36 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (HKLM-x32\...\MAGIX_{C63DD4C4-BF1D-4F79-BA4B-4E361A2A3ED2}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 7.0.1.27 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{0D951CBB-743C-4A68-8C85-97D89A61D7CD}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 (HKLM-x32\...\MX.{EA62B22F-AB0A-406B-80A9-8036D3CE3446}) (Version: 13.0.0.30 - MAGIX AG)
MAGIX Video deluxe 2014 (Version: 13.0.0.30 - MAGIX AG) Hidden
MAGIX Video easy SE (HKLM-x32\...\MAGIX_MSI_Video_easy_SE) (Version: 1.0.4.6 - MAGIX AG)
MAGIX Video easy SE (x32 Version: 1.0.4.6 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MediaInfo 0.7.61 (HKLM\...\MediaInfo) (Version: 0.7.61 - MediaArea.net)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MINERVA: Metastasis (HKLM-x32\...\Steam App 235780) (Version:  - Adam Foster)
MKVToolNix 6.7.0 [20140102-565] (HKLM-x32\...\MKVToolNix) (Version: 6.7.0 - Moritz Bunkus)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MP3 Skype Recorder (HKLM-x32\...\{CB606F47-7D0E-40DF-95BB-0E5413A1295F}) (Version: 3.1.3 - Alexander Nikiforov)
MPC-HC 1.7.3 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.3 - MPC-HC Team)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.0.0.128 - Symantec Corporation)
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Object Browser (HKLM-x32\...\Object Browser) (Version: 1.31.153.4 - Object Browser)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.11.2678 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PriceGong 2.6.12 (HKLM-x32\...\PriceGong) (Version: 2.6.12 - PriceGong) <==== ATTENTION
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
SagaraS Scriptmaker v4.8 (HKLM-x32\...\SagaraS Scriptmaker_is1) (Version:  - )
Samplitude 11 Silver (HKLM-x32\...\MAGIX_MSI_sam11silver) (Version: 11.0.0.0 - MAGIX AG)
Samplitude 11 Silver (x32 Version: 11.0.0.0 - MAGIX AG) Hidden
Search Assistant WebSearch 1.74 (HKLM-x32\...\SP_4e24eecb) (Version:  - ) <==== ATTENTION
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Shutdown4U (HKLM-x32\...\Shutdown4U) (Version:  - )
skate's Thumbnail Tool Version 1.1.1 (HKLM-x32\...\{709F7985-34DD-4F49-9F91-D429D3B49D26}_is1) (Version: 1.1.1 - skate702germany)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Slender - The Arrival 1.0 (HKLM-x32\...\Slender - The Arrival 1.0) (Version: 1.0 - Blue Isle Studios)
Slender - The Arrival Patch Updater 1.0 (HKLM-x32\...\Slender - The Arrival Patch Updater 1.0) (Version: 1.0 - Blue Isle Studios)
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SuperVideoCap V6.9 Build 3050 (HKLM-x32\...\SuperVideoCap V6.9 Build 3050_is1) (Version:  - MySuperSoft.com)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10.1 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)
Telekom Fotoservice (HKLM-x32\...\Telekom Fotoservice) (Version:  - )
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
TMPGEnc Video Mastering Works (HKLM-x32\...\TMPGEnc Video Mastering Works) (Version:  - )
T-Online 6.0 (HKLM-x32\...\{B1275E23-717A-4D52-997A-1AD1E24BC7F3}) (Version:  - )
T-Online WLAN-Access Finder (HKLM-x32\...\{295C31E5-3F91-498E-9623-DA24D2FA2B6A}) (Version:  - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{8858A840-1D35-11E2-A8C7-F04DA23A5C58}) (Version: 12.0.394 - Sony)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.0.4 (HKLM\...\VLC media player) (Version: 2.0.4 - VideoLAN)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XSplit (HKLM-x32\...\{DAA18A0D-A57C-4611-B135-46EA06990E7D}) (Version: 1.2.1303.0101 - SplitMediaLabs)

==================== Restore Points  =========================

20-03-2014 23:00:02 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0A1AA027-40E0-47FF-9045-916B9CAD34EE} - System32\Tasks\Object Browser-codedownloader => C:\Program Files (x86)\Object Browser\Object Browser-codedownloader.exe [2013-12-29] (Object Browser)
Task: {25867F1F-77B7-4D40-9991-A05F69F4E4DA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {47931548-0DC4-4E08-A9B4-D239D764E300} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-19] (Google Inc.)
Task: {5A394A07-4628-49EC-A3E5-41A9768C7870} - System32\Tasks\{41B47BA4-D7AC-4CE1-B76D-3C53F5E189F7} => Chrome.exe hxxp://ui.skype.com/ui/0/6.11.0.102/en/abandoninstall?page=tsBing
Task: {5C7DA0DA-2098-4655-8A4D-1C898192D228} - System32\Tasks\Object Browser-chromeinstaller => C:\Program Files (x86)\Object Browser\Object Browser-chromeinstaller.exe [2013-12-29] (Object Browser)
Task: {5EDCD25F-F139-4BA4-886A-6E14945A282A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {6C200840-B88F-4804-BF14-E7E2CB11C27F} - System32\Tasks\Object Browser-enabler => C:\Program Files (x86)\Object Browser\Object Browser-enabler.exe [2013-12-29] (Object Browser) <==== ATTENTION
Task: {769543FB-3AB4-4762-A4E9-F9F25088928F} - System32\Tasks\Object Browser-updater => C:\Program Files (x86)\Object Browser\Object Browser-updater.exe [2013-12-29] (Object Browser)
Task: {79AEB052-DA8B-4C43-B1C3-9D9B65744F46} - System32\Tasks\Object Browser-firefoxinstaller => C:\Program Files (x86)\Object Browser\Object Browser-firefoxinstaller.exe [2013-12-29] (Object Browser)
Task: {7D5D5464-1DF4-4D86-8A13-76A19140C4A8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-19] (Google Inc.)
Task: {A924154F-07BF-4FF1-931D-341F204D5A49} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-100367103-78040337-3239847000-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {B72482F7-719C-42DB-890F-79D9CC26B338} - System32\Tasks\AdobeAAMUpdater-1.0-Neo-PC-Neo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {C8EB658A-FB39-4698-A057-7415CB0B907D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {D364FF60-352B-427D-A29C-8BD5ACA61ED8} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-100367103-78040337-3239847000-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {F7940DAA-BDF1-41AA-AC83-C3FA9A055170} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Object Browser-chromeinstaller.job => C:\Program Files (x86)\Object Browser\Object Browser-chromeinstaller.exe
Task: C:\Windows\Tasks\Object Browser-codedownloader.job => C:\Program Files (x86)\Object Browser\Object Browser-codedownloader.exe
Task: C:\Windows\Tasks\Object Browser-enabler.job => C:\Program Files (x86)\Object Browser\Object Browser-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Object Browser-firefoxinstaller.job => C:\Program Files (x86)\Object Browser\Object Browser-firefoxinstaller.exe
Task: C:\Windows\Tasks\Object Browser-updater.job => C:\Program Files (x86)\Object Browser\Object Browser-updater.exe

==================== Loaded Modules (whitelisted) =============

2014-02-26 13:58 - 2014-02-08 18:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-18 22:26 - 2013-12-18 22:26 - 00059392 _____ () C:\Program Files\DCE\dce.exe
2012-03-15 12:28 - 2012-03-15 12:28 - 01103360 _____ () C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\BMDStreamingServer.exe
2012-01-10 14:41 - 2013-11-03 15:22 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2012-03-15 12:48 - 2012-03-15 12:48 - 10599936 _____ () C:\Program Files (x86)\Blackmagic Design\Blackmagic Media Express\MediaExpress.exe
2014-03-22 15:05 - 2014-03-22 10:43 - 02283520 _____ () C:\Program Files\AVAST Software\Avast\defs\14032200\algo.dll
2012-03-15 12:26 - 2012-03-15 12:26 - 00256000 _____ () C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\BMDStreamingAPI.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2014-02-12 04:17 - 2014-02-12 04:17 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b162055347700182d96325676dd591c4\IsdiInterop.ni.dll
2012-11-20 21:49 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-11-20 21:53 - 2012-02-07 18:39 - 01198872 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-03-16 04:46 - 2014-03-16 04:46 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-12 13:38 - 2014-03-12 13:38 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
2010-11-03 13:21 - 2010-11-03 13:21 - 00676864 _____ () C:\Program Files (x86)\Blackmagic Design\Blackmagic Media Express\QtOpenGL4.dll
2010-11-03 13:14 - 2010-11-03 13:14 - 08166912 _____ () C:\Program Files (x86)\Blackmagic Design\Blackmagic Media Express\QtGui4.dll
2011-02-01 12:37 - 2011-02-01 12:37 - 02283008 _____ () C:\Program Files (x86)\Blackmagic Design\Blackmagic Media Express\QtCore4.dll
2010-11-03 13:30 - 2010-11-03 13:30 - 00276480 _____ () C:\Program Files (x86)\Blackmagic Design\Blackmagic Media Express\QtSvg4.dll
2012-03-15 12:24 - 2012-03-15 12:24 - 00030720 _____ () C:\Program Files (x86)\Blackmagic Design\Blackmagic Media Express\QtSingleApplication.dll
2010-11-03 13:00 - 2010-11-03 13:00 - 00914432 _____ () C:\Program Files (x86)\Blackmagic Design\Blackmagic Media Express\QtNetwork4.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-06 19:17 - 2012-03-15 12:31 - 00707584 _____ () C:\Program Files (x86)\QuickTime\QTComponents\BlackmagicCodec.qtx

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\Users\Neo\AppData\Local\Temporary Internet Files:HDnTKRa7USceVHvL9C

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^Neo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Desktop Queen Starter.lnk => C:\Windows\pss\Desktop Queen Starter.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Neo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk => C:\Windows\pss\hamachi.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Neo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Netzmanager.lnk => C:\Windows\pss\Netzmanager.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Blackmagic CheckVersion => C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\CheckVersion.exe
MSCONFIG\startupreg: Blackmagic CheckVersion PCI => C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\CheckVersionPCI.exe
MSCONFIG\startupreg: Blackmagic Streaming Server => C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\BMDStreamingServer.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: ManyCam => "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent
MSCONFIG\startupreg: puush => C:\Program Files (x86)\puush\puush.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/22/2014 03:05:00 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/21/2014 05:19:51 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/21/2014 02:31:18 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/20/2014 09:35:03 PM) (Source: Application Hang) (User: )
Description: Programm adwcleaner_3.021.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1cf8

Startzeit: 01cf447ba947dab6

Endzeit: 2

Anwendungspfad: C:\Users\Neo\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\f8b34e3b5e6e337aa6491ee3f713f8f5\adwcleaner_3.021.exe

Berichts-ID: 1bc1294b-b06f-11e3-b248-50465d5048ac

Error: (03/19/2014 04:48:04 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Object Browser-chromeinstaller.exe, Version: 1.0.0.1, Zeitstempel: 0x52a98a92
Name des fehlerhaften Moduls: Object Browser-chromeinstaller.exe, Version: 1.0.0.1, Zeitstempel: 0x52a98a92
Ausnahmecode: 0x40000015
Fehleroffset: 0x00085e79
ID des fehlerhaften Prozesses: 0x1410
Startzeit der fehlerhaften Anwendung: 0xObject Browser-chromeinstaller.exe0
Pfad der fehlerhaften Anwendung: Object Browser-chromeinstaller.exe1
Pfad des fehlerhaften Moduls: Object Browser-chromeinstaller.exe2
Berichtskennung: Object Browser-chromeinstaller.exe3

