www.feed.plusnetwork.com ändert die websiten startseite immer um -.-*

saufbiene · 29.03.2014, 11:57

hi seit ca 1 monat kommt die ganze zeit eine websiten manipulierung bei mir zustande
die mich beim start des browsers direkt auf das hier weiter leitet

feed.plusnetwork.com

ich hab keine ahnung woran es liegen könnte nur das es nervig ist -.-*

hab schon mehrfcah gescannt mit mbam und avast aber keine funde gemacht.

grüße
Biene

Bootsektor · 29.03.2014, 12:05

Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab.
Poste die Logfiles direkt in deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Posten in Code Tags
Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:

Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [code][/code]
Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also [CODE] Logfile [/CODE]
Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Lass uns mal gucken
Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

saufbiene · 29.03.2014, 12:17

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Daniel (administrator) on MEDION on 29-03-2014 12:13:12
Running from C:\Users\Daniel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Reimage®) C:\Program Files\AntiToolbar\ReiGuard.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(arvato digital services llc) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11548264 2010-11-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-11] (Synaptics Incorporated)
HKLM\...\Run: [HP Color LaserJet CM1312 MFP Series Fax] - C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-11] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2010-10-28] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [224352 2010-10-28] (CyberLink Corp.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM-x32\...\Run: [HotkeyApp] - C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [200704 2009-12-14] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] - C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2009-12-11] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] - C:\Program Files (x86)\Launch Manager\Wbutton.exe [436264 2010-06-21] (Wistron Corp.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [HPUsageTracking] - C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [24576 2009-05-11] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-29] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-490725143-3289892566-3385816065-1000\...\Run: [Personal ID] - C:\Program Files (x86)\coolspot AG\Personal ID\pid.exe [1132984 2013-08-01] (coolspot AG, Düsseldorf)
HKU\S-1-5-21-490725143-3289892566-3385816065-1000\...\Run: [ISUSPM] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-05-16] (Macrovision Corporation)
HKU\S-1-5-21-490725143-3289892566-3385816065-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20728480 2014-01-14] (Skype Technologies S.A.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {C6135BFC-325F-4C89-B5A9-5C016F700BE7} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=pb2&t=c0120&sp=addr&q={searchTerms}
SearchScopes: HKCU - {C6135BFC-325F-4C89-B5A9-5C016F700BE7} URL = https://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Chrome: 
=======
CHR HomePage: 
CHR RestoreOnStartup: "sync": {
      "app_settings": true,
      "apps": true,
      "autofill": true,
      "autofill_profile": true,
      "bookmarks": true,
      "dictionary": true,
      "encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAATplyssRhTkmLrzZn5shSowAAAAACAAAAAAAQZgAAAAEAACAAAADZdCJleZ6pl/FwD48LV4myi1IuQ//ABBhNdgdtpcKSyQAAAAAOgAAAAAIAACAAAACVkF6ZF8NXhNrDMoaTYbXTxPM2FZC8I3mXT7P1MbNwAkAAAAAb3ZSnieFT7UKPrq9BdJfRbx3feyinVd3IgiMBaHqsPYK3YqcMOqHXpmHOR/EoP9IMZERiL/jmSj+UMgKfhNaoQAAAANiIUP9I5il1mZGMjR2HhCxaOkJVKxyiK1TCqIBbA9WGTz4f0rmqyfzBDSvm/8CeikNcll479aYlFtkJbD8lwmA=",
      "extension_settings": true,
      "extensions": true,
      "favicon_images": true,
      "favicon_tracking": true,
      "has_setup_completed": true,
      "history_delete_directives": true,
      "keystore_encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAATplyssRhTkmLrzZn5shSowAAAAACAAAAAAAQZgAAAAEAACAAAAA3iLdA8Mpg1fBLX8vIvaNMg7a51a4sZf9uvz4NyLoTrQAAAAAOgAAAAAIAACAAAAArJ8U+vDASH891DD8dKJIw5GoY4hlanAkCKr9C7Tyzb1AAAAAufoZc6GRdyCn6Ph1mRUwmXNaOJa8eECtpc2DKp9BxXDEwTcE3Yb76NbPi3qMyQb6d/ooBtNm1cZfED19PgGuoXtn975dDvxpAP1rC1zblTEAAAADLR+61Xv+5E4bbaBCh1BO2BFfHNRelYnbgNxCa7xKsXt1Lu5eFtg5OPBvUE8eVUDlP8ir/REziVUgT/6IM+djC",
      "last_synced_time": "13040565097271436",
      "managed_users": true,
      "passwords": true,
      "preferences": true,
      "priority_preferences": true,
      "search_engines": true,
      "session_sync_guid": "session_syncOa2DFbo2Ay8y4nqHEBhpMg==",
      "sessions": true,
      "suppress_start": false,
      "synced_notifications": true,
      "tabs": true,
      "themes": true,
      "typed_urls"
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-11]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-11]
CHR Extension: (Schalten Sie das Licht) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2013-11-13]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-11]
CHR Extension: (Cake Mania Main Street) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohogdkongdgejlnndnnhamjgfnbfoon [2013-11-13]
CHR Extension: (tattoo girl) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bolmkphclbnmjlbmibfcnfggbakghpck [2013-11-13]
CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-11]
CHR Extension: (Mangas und Comics auf Deutsch) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmidfbpiiicmkfimcbcoagpmchgmkpl [2013-11-13]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-11]
CHR Extension: (Search by Image (by Google)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2013-11-13]
CHR Extension: (avast! Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-09]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2013-11-13]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-03-02]
CHR Extension: (Cake Mania) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckjnbilaljpiclmpmnomoapakjmoapj [2013-11-13]
CHR Extension: (SparkChess 7) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2013-11-13]
CHR Extension: (Sand 2) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\klicmgamjpclmbhppmdeamffedflmkcn [2013-11-13]
CHR Extension: (convert2mp3.net Online Video Converter) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmhoigapbeidamhadadmpbhpaodamjce [2014-02-17]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-11]
CHR Extension: (YouTube Unblocker) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-02-07]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-29]

==================== Services (Whitelisted) =================

S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R2 AntiToolbarProtector; C:\Program Files\AntiToolbar\ReiGuard.exe [5101928 2014-01-23] (Reimage®)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-29] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-03-29] (AVAST Software)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project)
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-08-24] ()
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-02-10] ()
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2009-10-22] (Wistron Corp.)
S2 x10nets; C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe [20480 2009-11-07] (X10)

==================== Drivers (Whitelisted) ====================

S3 ActionReplayDS; C:\Windows\System32\Drivers\ActionReplayDS_x64.sys [51600 2007-02-08] (Thesycon GmbH, Germany)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-03-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-03-29] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [445304 2014-03-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-03-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-03-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-03-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-03-29] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-03-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-03-29] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2013-10-10] ()
S3 FlashUSB; C:\Windows\System32\DRIVERS\FlashUSB_x64.sys [19968 2010-12-21] (Danish Wireless Design A/S)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2013-10-10] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 mod7764; C:\Windows\System32\DRIVERS\mod77-64.sys [913888 2009-09-24] (DiBcom SA)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-03-21] (Duplex Secure Ltd.)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [15896 2009-05-13] (X10 Wireless Technology, Inc.)
S2 {09BB444F-B2E2-4009-BAF2-7B727681223E}; C:\Program Files (x86)\VMLaunch\BuddyVM.sys [15872 2004-10-05] (Interlex Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 DfSdkS; 
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-29 12:13 - 2014-03-29 12:13 - 00022610 ____C () C:\Users\Daniel\Desktop\FRST.txt
2014-03-29 12:12 - 2014-03-29 12:13 - 00000000 ___DC () C:\FRST
2014-03-29 12:11 - 2014-03-29 12:11 - 02157056 ____C (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-03-29 11:55 - 2014-03-29 11:55 - 00000000 ___DC () C:\ProgramData\Package Cache
2014-03-29 11:55 - 2014-03-29 11:55 - 00000000 ___DC () C:\Program Files\Adblock Plus for IE
2014-03-29 11:52 - 2014-03-29 11:52 - 04741136 ____C () C:\Users\Daniel\Downloads\adblockplusie-1.1.exe
2014-03-29 11:20 - 2014-03-29 11:20 - 00991232 ____C () C:\Users\Daniel\Downloads\MicrosoftFixit50267.msi
2014-03-29 10:19 - 2014-03-29 10:19 - 00043152 ____C (AVAST Software) C:\Windows\avastSS.scr
2014-03-29 10:18 - 2014-03-29 10:18 - 00445304 ____C (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-03-28 22:17 - 2014-03-28 22:23 - 25467065 ____C () C:\Users\Daniel\Downloads\1309StOb.rar
2014-03-24 16:58 - 2014-03-24 17:34 - 78938112 ____C () C:\Users\Daniel\Downloads\1102StOb.rar
2014-03-24 16:08 - 2014-03-24 16:54 - 00000000 ___DC () C:\Users\Daniel\Downloads\sims
2014-03-24 16:04 - 2014-03-24 16:04 - 00000000 ___DC () C:\Users\Daniel\Downloads\video
2014-03-24 16:01 - 2014-03-24 16:04 - 00000000 ___DC () C:\Users\Daniel\Downloads\dokumente
2014-03-24 15:58 - 2014-03-24 15:58 - 00000000 ___DC () C:\Users\Daniel\Downloads\flash spiele
2014-03-22 15:24 - 2014-03-22 15:24 - 00003337 ____C () C:\Users\Daniel\Downloads\NRaas_NoCD.zip
2014-03-22 00:43 - 2014-03-22 00:43 - 00000000 ___DC () C:\Program Files (x86)\Hex-Editor MX
2014-03-21 18:18 - 2014-03-21 18:18 - 00000000 ___DC () C:\Users\Public\Documents\DAEMON Tools Images
2014-03-21 18:01 - 2014-03-21 18:17 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite
2014-03-21 17:59 - 2014-03-21 18:19 - 00000000 ___DC () C:\ProgramData\DAEMON Tools Lite
2014-03-18 18:07 - 2014-03-18 18:07 - 00000000 ___DC () C:\Users\Daniel\Documents\Epubsoft
2014-03-18 18:07 - 2014-03-18 18:07 - 00000000 ___DC () C:\ProgramData\Epubsoft
2014-03-18 18:06 - 2014-03-18 18:06 - 00002819 ____C () C:\Users\Public\Desktop\EPubsoft Adobe PDF ePub DRM Removal.lnk
2014-03-18 18:06 - 2014-03-18 18:06 - 00000000 ___DC () C:\Program Files (x86)\EPUBSOFT
2014-03-18 17:59 - 2014-03-18 17:59 - 00000000 ___DC () C:\Users\Daniel\AppData\Local\Adobe_Systems_Incorporate
2014-03-18 17:58 - 2014-03-18 18:10 - 00000000 ___DC () C:\Users\Daniel\Documents\My Digital Editions
2014-03-18 17:37 - 2014-03-18 17:37 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\SomePDF
2014-03-18 17:37 - 2014-03-18 17:37 - 00000000 ___DC () C:\Program Files (x86)\SomePDF
2014-03-18 15:18 - 2014-03-18 15:18 - 00000000 ___DC () C:\Users\Daniel\Documents\4Media
2014-03-18 15:18 - 2014-03-18 15:18 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\4Media
2014-03-18 15:17 - 2014-03-18 15:17 - 00000000 ___DC () C:\Program Files (x86)\4Media
2014-03-16 19:20 - 2007-07-23 12:11 - 00425984 ____C () C:\Users\Daniel\Desktop\AnimalMap.exe
2014-03-16 19:20 - 2007-07-22 12:05 - 00000031 ____C () C:\Users\Daniel\Desktop\AnimalMap_AdvancedMode.bat
2014-03-16 13:13 - 2014-03-16 13:13 - 00132628 ____C () C:\Users\Daniel\Desktop\usrcheat.dat
2014-03-15 19:16 - 2014-03-15 19:16 - 00000000 ___DC () C:\Users\Daniel\Desktop\r4cce086
2014-03-15 18:56 - 2014-03-15 18:56 - 00002990 ____C () C:\Windows\System32\Tasks\{A5C24906-6C19-4574-85F9-6616289EB799}
2014-03-15 18:54 - 2014-03-15 19:13 - 00000000 ___DC () C:\Users\Daniel\Desktop\Cheat code editor
2014-03-12 23:05 - 2014-03-12 23:05 - 00000000 ___DC () C:\Users\Daniel\Downloads\de
2014-03-12 22:54 - 2014-03-18 18:11 - 00000000 ___DC () C:\Users\Daniel\Desktop\pokesavplat_en
2014-03-12 19:03 - 2014-03-12 19:03 - 00000000 ___DC () C:\Users\Daniel\Downloads\R4 V1.78b German
2014-03-12 11:38 - 2014-03-13 03:03 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 11:38 - 2014-03-13 03:03 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 11:38 - 2014-03-13 03:03 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 11:38 - 2014-03-13 03:02 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 11:38 - 2014-03-13 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 11:38 - 2014-03-13 03:02 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 11:38 - 2014-03-13 03:02 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 11:38 - 2014-03-13 03:02 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 11:38 - 2014-03-13 03:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 11:38 - 2014-03-13 03:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 11:38 - 2014-03-13 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 11:38 - 2014-03-13 03:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 11:38 - 2014-03-13 03:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 11:37 - 2014-03-13 03:02 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 11:37 - 2014-03-13 03:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 11:36 - 2014-03-13 03:02 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 11:36 - 2014-03-13 03:02 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 11:36 - 2014-03-13 03:01 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 11:36 - 2014-03-13 03:01 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-11 16:00 - 2014-03-24 16:54 - 00000000 ___DC () C:\Users\Daniel\Downloads\en
2014-03-11 12:47 - 2014-03-11 12:47 - 00002962 ____C () C:\Windows\System32\Tasks\{7438BE65-7E2E-47AC-B28F-7D1B1CD340BF}
2014-03-11 12:04 - 2014-03-12 17:16 - 00000000 ___DC () C:\Users\Daniel\Desktop\mew sav
2014-03-11 11:33 - 2014-03-11 11:40 - 00000000 ___DC () C:\Users\Daniel\Downloads\Marvelous Designer 2 (64 bit) 3.8.3 Multilanguage [ChingLiu]
2014-03-09 15:51 - 2014-03-09 15:51 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\DropboxMaster
2014-03-08 23:34 - 2014-03-08 23:34 - 00001182 ____C () C:\Users\Daniel\Desktop\Cheatbook Database 2014.lnk
2014-03-08 23:34 - 2014-03-08 23:34 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cheatbook Database2014
2014-03-08 23:30 - 2014-03-09 01:32 - 00000000 ___DC () C:\Program Files (x86)\Cheatbook Database 2014
2014-03-08 23:22 - 2014-03-08 23:31 - 00000000 ___DC () C:\Program Files (x86)\Cheatbook 07.2013
2014-03-08 17:51 - 2014-03-08 21:53 - 00000000 ___DC () C:\Users\Daniel\Downloads\MotherLoad.Goldium.Edition
2014-03-06 19:20 - 2014-03-06 19:38 - 00000000 ___DC () C:\Windows\erdnt
2014-03-06 11:33 - 2014-03-06 11:33 - 00001026 ____C () C:\Users\Public\Desktop\DivX Player.lnk
2014-03-05 15:42 - 2014-03-05 15:42 - 00001120 ____C () C:\Users\Public\Desktop\MAGIX Web Designer 9 Premium (32-bit).lnk
2014-03-05 15:41 - 2014-03-05 15:41 - 00000000 ___DC () C:\Program Files\Common Files\MAGIX Services
2014-03-05 14:53 - 2014-03-05 14:53 - 00000000 ___DC () C:\Users\Daniel\AppData\Local\Xara
2014-03-02 00:21 - 2014-03-02 00:21 - 00000000 ___DC () C:\Users\Daniel\Downloads\129791_ndssaveconverter25
2014-02-28 15:09 - 2007-02-08 13:48 - 00051600 ____C (Thesycon GmbH, Germany) C:\Windows\system32\Drivers\ActionReplayDS_x64.sys
2014-02-28 14:58 - 2014-02-28 14:58 - 00001059 ____C () C:\Users\Administrator\Desktop\MAX DS Video Converter.lnk
2014-02-28 14:56 - 2014-02-28 14:58 - 00000000 ___DC () C:\Program Files (x86)\Datel
2014-02-28 02:33 - 2014-02-28 02:33 - 00000000 ___DC () C:\Nerf Arena Blast