Error: (03/19/2014 00:16:20 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/19/2014 00:13:57 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Object Browser-chromeinstaller.exe, Version: 1.0.0.1, Zeitstempel: 0x52a98a92
Name des fehlerhaften Moduls: Object Browser-chromeinstaller.exe, Version: 1.0.0.1, Zeitstempel: 0x52a98a92
Ausnahmecode: 0x40000015
Fehleroffset: 0x00085e79
ID des fehlerhaften Prozesses: 0x740
Startzeit der fehlerhaften Anwendung: 0xObject Browser-chromeinstaller.exe0
Pfad der fehlerhaften Anwendung: Object Browser-chromeinstaller.exe1
Pfad des fehlerhaften Moduls: Object Browser-chromeinstaller.exe2
Berichtskennung: Object Browser-chromeinstaller.exe3

Error: (03/19/2014 10:48:05 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Object Browser-chromeinstaller.exe, Version: 1.0.0.1, Zeitstempel: 0x52a98a92
Name des fehlerhaften Moduls: Object Browser-chromeinstaller.exe, Version: 1.0.0.1, Zeitstempel: 0x52a98a92
Ausnahmecode: 0x40000015
Fehleroffset: 0x00085e79
ID des fehlerhaften Prozesses: 0x18a4
Startzeit der fehlerhaften Anwendung: 0xObject Browser-chromeinstaller.exe0
Pfad der fehlerhaften Anwendung: Object Browser-chromeinstaller.exe1
Pfad des fehlerhaften Moduls: Object Browser-chromeinstaller.exe2
Berichtskennung: Object Browser-chromeinstaller.exe3

Error: (03/18/2014 09:10:29 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_ShellHWDetection, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000007000a
ID des fehlerhaften Prozesses: 0x458
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_ShellHWDetection0
Pfad der fehlerhaften Anwendung: svchost.exe_ShellHWDetection1
Pfad des fehlerhaften Moduls: svchost.exe_ShellHWDetection2
Berichtskennung: svchost.exe_ShellHWDetection3

Error: (03/18/2014 09:07:00 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (03/22/2014 03:05:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (03/22/2014 03:04:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Util FindRight" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/22/2014 03:04:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update FindRight" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/22/2014 03:03:41 PM) (Source: hasplms) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!

Error: (03/21/2014 05:19:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (03/21/2014 05:19:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Util FindRight" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/21/2014 05:19:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update FindRight" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/21/2014 02:31:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! Antivirus" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/21/2014 02:31:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (03/21/2014 02:31:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Util FindRight" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (03/22/2014 03:05:00 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/21/2014 05:19:51 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/21/2014 02:31:18 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/20/2014 09:35:03 PM) (Source: Application Hang)(User: )
Description: adwcleaner_3.021.exe0.0.0.01cf801cf447ba947dab62C:\Users\Neo\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\f8b34e3b5e6e337aa6491ee3f713f8f5\adwcleaner_3.021.exe1bc1294b-b06f-11e3-b248-50465d5048ac

Error: (03/19/2014 04:48:04 PM) (Source: Application Error)(User: )
Description: Object Browser-chromeinstaller.exe1.0.0.152a98a92Object Browser-chromeinstaller.exe1.0.0.152a98a924000001500085e79141001cf438a9b3f7336C:\Program Files (x86)\Object Browser\Object Browser-chromeinstaller.exeC:\Program Files (x86)\Object Browser\Object Browser-chromeinstaller.exedb0eceb0-af7d-11e3-a24c-50465d5048ac

Error: (03/19/2014 00:16:20 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/19/2014 00:13:57 PM) (Source: Application Error)(User: )
Description: Object Browser-chromeinstaller.exe1.0.0.152a98a92Object Browser-chromeinstaller.exe1.0.0.152a98a924000001500085e7974001cf436437e10f24C:\Program Files (x86)\Object Browser\Object Browser-chromeinstaller.exeC:\Program Files (x86)\Object Browser\Object Browser-chromeinstaller.exe90126e92-af57-11e3-a24c-50465d5048ac

Error: (03/19/2014 10:48:05 AM) (Source: Application Error)(User: )
Description: Object Browser-chromeinstaller.exe1.0.0.152a98a92Object Browser-chromeinstaller.exe1.0.0.152a98a924000001500085e7918a401cf43585108d61dC:\Program Files (x86)\Object Browser\Object Browser-chromeinstaller.exeC:\Program Files (x86)\Object Browser\Object Browser-chromeinstaller.exe9128ead7-af4b-11e3-9b51-50465d5048ac

Error: (03/18/2014 09:10:29 PM) (Source: Application Error)(User: )
Description: svchost.exe_ShellHWDetection6.1.7600.163854a5bc3c1unknown0.0.0.000000000c0000005000000000007000a45801cf42e58b780efeC:\Windows\system32\svchost.exeunknown599cf76a-aed9-11e3-9b51-50465d5048ac

Error: (03/18/2014 09:07:00 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Den Logfile von SystemLook musste ich wieder Anhängen!
Also ich bekomme ich Meldung gar nicht mehr, in keinem Browser!

M-K-D-B · 24.03.2014, 17:06

Servus,

es gibt noch einiges zu entfernen:

Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern.
Im Anschluss daran räumen wir auf und ich gebe dir noch ein paar Tipps mit auf den Weg.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: C:\Windows\Tasks\Object Browser-chromeinstaller.job => C:\Program Files (x86)\Object Browser\Object Browser-chromeinstaller.exe
Task: C:\Windows\Tasks\Object Browser-codedownloader.job => C:\Program Files (x86)\Object Browser\Object Browser-codedownloader.exe
Task: C:\Windows\Tasks\Object Browser-enabler.job => C:\Program Files (x86)\Object Browser\Object Browser-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Object Browser-firefoxinstaller.job => C:\Program Files (x86)\Object Browser\Object Browser-firefoxinstaller.exe
Task: C:\Windows\Tasks\Object Browser-updater.job => C:\Program Files (x86)\Object Browser\Object Browser-updater.exe
C:\Program Files (x86)\Object Browser
Task: {0A1AA027-40E0-47FF-9045-916B9CAD34EE} - System32\Tasks\Object Browser-codedownloader => C:\Program Files (x86)\Object Browser\Object Browser-codedownloader.exe [2013-12-29] (Object Browser)
Task: {5C7DA0DA-2098-4655-8A4D-1C898192D228} - System32\Tasks\Object Browser-chromeinstaller => C:\Program Files (x86)\Object Browser\Object Browser-chromeinstaller.exe [2013-12-29] (Object Browser)
Task: {6C200840-B88F-4804-BF14-E7E2CB11C27F} - System32\Tasks\Object Browser-enabler => C:\Program Files (x86)\Object Browser\Object Browser-enabler.exe [2013-12-29] (Object Browser) <==== ATTENTION
Task: {769543FB-3AB4-4762-A4E9-F9F25088928F} - System32\Tasks\Object Browser-updater => C:\Program Files (x86)\Object Browser\Object Browser-updater.exe [2013-12-29] (Object Browser)
Task: {79AEB052-DA8B-4C43-B1C3-9D9B65744F46} - System32\Tasks\Object Browser-firefoxinstaller => C:\Program Files (x86)\Object Browser\Object Browser-firefoxinstaller.exe [2013-12-29] (Object Browser)
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\FindRight_RASAPI32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\FindRight_RASMANCS" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateFindRight_RASAPI32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateFindRight_RASMANCS" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilFindRight_RASAPI32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilFindRight_RASMANCS" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Update FindRight" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Util FindRight" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9A6403AA-F02C-1C7B-FB38-4DB786EF1115}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9A6403AA-F02C-1C7B-FB38-4DB786EF1115}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20A4B604-1FB6-EC6C-788A-9AFD1B6A0C66}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20A4B604-1FB6-EC6C-788A-9AFD1B6A0C66}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FF9D1727-07EA-92E6-9C22-E69E69E15635}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FF9D1727-07EA-92E6-9C22-E69E69E15635}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Moovida_RASAPI32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Moovida_RASMANCS" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\AppDataLow\Software\YTKaraoke" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{60F78604-984A-4DA9-8182-5124614EB7A1}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F351B686-F6AF-45F1-9EB9-684C805B25B1}" /f
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4
Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Bitte poste mit deiner nächsten Antwort

die Logdatei von FRST,
die Logdatei von HitmanPro,
die Logdatei von ESET,
die Logdatei von SecurityCheck.

TheNeoLP · 24.03.2014, 21:34

Fixlist Log:

Code:

ATTFilter

start
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: C:\Windows\Tasks\Object Browser-chromeinstaller.job => C:\Program Files (x86)\Object Browser\Object Browser-chromeinstaller.exe
Task: C:\Windows\Tasks\Object Browser-codedownloader.job => C:\Program Files (x86)\Object Browser\Object Browser-codedownloader.exe
Task: C:\Windows\Tasks\Object Browser-enabler.job => C:\Program Files (x86)\Object Browser\Object Browser-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Object Browser-firefoxinstaller.job => C:\Program Files (x86)\Object Browser\Object Browser-firefoxinstaller.exe
Task: C:\Windows\Tasks\Object Browser-updater.job => C:\Program Files (x86)\Object Browser\Object Browser-updater.exe
C:\Program Files (x86)\Object Browser
Task: {0A1AA027-40E0-47FF-9045-916B9CAD34EE} - System32\Tasks\Object Browser-codedownloader => C:\Program Files (x86)\Object Browser\Object Browser-codedownloader.exe [2013-12-29] (Object Browser)
Task: {5C7DA0DA-2098-4655-8A4D-1C898192D228} - System32\Tasks\Object Browser-chromeinstaller => C:\Program Files (x86)\Object Browser\Object Browser-chromeinstaller.exe [2013-12-29] (Object Browser)
Task: {6C200840-B88F-4804-BF14-E7E2CB11C27F} - System32\Tasks\Object Browser-enabler => C:\Program Files (x86)\Object Browser\Object Browser-enabler.exe [2013-12-29] (Object Browser) <==== ATTENTION
Task: {769543FB-3AB4-4762-A4E9-F9F25088928F} - System32\Tasks\Object Browser-updater => C:\Program Files (x86)\Object Browser\Object Browser-updater.exe [2013-12-29] (Object Browser)
Task: {79AEB052-DA8B-4C43-B1C3-9D9B65744F46} - System32\Tasks\Object Browser-firefoxinstaller => C:\Program Files (x86)\Object Browser\Object Browser-firefoxinstaller.exe [2013-12-29] (Object Browser)
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\FindRight_RASAPI32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\FindRight_RASMANCS" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateFindRight_RASAPI32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateFindRight_RASMANCS" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilFindRight_RASAPI32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilFindRight_RASMANCS" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Update FindRight" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Util FindRight" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9A6403AA-F02C-1C7B-FB38-4DB786EF1115}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9A6403AA-F02C-1C7B-FB38-4DB786EF1115}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20A4B604-1FB6-EC6C-788A-9AFD1B6A0C66}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20A4B604-1FB6-EC6C-788A-9AFD1B6A0C66}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FF9D1727-07EA-92E6-9C22-E69E69E15635}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FF9D1727-07EA-92E6-9C22-E69E69E15635}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Moovida_RASAPI32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Moovida_RASMANCS" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\AppDataLow\Software\YTKaraoke" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{60F78604-984A-4DA9-8182-5124614EB7A1}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F351B686-F6AF-45F1-9EB9-684C805B25B1}" /f
end

HitmanPro Log:

Code:

ATTFilter

HitmanPro 3.7.9.212
www.hitmanpro.com

   Computer name . . . . : NEO-PC
   Windows . . . . . . . : 6.1.1.7601.X64/8
   User name . . . . . . : Neo-PC\Neo
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2014-03-24 19:29:58
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 4m 19s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 97

   Objects scanned . . . : 1.913.375
   Files scanned . . . . : 47.704
   Remnants scanned  . . : 826.023 files / 1.039.648 keys

Suspicious files ____________________________________________________________

   C:\Users\Neo\AppData\Local\PunkBuster\BFP4F\pb\dll\wc002304.dll
      Size . . . . . . . : 954.496 bytes
      Age  . . . . . . . : 461.5 days (2012-12-18 08:31:22)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : EEBDAC091729B0B80A21E14B2CE0392E4584205BA06F5ED1B846C51D034A2177
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Neo\AppData\Local\PunkBuster\BFP4F\pb\pbcl.dll
      Size . . . . . . . : 954.496 bytes
      Age  . . . . . . . : 461.5 days (2012-12-18 08:33:16)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : EEBDAC091729B0B80A21E14B2CE0392E4584205BA06F5ED1B846C51D034A2177
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Neo\AppData\Local\PunkBuster\BFP4F\pb\pbclold.dll
      Size . . . . . . . : 954.496 bytes
      Age  . . . . . . . : 461.5 days (2012-12-18 08:24:53)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : EEBDAC091729B0B80A21E14B2CE0392E4584205BA06F5ED1B846C51D034A2177
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Neo\AppData\Local\PunkBuster\BFP4F\pb\PnkBstrK.sys
      Size . . . . . . . : 139.424 bytes
      Age  . . . . . . . : 461.5 days (2012-12-18 08:25:49)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 2A97BC40220EE7B5383991EDB238A70B2D6A7881E54E465999E2EADD6A396029
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Neo\AppData\Local\PunkBuster\FC3\pb\pbcl.dll
      Size . . . . . . . : 953.886 bytes
      Age  . . . . . . . : 480.1 days (2012-11-29 17:59:46)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Neo\AppData\Local\PunkBuster\FC3\pb\pbcls.dll
      Size . . . . . . . : 953.886 bytes
      Age  . . . . . . . : 480.1 days (2012-11-29 17:59:46)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Neo\AppData\Local\PunkBuster\FC3\pb\PnkBstrK.sys
      Size . . . . . . . : 138.032 bytes
      Age  . . . . . . . : 480.1 days (2012-11-29 18:00:10)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : ABAF3FACF01E10E4C685F79C3B9E5D2118B3CF8629C4277EBE035B2A10474148
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Neo\AppData\Local\PunkBuster\HOS\pb\pbcl.dll
      Size . . . . . . . : 951.877 bytes
      Age  . . . . . . . : 463.7 days (2012-12-16 01:58:21)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 833CB80463E9181DBCC24242B392B70E6E80DD72A07B79727AB9936FCADEDD2A
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Neo\AppData\Local\PunkBuster\HOS\pb\pbclold.dll
      Size . . . . . . . : 948.333 bytes
      Age  . . . . . . . : 463.8 days (2012-12-16 00:06:03)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 65E0CDCB32C36ADAAB6BED9D7A2B0A73BC038013549D19EA692085F54D87E45B
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Neo\AppData\Local\PunkBuster\HOS\pb\PnkBstrK.sys
      Size . . . . . . . : 139.112 bytes
      Age  . . . . . . . : 463.8 days (2012-12-16 00:06:13)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : 22A0F36A4E6891CDCFDF3460A19285662D017B02266D5D9A7EED43CF74B0A39A
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Windows\system32\hasplms.exe 
      Size . . . . . . . : 4.941.768 bytes
      Age  . . . . . . . : 426.2 days (2013-01-22 14:43:33)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : 8661FDD7344A1059B99450BA22C29F70C2DF2D3A381AA47D5B24A514DE8C029F
      Product  . . . . . : LDK License Manager Service
      Publisher  . . . . : SafeNet Inc.
      Description  . . . : Sentinel LDK License Manager Service
      Version  . . . . . : 13.23.1.26482
      Copyright  . . . . : © 2012 SafeNet, Inc. All rights reserved.
      RSA Key Size . . . : 2048
      Service  . . . . . : hasplms
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 28.0
         The file name extension of this program is not common.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         The Entry Point of this file lies in a resource section. This is an indication of malware infection.
         Program starts automatically without user intervention.
         The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
         Starts automatically as a service during system bootup.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.
      Startup
         HKLM\SYSTEM\CurrentControlSet\Services\hasplms\

   C:\Windows\SysWOW64\GameMon.des
      Size . . . . . . . : 4.722.728 bytes
      Age  . . . . . . . : 298.7 days (2013-05-30 02:57:13)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 5838F8F06E8B44FF759A56ABCA9B4DD6D91F9EB92295CFEE39D170E61DB1DD6F
      Product  . . . . . : nProtect Game Monitor
      Publisher  . . . . : INCA Internet Co., Ltd.
      Description  . . . : nProtect Game Monitor Rev 1943
      Version  . . . . . : 2013.3.13.1
      Copyright  . . . . : Copyright ⓒ 2000-2011 INCA Internet
      Service  . . . . . : npggsvc
      Fuzzy  . . . . . . : 29.0
         The file name extension of this program is not common.
         Starts automatically as a service during system bootup.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
      Startup
         HKLM\SYSTEM\CurrentControlSet\Services\npggsvc\


Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}\ (FTDownloader)
   HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}\ (FTDownloader)
   HKU\.DEFAULT\Software\AskPartnerNetwork\ (AskBar)
   HKU\S-1-5-18\Software\AskPartnerNetwork\ (AskBar)
   HKU\S-1-5-21-100367103-78040337-3239847000-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro)

Cookies _____________________________________________________________________

   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.ad-srv.net
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.auditude.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.doubleclick.net
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adk2.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adplxmd.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.smartstream.tv
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:de.sitestat.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:dmtracker.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:eas.apm.emediate.eu
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:fr.sitestat.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:in.getclicky.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:oracle.112.2o7.net
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:paypal.112.2o7.net
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:premiumtv.122.2o7.net
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:sonymediasoftware.112.2o7.net
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:stat.dealtime.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:stats.globalgameport.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:stats.paypal.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:tradedoubler.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:warnerbros.112.2o7.net
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.etracker.de
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:xiti.com
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:yadro.ru
   C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\086EDG7L.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\0OKYGEZZ.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\5NJJKJF0.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\8CMS0XFT.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\9C44DAKE.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\BN6J4V3Q.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\C62LD4RH.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\ESM67M5S.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\F508HTDS.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\IB90PB3A.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\J1VQKFZX.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\MTXQ6L7N.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\MZL13OD8.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\O0KITH1A.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\O6043C5S.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\QDIEY3IV.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\RL8QORQW.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\SJIM4DH3.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\SSR4G89W.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\TO4Q26MR.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\UFNKZDLZ.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\UUEIQDYS.txt
   C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Cookies\XTF37Q87.txt
   C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\cookies.sqlite:doubleclick.net
   C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\cookies.sqlite:lesbianfreeporn.net
   C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\cookies.sqlite:lesbianpornvideos.com
   C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\cookies.sqlite:stat.dealtime.com
   C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\cookies.sqlite:statcounter.com
   C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\cookies.sqlite:stepstone.112.2o7.net
   C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\cookies.sqlite:www.googleadservices.com
   C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\cookies.sqlite:www.lesbianpornvideos.com
   C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\cookies.sqlite:xiti.com
   C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\cookies.sqlite:yadro.ru

EST Online Scanner Log:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=838bed749a8ae34f8ea038900846ce4d
# engine=17585
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-24 08:13:17
# local_time=2014-03-24 09:13:17 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 19393462 172405469 0 0
# compatibility_mode=5893 16776573 100 94 57807 147321847 0 0
# scanned=307463
# found=2
# cleaned=0
# scan_time=5692
sh=2707F58B9AB7242F60F6CEFBBF3D876E679B65B7 ft=1 fh=72d2b3cf9edbb497 vn="MSIL/Adware.Agent.AC application" ac=I fn="C:\Program Files\DCE\dce.exe"
sh=1EEDCC8CA73E4990058FCC04F567B57E608908FF ft=1 fh=2b3c7d75de5251f2 vn="Win32/AdWare.1ClickDownload.AR application" ac=I fn="C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\00\00000000"

SecurityCheck Log:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.80  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 51  
 Adobe Flash Player 12.0.0.77  
 Adobe Reader XI  
 Mozilla Firefox (27.0.1) 
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
 AVAST Sof    
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

M-K-D-B · 25.03.2014, 20:21

Servus,

aufgrund der Funde von ESET müssen wir noch was kontrollieren:

Bitte lasse die Datei aus der Code-Box bei Virustotal überprüfen.

Klicke auf Wählen Sie eine
Kopiere nun folgendes in die Suchleiste
Code:
ATTFilter
```
C:\Program Files\DCE\dce.exe
         
```
und klicke auf Öffnen.
Klicke auf Scannen!.
Warte bitte bis die Datei vollständig hochgeladen wurde. Solltest Du folgende Meldung bekommen

Zitat:

Diese Datei wurde bereits von VirusTotal analysiert...

klicke auf Neu analysieren.
Warte bis dir das Analysedatum angezeigt wird und der Scan abgeschlossen ist.
Kopiere den Link aus deiner Adresszeile und poste ihn hier.

TheNeoLP · 26.03.2014, 00:12

So hier ist der Link:

https://www.virustotal.com/de/file/d51fe602f89cb834b7befb9206e1f2d36ec16ab86f44f19f7a24a45c15833ad0/analysis/1395789073/

M-K-D-B · 26.03.2014, 20:50

Servus,

das letzte Fixlog von FRST ist unvollständig, bitte vollständig nachreichen.

Zudem bitte nochmal FRST ausführen, wir müssen noch was entfernen:

Kontrollscan mit FRST
Führe wie zuvor beschrieben einen Scan mit FRST aus.
Setze dazu einen Haken bei Addition.txt rechts unten und klicke auf Scan.
Es werden zwei Logdateien erzeugt. Poste mir diese.