==================== One Month Modified Files and Folders =======

2014-03-29 12:13 - 2014-03-29 12:13 - 00022610 ____C () C:\Users\Daniel\Desktop\FRST.txt
2014-03-29 12:13 - 2014-03-29 12:12 - 00000000 ___DC () C:\FRST
2014-03-29 12:12 - 2013-08-01 16:23 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\Skype
2014-03-29 12:11 - 2014-03-29 12:11 - 02157056 ____C (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-03-29 12:10 - 2013-11-11 16:47 - 00001110 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-29 12:08 - 2013-07-31 21:11 - 00000884 ____C () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-29 11:58 - 2013-08-14 08:41 - 01864262 ____C () C:\Windows\WindowsUpdate.log
2014-03-29 11:55 - 2014-03-29 11:55 - 00000000 ___DC () C:\ProgramData\Package Cache
2014-03-29 11:55 - 2014-03-29 11:55 - 00000000 ___DC () C:\Program Files\Adblock Plus for IE
2014-03-29 11:52 - 2014-03-29 11:52 - 04741136 ____C () C:\Users\Daniel\Downloads\adblockplusie-1.1.exe
2014-03-29 11:38 - 2009-07-14 05:45 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-29 11:38 - 2009-07-14 05:45 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-29 11:24 - 2013-11-18 10:37 - 00012184 ____C () C:\Windows\setupact.log
2014-03-29 11:24 - 2013-11-11 16:47 - 00001106 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-29 11:24 - 2009-07-14 06:08 - 00000006 ___HC () C:\Windows\Tasks\SA.DAT
2014-03-29 11:20 - 2014-03-29 11:20 - 00991232 ____C () C:\Users\Daniel\Downloads\MicrosoftFixit50267.msi
2014-03-29 11:05 - 2013-11-11 16:47 - 00004106 ____C () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-29 11:05 - 2013-11-11 16:47 - 00003854 ____C () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-29 11:03 - 2013-11-11 16:48 - 00002127 ____C () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-29 10:53 - 2013-11-20 00:00 - 00257204 ____C () C:\Windows\PFRO.log
2014-03-29 10:20 - 2013-12-09 01:50 - 00001976 ____C () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-03-29 10:19 - 2014-03-29 10:19 - 00043152 ____C (AVAST Software) C:\Windows\avastSS.scr
2014-03-29 10:19 - 2013-12-21 23:19 - 00084816 ____C (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-03-29 10:19 - 2013-12-09 01:49 - 01039096 ____C (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-29 10:19 - 2013-12-09 01:49 - 00423240 ____C (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-29 10:19 - 2013-12-09 01:49 - 00334648 ____C (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-29 10:19 - 2013-12-09 01:49 - 00208928 ____C () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-29 10:19 - 2013-12-09 01:49 - 00093568 ____C (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-03-29 10:19 - 2013-12-09 01:49 - 00079184 ____C (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-29 10:19 - 2013-12-09 01:49 - 00065776 ____C () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-29 10:19 - 2013-12-09 01:49 - 00028184 ____C (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-03-29 10:19 - 2013-12-09 01:49 - 00003924 ____C () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-29 10:18 - 2014-03-29 10:18 - 00445304 ____C (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-03-29 08:04 - 2013-08-07 19:01 - 00000000 ___DC () C:\Program Files (x86)\DVDVideoSoft
2014-03-28 22:23 - 2014-03-28 22:17 - 25467065 ____C () C:\Users\Daniel\Downloads\1309StOb.rar
2014-03-27 22:16 - 2010-05-12 09:18 - 00699342 ____C () C:\Windows\system32\perfh007.dat
2014-03-27 22:16 - 2010-05-12 09:18 - 00149450 ____C () C:\Windows\system32\perfc007.dat
2014-03-27 22:16 - 2009-07-14 06:13 - 01619284 ____C () C:\Windows\system32\PerfStringBackup.INI
2014-03-25 16:02 - 2013-10-30 15:15 - 00000000 ___DC () C:\Users\Daniel\Downloads\bilder
2014-03-24 22:15 - 2013-11-21 00:43 - 00000000 ___DC () C:\Users\Daniel\Desktop\bilder
2014-03-24 17:34 - 2014-03-24 16:58 - 78938112 ____C () C:\Users\Daniel\Downloads\1102StOb.rar
2014-03-24 16:54 - 2014-03-24 16:08 - 00000000 ___DC () C:\Users\Daniel\Downloads\sims
2014-03-24 16:54 - 2014-03-11 16:00 - 00000000 ___DC () C:\Users\Daniel\Downloads\en
2014-03-24 16:05 - 2013-07-31 20:43 - 00000000 __RDC () C:\Users\Daniel\Desktop\Dj Musik
2014-03-24 16:04 - 2014-03-24 16:04 - 00000000 ___DC () C:\Users\Daniel\Downloads\video
2014-03-24 16:04 - 2014-03-24 16:01 - 00000000 ___DC () C:\Users\Daniel\Downloads\dokumente
2014-03-24 16:00 - 2013-11-01 16:13 - 00000000 ___DC () C:\Users\Daniel\Downloads\programe
2014-03-24 15:58 - 2014-03-24 15:58 - 00000000 ___DC () C:\Users\Daniel\Downloads\flash spiele
2014-03-24 15:56 - 2013-11-01 16:12 - 00000000 ___DC () C:\Users\Daniel\Downloads\rar verzeichnisse
2014-03-24 14:34 - 2013-11-19 18:45 - 00000000 ___DC () C:\Users\Daniel\Desktop\sims
2014-03-23 13:23 - 2013-12-16 02:22 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\BitTorrent
2014-03-22 19:58 - 2013-08-21 22:22 - 00000000 ___DC () C:\Users\Daniel\Desktop\spiele
2014-03-22 19:57 - 2013-08-13 17:16 - 00000000 ___DC () C:\Users\Daniel\AppData\Local\SecondLife
2014-03-22 19:50 - 2013-08-01 16:06 - 00000000 ___DC () C:\Users\Daniel\Documents\Youcam
2014-03-22 18:30 - 2013-08-13 17:30 - 00000000 ____C () C:\conversation.log
2014-03-22 18:28 - 2013-08-13 17:14 - 00000000 ___DC () C:\Program Files (x86)\SecondLifeViewer
2014-03-22 15:24 - 2014-03-22 15:24 - 00003337 ____C () C:\Users\Daniel\Downloads\NRaas_NoCD.zip
2014-03-22 12:57 - 2013-10-26 17:48 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\Notepad++
2014-03-22 12:57 - 2013-10-26 17:48 - 00000000 ___DC () C:\Program Files (x86)\Notepad++
2014-03-22 00:43 - 2014-03-22 00:43 - 00000000 ___DC () C:\Program Files (x86)\Hex-Editor MX
2014-03-21 19:08 - 2013-08-21 22:55 - 00000000 ___DC () C:\Users\Daniel\AppData\Local\Apps\2.0
2014-03-21 18:19 - 2014-03-21 17:59 - 00000000 ___DC () C:\ProgramData\DAEMON Tools Lite
2014-03-21 18:18 - 2014-03-21 18:18 - 00000000 ___DC () C:\Users\Public\Documents\DAEMON Tools Images
2014-03-21 18:17 - 2014-03-21 18:01 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite
2014-03-21 18:02 - 2013-10-21 16:29 - 00386680 ____C (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-03-20 21:45 - 2014-02-09 14:24 - 00000000 ___DC () C:\Users\Daniel\Desktop\überweisungen
2014-03-18 18:11 - 2014-03-12 22:54 - 00000000 ___DC () C:\Users\Daniel\Desktop\pokesavplat_en
2014-03-18 18:10 - 2014-03-18 17:58 - 00000000 ___DC () C:\Users\Daniel\Documents\My Digital Editions
2014-03-18 18:07 - 2014-03-18 18:07 - 00000000 ___DC () C:\Users\Daniel\Documents\Epubsoft
2014-03-18 18:07 - 2014-03-18 18:07 - 00000000 ___DC () C:\ProgramData\Epubsoft
2014-03-18 18:06 - 2014-03-18 18:06 - 00002819 ____C () C:\Users\Public\Desktop\EPubsoft Adobe PDF ePub DRM Removal.lnk
2014-03-18 18:06 - 2014-03-18 18:06 - 00000000 ___DC () C:\Program Files (x86)\EPUBSOFT
2014-03-18 18:02 - 2013-08-03 19:09 - 00000000 ___DC () C:\Users\Daniel\AppData\Local\CrashDumps
2014-03-18 17:59 - 2014-03-18 17:59 - 00000000 ___DC () C:\Users\Daniel\AppData\Local\Adobe_Systems_Incorporate
2014-03-18 17:58 - 2013-12-08 20:28 - 00000000 ___DC () C:\Users\Daniel\Desktop\programme
2014-03-18 17:58 - 2013-07-31 21:15 - 00000000 ___DC () C:\Program Files (x86)\Adobe
2014-03-18 17:37 - 2014-03-18 17:37 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\SomePDF
2014-03-18 17:37 - 2014-03-18 17:37 - 00000000 ___DC () C:\Program Files (x86)\SomePDF
2014-03-18 15:18 - 2014-03-18 15:18 - 00000000 ___DC () C:\Users\Daniel\Documents\4Media
2014-03-18 15:18 - 2014-03-18 15:18 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\4Media
2014-03-18 15:17 - 2014-03-18 15:17 - 00000000 ___DC () C:\Program Files (x86)\4Media
2014-03-18 13:28 - 2013-08-01 10:11 - 00000000 ___DC () C:\Windows\system32\MRT
2014-03-18 13:20 - 2013-07-31 22:46 - 90015360 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-16 13:13 - 2014-03-16 13:13 - 00132628 ____C () C:\Users\Daniel\Desktop\usrcheat.dat
2014-03-15 19:16 - 2014-03-15 19:16 - 00000000 ___DC () C:\Users\Daniel\Desktop\r4cce086
2014-03-15 19:13 - 2014-03-15 18:54 - 00000000 ___DC () C:\Users\Daniel\Desktop\Cheat code editor
2014-03-15 18:56 - 2014-03-15 18:56 - 00002990 ____C () C:\Windows\System32\Tasks\{A5C24906-6C19-4574-85F9-6616289EB799}
2014-03-13 07:24 - 2013-11-18 10:37 - 03268448 ____C () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 03:03 - 2014-03-12 11:38 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 03:03 - 2014-03-12 11:38 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 03:03 - 2014-03-12 11:38 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 03:02 - 2014-03-12 11:38 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 03:02 - 2014-03-12 11:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 03:02 - 2014-03-12 11:38 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 03:02 - 2014-03-12 11:38 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 03:02 - 2014-03-12 11:38 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 03:02 - 2014-03-12 11:38 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 03:02 - 2014-03-12 11:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 03:02 - 2014-03-12 11:38 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 03:02 - 2014-03-12 11:38 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 03:02 - 2014-03-12 11:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 03:02 - 2014-03-12 11:37 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 03:02 - 2014-03-12 11:37 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 03:02 - 2014-03-12 11:36 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 03:02 - 2014-03-12 11:36 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 03:01 - 2014-03-12 11:36 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 03:01 - 2014-03-12 11:36 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 23:05 - 2014-03-12 23:05 - 00000000 ___DC () C:\Users\Daniel\Downloads\de
2014-03-12 21:19 - 2013-08-03 15:10 - 00000000 __RDC () C:\Users\Daniel\Dropbox
2014-03-12 21:11 - 2013-08-03 15:06 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\Dropbox
2014-03-12 19:03 - 2014-03-12 19:03 - 00000000 ___DC () C:\Users\Daniel\Downloads\R4 V1.78b German
2014-03-12 18:08 - 2013-07-31 21:11 - 00692616 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 18:08 - 2013-07-31 21:11 - 00071048 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 18:08 - 2013-07-31 21:11 - 00003822 ____C () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 17:16 - 2014-03-11 12:04 - 00000000 ___DC () C:\Users\Daniel\Desktop\mew sav
2014-03-11 12:47 - 2014-03-11 12:47 - 00002962 ____C () C:\Windows\System32\Tasks\{7438BE65-7E2E-47AC-B28F-7D1B1CD340BF}
2014-03-11 11:40 - 2014-03-11 11:33 - 00000000 ___DC () C:\Users\Daniel\Downloads\Marvelous Designer 2 (64 bit) 3.8.3 Multilanguage [ChingLiu]
2014-03-11 03:39 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\system32\NDF
2014-03-09 16:44 - 2013-08-07 19:01 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\DVDVideoSoft
2014-03-09 16:42 - 2013-08-07 19:01 - 00001203 ____C () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-03-09 16:07 - 2013-08-03 15:08 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-03-09 15:51 - 2014-03-09 15:51 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\DropboxMaster
2014-03-09 01:32 - 2014-03-08 23:30 - 00000000 ___DC () C:\Program Files (x86)\Cheatbook Database 2014
2014-03-08 23:34 - 2014-03-08 23:34 - 00001182 ____C () C:\Users\Daniel\Desktop\Cheatbook Database 2014.lnk
2014-03-08 23:34 - 2014-03-08 23:34 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cheatbook Database2014
2014-03-08 23:31 - 2014-03-08 23:22 - 00000000 ___DC () C:\Program Files (x86)\Cheatbook 07.2013
2014-03-08 23:31 - 2009-07-14 03:34 - 00000634 ____C () C:\Windows\win.ini
2014-03-08 21:53 - 2014-03-08 17:51 - 00000000 ___DC () C:\Users\Daniel\Downloads\MotherLoad.Goldium.Edition
2014-03-06 20:44 - 2013-11-15 13:02 - 00001026 ____C () C:\DelFix.txt
2014-03-06 19:38 - 2014-03-06 19:20 - 00000000 ___DC () C:\Windows\erdnt
2014-03-06 19:36 - 2009-07-14 03:34 - 00000215 ____C () C:\Windows\system.ini
2014-03-06 13:51 - 2013-08-03 16:19 - 00000000 ___DC () C:\Users\Daniel\Documents\MAGIX
2014-03-06 13:41 - 2013-07-31 18:47 - 00000000 ___DC () C:\Users\Daniel
2014-03-06 11:33 - 2014-03-06 11:33 - 00001026 ____C () C:\Users\Public\Desktop\DivX Player.lnk
2014-03-06 11:33 - 2013-07-31 21:36 - 00001612 ____C () C:\Users\Daniel\Desktop\DivX Movies.lnk
2014-03-06 11:33 - 2013-07-31 21:31 - 00000000 ___DC () C:\Program Files (x86)\DivX
2014-03-06 11:33 - 2013-07-31 21:29 - 00000000 ___DC () C:\ProgramData\DivX
2014-03-06 11:32 - 2013-09-10 00:46 - 00001091 ____C () C:\Users\Public\Desktop\DivX Converter.lnk
2014-03-06 11:32 - 2013-07-31 21:36 - 00000000 ___DC () C:\Program Files\DivX
2014-03-05 16:33 - 2013-08-14 16:22 - 00000952 __SHC () C:\ProgramData\KGyGaAvL.sys
2014-03-05 16:28 - 2013-11-19 16:01 - 00217648 ____C () C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-05 15:42 - 2014-03-05 15:42 - 00001120 ____C () C:\Users\Public\Desktop\MAGIX Web Designer 9 Premium (32-bit).lnk
2014-03-05 15:41 - 2014-03-05 15:41 - 00000000 ___DC () C:\Program Files\Common Files\MAGIX Services
2014-03-05 15:41 - 2013-08-03 16:38 - 00000000 ___DC () C:\Program Files (x86)\MAGIX
2014-03-05 14:53 - 2014-03-05 14:53 - 00000000 ___DC () C:\Users\Daniel\AppData\Local\Xara
2014-03-05 14:53 - 2013-08-03 16:19 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\MAGIX
2014-03-05 14:53 - 2013-08-03 16:17 - 00000000 ___DC () C:\ProgramData\MAGIX
2014-03-05 14:53 - 2007-04-27 09:43 - 00120200 ____C () C:\Windows\SysWOW64\DLLDEV32i.dll
2014-03-03 05:46 - 2013-08-19 06:16 - 00000919 ____C () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-02 22:32 - 2013-08-06 00:06 - 00000000 ___DC () C:\ProgramData\firebird
2014-03-02 02:22 - 2013-08-19 06:16 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\vlc
2014-03-02 00:21 - 2014-03-02 00:21 - 00000000 ___DC () C:\Users\Daniel\Downloads\129791_ndssaveconverter25
2014-02-28 14:58 - 2014-02-28 14:58 - 00001059 ____C () C:\Users\Administrator\Desktop\MAX DS Video Converter.lnk
2014-02-28 14:58 - 2014-02-28 14:56 - 00000000 ___DC () C:\Program Files (x86)\Datel
2014-02-28 14:57 - 2013-12-29 19:01 - 00001084 ____C () C:\Windows\KB893803v2.log
2014-02-28 02:33 - 2014-02-28 02:33 - 00000000 ___DC () C:\Nerf Arena Blast
2014-02-27 02:57 - 2013-10-13 04:45 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\TS3Client

Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmfxln_.dll
C:\Users\Daniel\AppData\Local\Temp\npp.6.5.5.Installer.exe
C:\Users\Daniel\AppData\Local\Temp\SWFXXLRT.DLL
C:\Users\Daniel\AppData\Local\Temp\Upgrade.exe
C:\Users\Daniel\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-20 03:01

==================== End Of Log ============================

--- --- ---

saufbiene · 29.03.2014, 12:18

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Daniel at 2014-03-29 12:14:07
Running from C:\Users\Daniel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Internet Security (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Internet Security (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

4Media PDF to EPUB Converter (HKLM-x32\...\4Media PDF to EPUB Converter) (Version: 1.0.4.0124 - 4Media)
4shared Desktop (HKLM-x32\...\4shared Desktop) (Version:  - )
64 Bit HP CIO Components Installer (Version: 4.2.1 - Hewlett-Packard) Hidden
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
AChat 1.17 high detail textures and additional music (HKLM-x32\...\AChat_is1) (Version:  - AChat Animation Studios)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Action Replay Code Manager (HKLM-x32\...\Action Replay Code Manager_is1) (Version:  - )
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe Acrobat 9 Pro - English, Français, Deutsch (x32 Version: 9.5.5 - Adobe Systems) Hidden
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles CS CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Design Premium (HKLM-x32\...\Adobe_55230b0b70661df0f212e88f0b655f7) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Design Premium (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fireworks CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 Extension - Flash Lite STI others (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 STI-other (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS4 (x32 Version: 14.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Application Feature Set Files (Roman) (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Common Base Files (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 (x32 Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 Support (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe SGM CS4 (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Adobe SING CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS4 Server (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Age of Wonders Shadow Magic (HKLM-x32\...\Age of Wonders Shadow Magic) (Version:  - )
Aimersoft DRM Media Converter(Build 1.4.7.2) (HKLM-x32\...\Aimersoft DRM Media Converter_is1) (Version:  - Aimersoft Software)
AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version:  - Gameforge)
Aiseesoft Total Video Converter Platinum 7.1.10 (HKLM-x32\...\{3661F243-518C-4d05-8BDF-7B10CC22689F}_is1) (Version: 7.1.10 - Aiseesoft Studio)
Ancient Weapon Sounds (HKLM-x32\...\{D91802D9-6A42-4563-BC37-B3E2D04DC95B}) (Version: 2.1.0 - Screaming Bee)
ANNO 1503 (HKLM-x32\...\{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}) (Version:  - )
Anno 1602 (HKLM-x32\...\ANNO1602) (Version:  - )
Anno 1701 - Der Fluch des Drachen (HKLM-x32\...\{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}) (Version: 2.03 - Sunflowers)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
AntiToolbar (HKLM\...\AntiToolbar) (Version: 1.0.0.7 - Reimage)
Anti-Twin (Installation 07.08.2013) (HKLM-x32\...\Anti-Twin 2013-08-07 13.55.06) (Version:  - Joerg Rosenthal, Germany)
Ashampoo Burning Studio 12 v.12.0.5 (HKLM-x32\...\{91B33C97-93EB-244C-F687-71D85E45A206}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 14 v.14.0.1 (HKLM-x32\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 8.3.2 - ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 3.12.0 - ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 3.4.1 - ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 10 v.10.2.6 (HKLM-x32\...\{4209F371-88D4-AB00-ED2B-D6520C84D9D5}_is1) (Version: 10.02.06 - Ashampoo GmbH & Co. KG)
Aurora Blu-ray Media Player (HKLM-x32\...\Aurora Blu-ray Media Player) (Version: 2.13.4.1435 - Aurora Software Inc.)
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.8.2.30332 - BitTorrent Inc.)
Blue Satin Skin (HKLM-x32\...\{B0C00181-ECF5-4124-A6DE-14EA663D4799}) (Version: 2.2.0 - Screaming Bee)
BufferChm (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Caesar 3 (HKLM-x32\...\Caesar 3) (Version:  - )
Caesar IV (HKLM-x32\...\{B7666229-351B-47D9-AA6F-DF777CF04BBF}) (Version: 1.2 - Tilted Mill Entertainment)
Cake Mania - Back To The Bakery (HKCU\...\Cake Mania - Back To The Bakery) (Version: 1.0.0.0 - eGames)
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Cheatbook Database 2014 (HKLM-x32\...\Cheatbook Database 2014) (Version:  - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CloneDVD 6.0.0.1 (HKLM-x32\...\CloneDVD6_is1) (Version:  - Copyright (C) 2003-2012 Aviosoft.)
Comic Sound Pack (HKLM-x32\...\{79A743FA-FF99-42DF-8C35-BA40EAEA6668}) (Version: 2.1.0 - Screaming Bee)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
concept/design Video Jukebox (HKLM-x32\...\{37569A10-CB38-4615-8B32-0BF9FF5D887D}_is1) (Version: 1.3.0.0 - concept/design GmbH)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Contents (x32 Version: 15.0.0.258 - Corel Corporation) Hidden
Corel KPT Collection (HKLM-x32\...\_{C59A783C-FF5C-40BE-843A-5458513D655B}) (Version: 1.0.0.46 - Corel Corporation)
Corel KPT Collection (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
Corel PaintShop Pro Brush Content (x32 Version: 1.0.0.39 - Corel Corporation) Hidden
Corel PaintShop Pro Brush Content (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
Corel PaintShop Pro Misc Content (x32 Version: 1.0.0.42 - Corel Corporation) Hidden
Corel PaintShop Pro Misc Content (x32 Version: 1.0.0.44 - Corel Corporation) Hidden
Corel PaintShop Pro Misc Content (x32 Version: 1.0.0.45 - Corel Corporation) Hidden
Corel PaintShop Pro Misc Content (x32 Version: 1.0.0.63 - Corel Corporation) Hidden
Corel PaintShop Pro Misc Content (x32 Version: 1.0.0.64 - Corel Corporation) Hidden
Corel PaintShop Pro Misc Content (x32 Version: 1.0.0.65 - Corel Corporation) Hidden
Corel PaintShop Pro Misc Content (x32 Version: 1.0.0.66 - Corel Corporation) Hidden
Corel PaintShop Pro Misc Content (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
Corel PaintShop Pro Picture Frame Content (x32 Version: 1.0.0.41 - Corel Corporation) Hidden
Corel PaintShop Pro Picture Frame Content (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
Corel PaintShop Pro Picture Tube Content (x32 Version: 1.0.0.40 - Corel Corporation) Hidden
Corel PaintShop Pro Picture Tube Content (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
Corel PaintShop Pro X5 (HKLM-x32\...\_{1563C6F2-E9B5-42DE-9EA6-207C9A8C2DFB}) (Version: 15.0.0.183 - Corel Corporation)
Corel PaintShop Pro X5 (x32 Version: 15.3.0.8 - Corel Corporation) Hidden
Corel PaintShop Pro X6 (HKLM-x32\...\_{166D1CB6-DD8A-40DD-9E25-4D31D2D6DE4D}) (Version: 16.1.0.48 - Corel Corporation)
Corel PaintShop Pro X6 (x32 Version: 16.1.0.48 - Corel Corporation) Hidden
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
Corel VideoStudio Pro X5 (HKLM-x32\...\_{1A1BD41E-9854-4957-8959-F9559A8862A7}) (Version: 15.0.0.258 - Corel Corporation)
CorelDRAW Essentials 4 - Content (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Extra Content (HKLM-x32\...\_{806422F8-8E0A-494A-A369-0F34F1B89160}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 - Extra Content (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (x32 Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM-x32\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (x32 Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM-x32\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 (x32 Version: 4.0 - Corel Corporation) Hidden
Creatures of Darkness (HKLM-x32\...\{5B616A3F-43D9-4F0B-9F49-D39342A98592}) (Version: 3.3.0 - Screaming Bee LLC)
CustomerResearchQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3418 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3418 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1410a - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.0.1410a - CyberLink Corp.) Hidden
CyberLink MediaShow Espresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 5.5.1412_24021a - CyberLink Corp.)
CyberLink MediaShow Espresso (x32 Version: 5.5.1412_24021a - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.0.6904 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.0.6904 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3802 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3224a - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.3224a - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3106.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.3106.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2429 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.2429 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3428 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.1.3428 - CyberLink Corp.) Hidden
Darkest of Days (HKLM-x32\...\{3D6293F2-53DA-45A1-B7F4-1843CA3B2658}) (Version: 1.0 - 8monkey Labs)
Deep Space Voices (HKLM-x32\...\{336E1A2D-E3EB-4846-B7D0-BD75BBBBC0A4}) (Version: 3.3.0 - Screaming Bee)
Delete Virtual-Mate Launcher (HKLM-x32\...\{56C64E81-FC93-4cb9-9EBF-953662950D3B}_is1) (Version: 1.0.0 - Interlex Inc.)
DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden
DeviceDiscovery (x32 Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Die Siedler III Gold Edition (HKLM-x32\...\S3) (Version:  - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 70er, 80er & 90er Accessoires (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Inselparadies (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
Die Sims™ 3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Katy Perry Süße Welt (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Movie-Accessoires (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Die Sims™ 3 Stadt-Accessoires (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Die Sims™ 3 Traumsuite-Accessoires (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Die*Sims™*3 Erstelle einen Sim (HKLM-x32\...\{89173B88-384A-459B-B687-9C0BBC934EF4}) (Version: 1.0.26 - Electronic Arts)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
DivxToDVD 0.5.2b (HKLM-x32\...\VSO DivxToDVD_is1) (Version: 0.5.2b - VSO-Software SARL)
Drakensang (HKLM-x32\...\Drakensang_is1) (Version:  - dtp)
Dream Pinball 3D (HKLM-x32\...\Dream Pinball 3D) (Version: 1.1.0.0 - TopWare Interactive)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.18 - Dropbox, Inc.)
DVDFab 9.0.6.3 (09/09/2013) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
EPubsoft Adobe PDF ePub DRM Removal 7.6.3 (HKLM-x32\...\{D225FC13-8885-4B5A-B40C-23CE88830340}) (Version: 7.6.3 - EPUBSOFT)
FaceFilter Studio 2 (HKLM-x32\...\{F59205C8-E5FB-43F5-AAB2-16C1760D4F59}) (Version: 2.0 - Reallusion)
Fantasy Sound Pack (HKLM-x32\...\{06ACD0D6-537A-4831-9608-AA74A5795698}) (Version: 1.1.0 - Screaming Bee)
Fantasy Voice Pack (HKLM-x32\...\{8061C2C9-C2A3-4550-A3FC-585B646840CB}) (Version: 1.3.0 - Screaming Bee)
Farm Animal Sounds (HKLM-x32\...\{20052CA0-FF43-4901-8261-E6DBF0A09ED1}) (Version: 1.1.0 - Screaming Bee)
Female Voice Pack (HKLM-x32\...\{71F8C486-8A13-468E-8B73-06051075556A}) (Version: 3.3.1 - Screaming Bee)
FileViewPro (HKLM\...\FileViewPro_is1) (Version: 4.0 - stfx, Ath)
Firebird 2.5.0.26074 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.0.26074 - Firebird Project)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FRANZIS onlineTV 8 (HKLM-x32\...\{CBC88F0E-1960-4AC3-8C38-8BAD44E3F6E3}_is1) (Version: 8.5.0.10 - FRANZIS Verlag GmbH)
Free Audio Dub version 1.7.9.908 (HKLM-x32\...\Free Audio Dub_is1) (Version: 1.7.9.908 - DVDVideoSoft Ltd.)
Free AVI Video Converter version 5.0.28.827 (HKLM-x32\...\Free AVI Video Converter_is1) (Version: 5.0.28.827 - DVDVideoSoft Ltd.)
Free Image Convert and Resize version 2.1.26.304 (HKLM-x32\...\Free Image Convert and Resize_is1) (Version: 2.1.26.304 - DVDVideoSoft Ltd.)
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.2.13.304 - DVDVideoSoft Ltd.)
Furry Voices for Second Life (HKLM-x32\...\{0DB44859-4112-4946-BE5E-A4275B3FFB5E}) (Version: 1.3.0 - Screaming Bee)
Galactic Voices (HKLM-x32\...\{DF3FE308-58F2-45E2-9BB0-6A993794AD5C}) (Version: 1.3.0 - Screaming Bee)
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Ghost Recon Online (EU) (HKCU\...\d8be6c3f847d7d92) (Version: 1.34.1166.2 - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