TheNeoLP · 27.03.2014, 05:10

FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Neo (administrator) on NEO-PC on 27-03-2014 05:07:35
Running from C:\FRST
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files\DCE\dce.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\BMDStreamingServer.exe
(Blackmagic Design) C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\CheckVersionPCI.exe
() C:\Program Files (x86)\puush\puush.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Creative Software Inc.) C:\Program Files\Sony\Vegas Pro 12.0\vegas120.exe
(Sony Creative Software Inc.) C:\Program Files\Sony\Vegas Pro 12.0\ErrorReportLauncher.exe
(Sony Creative Software Inc.) C:\Program Files\Sony\Vegas Pro 12.0\x86\FileIOSurrogate.exe
(Sony Creative Software Inc.) C:\Program Files\Sony\Vegas Pro 12.0\x86\sfvstserver.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\java.exe
(hxxp://sourceforge.net/projects/megui) C:\Users\Neo\Desktop\MeGUI\MeGUI.exe
() C:\Users\Neo\Desktop\MeGUI\tools\x264\avs4x264mod.exe
(x264 project) C:\Users\Neo\Desktop\MeGUI\tools\x264\x264_64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Launch LgDeviceAgent] - C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415752 2009-08-13] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] - C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4195848 2009-08-13] (Logitech Inc.)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [Blackmagic Streaming Server] - C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\BMDStreamingServer.exe [1103360 2012-03-15] ()
HKLM\...\Run: [Blackmagic CheckVersion PCI] - C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\CheckVersionPCI.exe [25207936 2012-03-15] (Blackmagic Design)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-05] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-07] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Blackmagic CheckVersion] - C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\CheckVersion.exe
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-27] (Microsoft Corporation)
HKU\S-1-5-21-100367103-78040337-3239847000-1000\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-100367103-78040337-3239847000-1000\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2013-11-03] ()
HKU\S-1-5-21-100367103-78040337-3239847000-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-100367103-78040337-3239847000-1000\...\MountPoints2: {40944dc9-331f-11e2-9357-806e6f6e6963} - D:\Bin\ASSETUP.exe
HKU\S-1-5-21-100367103-78040337-3239847000-1000\...\MountPoints2: {ddf02445-ad8e-11e2-81ab-50465d5048ac} - I:\setup.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x06F05102AB2CCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\MP3 Skype Recorder\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Neo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\l81e5ck0.default-1363043703712\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-10]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-05-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-18]

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-23]
CHR Extension: (Google Drive) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-17]
CHR Extension: (YouTube) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-19]
CHR Extension: (Google-Suche) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-19]
CHR Extension: (AdBlock) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-23]
CHR Extension: (Google Wallet) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-07-16]
CHR Extension: (Google Mail) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-19]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-05-11]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\Extensions\Chrome.crx [2012-11-20]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-06-10] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-10] (BlueStack Systems, Inc.)
R2 DCE; C:\Program Files\DCE\dce.exe [59392 2013-12-18] ()
R2 hasplms; C:\Windows\system32\hasplms.exe [4941768 2012-06-28] (SafeNet Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4722728 2013-03-14] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-12] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-12] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-12] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-08-12] ()
R3 BMDDeckLinkAudio; C:\Windows\System32\DRIVERS\deckaud.sys [18432 2012-03-15] (Blackmagic Design)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-06-10] (BlueStack Systems)
R3 DeckLink; C:\Windows\System32\DRIVERS\Intensity.sys [2425344 2012-03-15] (Blackmagic Design)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-26] (DT Soft Ltd)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 deckavs; system32\DRIVERS\deckavs.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-26 04:09 - 2014-03-26 04:18 - 06483224 _____ () C:\Users\Neo\Documents\Untitled 01_avi.H0
2014-03-26 03:44 - 2014-03-26 03:44 - 00000036 _____ () C:\Users\Neo\Desktop\Ohne Titel.avi.sfl
2014-03-26 03:41 - 2014-03-26 03:44 - 901522432 _____ () C:\Users\Neo\Desktop\Ohne Titel.avi
2014-03-25 23:01 - 2014-03-25 23:01 - 00000162 _____ () C:\Users\Neo\Documents\Untitled 01.avs
2014-03-25 21:39 - 2014-03-25 21:39 - 00000000 ____D () C:\Users\Neo\AppData\Local\Magix
2014-03-25 21:25 - 2014-03-26 06:37 - 00000000 ____D () C:\Users\Neo\Desktop\Magix Video Deluxe 2014 Premium
2014-03-25 20:00 - 2014-03-25 20:17 - 00021168 _____ () C:\Users\Neo\Desktop\ds2 lets play.vf
2014-03-25 20:00 - 2014-03-25 20:11 - 00021168 _____ () C:\Users\Neo\Desktop\ds2 lets play.vf.bak
2014-03-25 19:36 - 2014-03-25 19:40 - 00002508 _____ () C:\Users\Neo\Desktop\Movie Studio Platinum registrieren.htm
2014-03-25 19:32 - 2014-03-25 19:32 - 00222184 ___SH (Deposit Files) C:\Users\Neo\Downloads\{265D75E0-3FB2-4F4A-B980-B30F6D833DAC}.tmp
2014-03-25 05:21 - 2014-03-25 05:24 - 06483296 _____ () C:\Users\Neo\Documents\Untitled 01.avi.sfk
2014-03-25 03:58 - 2014-03-25 05:11 - 4071504988 _____ () C:\Users\Neo\Documents\Untitled 01.avi
2014-03-25 03:44 - 2014-03-25 03:44 - 00003500 _____ () C:\Windows\windefendam.log
2014-03-25 03:44 - 2014-03-25 03:44 - 00000020 _____ () C:\Windows\capsys184523.log
2014-03-25 03:44 - 2014-03-25 03:44 - 00000000 ____D () C:\Users\Neo\Documents\Action!
2014-03-25 03:44 - 2014-03-25 03:44 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Mirillis
2014-03-25 03:44 - 2014-03-25 03:44 - 00000000 ____D () C:\Users\Neo\AppData\Local\Mirillis
2014-03-25 03:44 - 2014-03-25 03:44 - 00000000 ____D () C:\ProgramData\Mirillis
2014-03-25 03:43 - 2014-03-25 03:48 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-03-25 03:42 - 2014-03-25 03:43 - 20561744 _____ (Mirillis Ltd.) C:\Users\Neo\Downloads\action_1_19_1_setup.exe
2014-03-24 21:30 - 2014-03-24 21:30 - 00987442 _____ () C:\Users\Neo\Downloads\SecurityCheck.exe
2014-03-24 19:37 - 2014-03-24 19:37 - 02347384 _____ (ESET) C:\Users\Neo\Downloads\esetsmartinstaller_enu.exe
2014-03-24 19:35 - 2014-03-24 19:35 - 00040782 _____ () C:\Users\Neo\Desktop\HitmanPro_20140324_1935.log
2014-03-24 19:29 - 2014-03-24 19:35 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-24 19:28 - 2014-03-24 19:28 - 10820032 _____ (SurfRight B.V.) C:\Users\Neo\Downloads\HitmanPro_x64.exe
2014-03-24 16:28 - 2014-03-24 16:28 - 00056942 _____ () C:\Users\Neo\Desktop\SystemLook.rar
2014-03-24 16:27 - 2014-03-24 16:28 - 01176068 _____ () C:\Users\Neo\Desktop\SystemLook.txt
2014-03-24 16:16 - 2014-03-24 16:22 - 02352136 _____ () C:\Users\Neo\Downloads\SystemLook.txt
2014-03-24 16:16 - 2014-03-24 16:16 - 00165376 _____ () C:\Users\Neo\Downloads\SystemLook_x64.exe
2014-03-24 01:19 - 2014-03-24 01:19 - 00019752 _____ () C:\Users\Neo\Desktop\ds2 wk.veg
2014-03-23 22:03 - 2014-03-24 01:11 - 01003696 _____ () C:\Users\Neo\Documents\Untitled 07.avi.sfk
2014-03-23 21:49 - 2014-03-23 22:00 - 2751761500 _____ () C:\Users\Neo\Documents\Untitled 07.avi
2014-03-23 20:47 - 2014-03-23 21:47 - 957709404 _____ () C:\Users\Neo\Documents\Untitled 06.avi
2014-03-23 15:14 - 2014-03-23 15:01 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-23 15:04 - 2014-03-23 15:17 - 00032790 _____ () C:\zoek-results.log
2014-03-23 15:03 - 2014-03-23 15:03 - 04095370 _____ () C:\Users\Neo\Downloads\zoek.zip
2014-03-23 15:02 - 2014-03-23 15:02 - 04235514 _____ () C:\Users\Neo\Downloads\zoek.rar
2014-03-23 15:01 - 2014-03-23 15:13 - 00000000 ____D () C:\zoek_backup
2014-03-23 15:01 - 2014-03-23 15:01 - 01285120 _____ () C:\Users\Neo\Downloads\zoek.exe
2014-03-23 14:53 - 2014-03-24 16:17 - 00092515 _____ () C:\Users\Neo\Desktop\Post.txt
2014-03-23 14:44 - 2014-03-23 14:44 - 00002295 _____ () C:\Users\Neo\Desktop\JRT.txt
2014-03-23 14:39 - 2014-03-23 14:39 - 00000000 ____D () C:\Windows\ERUNT
2014-03-23 14:38 - 2014-03-23 14:38 - 01037734 _____ (Thisisu) C:\Users\Neo\Downloads\JRT.exe
2014-03-23 14:26 - 2014-03-23 14:26 - 01950720 _____ () C:\Users\Neo\Downloads\adwcleaner.exe
2014-03-22 22:10 - 2014-03-24 16:14 - 00037642 _____ () C:\Users\Neo\Downloads\Addition.txt
2014-03-22 22:09 - 2014-03-27 05:07 - 00000000 ____D () C:\FRST
2014-03-22 22:09 - 2014-03-24 16:14 - 00054821 _____ () C:\Users\Neo\Downloads\FRST.txt
2014-03-21 17:23 - 2014-03-21 17:23 - 00000000 ____D () C:\Users\Neo\AppData\Local\Skype
2014-03-21 17:22 - 2014-03-21 17:22 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-20 21:35 - 2014-03-20 21:35 - 00001105 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-20 21:35 - 2014-03-20 21:35 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Malwarebytes
2014-03-20 21:35 - 2014-03-20 21:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-20 21:35 - 2014-03-20 21:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-20 21:35 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-20 21:34 - 2014-03-20 21:34 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Neo\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-20 21:33 - 2014-03-23 14:31 - 00000000 ____D () C:\AdwCleaner
2014-03-20 16:58 - 2014-03-26 17:18 - 00018696 _____ () C:\Users\Neo\Desktop\ds2 lets play.veg
2014-03-20 16:58 - 2014-03-26 07:48 - 00019064 _____ () C:\Users\Neo\Desktop\ds2 lets play.veg.bak
2014-03-20 16:58 - 2014-03-25 18:23 - 00018400 _____ () C:\Users\Neo\Desktop\ds2 lets play.veg.bak.bak
2014-03-19 17:14 - 2014-03-19 17:14 - 00002243 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-19 17:13 - 2014-03-27 04:18 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-19 17:13 - 2014-03-26 17:18 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-19 17:13 - 2014-03-19 17:13 - 00847864 _____ (Google Inc.) C:\Users\Neo\Downloads\ChromeSetup.exe
2014-03-19 17:13 - 2014-03-19 17:13 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-19 17:13 - 2014-03-19 17:13 - 00003848 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-19 02:33 - 2014-03-19 02:33 - 00057296 _____ () C:\Users\Neo\Downloads\optimusprinceps.zip
2014-03-16 04:46 - 2014-03-16 04:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-14 18:52 - 2014-03-14 18:52 - 00003600 _____ () C:\Users\Neo\Documents\Track 3 - 1.sfk
2014-03-13 04:18 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 04:18 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 04:18 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 04:18 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 04:18 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 04:18 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 04:18 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 04:18 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 04:18 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 04:18 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 04:18 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 04:18 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 04:18 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 04:18 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 04:18 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 04:18 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 04:18 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 04:18 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 04:18 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 04:18 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 04:18 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 04:18 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 04:18 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 04:18 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 04:18 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 04:18 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 04:18 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 04:18 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 04:18 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 04:18 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 04:18 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 04:18 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 04:18 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 04:18 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 04:18 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 04:18 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 04:18 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 04:18 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 04:18 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 04:18 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 04:18 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 04:18 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 04:18 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 04:18 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 04:16 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 04:16 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 04:16 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 04:16 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-10 02:43 - 2014-03-10 18:08 - 00000000 ____D () C:\Users\Neo\Desktop\Photoshop
2014-03-08 21:50 - 2014-03-08 21:50 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Day 1 Studios
2014-03-08 20:59 - 2014-03-08 20:59 - 00000221 _____ () C:\Users\Neo\Desktop\F.E.A.R. 3.url
2014-03-06 19:17 - 2014-03-06 19:17 - 00000000 ____D () C:\Program Files (x86)\Blackmagic Design
2014-03-06 18:34 - 2014-03-06 19:18 - 00014960 _____ () C:\Windows\DPINST.LOG
2014-03-04 02:40 - 2014-03-04 02:41 - 00000000 ____D () C:\Users\Neo\Desktop\Metro Saves Backup
2014-03-01 01:02 - 2014-03-01 01:02 - 00001158 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-03-01 01:02 - 2014-03-01 01:02 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-02-27 23:19 - 2014-02-27 23:19 - 00000000 _____ () C:\Users\Neo\Desktop\Neues Textdokument.txt
2014-02-26 18:00 - 2014-03-08 20:58 - 00000000 ____D () C:\Users\Neo\Desktop\Bilder
2014-02-26 15:25 - 2014-02-26 15:25 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-02-26 15:25 - 2014-02-26 15:25 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-26 15:24 - 2014-02-26 15:24 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-26 15:24 - 2014-02-26 15:24 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-26 15:24 - 2014-02-26 15:24 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-26 15:24 - 2014-02-26 15:24 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-26 14:12 - 2014-02-26 14:12 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-26 14:11 - 2014-02-08 17:18 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-02-26 14:09 - 2014-02-08 19:34 - 31432480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 23683360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 17715784 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 15740232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 12324640 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-26 14:09 - 2014-02-08 19:34 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 03142432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 02956576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 02782496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 02410784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00892192 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00875296 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00863520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00844576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00832424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00483104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00408352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00378656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-02-26 14:09 - 2014-02-08 19:34 - 00148528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-02-26 14:09 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-02-26 14:09 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-02-26 14:09 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-02-26 13:59 - 2014-03-26 15:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-26 13:58 - 2014-02-08 18:42 - 06712608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-02-26 13:58 - 2014-02-08 18:42 - 03498272 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-02-26 13:58 - 2014-02-08 18:42 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-02-26 13:58 - 2014-02-08 18:42 - 00923936 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-02-26 13:58 - 2014-02-08 18:42 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-02-26 13:58 - 2014-02-08 18:42 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-02-26 13:58 - 2014-02-05 18:52 - 03573739 _____ () C:\Windows\system32\nvcoproc.bin
2014-02-26 02:04 - 2014-02-26 02:05 - 00000000 ____D () C:\Users\Neo\AppData\Local\NVIDIA
2014-02-26 02:04 - 2014-02-26 02:04 - 00001343 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-02-26 02:04 - 2014-02-26 02:04 - 00000000 ____D () C:\Users\Neo\AppData\Local\NVIDIA Corporation
2014-02-26 02:04 - 2014-01-21 03:54 - 01179576 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-02-26 02:04 - 2014-01-21 03:54 - 01048152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-02-26 02:03 - 2013-12-27 19:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-02-26 02:03 - 2013-12-27 19:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-02-26 02:03 - 2013-12-27 19:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-02-25 23:05 - 2014-02-25 23:05 - 1459978240 _____ () C:\Users\Neo\Desktop\Resident Evil Zero (Europe) (En,Fr,De,Es,It) (Disc 2).iso
2014-02-25 19:39 - 2014-02-25 20:12 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\ICQ-Profile