HP Color LaserJet CM1312 MFP Series 5.1 (HKLM\...\{8EEDB90E-6ABC-42bb-AD4C-39DEE05E3EEA}) (Version: 5.1 - HP)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
hppCLJCM1312 (x32 Version: 005.001.00142 - Hewlett-Packard) Hidden
hppFaxDrvCM1312 (x32 Version: 005.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM1312 (x32 Version: 005.001.00137 - Ihr Firmenname) Hidden
hppFonts (x32 Version: 001.001.00061 - Hewlett-Packard) Hidden
hppManualsCM1312 (x32 Version: 005.001.00145 - Ihr Firmenname) Hidden
hppQFolderCM1312 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
hppScanToCM1312 (x32 Version: 005.001.00140 - Ihr Firmenname) Hidden
hppSendFaxCM1312 (x32 Version: 005.000.00001 - Ihr Firmenname) Hidden
hppusgCM1312 (x32 Version: 1.1.0.1 - Hewlett-Packard) Hidden
ICA (x32 Version: 15.0.0.183 - Corel Corporation) Hidden
ICA (x32 Version: 15.0.0.258 - Corel Corporation) Hidden
ICA (x32 Version: 16.0.0.113 - Corel Corporation) Hidden
IMVU Avatar Chat Software (HKCU\...\IMVU Avatar chat client software BETA) (Version:  - )
Insaniquarium Deluxe 1.0 (HKLM-x32\...\Insaniquarium Deluxe 1.0) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2827 - Intel Corporation)
IPM_PSP_COM (x32 Version: 15.0.0.183 - Corel Corporation) Hidden
IPM_PSP_COM (x32 Version: 16.0.0.113 - Corel Corporation) Hidden
IPM_PSP_COM64 (Version: 16.0.0.113 - Corel Corporation) Hidden
IPM_VS_Pro (x32 Version: 15.0 - Corel Corporation) Hidden
ISCOM (x32 Version: 15.0.0.258 - Corel Corporation) Hidden
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
King Arthur - The Role-playing Wargame (HKLM-x32\...\Steam App 24400) (Version:  - NeoCoreGames)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
LastChaosGER (HKLM-x32\...\{A86A50FC-7C22-478B-BAEF-82393328825F}) (Version: 1.00.000 - Barunsongames CO., LTD.)
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.2 - Wistron Corp.)
Magic ISO Maker v5.5 (build 0272) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0272)) (Version:  - )
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
MAGIX Burn routines (HKLM\...\{72945A77-20ED-4507-B267-4771EDE4EE58}) (Version: 11.0.0.233 - MAGIX AG)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (HKLM-x32\...\MAGIX_{4554434F-61A1-4346-BEF8-60810064B089}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Independence Libraries Common Files (HKLM-x32\...\MAGIX_{BCCA5F9C-BEB9-42EF-ABD7-BD1F9FAF65E3}) (Version: 3.1.0.0 - MAGIX AG)
MAGIX Independence Libraries Common Files (Version: 3.1.0.0 - MAGIX AG) Hidden
MAGIX Independence Pro 3.1 RTAS-Plugins (HKLM-x32\...\MAGIX_{F8ECDC8C-BC99-4E76-99FC-D441826AB4BE}) (Version: 3.1.0.0 - MAGIX AG)
MAGIX Independence Pro 3.1 RTAS-Plugins (Version: 3.1.0.0 - MAGIX AG) Hidden
MAGIX Independence Pro 3.1 VST-Plugins (HKLM-x32\...\MAGIX_{33938040-BD24-4EAB-8364-4572E5C15B98}) (Version: 3.1.0.0 - MAGIX AG)
MAGIX Independence Pro 3.1 VST-Plugins (Version: 3.1.0.0 - MAGIX AG) Hidden
MAGIX Independence Pro Software Suite 3.1 (HKLM-x32\...\MAGIX_{12FBE83D-482B-4D82-BAC7-665B7DD79DB2}) (Version: 3.1.0.69 - MAGIX AG)
MAGIX Independence Pro Software Suite 3.1 (Version: 3.1.0.69 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Premium (Demosongs) (HKLM-x32\...\MAGIX_{6FF613B4-CE7A-46A1-B34F-535842B5561F}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2013 Premium (Demosongs) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Premium (Einführungsvideos) (HKLM-x32\...\MAGIX_{8DF70024-A403-4B5F-B895-21E2F49008CA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2013 Premium (Einführungsvideos) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Premium (HKLM-x32\...\MAGIX_{8040CA6C-16F1-47B5-BB2E-E63F32B7E67F}) (Version: 19.0.1.36 - MAGIX AG)
MAGIX Music Maker 2013 Premium (Synthesizer und Effekte) (HKLM-x32\...\MAGIX_{24ECE0D9-4579-4A8C-A332-BF5C945C6302}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2013 Premium (Synthesizer und Effekte) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Premium (Version: 19.0.1.36 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Premium (Visuals) (HKLM-x32\...\MAGIX_{069CE3B1-FBC3-49CB-88C4-6FF1332E672D}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2013 Premium (Visuals) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Premium Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Premium Update (Version: 19.0.6.58 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker Hip Hop Edition 5 (HKLM-x32\...\MAGIX_{792C52C2-B4B1-4BE1-8B54-A6F33E31E5C2}) (Version: 19.0.5.57 - MAGIX AG)
MAGIX Music Maker Hip Hop Edition 5 (Version: 19.0.5.57 - MAGIX AG) Hidden
MAGIX Music Maker Hip Hop Edition 5 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker Tait Eita Powered by Harris & KD Supier (HKLM-x32\...\MAGIX_{31194E92-7345-4144-90D5-840D252D60C8}) (Version: 17.0.2.6 - MAGIX AG)
MAGIX Music Maker Tait Eita Powered by Harris & KD Supier (Version: 17.0.2.6 - MAGIX AG) Hidden
MAGIX Music Maker Techno Edition 5 (HKLM-x32\...\MAGIX_{83533189-F4F8-44DE-866C-23037D09C6D5}) (Version: 19.0.5.57 - MAGIX AG)
MAGIX Music Maker Techno Edition 5 (Version: 19.0.5.57 - MAGIX AG) Hidden
MAGIX Music Maker Techno Edition 5 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\MAGIX_{92852E20-128F-44C3-92EB-3A7506F9DB2C}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{C9CD73C5-F9DA-46A1-8304-D34B161E699F}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Web Designer 9 Premium (32-Bit) (Content Pack) (HKLM\...\{B82FE641-1FB8-3B53-9126-1EF6727D99AC}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Web Designer 9 Premium (32-Bit) (HKLM-x32\...\MX.{1CC91196-D629-4C67-9547-FA76E6A5C3E1}) (Version: 9.0.1.27343 - MAGIX AG)
MAGIX Web Designer 9 Premium (Version: 9.0.1.27343 - MAGIX AG) Hidden
Male Voice Pack (HKLM-x32\...\{45BF4F8E-7BE7-4384-94C6-60AC70C401C6}) (Version: 1.3.0 - Screaming Bee)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
MAX DS Video Converter (HKLM-x32\...\MAX DS Video Converter_is1) (Version:  - )
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2213 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2213 - CyberLink Corp.) Hidden
Meine kleine Kuchenbäckerei (HKLM-x32\...\{4CB520C6-F729-43F1-8B94-35C9970EE990}) (Version: 1.0 - rondomedia)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mission Pack (HKLM-x32\...\{18FC2A03-B955-4F92-8A56-B6E37A9AEBEA}) (Version:  - )
MorphVOX Pro (HKLM-x32\...\{DE289787-7ECA-4BED-9D8C-99FAC407E3D6}) (Version: 4.3.13 - Screaming Bee)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-f12ffc22-b56c-4a1b-a9e5-f37cf6bb2563) (Version:  - Epic Games, Inc.)
MySQL Connector/ODBC 3.51 (HKLM-x32\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)
Nerf Arena Blast (HKLM-x32\...\Nerf Arena Blast) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
Nutella EstaThe Snack and Drink (HKLM-x32\...\{174C3E05-B4F7-4157-B019-6087A445CB75}) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Personal ID (HKLM-x32\...\{F722209B-739E-40E4-ADB1-062BD032A0DB}) (Version: 1.8.5.202 - coolspot AG)
Personality Voices (HKLM-x32\...\{29C042AB-059B-414C-840E-94775E3F24A8}) (Version: 1.0.0 - Screaming Bee)
Phoenix Viewer 1.6.0.1691 (HKLM-x32\...\{26DB09BC-6EB5-4CE0-A05D-D4DECE60E189}_is1) (Version:  - PhoenixViewer.com)
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Power MP3 WMA Converter 2011, (ver 6.1) (HKLM-x32\...\Power MP3 WMA Converter(Freeware version)_is1) (Version: 6.1 - CooolSoft, Inc.)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.13 - ProtectDisc Software GmbH)
PSPPContent (x32 Version: 15.3.0.8 - Corel Corporation) Hidden
PSPPContent (x32 Version: 16.0.0.113 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 15.0.0.183 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 16.1.0.18 - Corel Corporation) Hidden
PSPPro64 (Version: 15.0.0.183 - Corel Corporation) Hidden
PSPPro64 (Version: 16.1.0.48 - Corel Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
RapidCRC 0.6.1 (HKLM-x32\...\RapidCRC) (Version: 0.6.1 - Sebastian Ewert)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6237 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30121 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0180 - REALTEK Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAM3 (remove only) (HKLM-x32\...\SAM3) (Version:  - )
Samplitude Music Studio 2013 (Demoprojekte) (HKLM-x32\...\MAGIX_{68FC6918-8EAB-458E-8C16-04B7A79A09CF}) (Version: 1.0.0.0 - MAGIX AG)
Samplitude Music Studio 2013 (Demoprojekte) (Version: 1.0.0.0 - MAGIX AG) Hidden
Samplitude Music Studio 2013 (HKLM-x32\...\MAGIX_{F604DBB7-4CBB-4ECB-9171-3E9A9C722679}) (Version: 19.0.0.15 - MAGIX AG)
Samplitude Music Studio 2013 (Independence) (HKLM-x32\...\MAGIX_{9E3660DD-FEAC-4A92-AA4F-B3B73CE35403}) (Version: 1.1.0.0 - MAGIX AG)
Samplitude Music Studio 2013 (Independence) (Version: 1.1.0.0 - MAGIX AG) Hidden
Samplitude Music Studio 2013 (Objekt-Synthesizer) (HKLM-x32\...\MAGIX_{55D26DFF-A664-461A-A66C-7BC2F13464E8}) (Version: 1.0.0.0 - MAGIX AG)
Samplitude Music Studio 2013 (Objekt-Synthesizer) (Version: 1.0.0.0 - MAGIX AG) Hidden
Samplitude Music Studio 2013 (Solo Jam-Session & Easy-Recording Content) (HKLM-x32\...\MAGIX_{1B279088-8B2A-4AA9-855B-122275D6CCB2}) (Version: 1.0.0.0 - MAGIX AG)
Samplitude Music Studio 2013 (Solo Jam-Session & Easy-Recording Content) (Version: 1.0.0.0 - MAGIX AG) Hidden
Samplitude Music Studio 2013 (Version: 19.0.0.15 - MAGIX AG) Hidden
Samplitude Music Studio 2013 Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1800.0 - SAMSUNG Electronics Co., Ltd.)
Sandlot Games Client Services 1.2.2 (HKLM-x32\...\Sandlot Games Client Services 1.2.2_is1) (Version:  - Sandlot Games)
Schriftenbibliothek (HKLM-x32\...\Schriftenbibliothek_is1) (Version:  - )
Sci-Fi 2 Sound Pack (HKLM-x32\...\{E7E76513-335F-4995-86CF-A85B77D8D975}) (Version: 1.3.0 - Screaming Bee)
Sci-Fi Sound Pack (HKLM-x32\...\{D13F2D95-1CE0-4147-846F-89ECB2E9A5CD}) (Version: 1.1.0 - Screaming Bee)
Sci-Fi Voice Pack (HKLM-x32\...\{216E21F4-0489-4311-92D6-20D1FB950FCE}) (Version: 1.3.0 - Screaming Bee)
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version:  - )
Secret City (HKLM-x32\...\Secret City) (Version: 1.9.4662 - Utherverse Digital Inc)
Setup (x32 Version: 15.0.0.183 - Ihr Firmenname) Hidden
Setup (x32 Version: 15.0.0.258 - Corel Corporation) Hidden
Setup (x32 Version: 16.0.0.113 - Ihr Firmenname) Hidden
Share (x32 Version: 15.0.0.258 - Corel Corporation) Hidden
Share64 (Version: 15.0.0.258 - Corel Corporation) Hidden
SHOUTcast Source DSP Plug-in v2 (HKLM-x32\...\SHOUTcast Source DSP) (Version: 2.3.2 - Nullsoft, Inc)
Sid Meier's Pirates! (HKLM-x32\...\InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Firaxis Games)
Sid Meier's Pirates! (x32 Version: 1.00.0000 - Firaxis Games) Hidden
Sierra-Dienstprogramme (HKLM-x32\...\Sierra-Dienstprogramme) (Version:  - )
Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.6 - SmartSound Software Inc.) Hidden
SmartTools Publishing • Outlook LockOutlook (HKLM-x32\...\SmartToolsLockOutlookv4.00) (Version: v4.00 - SmartTools Publishing)
Some PDF to Txt Converter 2.0 (HKLM-x32\...\Some PDF to Txt Converter_is1) (Version:  - SomePDF.com)
Spooky Sounds (HKLM-x32\...\{D813EF9B-69CF-4996-893C-B400AE7292FA}) (Version: 2.1.0 - Screaming Bee)
Star Trek Online (HKLM-x32\...\Star Trek Online) (Version:  - Cryptic Studios)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Translator Fun Voice Pack (HKLM-x32\...\{602A1471-063B-4E03-9DCE-0210B914EFF5}) (Version: 1.5.0 - Screaming Bee)
TrayApp (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual DJ Pro Full - Atomix Productions (HKLM-x32\...\Virtual DJ Pro Full - Atomix Productions) (Version:  - )
Vita 2 (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita 2 Zusatzcontent (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Bass Machine (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Rock Drums (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita String Ensemble (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita World Percussion (Version: 1.0.0.0 - MAGIX AG) Hidden
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
VSClassic (x32 Version: 15.0.0.258 - Corel Corporation) Hidden
VSHelp (x32 Version: 15.0.0.258 - Corel Corporation) Hidden
VSPro (x32 Version: 15.0.0.258 - Corel Corporation) Hidden
Web Designer Premium 9 Update (Version: 9.2.7.30974 - MAGIX AG) Hidden
WebReg (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Worms Armageddon (HKLM-x32\...\Worms Armageddon) (Version:  - )
Worms World Party (HKLM-x32\...\{9A200E68-D5F4-4E70-910F-2871753A0E2B}) (Version:  - )
X10 Hardware(TM) (HKLM-x32\...\X10Hardware) (Version:  - )