==================== One Month Modified Files and Folders =======

2014-03-27 05:07 - 2014-03-22 22:09 - 00000000 ____D () C:\FRST
2014-03-27 05:00 - 2012-11-20 22:08 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Skype
2014-03-27 04:38 - 2013-03-29 19:28 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-27 04:27 - 2014-02-18 11:20 - 00000000 ____D () C:\Users\Neo\Desktop\MeGUI
2014-03-27 04:18 - 2014-03-19 17:13 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-27 03:47 - 2012-11-20 15:36 - 01268004 _____ () C:\Windows\WindowsUpdate.log
2014-03-27 02:00 - 2012-12-21 10:09 - 00000000 ____D () C:\Users\Neo\AppData\Local\Adobe
2014-03-26 17:18 - 2014-03-20 16:58 - 00018696 _____ () C:\Users\Neo\Desktop\ds2 lets play.veg
2014-03-26 17:18 - 2014-03-19 17:13 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-26 15:08 - 2009-07-14 05:45 - 00017200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-26 15:08 - 2009-07-14 05:45 - 00017200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-26 15:01 - 2013-05-18 18:28 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-26 15:00 - 2014-02-26 13:59 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-26 15:00 - 2013-12-20 09:14 - 00016171 _____ () C:\Windows\setupact.log
2014-03-26 15:00 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-26 07:48 - 2014-03-20 16:58 - 00019064 _____ () C:\Users\Neo\Desktop\ds2 lets play.veg.bak
2014-03-26 07:41 - 2012-11-21 15:11 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\avidemux
2014-03-26 06:41 - 2012-11-20 18:53 - 00116728 _____ () C:\Users\Neo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-26 06:40 - 2013-05-18 18:28 - 00001922 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-03-26 06:40 - 2012-11-20 22:44 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-03-26 06:39 - 2012-11-20 15:42 - 00000000 ____D () C:\Users\Neo
2014-03-26 06:38 - 2013-01-12 04:19 - 00000000 ___RD () C:\Users\Neo\Documents\MAGIX
2014-03-26 06:38 - 2012-12-11 20:12 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Audacity
2014-03-26 06:38 - 2012-12-06 16:15 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\puush
2014-03-26 06:38 - 2012-11-21 02:48 - 00000000 ____D () C:\ProgramData\Sony
2014-03-26 06:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-03-26 06:37 - 2014-03-25 21:25 - 00000000 ____D () C:\Users\Neo\Desktop\Magix Video Deluxe 2014 Premium
2014-03-26 06:37 - 2013-01-12 04:19 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\MAGIX
2014-03-26 06:37 - 2013-01-12 04:18 - 00000000 ____D () C:\ProgramData\MAGIX
2014-03-26 06:37 - 2013-01-12 04:18 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-03-26 06:37 - 2012-11-21 02:48 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Sony
2014-03-26 06:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-03-26 05:24 - 2014-02-16 18:29 - 00000000 ____D () C:\Users\Neo\Documents\Movie Studio Platinum 12.0 Projekte
2014-03-26 04:18 - 2014-03-26 04:09 - 06483224 _____ () C:\Users\Neo\Documents\Untitled 01_avi.H0
2014-03-26 03:44 - 2014-03-26 03:44 - 00000036 _____ () C:\Users\Neo\Desktop\Ohne Titel.avi.sfl
2014-03-26 03:44 - 2014-03-26 03:41 - 901522432 _____ () C:\Users\Neo\Desktop\Ohne Titel.avi
2014-03-25 23:01 - 2014-03-25 23:01 - 00000162 _____ () C:\Users\Neo\Documents\Untitled 01.avs
2014-03-25 21:39 - 2014-03-25 21:39 - 00000000 ____D () C:\Users\Neo\AppData\Local\Magix
2014-03-25 20:17 - 2014-03-25 20:00 - 00021168 _____ () C:\Users\Neo\Desktop\ds2 lets play.vf
2014-03-25 20:11 - 2014-03-25 20:00 - 00021168 _____ () C:\Users\Neo\Desktop\ds2 lets play.vf.bak
2014-03-25 19:40 - 2014-03-25 19:36 - 00002508 _____ () C:\Users\Neo\Desktop\Movie Studio Platinum registrieren.htm
2014-03-25 19:32 - 2014-03-25 19:32 - 00222184 ___SH (Deposit Files) C:\Users\Neo\Downloads\{265D75E0-3FB2-4F4A-B980-B30F6D833DAC}.tmp
2014-03-25 19:06 - 2013-03-12 00:39 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-25 18:23 - 2014-03-20 16:58 - 00018400 _____ () C:\Users\Neo\Desktop\ds2 lets play.veg.bak.bak
2014-03-25 05:24 - 2014-03-25 05:21 - 06483296 _____ () C:\Users\Neo\Documents\Untitled 01.avi.sfk
2014-03-25 05:11 - 2014-03-25 03:58 - 4071504988 _____ () C:\Users\Neo\Documents\Untitled 01.avi
2014-03-25 03:48 - 2014-03-25 03:43 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-03-25 03:44 - 2014-03-25 03:44 - 00003500 _____ () C:\Windows\windefendam.log
2014-03-25 03:44 - 2014-03-25 03:44 - 00000020 _____ () C:\Windows\capsys184523.log
2014-03-25 03:44 - 2014-03-25 03:44 - 00000000 ____D () C:\Users\Neo\Documents\Action!
2014-03-25 03:44 - 2014-03-25 03:44 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Mirillis
2014-03-25 03:44 - 2014-03-25 03:44 - 00000000 ____D () C:\Users\Neo\AppData\Local\Mirillis
2014-03-25 03:44 - 2014-03-25 03:44 - 00000000 ____D () C:\ProgramData\Mirillis
2014-03-25 03:43 - 2014-03-25 03:42 - 20561744 _____ (Mirillis Ltd.) C:\Users\Neo\Downloads\action_1_19_1_setup.exe
2014-03-24 21:30 - 2014-03-24 21:30 - 00987442 _____ () C:\Users\Neo\Downloads\SecurityCheck.exe
2014-03-24 19:37 - 2014-03-24 19:37 - 02347384 _____ (ESET) C:\Users\Neo\Downloads\esetsmartinstaller_enu.exe
2014-03-24 19:35 - 2014-03-24 19:35 - 00040782 _____ () C:\Users\Neo\Desktop\HitmanPro_20140324_1935.log
2014-03-24 19:35 - 2014-03-24 19:29 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-24 19:28 - 2014-03-24 19:28 - 10820032 _____ (SurfRight B.V.) C:\Users\Neo\Downloads\HitmanPro_x64.exe
2014-03-24 16:28 - 2014-03-24 16:28 - 00056942 _____ () C:\Users\Neo\Desktop\SystemLook.rar
2014-03-24 16:28 - 2014-03-24 16:27 - 01176068 _____ () C:\Users\Neo\Desktop\SystemLook.txt
2014-03-24 16:22 - 2014-03-24 16:16 - 02352136 _____ () C:\Users\Neo\Downloads\SystemLook.txt
2014-03-24 16:17 - 2014-03-23 14:53 - 00092515 _____ () C:\Users\Neo\Desktop\Post.txt
2014-03-24 16:16 - 2014-03-24 16:16 - 00165376 _____ () C:\Users\Neo\Downloads\SystemLook_x64.exe
2014-03-24 16:14 - 2014-03-22 22:10 - 00037642 _____ () C:\Users\Neo\Downloads\Addition.txt
2014-03-24 16:14 - 2014-03-22 22:09 - 00054821 _____ () C:\Users\Neo\Downloads\FRST.txt
2014-03-24 01:19 - 2014-03-24 01:19 - 00019752 _____ () C:\Users\Neo\Desktop\ds2 wk.veg
2014-03-24 01:11 - 2014-03-23 22:03 - 01003696 _____ () C:\Users\Neo\Documents\Untitled 07.avi.sfk
2014-03-23 22:00 - 2014-03-23 21:49 - 2751761500 _____ () C:\Users\Neo\Documents\Untitled 07.avi
2014-03-23 21:47 - 2014-03-23 20:47 - 957709404 _____ () C:\Users\Neo\Documents\Untitled 06.avi
2014-03-23 15:17 - 2014-03-23 15:04 - 00032790 _____ () C:\zoek-results.log
2014-03-23 15:15 - 2013-12-20 09:14 - 00197732 _____ () C:\Windows\PFRO.log
2014-03-23 15:13 - 2014-03-23 15:01 - 00000000 ____D () C:\zoek_backup
2014-03-23 15:03 - 2014-03-23 15:03 - 04095370 _____ () C:\Users\Neo\Downloads\zoek.zip
2014-03-23 15:02 - 2014-03-23 15:02 - 04235514 _____ () C:\Users\Neo\Downloads\zoek.rar
2014-03-23 15:01 - 2014-03-23 15:14 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-23 15:01 - 2014-03-23 15:01 - 01285120 _____ () C:\Users\Neo\Downloads\zoek.exe
2014-03-23 14:44 - 2014-03-23 14:44 - 00002295 _____ () C:\Users\Neo\Desktop\JRT.txt
2014-03-23 14:39 - 2014-03-23 14:39 - 00000000 ____D () C:\Windows\ERUNT
2014-03-23 14:38 - 2014-03-23 14:38 - 01037734 _____ (Thisisu) C:\Users\Neo\Downloads\JRT.exe
2014-03-23 14:31 - 2014-03-20 21:33 - 00000000 ____D () C:\AdwCleaner
2014-03-23 14:26 - 2014-03-23 14:26 - 01950720 _____ () C:\Users\Neo\Downloads\adwcleaner.exe
2014-03-21 17:23 - 2014-03-21 17:23 - 00000000 ____D () C:\Users\Neo\AppData\Local\Skype
2014-03-21 17:23 - 2012-11-20 22:08 - 00000000 ____D () C:\ProgramData\Skype
2014-03-21 17:22 - 2014-03-21 17:22 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-21 17:22 - 2013-01-27 05:58 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-20 21:35 - 2014-03-20 21:35 - 00001105 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-20 21:35 - 2014-03-20 21:35 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Malwarebytes
2014-03-20 21:35 - 2014-03-20 21:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-20 21:35 - 2014-03-20 21:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-20 21:34 - 2014-03-20 21:34 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Neo\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-19 22:44 - 2012-11-21 06:41 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\vlc
2014-03-19 17:14 - 2014-03-19 17:14 - 00002243 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-19 17:14 - 2012-11-20 21:42 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-19 17:13 - 2014-03-19 17:13 - 00847864 _____ (Google Inc.) C:\Users\Neo\Downloads\ChromeSetup.exe
2014-03-19 17:13 - 2014-03-19 17:13 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-19 17:13 - 2014-03-19 17:13 - 00003848 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-19 12:13 - 2009-07-14 05:45 - 08051304 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-19 02:33 - 2014-03-19 02:33 - 00057296 _____ () C:\Users\Neo\Downloads\optimusprinceps.zip
2014-03-18 21:10 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-18 20:25 - 2013-08-14 02:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 20:21 - 2013-03-29 17:55 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-17 13:50 - 2012-11-22 22:02 - 00000000 ____D () C:\ProgramData\StaxRip
2014-03-17 06:00 - 2013-06-18 01:23 - 00000000 ____D () C:\Users\Neo\AppData\Local\Windows Live
2014-03-16 13:10 - 2013-07-26 11:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-16 04:46 - 2014-03-16 04:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-16 02:48 - 2012-11-20 22:48 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-14 18:52 - 2014-03-14 18:52 - 00003600 _____ () C:\Users\Neo\Documents\Track 3 - 1.sfk
2014-03-14 07:24 - 2013-10-10 02:13 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 07:24 - 2013-10-10 02:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 13:38 - 2013-03-29 19:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 13:38 - 2013-03-29 19:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 13:38 - 2013-03-29 19:28 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-10 18:08 - 2014-03-10 02:43 - 00000000 ____D () C:\Users\Neo\Desktop\Photoshop
2014-03-09 21:36 - 2014-02-08 05:25 - 00000000 ____D () C:\Users\Neo\SimpleJavaYoutubeUploader
2014-03-09 12:51 - 2013-01-22 23:55 - 00001299 _____ () C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
2014-03-08 21:50 - 2014-03-08 21:50 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Day 1 Studios
2014-03-08 20:59 - 2014-03-08 20:59 - 00000221 _____ () C:\Users\Neo\Desktop\F.E.A.R. 3.url
2014-03-08 20:58 - 2014-02-26 18:00 - 00000000 ____D () C:\Users\Neo\Desktop\Bilder
2014-03-07 02:00 - 2012-11-21 03:24 - 00000000 ____D () C:\Lets Play
2014-03-06 19:18 - 2014-03-06 18:34 - 00014960 _____ () C:\Windows\DPINST.LOG
2014-03-06 19:17 - 2014-03-06 19:17 - 00000000 ____D () C:\Program Files (x86)\Blackmagic Design
2014-03-06 18:35 - 2013-06-29 13:23 - 00000000 ____D () C:\Users\Neo\Desktop\Aufnahme & Encodieren
2014-03-04 03:11 - 2013-07-10 19:10 - 00000978 _____ () C:\Users\Neo\Desktop\Nummerierung.vbs
2014-03-04 02:41 - 2014-03-04 02:40 - 00000000 ____D () C:\Users\Neo\Desktop\Metro Saves Backup
2014-03-02 16:28 - 2012-11-27 02:56 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\HandBrake
2014-03-01 07:05 - 2014-03-13 04:18 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 04:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 04:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 04:18 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 04:18 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 04:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 04:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 04:18 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 04:18 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 04:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 04:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 04:18 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 04:18 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 04:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 04:18 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 04:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 04:18 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 04:18 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 04:18 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 04:18 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 04:18 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 04:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 04:18 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 04:18 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 04:18 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 04:18 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 04:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 04:18 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 04:18 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 04:18 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 04:18 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 04:18 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 04:18 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 04:18 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 04:18 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 04:18 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 04:18 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 04:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 04:18 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-01 03:03 - 2012-11-21 02:34 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-01 03:03 - 2009-07-14 18:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-03-01 03:03 - 2009-07-14 18:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-03-01 03:03 - 2009-07-14 06:13 - 01593956 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-01 01:07 - 2013-01-09 23:25 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\TS3Client
2014-03-01 01:02 - 2014-03-01 01:02 - 00001158 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-03-01 01:02 - 2014-03-01 01:02 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-02-27 23:19 - 2014-02-27 23:19 - 00000000 _____ () C:\Users\Neo\Desktop\Neues Textdokument.txt
2014-02-27 21:23 - 2012-12-24 07:55 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-02-26 15:26 - 2012-11-21 01:14 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-02-26 15:25 - 2014-02-26 15:25 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-02-26 15:25 - 2014-02-26 15:25 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-26 15:24 - 2014-02-26 15:24 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-26 15:24 - 2014-02-26 15:24 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-26 15:24 - 2014-02-26 15:24 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-26 15:24 - 2014-02-26 15:24 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-26 15:24 - 2013-02-21 13:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-26 14:12 - 2014-02-26 14:12 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-26 14:12 - 2012-11-20 18:45 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-26 13:59 - 2013-01-12 11:02 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-26 13:58 - 2012-11-20 18:44 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-26 13:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-02-26 02:05 - 2014-02-26 02:04 - 00000000 ____D () C:\Users\Neo\AppData\Local\NVIDIA
2014-02-26 02:04 - 2014-02-26 02:04 - 00001343 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-02-26 02:04 - 2014-02-26 02:04 - 00000000 ____D () C:\Users\Neo\AppData\Local\NVIDIA Corporation
2014-02-25 23:05 - 2014-02-25 23:05 - 1459978240 _____ () C:\Users\Neo\Desktop\Resident Evil Zero (Europe) (En,Fr,De,Es,It) (Disc 2).iso
2014-02-25 20:12 - 2014-02-25 19:39 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\ICQ-Profile
2014-02-25 19:35 - 2013-12-23 11:57 - 00049661 _____ () C:\Windows\DirectX.log

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-20 20:06

==================== End Of Log ============================

--- --- ---

Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Neo at 2014-03-27 05:08:18
Running from C:\FRST
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.03 - Adobe Systems)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.1860 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 8.0.1489.0 - AVAST Software)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.7.8981 - )
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blackmagic Design Desktop Video (HKLM-x32\...\{32770ED5-FADB-432B-8D27-69192B21CADB}) (Version: 9.2.0.0 - Blackmagic Design)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.13.899 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{6397E61B-A6B5-4479-85A4-0F746D6B328F}) (Version: 0.7.13.899 - BlueStack Systems, Inc.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DebugMode FrameServer (HKLM-x32\...\DebugMode FrameServer) (Version:  - )
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Distributed Computing Experiment (HKLM\...\Distributed Computing Experiment) (Version:  - )
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.1 - Dolphin Development Team)
Dream of the Blood Moon (HKLM\...\UDK-f20b66e1-00bd-4f29-bee5-083208f9be0c) (Version:  - Epic Games, Inc.)
Dxtory version 2.0.119 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.119 - Dxtory Software)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
F.E.A.R. 3 (HKLM-x32\...\Steam App 21100) (Version:  - Day 1 Studios)
FAKEFACTORY Cinematic Mod 2013 (HKLM-x32\...\FAKEFACTORY CM2013alpha1) (Version: alpha1 - FAKEFACTORY)
ffdshow v1.2.4489 [2012-10-25] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4489.0 - )
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free FLV Converter V 7.6.1 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.6.1.0 - Koyote Lab Inc.)
Free YouTube Download version 3.2.1.320 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.1.320 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.1.320 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.1.320 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HandBrake 0.9.8 (HKLM-x32\...\HandBrake) (Version: 0.9.8 - )
Helix YUV Codecs (remove only) (HKLM-x32\...\HelixYUVCodecs) (Version:  - )
iFree Skype Recorder 4.0.9 (HKLM-x32\...\iFree Skype Recorder) (Version: 4.0.9 - iFree Skype Recorder)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 7 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417017FF}) (Version: 7.0.170 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\7289-1030-5602-7421) (Version: 0.9 - AppWork GmbH)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
Logitech GamePanel Software 3.03.133 (HKLM\...\{6CC95B76-D380-46B2-9022-9353938E48BA}) (Version: 3.03.133 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (HKLM-x32\...\MAGIX_{CA77A094-1554-4395-ACF7-3F50C9CA5FEB}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Premium (HKLM-x32\...\MAGIX_{8040CA6C-16F1-47B5-BB2E-E63F32B7E67F}) (Version: 19.0.1.36 - MAGIX AG)
MAGIX Music Maker 2013 Premium (Version: 19.0.1.36 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (HKLM-x32\...\MAGIX_{C63DD4C4-BF1D-4F79-BA4B-4E361A2A3ED2}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 7.0.1.27 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{0D951CBB-743C-4A68-8C85-97D89A61D7CD}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 (HKLM-x32\...\MX.{EA62B22F-AB0A-406B-80A9-8036D3CE3446}) (Version: 13.0.0.30 - MAGIX AG)
MAGIX Video deluxe 2014 (Version: 13.0.0.30 - MAGIX AG) Hidden
MAGIX Video easy SE (HKLM-x32\...\MAGIX_MSI_Video_easy_SE) (Version: 1.0.4.6 - MAGIX AG)
MAGIX Video easy SE (x32 Version: 1.0.4.6 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MediaInfo 0.7.61 (HKLM\...\MediaInfo) (Version: 0.7.61 - MediaArea.net)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MINERVA: Metastasis (HKLM-x32\...\Steam App 235780) (Version:  - Adam Foster)
MKVToolNix 6.7.0 [20140102-565] (HKLM-x32\...\MKVToolNix) (Version: 6.7.0 - Moritz Bunkus)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MP3 Skype Recorder (HKLM-x32\...\{CB606F47-7D0E-40DF-95BB-0E5413A1295F}) (Version: 3.1.3 - Alexander Nikiforov)
MPC-HC 1.7.3 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.3 - MPC-HC Team)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.0.0.128 - Symantec Corporation)
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.11.2678 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
SagaraS Scriptmaker v4.8 (HKLM-x32\...\SagaraS Scriptmaker_is1) (Version:  - )
Samplitude 11 Silver (HKLM-x32\...\MAGIX_MSI_sam11silver) (Version: 11.0.0.0 - MAGIX AG)
Samplitude 11 Silver (x32 Version: 11.0.0.0 - MAGIX AG) Hidden
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Shutdown4U (HKLM-x32\...\Shutdown4U) (Version:  - )
skate's Thumbnail Tool Version 1.1.1 (HKLM-x32\...\{709F7985-34DD-4F49-9F91-D429D3B49D26}_is1) (Version: 1.1.1 - skate702germany)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Slender - The Arrival 1.0 (HKLM-x32\...\Slender - The Arrival 1.0) (Version: 1.0 - Blue Isle Studios)
Slender - The Arrival Patch Updater 1.0 (HKLM-x32\...\Slender - The Arrival Patch Updater 1.0) (Version: 1.0 - Blue Isle Studios)
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SuperVideoCap V6.9 Build 3050 (HKLM-x32\...\SuperVideoCap V6.9 Build 3050_is1) (Version:  - MySuperSoft.com)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10.1 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)
Telekom Fotoservice (HKLM-x32\...\Telekom Fotoservice) (Version:  - )
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
TMPGEnc Video Mastering Works (HKLM-x32\...\TMPGEnc Video Mastering Works) (Version:  - )
T-Online 6.0 (HKLM-x32\...\{B1275E23-717A-4D52-997A-1AD1E24BC7F3}) (Version:  - )
T-Online WLAN-Access Finder (HKLM-x32\...\{295C31E5-3F91-498E-9623-DA24D2FA2B6A}) (Version:  - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{8858A840-1D35-11E2-A8C7-F04DA23A5C58}) (Version: 12.0.394 - Sony)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.0.4 (HKLM\...\VLC media player) (Version: 2.0.4 - VideoLAN)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XSplit (HKLM-x32\...\{DAA18A0D-A57C-4611-B135-46EA06990E7D}) (Version: 1.2.1303.0101 - SplitMediaLabs)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {25867F1F-77B7-4D40-9991-A05F69F4E4DA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {47931548-0DC4-4E08-A9B4-D239D764E300} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-19] (Google Inc.)
Task: {5A394A07-4628-49EC-A3E5-41A9768C7870} - System32\Tasks\{41B47BA4-D7AC-4CE1-B76D-3C53F5E189F7} => Chrome.exe hxxp://ui.skype.com/ui/0/6.11.0.102/en/abandoninstall?page=tsBing
Task: {5EDCD25F-F139-4BA4-886A-6E14945A282A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {6140D742-9DBE-416D-A47C-73F79576DF81} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {7D5D5464-1DF4-4D86-8A13-76A19140C4A8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-19] (Google Inc.)
Task: {A924154F-07BF-4FF1-931D-341F204D5A49} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-100367103-78040337-3239847000-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {B72482F7-719C-42DB-890F-79D9CC26B338} - System32\Tasks\AdobeAAMUpdater-1.0-Neo-PC-Neo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {C8EB658A-FB39-4698-A057-7415CB0B907D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {D364FF60-352B-427D-A29C-8BD5ACA61ED8} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-100367103-78040337-3239847000-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-02-26 13:58 - 2014-02-08 18:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-18 22:26 - 2013-12-18 22:26 - 00059392 _____ () C:\Program Files\DCE\dce.exe
2012-03-15 12:28 - 2012-03-15 12:28 - 01103360 _____ () C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\BMDStreamingServer.exe
2012-01-10 14:41 - 2013-11-03 15:22 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe
2014-02-26 02:04 - 2014-01-21 03:57 - 00093472 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2014-02-26 02:04 - 2014-01-21 03:57 - 00874784 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2012-10-26 12:11 - 2012-10-26 12:11 - 01912704 _____ () C:\Program Files\Sony\Vegas Pro 12.0\OpenColorIO.dll
2012-10-26 12:10 - 2012-10-26 12:10 - 00058240 _____ () C:\Program Files\Sony\Vegas Pro 12.0\FileIOProxyStubx64.dll
2012-01-21 23:17 - 2012-01-21 23:17 - 00069120 _____ () C:\Program Files (x86)\DebugMode\FrameServer\dfscVegasV264Out.dll
2012-10-26 12:11 - 2012-10-26 12:11 - 00038784 _____ () C:\Program Files\Sony\Vegas Pro 12.0\de\Sony.Vegas.resources.dll
2012-10-26 12:11 - 2012-10-26 12:11 - 00018816 _____ () C:\Program Files\Sony\Vegas Pro 12.0\de\Sony.Vegas.Publish.resources.dll
2012-10-26 12:11 - 2012-10-26 12:11 - 00223104 _____ () C:\Program Files\Sony\Vegas Pro 12.0\de\Sony.MediaSoftware.XDCAMExp.resources.dll
2012-10-26 12:11 - 2012-10-26 12:11 - 00096128 _____ () C:\Program Files\Sony\Vegas Pro 12.0\de\Sony.MediaSoftware.DeviceExp.resources.dll
2012-10-26 12:10 - 2012-10-26 12:10 - 00010112 _____ () C:\Program Files\Sony\Vegas Pro 12.0\de\Sony.Monitor3D.resources.dll
2013-11-20 16:44 - 2013-11-20 16:44 - 12441376 _____ () C:\Program Files\Sony\Vegas Pro 12.0\OFX Video Plug-Ins\Vfx1.ofx.bundle\Contents\Win64\Vfx1.ofx
2012-01-21 23:16 - 2012-01-21 23:16 - 00015951 _____ () C:\Program Files (x86)\DebugMode\FrameServer\fscommon.dll
2013-04-15 10:39 - 2013-04-15 10:39 - 00054688 _____ () C:\Program Files\Java\jre7\bin\prism-d3d.dll
2013-04-15 10:39 - 2013-04-15 10:39 - 00194976 _____ () C:\Program Files\Java\jre7\bin\glass.dll
2013-04-15 10:39 - 2013-04-15 10:39 - 00590240 _____ () C:\Program Files\Java\jre7\bin\libxml2.dll
2013-04-15 10:39 - 2013-04-15 10:39 - 00202144 _____ () C:\Program Files\Java\jre7\bin\libxslt.dll
2013-04-15 10:39 - 2013-04-15 10:39 - 14861216 _____ () C:\Program Files\Java\jre7\bin\jfxwebkit.dll
2013-04-15 10:39 - 2013-04-15 10:39 - 00316832 _____ () C:\Program Files\Java\jre7\bin\javafx-font.dll
2013-04-15 10:39 - 2013-04-15 10:39 - 00229280 _____ () C:\Program Files\Java\jre7\bin\javafx-iio.dll
2013-08-31 12:30 - 2013-08-31 12:30 - 00053760 _____ () C:\Users\Neo\Desktop\MeGUI\tools\x264\avs4x264mod.exe
2014-03-26 23:03 - 2014-03-26 18:52 - 02283520 _____ () C:\Program Files\AVAST Software\Avast\defs\14032602\algo.dll
2012-03-15 12:26 - 2012-03-15 12:26 - 00256000 _____ () C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\BMDStreamingAPI.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2012-11-20 21:53 - 2012-02-07 18:39 - 01198872 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-02-12 04:17 - 2014-02-12 04:17 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b162055347700182d96325676dd591c4\IsdiInterop.ni.dll
2012-11-20 21:49 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-10-26 12:10 - 2012-10-26 12:10 - 00046976 _____ () C:\Program Files\Sony\Vegas Pro 12.0\x86\FileIOProxyStubx86.dll
2012-01-21 23:17 - 2012-01-21 23:17 - 00059392 _____ () C:\Program Files (x86)\DebugMode\FrameServer\dfscVegasV2Out.dll
2014-03-19 17:14 - 2014-03-15 01:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-19 17:14 - 2014-03-15 01:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-19 17:14 - 2014-03-15 01:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-19 17:14 - 2014-03-15 01:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-19 17:14 - 2014-03-15 01:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-19 17:14 - 2014-03-15 01:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2011-03-03 12:40 - 2013-04-14 11:00 - 00554496 _____ () C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.ax
2011-03-03 12:35 - 2013-04-14 10:58 - 00080384 _____ () C:\Program Files (x86)\Haali\MatroskaSplitter\mkzlib.dll
2011-03-03 12:35 - 2013-04-14 10:58 - 00024576 _____ () C:\Program Files (x86)\Haali\MatroskaSplitter\mkunicode.dll
2014-02-18 11:21 - 2008-12-19 21:53 - 00053248 _____ () C:\Users\Neo\Desktop\MeGUI\MessageBoxExLib.dll
2014-02-18 11:21 - 2013-01-06 15:47 - 00082944 _____ () C:\Users\Neo\Desktop\MeGUI\MediaInfoWrapper.dll
2012-11-22 22:04 - 2012-11-05 23:40 - 03501056 _____ () C:\Program Files (x86)\ffdshow\ffdshow.ax
2014-02-18 11:21 - 2009-01-02 21:34 - 00058368 _____ () C:\Users\Neo\Desktop\MeGUI\AvisynthWrapper.DLL

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\Users\Neo\AppData\Local\Temporary Internet Files:HDnTKRa7USceVHvL9C