==================== Restore Points  =========================

27-03-2014 01:12:54 Geplanter Prüfpunkt
29-03-2014 01:04:45 Windows Update
29-03-2014 09:17:40 avast! antivirus system restore point
29-03-2014 09:20:28 Gerätetreiber-Paketinstallation: Avast Netzwerkdienst
29-03-2014 10:21:01 Installed Microsoft Fix it 50267
29-03-2014 10:54:46 Adblock Plus for IE

==================== Hosts content: ==========================

2014-02-07 10:56 - 2014-03-29 11:50 - 00001244 ___AC C:\Windows\system32\Drivers\etc\hosts
        127.0.0.1       rad.msn.com
        127.0.0.1       live.rads.msn.com
        127.0.0.1       ads1.msn.com
        127.0.0.1       static.2mdn.net
        127.0.0.1       g.msn.com
        127.0.0.1       a.ads2.msads.net
        127.0.0.1       b.ads2.msads.net
        127.0.0.1       ac3.msn.com
        127.0.0.1       feed.plusnetwork.com
        127.0.0.1       www.feed.plusnetwork.com

==================== Scheduled Tasks (whitelisted) =============

Task: {0052B3E0-CD48-4645-9B05-2DD2D5FE59F2} - System32\Tasks\{7F2BEF3C-1702-4CE3-92A5-31BBBA30A504} => C:\Program Files (x86)\Anno 1701\Anno1701AddOn.exe [2007-09-25] (Related Designs Software GmbH)
Task: {0146E4C2-13DC-4368-A6B7-D5CF252D6997} - System32\Tasks\{EEEDB95D-08F3-442A-8D8B-D3DA84E659E3} => E:\AUTORUN.EXE
Task: {05463694-75B9-4BE3-9B3B-800D10AB67E5} - System32\Tasks\{92A80300-B86A-4486-83DF-40A2210AD209} => C:\Voelker2\DieVölker2\bin\Game.exe
Task: {10CB193C-53C1-4E38-BC3B-8BE0F0EFBA30} - System32\Tasks\{0FF87F05-F93F-4EA6-BB4C-42AC41C141F3} => C:\Program Files (x86)\JoWooD\DieVölker2\bin\Game.exe
Task: {141DAE6E-AB19-4698-A390-AA3577138437} - System32\Tasks\{94C030CB-4D91-45C1-A34E-BBA10E012375} => E:\S2\SETUP.EXE
Task: {146E7991-4825-4936-A698-6A2A9ABCB104} - System32\Tasks\{3C36117E-8926-4783-AC4C-D1B8C38F2D02} => C:\Program Files (x86)\JoWooD\DieVölker2\Unwise.exe
Task: {158F82B5-9D27-41D4-9C70-42B888C7C636} - System32\Tasks\{40CF2673-31FE-42B2-B5D6-9EDA7CA7E074} => E:\S2\SETUP.EXE
Task: {15EBF901-034E-4560-86AD-430162A3F85F} - System32\Tasks\{6D05EFDD-B539-4AA5-AA7C-3C3F5EA8B7E7} => C:\Program Files (x86)\Zylom Games\Chocolatier Deluxe\chocolatier.exe
Task: {16685128-43F7-4FEB-8EF9-8ED19E50FAB3} - System32\Tasks\{BDEFC5EB-FF3E-4DB9-922F-18F92A8F9501} => E:\S2\SETUP.EXE
Task: {182BD8E5-8F56-4489-B03E-752E05F8B240} - System32\Tasks\{CDA55D36-8DF0-41E4-B91F-A867A295CA40} => E:\S2\SETUP.EXE
Task: {1B18848F-9874-4EF8-827B-D1940EB66F97} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-11] (Google Inc.)
Task: {1D1CF103-88A1-4782-AA22-60037CC0C0B9} - System32\Tasks\{5993BDC4-AFB2-4C56-9E47-F867E374C978} => C:\Users\Daniel\Desktop\Legal\Legal.exe
Task: {1F9EF73A-547A-499D-81A8-38F5BAAB9D90} - System32\Tasks\{1FB1189B-4A13-4061-8C74-1464D7BFBABF} => C:\Program Files (x86)\Zylom Games\Chocolatier Deluxe\chocolatier.exe
Task: {21712D36-1001-44CB-854A-5AD64B1DC146} - System32\Tasks\{BA3F1772-A7D2-4B5A-A09C-0209BB7D8008} => E:\S2\SETUP.EXE
Task: {2275B0EB-3BB1-4D92-AAA9-9E3AF4E64338} - System32\Tasks\{B2DF6533-1AB8-4F64-87E5-0C7F2B7A8261} => C:\Team17\Worms World Party\wwp.exe [2001-05-14] (Team17 Software Ltd)
Task: {23FC5B23-2D5F-41BB-8197-E5BF90F1094C} - System32\Tasks\{68D46493-E0E4-4139-9E3D-DE0764CB9EA8} => E:\AUTORUN.EXE
Task: {256AB0F1-34E6-44DD-8476-F7FCA8DAAA9B} - System32\Tasks\{966F5682-3102-46EB-9C86-3634FFFE6CFA} => E:\S2\SETUP.EXE
Task: {290DA27A-6B42-4FC5-BC9D-B287608BBF99} - System32\Tasks\{5D69D029-4F89-42C2-8F71-F657145E1685} => C:\Users\Daniel\Desktop\FFS20_Deu_Full.exe
Task: {29CE8A34-DC14-442B-8626-4D134A82C9AE} - System32\Tasks\{E856EACC-A5FB-412B-8CFA-3BB71A8C8E08} => E:\S2\SETUP.EXE
Task: {2B0CD943-0873-489B-8C70-85C6370771A3} - System32\Tasks\{12AE0E5B-084A-4433-90FF-9E76E054AACB} => C:\Die Völker 2\DieVölker2\bin\Game.exe
Task: {2B1FFE5E-812A-4AEC-8869-70FAAAC46EE2} - System32\Tasks\{8FB71093-FDC3-4660-9BA9-AB685F171D45} => C:\Program Files (x86)\Anno 1701\Anno1701.exe [2007-10-20] (Related Designs Software GmbH)
Task: {2BBFF583-2992-496F-BC5F-E4CFA4144CC7} - System32\Tasks\{AED448DE-9E65-4A47-8CED-BCACCE365CB7} => C:\Users\Daniel\Desktop\c3up11De.EXE
Task: {316BBC71-9744-421E-B08F-4824A90A29EA} - System32\Tasks\{37FCF798-62A0-4DDD-8915-98DF52D67371} => C:\Users\Daniel\Desktop\MassEffect_BDtS_G_a.exe
Task: {35440900-5B0D-45C6-9CA3-1D1630231902} - System32\Tasks\{A1F70949-7DB6-4A23-8B76-293576F1B899} => C:\ANNO1602\1602.EXE [1998-02-16] (MAX DESIGN)
Task: {40F39DB0-F75F-4F8F-8AA5-A7327A1E290D} - System32\Tasks\{AE5B5A87-81B2-42A9-9A74-550525F4940F} => C:\Program Files (x86)\JoWooD\DieVölker2\Unwise.exe
Task: {41A87A6B-C582-4F2D-8597-A723964CC71A} - System32\Tasks\{5D0B6982-DE4D-4CC0-AB2B-98754F07700B} => C:\Die Völker 2\DieVölker2\bin\Game.exe
Task: {451D621F-6FFD-4089-93FE-270A9D2DE6DA} - System32\Tasks\{E2B047D4-D8BD-4693-B5B3-010EF3D97A56} => E:\bhvstart.exe
Task: {47DF6057-A1FD-4A77-A813-3F691D2DDE1F} - System32\Tasks\{810EBF1A-8F17-441C-B563-3C43E33C03CD} => C:\Program Files (x86)\Anno 1701\Anno1701AddOn.exe [2007-09-25] (Related Designs Software GmbH)
Task: {48A3C185-9AC2-4F2F-940D-DA73CE675CE4} - System32\Tasks\{073A5D00-C4F9-4990-A885-8D366629D006} => E:\S2\SETUP.EXE
Task: {4C820340-8F6B-4CEC-AA89-8B64222456B0} - System32\Tasks\{3E45EE9D-B270-4FAD-879C-F9D694DA3485} => C:\Users\Daniel\Desktop\spiele\pokegen\programm\c gear\PokeCGear.exe [2011-01-14] ()
Task: {5293CE73-94BE-449D-95AD-5BE339716D0D} - System32\Tasks\{48B512DB-FFB4-4403-83ED-2F9407027667} => c:\program files (x86)\opera\opera.exe [2013-11-24] (Opera Software)
Task: {54082EF3-848C-4D41-9509-EADD1BB3DB61} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-29] (AVAST Software)
Task: {5A330F3D-65AE-4D4C-81D4-E64FEA83D5D9} - System32\Tasks\{E8DB0424-DD34-4B5E-ABA1-8F87BA189D0B} => C:\Program Files\FileViewPro\FileViewPro.exe [2013-11-18] ()
Task: {5E3F78E3-D239-4E26-B09A-1E1D02A3A0F4} - System32\Tasks\{D2222B24-F51D-4DBD-B431-AC065B5CBCA9} => C:\Program Files (x86)\Zylom Games\Chocolatier Deluxe\chocolatier.exe
Task: {6BD68BC3-51C8-411C-AFA6-8F6729835575} - System32\Tasks\{131AF74A-19DF-443F-B4C1-82A8AA55497A} => E:\S2\SETUP.EXE
Task: {6D9B6460-F55F-44A6-A8D1-A5CD180C778E} - System32\Tasks\{A5C24906-6C19-4574-85F9-6616289EB799} => C:\Users\Daniel\Desktop\Cheat code editor\Cheat Code Editor.exe [2007-05-20] ()
Task: {7A4636B7-F05B-4249-8AB0-DAFF11C962A7} - System32\Tasks\{B515B6F0-4FFF-4CBA-893E-D3FCA3106B64} => E:\S2\SETUP.EXE
Task: {7C9D8C03-6A35-487F-9016-E7A5E53BA833} - System32\Tasks\{17F07E10-EA40-481E-888D-AB26AFE52FEE} => C:\Team17\Worms World Party\wwp.exe [2001-05-14] (Team17 Software Ltd)
Task: {7EF75918-6B2B-4300-888A-ED73DEBECBBF} - System32\Tasks\{3BE362E2-E75B-429E-9FC4-7B3B8D11B963} => E:\S2\SETUP.EXE
Task: {805D9E42-8317-4C78-82F6-946B5DE8A0C7} - System32\Tasks\{678365FC-379B-4E24-8568-D579CE2F2C7E} => E:\S2\SETUP.EXE
Task: {8C335720-465F-4ACF-97C0-6E46FA18E7E9} - System32\Tasks\{F15A6F01-F619-4817-90FB-C09F19CB63F5} => C:\Program Files (x86)\Anno 1701\Anno1701AddOn.exe [2007-09-25] (Related Designs Software GmbH)
Task: {91F56EAD-6C3B-436A-A540-1B3C95D9A052} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {9431E549-F644-4FE1-98C5-C72AC9CD37ED} - System32\Tasks\{652A2BC8-55C4-41C0-8B47-06EA583CE2D3} => E:\S2\SETUP.EXE
Task: {953A719E-FDEC-4852-BCC9-1459D68B3BC4} - System32\Tasks\{FBB1652A-75F8-4D32-BA6C-0BD7071B4B4A} => E:\S2\SETUP.EXE
Task: {9C100C66-5F10-4548-8B69-E3CDB0BF606D} - System32\Tasks\{4994E248-B0AD-46CA-AF2E-310612827F2E} => E:\S2\SETUP.EXE
Task: {9E16B815-46D6-4F9B-A140-C810E8BD3C46} - System32\Tasks\{87BD9F31-A0C4-47D4-83F6-B3EEAB2B4AEB} => C:\Program Files (x86)\Anno 1701\Rollback\Anno1701.exe [2006-10-05] (Related Designs Software GmbH)
Task: {A4F101B4-2127-4730-A5A0-220A141EE63D} - System32\Tasks\{F6CB6A22-E114-4CB3-B3C9-953D284AE683} => C:\Users\Daniel\Desktop\FFS20_Deu_Full.exe
Task: {AB9A30AF-E579-445E-A157-A50D32A862FA} - System32\Tasks\{1BC5009A-C623-4DA0-9118-CADA3959EEAA} => E:\S2\SETUP.EXE
Task: {AC3B6A3B-E516-41A0-BE7B-AE74D6F05EE5} - System32\Tasks\{26F8FEE5-EBEF-4BF2-9960-B3F3C8A758EC} => C:\Program Files (x86)\Anno 1701\Anno1701AddOn.exe [2007-09-25] (Related Designs Software GmbH)
Task: {ADCDF35A-0D81-4315-B30C-9FAC42DDAE19} - System32\Tasks\{FBFC2A81-70A5-4C34-AD06-B257CD752FE9} => C:\Program Files (x86)\Zylom Games\Chocolatier Deluxe\chocolatier.exe
Task: {B0ADE302-1717-472E-912A-21887DE485B5} - System32\Tasks\{C5EB8D0E-8B8B-43C8-8016-A6FCC462946D} => C:\Program Files (x86)\CloneDVD6\MainApp.EXE [2012-11-27] (Aviosoft.)
Task: {B48CDE2F-2934-4D81-BA37-A4CC53492B70} - System32\Tasks\{7126DAF6-E7A6-4025-B30F-0E113A7B46D4} => C:\Program Files (x86)\JoWooD\DieVölker2\bin\Game.exe
Task: {B6184494-F268-4AA5-A390-4FC97BCD71CE} - System32\Tasks\{AC7D1521-F5AE-49AD-9106-6809CBEB4215} => E:\S2\SETUP.EXE
Task: {BCEBC503-CF3B-45A5-9650-966FF580E545} - System32\Tasks\{B5DF1DB1-C0F9-480C-9281-BB0E6C2EB486} => C:\Program Files (x86)\Anno 1701\Rollback\Anno1701.exe [2006-10-05] (Related Designs Software GmbH)
Task: {C191FDC0-4CF1-4F8F-9E82-10875ABED458} - System32\Tasks\{69044440-C839-428E-8079-6D3979B6842D} => E:\S2\SETUP.EXE
Task: {C409ADF5-FF12-4451-B6D1-ABF4D1DC6510} - System32\Tasks\{41DDBE48-43A3-48E0-9048-FF8D6F08DF4F} => C:\Program Files (x86)\Zylom Games\Chocolatier Deluxe\chocolatier.exe
Task: {C67A266A-5DC1-41D6-BADD-BC0F4B90CCA6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {C67C2332-CE25-4759-ACB1-21EE7AFDC3FA} - System32\Tasks\{E83DE898-B285-4986-B5BE-9B943BC04BEF} => C:\Users\Daniel\Downloads\STO_Online_ServerChecker.exe
Task: {CD11ECCA-157C-43CA-B7A7-35C95D3EB1E0} - System32\Tasks\{55B58783-E133-4F90-9909-7A0BA16C1073} => C:\Program Files (x86)\Anno 1701\Anno1701AddOn.exe [2007-09-25] (Related Designs Software GmbH)
Task: {CDE261B1-8B17-44EC-A7C1-47055128E765} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-11] (Google Inc.)
Task: {CFE9CA76-1416-4888-BDB0-CF30D54F1E41} - System32\Tasks\{BE174E91-202D-4B20-8B77-A9509C30AF97} => E:\S2\SETUP.EXE
Task: {D24DA4B0-1A08-4A6F-92AB-842D16821219} - System32\Tasks\{5BA2B270-829E-4A02-BE12-DBCFC39F7AFC} => C:\Team17\Worms World Party\wwp.exe [2001-05-14] (Team17 Software Ltd)
Task: {D5475704-31C1-4F9A-9F96-87742F55F1B8} - System32\Tasks\{396AB30D-E0FA-42C6-853F-325CA099A4CA} => C:\Program Files (x86)\Zylom Games\Chocolatier Deluxe\chocolatier.exe
Task: {DAA47877-F275-4DC4-8719-853FA4CA95EE} - System32\Tasks\{663B9866-54C7-46F1-BAAF-0F7203E79B3B} => C:\ANNO1602\1602.EXE [1998-02-16] (MAX DESIGN)
Task: {DC38B247-52D1-421D-956E-24D0D538C105} - System32\Tasks\{7438BE65-7E2E-47AC-B28F-7D1B1CD340BF} => C:\Users\Daniel\Desktop\programme\Legal\Legal.exe [2010-02-18] ()
Task: {E057A7C3-A541-43F2-9106-667F7102D12D} - System32\Tasks\{3B22FD6B-6978-4EC1-867B-3AEAC82D7C80} => C:\Program Files (x86)\Anno 1701\Anno1701AddOn.exe [2007-09-25] (Related Designs Software GmbH)
Task: {E062A614-05FF-4598-85EE-06AD7420CC8B} - System32\Tasks\{ED0A83FB-4A12-4E5A-B587-37357929ACB1} => C:\Users\Daniel\Desktop\c3up11De.EXE
Task: {E92D482A-975D-487D-BF28-EAFEB9F3B2A1} - System32\Tasks\{DCB5CC94-301F-46D1-9D76-95232ED99F04} => E:\S2\SETUP.EXE
Task: {E9D3F432-A90C-4B1A-8088-6A66F9FF9253} - System32\Tasks\{0C327DCE-02DB-495E-B0EE-43000B4098DE} => C:\BlueByte\Siedler3\s3.exe [2000-02-15] (Blue Byte )
Task: {EC390F5C-2E7E-4509-A5AC-1586E03077EB} - System32\Tasks\{13AC6F75-921C-4FC2-9162-219DC0C4B4EB} => C:\Program Files (x86)\Anno 1701\Rollback\Anno1701.exe [2006-10-05] (Related Designs Software GmbH)
Task: {F423C561-80AB-48ED-B98F-22F5E35F9576} - System32\Tasks\{50E458ED-E7F4-4DB3-A9B8-E8FEBE776D73} => E:\DieVoelkerGE.exe
Task: {FA534E6C-82BF-413F-A76C-44FAF30F4156} - System32\Tasks\{A2C44D26-5E7A-4773-B378-D2EAB102F3DB} => C:\Program Files (x86)\Anno 1701\Anno1701AddOn.exe [2007-09-25] (Related Designs Software GmbH)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 ____C () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-03-14 17:28 - 2013-03-14 17:28 - 00653824 ____C () C:\Program Files (x86)\4shared Desktop\CMenu64.dll
2012-01-10 20:12 - 2012-01-10 20:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-08-24 01:45 - 2013-08-24 01:45 - 00076888 ____C () C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 ____C () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-07-31 20:06 - 2010-02-10 12:34 - 00244904 ____C () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-03-29 10:46 - 2014-03-29 10:46 - 02189312 ____C () C:\Program Files\AVAST Software\Avast\defs\14032900\algo.dll
2014-03-15 17:07 - 2014-03-15 01:50 - 00051016 ____C () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-15 17:08 - 2014-03-15 01:50 - 00716616 ____C () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 17:07 - 2014-03-15 01:50 - 00100168 ____C () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2009-11-02 13:20 - 2009-11-02 13:20 - 00619816 ____C () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 13:23 - 2009-11-02 13:23 - 00013096 ____C () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-03-15 17:08 - 2014-03-15 01:50 - 04061000 ____C () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 17:08 - 2014-03-15 01:50 - 00394568 ____C () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 17:07 - 2014-03-15 01:50 - 01647432 ____C () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2013-10-15 13:34 - 2009-02-27 15:39 - 00019968 ____C () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
2013-12-09 01:49 - 2013-12-09 01:49 - 19336120 ____C () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 ____C () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-03-15 17:08 - 2014-03-15 01:50 - 13637448 ____C () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^Daniel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: BitTorrent => "C:\Users\Daniel\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: STOServerChecker => "C:\Users\Daniel\Downloads\STO_Online_ServerChecker.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/29/2014 10:51:05 AM) (Source: Application Hang) (User: )
Description: Programm chrome.exe, Version 33.0.1750.154 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 110c