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^Neo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Desktop Queen Starter.lnk => C:\Windows\pss\Desktop Queen Starter.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Neo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk => C:\Windows\pss\hamachi.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Neo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Netzmanager.lnk => C:\Windows\pss\Netzmanager.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Blackmagic CheckVersion PCI => C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\CheckVersionPCI.exe
MSCONFIG\startupreg: Blackmagic Streaming Server => C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\BMDStreamingServer.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: puush => C:\Program Files (x86)\puush\puush.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/26/2014 03:01:27 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/26/2014 06:39:50 AM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/26/2014 06:24:32 AM) (Source: MsiInstaller) (User: Neo-PC)
Description: Produkt: Vegas Pro 12.0 (64-bit) -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SfMSILib_IsProcessRunning, Eintrag: SfMSILib_IsProcessRunning, Bibliothek: C:\ProgramData\Sony\customaction_x64.dll

Error: (03/26/2014 06:19:37 AM) (Source: MsiInstaller) (User: Neo-PC)
Description: Produkt: Vegas Pro 12.0 (64-bit) -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SfMSILib_IsProcessRunning, Eintrag: SfMSILib_IsProcessRunning, Bibliothek: C:\ProgramData\Sony\customaction_x64.dll

Error: (03/26/2014 00:32:03 AM) (Source: Application Hang) (User: )
Description: Programm MovieStudioPlatinum120.exe, Version 12.0.0.334 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1ff0

Startzeit: 01cf48790abb4dd1

Endzeit: 37

Anwendungspfad: C:\Program Files\Sony\Movie Studio Platinum 12.0\MovieStudioPlatinum120.exe

Berichts-ID: 0548650d-b475-11e3-a24d-50465d5048ac

Error: (03/25/2014 09:45:35 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/25/2014 09:42:39 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Videodeluxe.exe, Version: 13.0.0.30, Zeitstempel: 0x52175ef8
Name des fehlerhaften Moduls: Videodeluxe.exe, Version: 13.0.0.30, Zeitstempel: 0x52175ef8
Ausnahmecode: 0x40000015
Fehleroffset: 0x00a8be22
ID des fehlerhaften Prozesses: 0x2020
Startzeit der fehlerhaften Anwendung: 0xVideodeluxe.exe0
Pfad der fehlerhaften Anwendung: Videodeluxe.exe1
Pfad des fehlerhaften Moduls: Videodeluxe.exe2
Berichtskennung: Videodeluxe.exe3

Error: (03/25/2014 07:52:31 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Videodeluxe.exe, Version: 13.0.0.30, Zeitstempel: 0x52175ef8
Name des fehlerhaften Moduls: Videodeluxe.exe, Version: 13.0.0.30, Zeitstempel: 0x52175ef8
Ausnahmecode: 0x40000015
Fehleroffset: 0x00a8be22
ID des fehlerhaften Prozesses: 0x1a0c
Startzeit der fehlerhaften Anwendung: 0xVideodeluxe.exe0
Pfad der fehlerhaften Anwendung: Videodeluxe.exe1
Pfad des fehlerhaften Moduls: Videodeluxe.exe2
Berichtskennung: Videodeluxe.exe3

Error: (03/25/2014 07:52:24 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Videodeluxe.exe, Version: 13.0.0.30, Zeitstempel: 0x52175ef8
Name des fehlerhaften Moduls: Videodeluxe.exe, Version: 13.0.0.30, Zeitstempel: 0x52175ef8
Ausnahmecode: 0x40000015
Fehleroffset: 0x00a8be22
ID des fehlerhaften Prozesses: 0x2370
Startzeit der fehlerhaften Anwendung: 0xVideodeluxe.exe0
Pfad der fehlerhaften Anwendung: Videodeluxe.exe1
Pfad des fehlerhaften Moduls: Videodeluxe.exe2
Berichtskennung: Videodeluxe.exe3

Error: (03/25/2014 07:52:06 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Videodeluxe.exe, Version: 13.0.0.30, Zeitstempel: 0x52175ef8
Name des fehlerhaften Moduls: Videodeluxe.exe, Version: 13.0.0.30, Zeitstempel: 0x52175ef8
Ausnahmecode: 0x40000015
Fehleroffset: 0x00a8be22
ID des fehlerhaften Prozesses: 0x1710
Startzeit der fehlerhaften Anwendung: 0xVideodeluxe.exe0
Pfad der fehlerhaften Anwendung: Videodeluxe.exe1
Pfad des fehlerhaften Moduls: Videodeluxe.exe2
Berichtskennung: Videodeluxe.exe3


System errors:
=============
Error: (03/27/2014 03:37:17 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (03/26/2014 11:06:39 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (03/26/2014 03:01:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (03/26/2014 03:00:19 PM) (Source: hasplms) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!

Error: (03/26/2014 03:00:16 PM) (Source: hasplms) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!

Error: (03/26/2014 03:00:14 PM) (Source: hasplms) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!

Error: (03/26/2014 03:00:11 PM) (Source: hasplms) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!

Error: (03/26/2014 06:39:50 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (03/26/2014 06:39:32 AM) (Source: hasplms) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!

Error: (03/25/2014 11:46:16 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064


Microsoft Office Sessions:
=========================
Error: (03/26/2014 03:01:27 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/26/2014 06:39:50 AM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/26/2014 06:24:32 AM) (Source: MsiInstaller)(User: Neo-PC)
Description: Produkt: Vegas Pro 12.0 (64-bit) -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SfMSILib_IsProcessRunning, Eintrag: SfMSILib_IsProcessRunning, Bibliothek: C:\ProgramData\Sony\customaction_x64.dll (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/26/2014 06:19:37 AM) (Source: MsiInstaller)(User: Neo-PC)
Description: Produkt: Vegas Pro 12.0 (64-bit) -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SfMSILib_IsProcessRunning, Eintrag: SfMSILib_IsProcessRunning, Bibliothek: C:\ProgramData\Sony\customaction_x64.dll (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/26/2014 00:32:03 AM) (Source: Application Hang)(User: )
Description: MovieStudioPlatinum120.exe12.0.0.3341ff001cf48790abb4dd137C:\Program Files\Sony\Movie Studio Platinum 12.0\MovieStudioPlatinum120.exe0548650d-b475-11e3-a24d-50465d5048ac

Error: (03/25/2014 09:45:35 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Neo\Downloads\esetsmartinstaller_enu.exe

Error: (03/25/2014 09:42:39 PM) (Source: Application Error)(User: )
Description: Videodeluxe.exe13.0.0.3052175ef8Videodeluxe.exe13.0.0.3052175ef84000001500a8be22202001cf486aba35ecd2C:\Program Files (x86)\MAGIX\Video deluxe 2014\Videodeluxe.exeC:\Program Files (x86)\MAGIX\Video deluxe 2014\Videodeluxe.exe00fc5fb9-b45e-11e3-a24d-50465d5048ac

Error: (03/25/2014 07:52:31 PM) (Source: Application Error)(User: )
Description: Videodeluxe.exe13.0.0.3052175ef8Videodeluxe.exe13.0.0.3052175ef84000001500a8be221a0c01cf485b5d7d0da9C:\Program Files (x86)\MAGIX\Video deluxe 2014\Videodeluxe.exeC:\Program Files (x86)\MAGIX\Video deluxe 2014\Videodeluxe.exe9e6f1b75-b44e-11e3-a24d-50465d5048ac

Error: (03/25/2014 07:52:24 PM) (Source: Application Error)(User: )
Description: Videodeluxe.exe13.0.0.3052175ef8Videodeluxe.exe13.0.0.3052175ef84000001500a8be22237001cf485b592f0026C:\Program Files (x86)\MAGIX\Video deluxe 2014\Videodeluxe.exeC:\Program Files (x86)\MAGIX\Video deluxe 2014\Videodeluxe.exe99d6483a-b44e-11e3-a24d-50465d5048ac

Error: (03/25/2014 07:52:06 PM) (Source: Application Error)(User: )
Description: Videodeluxe.exe13.0.0.3052175ef8Videodeluxe.exe13.0.0.3052175ef84000001500a8be22171001cf485b4c2408b2C:\Program Files (x86)\MAGIX\Video deluxe 2014\Videodeluxe.exeC:\Program Files (x86)\MAGIX\Video deluxe 2014\Videodeluxe.exe8f28d1a4-b44e-11e3-a24d-50465d5048ac


==================== Memory info =========================== 

Percentage of memory in use: 34%
Total physical RAM: 16317.46 MB
Available physical RAM: 10661.79 MB
Total Pagefile: 32633.1 MB
Available Pagefile: 26045.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1397.17 GB) (Free:759.71 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: D5D35A49)

Partition: GPT Partition Type.

==================== End Of Log ============================

M-K-D-B · 27.03.2014, 20:35

Servus,

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
() C:\Program Files\DCE\dce.exe
R2 DCE; C:\Program Files\DCE\dce.exe [59392 2013-12-18] ()
C:\Program Files\DCE
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Wenn du keine Probleme mehr hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Schritt 1
Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Schritt 2
Abschließend habe ich noch ein paar Tipps zur Absicherung deines Systems.

Ich kann gar nicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti-Viren-Programm und zusätzlicher Schutz

Gehe sicher, dass du immer nur eine Anti-Viren Software installiert hast und dass diese auch up to date ist!
MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion bietet zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
AdwCleaner
Dieses Tool erkennt eine Vielzahl von Werbeprogrammen (Adware) und unerwümschten Programmen (PUPs).
Starte das Tool einmal die Woche und lass es laufen. Sollte eine neue Version verfügbar sein, so wird dies angezeigt und du kannst dir die neueste Version direkt auf den Desktop downloaden.
SpywareBlaster
Eine kurze Einführung findest du Hier
WOT (Web of trust)
Dieses AddOn warnt dich, bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser
Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Mozilla Firefox

Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
NoScript
Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt, wenn Du es bestätigst.
AdblockPlus
Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
Es spart außerdem Downloadkapazität.

Performance

Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von Registry Cleanern.
Diese Schaden deinem System mehr als dass sie helfen. Hier ein englischer Link:
Miekemoes Blogspot ( MVP )

Was du vermeiden solltest:

Klicke nicht auf alles, nur weil es dich dazu auffordert und schön bunt ist.
Verwende keine P2P oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie z.B. deinFoto.jpg.exe.
Lade keine Software von Softonic oder Chip herunter, da diese Installer oft mit Adware oder unerünschter Software versehen sind!

Nun bleibt mir nur noch dir viel Spaß beim sicheren Surfen zu wünschen... ... und vielleicht möchtest du ja das Trojaner-Board unterstützen?

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

TheNeoLP · 28.03.2014, 08:46

Fixlog:

Fixlog:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Neo at 2014-03-28 08:28:07 Run:3
Running from C:\FRST
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
() C:\Program Files\DCE\dce.exe
R2 DCE; C:\Program Files\DCE\dce.exe [59392 2013-12-18] ()
C:\Program Files\DCE
end
*****************

C:\Program Files\DCE\dce.exe => No running process found
DCE => Service deleted successfully.
C:\Program Files\DCE => Moved successfully.

==== End of Fixlog ====

Dankeschön! Hat mir auf jeden Fall geholfen!
Ich werde deine Tipps behalten. Ich habe schon gedacht, dass ich meine System komplett neu aufsetzten muss, aber zum Glück ist das nicht der Fall! Ich werde es in Zukunft sicherlich unterstützen!

"You might enjoy reading" in jedem Browser

Plagegeister aller Art und deren Bekämpfung: "You might enjoy reading" in jedem Browser