Startzeit: 01cf4a65eea914da

Endzeit: 281

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 91f8d57a-b727-11e3-9d7f-00262dc36228

Error: (03/21/2014 05:51:45 PM) (Source: Application Hang) (User: )
Description: Programm TS3W.exe, Version 0.2.0.209 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 50764

Startzeit: 01cf452525b58b50

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\Electronic Arts\Die Sims 3\Game\Bin\TS3W.exe

Berichts-ID:

Error: (03/18/2014 06:02:29 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PDF2TXT.exe, Version: 2.0.0.0, Zeitstempel: 0x4fe5f1b0
Name des fehlerhaften Moduls: PDF2TXT.exe, Version: 2.0.0.0, Zeitstempel: 0x4fe5f1b0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00004fb3
ID des fehlerhaften Prozesses: 0x1030
Startzeit der fehlerhaften Anwendung: 0xPDF2TXT.exe0
Pfad der fehlerhaften Anwendung: PDF2TXT.exe1
Pfad des fehlerhaften Moduls: PDF2TXT.exe2
Berichtskennung: PDF2TXT.exe3

Error: (03/15/2014 06:57:22 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Cheat Code Editor.exe, Version: 1.0.0.1, Zeitstempel: 0x46502a97
Name des fehlerhaften Moduls: Cheat Code Editor.exe, Version: 1.0.0.1, Zeitstempel: 0x46502a97
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00004759
ID des fehlerhaften Prozesses: 0xcf8
Startzeit der fehlerhaften Anwendung: 0xCheat Code Editor.exe0
Pfad der fehlerhaften Anwendung: Cheat Code Editor.exe1
Pfad des fehlerhaften Moduls: Cheat Code Editor.exe2
Berichtskennung: Cheat Code Editor.exe3

Error: (03/15/2014 06:56:14 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Cheat Code Editor.exe, Version: 1.0.0.1, Zeitstempel: 0x46502a97
Name des fehlerhaften Moduls: Cheat Code Editor.exe, Version: 1.0.0.1, Zeitstempel: 0x46502a97
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00004760
ID des fehlerhaften Prozesses: 0x1eec
Startzeit der fehlerhaften Anwendung: 0xCheat Code Editor.exe0
Pfad der fehlerhaften Anwendung: Cheat Code Editor.exe1
Pfad des fehlerhaften Moduls: Cheat Code Editor.exe2
Berichtskennung: Cheat Code Editor.exe3

Error: (03/15/2014 06:55:18 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Cheat Code Editor.exe, Version: 1.0.0.1, Zeitstempel: 0x46502a97
Name des fehlerhaften Moduls: Cheat Code Editor.exe, Version: 1.0.0.1, Zeitstempel: 0x46502a97
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00004760
ID des fehlerhaften Prozesses: 0x1c9c
Startzeit der fehlerhaften Anwendung: 0xCheat Code Editor.exe0
Pfad der fehlerhaften Anwendung: Cheat Code Editor.exe1
Pfad des fehlerhaften Moduls: Cheat Code Editor.exe2
Berichtskennung: Cheat Code Editor.exe3

Error: (03/15/2014 06:54:34 PM) (Source: Application Hang) (User: )
Description: Programm NOTEPAD.EXE, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 71c

Startzeit: 01cf40772551328d

Endzeit: 3

Anwendungspfad: C:\Windows\system32\NOTEPAD.EXE

Berichts-ID: dbb5d229-ac6a-11e3-9f2b-00262dc36228

Error: (03/13/2014 02:01:11 AM) (Source: Application Hang) (User: )
Description: Programm DeSmuME_0.9.9_x86.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: a628

Startzeit: 01cf3e57827b1c81

Endzeit: 9

Anwendungspfad: C:\Users\Daniel\Downloads\rar verzeichnisse\desmume-0.9.9-win32\DeSmuME_0.9.9_x86.exe

Berichts-ID: e853819f-aa4a-11e3-af50-00262dc36228

Error: (03/09/2014 01:29:30 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: nerf.exe, Version: 0.0.0.0, Zeitstempel: 0x380cbdd1
Name des fehlerhaften Moduls: Galaxy.DLL, Version: 0.0.0.0, Zeitstempel: 0x380cbcd0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001757d
ID des fehlerhaften Prozesses: 0x10e80
Startzeit der fehlerhaften Anwendung: 0xnerf.exe0
Pfad der fehlerhaften Anwendung: nerf.exe1
Pfad des fehlerhaften Moduls: nerf.exe2
Berichtskennung: nerf.exe3

Error: (03/08/2014 09:57:05 PM) (Source: Application Hang) (User: )
Description: Programm 004.dat, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 25430

Startzeit: 01cf3b10adc9549a

Endzeit: 4

Anwendungspfad: H:\fscommand\004.dat

Berichts-ID:


System errors:
=============
Error: (03/29/2014 11:30:52 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.

Error: (03/29/2014 11:29:28 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BuddyVM" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/29/2014 11:29:28 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Program Files (x86)\VMLaunch\BuddyVM.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/29/2014 11:26:54 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (03/29/2014 11:26:09 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "X10 Device Network Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (03/29/2014 11:26:09 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst X10 Device Network Service erreicht.

Error: (03/29/2014 11:24:40 AM) (Source: DCOM) (User: )
Description: C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\agent.exe -Embedding740{FFF2D28F-E4EE-44D9-8104-8E71556757F6}

Error: (03/29/2014 10:56:27 AM) (Source: DCOM) (User: )
Description: C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\agent.exe -Embedding740{FFF2D28F-E4EE-44D9-8104-8E71556757F6}

Error: (03/29/2014 10:55:46 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.

Error: (03/29/2014 10:55:04 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================
Error: (03/29/2014 10:51:05 AM) (Source: Application Hang)(User: )
Description: chrome.exe33.0.1750.154110c01cf4a65eea914da281C:\Program Files (x86)\Google\Chrome\Application\chrome.exe91f8d57a-b727-11e3-9d7f-00262dc36228

Error: (03/21/2014 05:51:45 PM) (Source: Application Hang)(User: )
Description: TS3W.exe0.2.0.2095076401cf452525b58b500C:\Program Files (x86)\Electronic Arts\Die Sims 3\Game\Bin\TS3W.exe

Error: (03/18/2014 06:02:29 PM) (Source: Application Error)(User: )
Description: PDF2TXT.exe2.0.0.04fe5f1b0PDF2TXT.exe2.0.0.04fe5f1b0c000000500004fb3103001cf42cbbfbd0f6cC:\Program Files (x86)\SomePDF\Some PDF to Txt Converter\PDF2TXT.exeC:\Program Files (x86)\SomePDF\Some PDF to Txt Converter\PDF2TXT.exe15eda85a-aebf-11e3-9f2b-00262dc36228

Error: (03/15/2014 06:57:22 PM) (Source: Application Error)(User: )
Description: Cheat Code Editor.exe1.0.0.146502a97Cheat Code Editor.exe1.0.0.146502a97c000000500004759cf801cf4077ef7219b8C:\Users\Daniel\Desktop\Cheat code editor\Cheat Code Editor.exeC:\Users\Daniel\Desktop\Cheat code editor\Cheat Code Editor.exe41d129f6-ac6b-11e3-9f2b-00262dc36228

Error: (03/15/2014 06:56:14 PM) (Source: Application Error)(User: )
Description: Cheat Code Editor.exe1.0.0.146502a97Cheat Code Editor.exe1.0.0.146502a97c0000005000047601eec01cf4077c581dc34C:\Users\Daniel\Desktop\Cheat code editor\Cheat Code Editor.exeC:\Users\Daniel\Desktop\Cheat code editor\Cheat Code Editor.exe1953e2d1-ac6b-11e3-9f2b-00262dc36228

Error: (03/15/2014 06:55:18 PM) (Source: Application Error)(User: )
Description: Cheat Code Editor.exe1.0.0.146502a97Cheat Code Editor.exe1.0.0.146502a97c0000005000047601c9c01cf4077a7ad50a3C:\Users\Daniel\Desktop\Cheat code editor\Cheat Code Editor.exeC:\Users\Daniel\Desktop\Cheat code editor\Cheat Code Editor.exef7b3c216-ac6a-11e3-9f2b-00262dc36228

Error: (03/15/2014 06:54:34 PM) (Source: Application Hang)(User: )
Description: NOTEPAD.EXE6.1.7600.1638571c01cf40772551328d3C:\Windows\system32\NOTEPAD.EXEdbb5d229-ac6a-11e3-9f2b-00262dc36228

Error: (03/13/2014 02:01:11 AM) (Source: Application Hang)(User: )
Description: DeSmuME_0.9.9_x86.exe0.0.0.0a62801cf3e57827b1c819C:\Users\Daniel\Downloads\rar verzeichnisse\desmume-0.9.9-win32\DeSmuME_0.9.9_x86.exee853819f-aa4a-11e3-af50-00262dc36228

Error: (03/09/2014 01:29:30 AM) (Source: Application Error)(User: )
Description: nerf.exe0.0.0.0380cbdd1Galaxy.DLL0.0.0.0380cbcd0c00000050001757d10e8001cf3b25efa5a9eeC:\Nerf Arena Blast\System\nerf.exeC:\Nerf Arena Blast\System\Galaxy.DLLe06572e8-a721-11e3-af50-00262dc36228

Error: (03/08/2014 09:57:05 PM) (Source: Application Hang)(User: )
Description: 004.dat1.0.0.12543001cf3b10adc9549a4H:\fscommand\004.dat


CodeIntegrity Errors:
===================================
  Date: 2014-03-29 11:29:28.439
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-29 11:29:28.265
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-29 10:54:23.812
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-29 10:54:23.656
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-28 09:35:24.286
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-28 09:35:24.130
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-21 18:12:37.949
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-21 18:12:37.769
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-14 20:51:45.335
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-14 20:51:45.185
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 61%
Total physical RAM: 3893.49 MB
Available physical RAM: 1481.6 MB
Total Pagefile: 7785.16 MB
Available Pagefile: 3899.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:546.25 GB) (Free:81.12 GB) NTFS
Drive d: (Recover) (Fixed) (Total:48.83 GB) (Free:6.12 GB) NTFS
Drive g: (EOS_DIGITAL) (Removable) (Total:3.68 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=546 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=49 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1023 MB) - (Type=12)

========================================================
Disk: 2 (Size: 4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

hab heute nur meine host datei erneuert weil sie komplett spurlos verschwunden ist.
wolte ich nur hinzufügen ^^

Bootsektor · 29.03.2014, 14:43

Zitat:

hab heute nur meine host datei erneuert weil sie komplett spurlos verschwunden ist.
wolte ich nur hinzufügen ^^

Und das hat nicht zufälligerweise etwas mit den ganzen Adobe-Produkten zu tun?

saufbiene · 29.03.2014, 16:03

nein die adobe produkte sind gekauft!!!
ist eine schüler lizenz gewesen

hab die original cd hier sogar ^^
in den host dateien habe ich nur ad server geblockt.
nur die datei war weg gewesen komplett deshalb habe ich sie mit einenms fixit neu erstellen lassen

hier die hostdatei ^^

Code:

ATTFilter

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handle within DNS itself.
#       127.0.0.1       localhost
#       ::1             localhost
        127.0.0.1       rad.msn.com
        127.0.0.1       live.rads.msn.com
        127.0.0.1       ads1.msn.com
        127.0.0.1       static.2mdn.net
        127.0.0.1       g.msn.com
        127.0.0.1       a.ads2.msads.net
        127.0.0.1       b.ads2.msads.net
        127.0.0.1       ac3.msn.com
        127.0.0.1       feed.plusnetwork.com
        127.0.0.1       www.feed.plusnetwork.com

Bootsektor · 29.03.2014, 23:19

Hallo saufbiene,

Zitat:

nein die adobe produkte sind gekauft!!!
ist eine schüler lizenz gewesen

Alles klar.

Ich frag bei sowas vorsichtshalber lieber nach.

Was macht feed.plus.network.com nach den folgenden Schritten?
Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=pb2&t=c0120&sp=addr&q={searchTerms}

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad.
Windows Vista und höher: mit Rechtsklick "als Administrator starten"
Starte Malwarebytes' Anti-Malware (MBAM).
Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language German aus.
Klicke auf Armaturenbrett und auf Jetzt aktualisieren, um die Datenbank zu updaten.
Klicke im Anschluss auf Suchlauf, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf jetzt starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Aktionen anwenden.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Wähle Exportieren auf Textdatei (.txt) und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3
Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4
Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

saufbiene · 30.03.2014, 10:06

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Daniel at 2014-03-29 23:58:19 Run:1
Running from C:\Users\Daniel\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=pb2&t=c0120&sp=addr&q={searchTerms}
*****************

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key deleted successfully.
HKCR\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key not found.

==== End of Fixlog ====

Code:

ATTFilter

 Malwarebytes Anti-Malware  (PRO) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.29.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
Daniel :: MEDION [Administrator]

Schutz: Aktiviert

30.03.2014 00:00:43
mbam-log-2014-03-30 (00-00-43).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 274802
Laufzeit: 14 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a37a664c38115042b1a74b6c25e14e5a
# engine=17679
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-30 06:01:05
# local_time=2014-03-30 08:01:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=772 16777213 66 80 76058 78130 0 0
# compatibility_mode=5893 16776573 100 94 0 147789115 0 0
# scanned=672726
# found=7
# cleaned=0
# scan_time=22409
sh=C513DDE65EE06D8741EE7093623DD1264810A39F ft=0 fh=0000000000000000 vn="JS/Exploit.Pdfka.PNY trojan" ac=I fn="C:\Users\Daniel\Documents\My 3D Models\Deep Exploration 5 Example Files\Feature Examples\Example PDF Output\Transmission with Steps, Realited and Compressed.pdf"
sh=4CEF670BBA21C042A876EF9BB39AA5283651F94C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Zugo potentially unwanted application" ac=I fn="C:\Users\Daniel\Downloads\rar verzeichnisse\Ebooks am DS lesen.zip"
sh=1F905FBB047E55C9ACD75D6D64F88EDCF1C71AEA ft=1 fh=5a5e42141b27077f vn="Win32/Toolbar.Conduit potentially unwanted application" ac=I fn="C:\Users\Daniel\Dropbox\programme\FreeStudio.exe"
sh=9243D49CC65F5B470BB3724494B4D9CBABAD24F0 ft=1 fh=c76f714c07224cf2 vn="Win32/TopMedia.B potentially unwanted application" ac=I fn="C:\Users\Daniel\Dropbox\programme\privitize_secure.exe"
sh=2153D234D166D72F04F9870D9541869CCADAB151 ft=1 fh=67447e761e537db3 vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application" ac=I fn="D:\TOOLS\Medion MediaPack\medion_mediapack_ext.exe"

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Daniel (administrator) on MEDION on 30-03-2014 10:59:59
Running from C:\Users\Daniel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Reimage®) C:\Program Files\AntiToolbar\ReiGuard.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(arvato digital services llc) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11548264 2010-11-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-11] (Synaptics Incorporated)
HKLM\...\Run: [HP Color LaserJet CM1312 MFP Series Fax] - C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-11] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2010-10-28] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [224352 2010-10-28] (CyberLink Corp.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM-x32\...\Run: [HotkeyApp] - C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [200704 2009-12-14] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] - C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2009-12-11] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] - C:\Program Files (x86)\Launch Manager\Wbutton.exe [436264 2010-06-21] (Wistron Corp.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [HPUsageTracking] - C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [24576 2009-05-11] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-29] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-490725143-3289892566-3385816065-1000\...\Run: [Personal ID] - C:\Program Files (x86)\coolspot AG\Personal ID\pid.exe [1132984 2013-08-01] (coolspot AG, Düsseldorf)
HKU\S-1-5-21-490725143-3289892566-3385816065-1000\...\Run: [ISUSPM] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-05-16] (Macrovision Corporation)
HKU\S-1-5-21-490725143-3289892566-3385816065-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20728480 2014-01-14] (Skype Technologies S.A.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {C6135BFC-325F-4C89-B5A9-5C016F700BE7} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {C6135BFC-325F-4C89-B5A9-5C016F700BE7} URL = https://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Chrome: 
=======
CHR HomePage: 
CHR RestoreOnStartup: "sync": {
      "app_settings": true,
      "apps": true,
      "autofill": true,
      "autofill_profile": true,
      "bookmarks": true,
      "dictionary": true,
      "encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAATplyssRhTkmLrzZn5shSowAAAAACAAAAAAAQZgAAAAEAACAAAADZdCJleZ6pl/FwD48LV4myi1IuQ//ABBhNdgdtpcKSyQAAAAAOgAAAAAIAACAAAACVkF6ZF8NXhNrDMoaTYbXTxPM2FZC8I3mXT7P1MbNwAkAAAAAb3ZSnieFT7UKPrq9BdJfRbx3feyinVd3IgiMBaHqsPYK3YqcMOqHXpmHOR/EoP9IMZERiL/jmSj+UMgKfhNaoQAAAANiIUP9I5il1mZGMjR2HhCxaOkJVKxyiK1TCqIBbA9WGTz4f0rmqyfzBDSvm/8CeikNcll479aYlFtkJbD8lwmA=",
      "extension_settings": true,
      "extensions": true,
      "favicon_images": true,
      "favicon_tracking": true,
      "has_setup_completed": true,
      "history_delete_directives": true,
      "keystore_encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAATplyssRhTkmLrzZn5shSowAAAAACAAAAAAAQZgAAAAEAACAAAAA3iLdA8Mpg1fBLX8vIvaNMg7a51a4sZf9uvz4NyLoTrQAAAAAOgAAAAAIAACAAAAArJ8U+vDASH891DD8dKJIw5GoY4hlanAkCKr9C7Tyzb1AAAAAufoZc6GRdyCn6Ph1mRUwmXNaOJa8eECtpc2DKp9BxXDEwTcE3Yb76NbPi3qMyQb6d/ooBtNm1cZfED19PgGuoXtn975dDvxpAP1rC1zblTEAAAADLR+61Xv+5E4bbaBCh1BO2BFfHNRelYnbgNxCa7xKsXt1Lu5eFtg5OPBvUE8eVUDlP8ir/REziVUgT/6IM+djC",
      "last_synced_time": "13040612406530521",
      "managed_users": true,
      "passwords": true,
      "preferences": true,
      "priority_preferences": true,
      "search_engines": true,
      "session_sync_guid": "session_syncOa2DFbo2Ay8y4nqHEBhpMg==",
      "sessions": true,
      "suppress_start": false,
      "synced_notifications": true,
      "tabs": true,
      "themes": true,
      "typed_urls"
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-11]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-11]
CHR Extension: (Schalten Sie das Licht) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2013-11-13]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-11]
CHR Extension: (Cake Mania Main Street) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohogdkongdgejlnndnnhamjgfnbfoon [2013-11-13]
CHR Extension: (tattoo girl) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bolmkphclbnmjlbmibfcnfggbakghpck [2013-11-13]
CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-11]
CHR Extension: (Mangas und Comics auf Deutsch) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmidfbpiiicmkfimcbcoagpmchgmkpl [2013-11-13]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-11]
CHR Extension: (Search by Image (by Google)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2013-11-13]
CHR Extension: (avast! Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-09]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2013-11-13]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-03-02]
CHR Extension: (Cake Mania) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckjnbilaljpiclmpmnomoapakjmoapj [2013-11-13]
CHR Extension: (SparkChess 7) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2013-11-13]
CHR Extension: (Sand 2) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\klicmgamjpclmbhppmdeamffedflmkcn [2013-11-13]
CHR Extension: (convert2mp3.net Online Video Converter) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmhoigapbeidamhadadmpbhpaodamjce [2014-02-18]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-11]
CHR Extension: (YouTube Unblocker) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-02-07]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-29]

==================== Services (Whitelisted) =================

S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R2 AntiToolbarProtector; C:\Program Files\AntiToolbar\ReiGuard.exe [5101928 2014-01-23] (Reimage®)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-29] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-03-29] (AVAST Software)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project)
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-08-24] ()
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-02-10] ()
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2009-10-22] (Wistron Corp.)
S2 x10nets; C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe [20480 2009-11-07] (X10)

==================== Drivers (Whitelisted) ====================

S3 ActionReplayDS; C:\Windows\System32\Drivers\ActionReplayDS_x64.sys [51600 2007-02-08] (Thesycon GmbH, Germany)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-03-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-03-29] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [445304 2014-03-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-03-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-03-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-03-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-03-29] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-03-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-03-29] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2013-10-10] ()
S3 FlashUSB; C:\Windows\System32\DRIVERS\FlashUSB_x64.sys [19968 2010-12-21] (Danish Wireless Design A/S)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2013-10-10] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 mod7764; C:\Windows\System32\DRIVERS\mod77-64.sys [913888 2009-09-24] (DiBcom SA)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-03-21] (Duplex Secure Ltd.)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [15896 2009-05-13] (X10 Wireless Technology, Inc.)
S2 {09BB444F-B2E2-4009-BAF2-7B727681223E}; C:\Program Files (x86)\VMLaunch\BuddyVM.sys [15872 2004-10-05] (Interlex Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 DfSdkS; 
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-30 01:44 - 2014-03-30 01:44 - 00000000 ___DC () C:\Program Files (x86)\ESET
2014-03-30 01:42 - 2014-03-30 01:42 - 02347384 ____C (ESET) C:\Users\Daniel\Desktop\esetsmartinstaller_enu.exe
2014-03-29 23:06 - 2014-03-15 01:55 - 00915558 ____C () C:\Users\Daniel\Downloads\com.dotgears.flappybird.apk
2014-03-29 23:05 - 2014-03-29 22:58 - 26291411 ____C () C:\Users\Daniel\Downloads\sky_burger.apk
2014-03-29 22:51 - 2014-03-29 23:39 - 170443072 ____C () C:\Users\Daniel\Downloads\plants_vs_zombies_2.zip
2014-03-29 18:33 - 2014-03-29 23:17 - 00000000 ___DC () C:\Windroy
2014-03-29 18:29 - 2014-03-29 18:31 - 83252212 ____C (Windroy, Inc. ) C:\Users\Daniel\Downloads\windroy_20140113.exe
2014-03-29 18:08 - 2014-03-29 18:13 - 00000000 ___DC () C:\ProgramData\BlueStacksSetup
2014-03-29 18:07 - 2014-03-29 18:07 - 10245808 ____C (BlueStack Systems Inc.) C:\Users\Daniel\Downloads\BlueStacks-SplitInstaller_native_0.8.4.3036.exe
2014-03-29 18:05 - 2014-03-29 18:06 - 04999351 ____C () C:\Users\Daniel\Downloads\tower-bloxx-deluxe-3d-320-480.swf
2014-03-29 13:14 - 2014-03-29 13:16 - 00076034 ____C () C:\Users\Daniel\Desktop\Addition.txt
2014-03-29 13:13 - 2014-03-30 10:59 - 00019827 ____C () C:\Users\Daniel\Desktop\FRST.txt
2014-03-29 13:12 - 2014-03-30 10:59 - 00000000 ___DC () C:\FRST
2014-03-29 13:11 - 2014-03-29 13:11 - 02157056 ____C (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-03-29 12:55 - 2014-03-29 12:55 - 00000000 ___DC () C:\ProgramData\Package Cache
2014-03-29 12:55 - 2014-03-29 12:55 - 00000000 ___DC () C:\Program Files\Adblock Plus for IE
2014-03-29 12:52 - 2014-03-29 12:52 - 04741136 ____C () C:\Users\Daniel\Downloads\adblockplusie-1.1.exe
2014-03-29 12:20 - 2014-03-29 12:20 - 00991232 ____C () C:\Users\Daniel\Downloads\MicrosoftFixit50267.msi
2014-03-29 11:19 - 2014-03-29 11:19 - 00043152 ____C (AVAST Software) C:\Windows\avastSS.scr
2014-03-29 11:18 - 2014-03-29 11:18 - 00445304 ____C (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-03-28 23:17 - 2014-03-28 23:23 - 25467065 ____C () C:\Users\Daniel\Downloads\1309StOb.rar
2014-03-24 17:58 - 2014-03-24 18:34 - 78938112 ____C () C:\Users\Daniel\Downloads\1102StOb.rar
2014-03-24 17:08 - 2014-03-24 17:54 - 00000000 ___DC () C:\Users\Daniel\Downloads\sims
2014-03-24 17:04 - 2014-03-24 17:04 - 00000000 ___DC () C:\Users\Daniel\Downloads\video
2014-03-24 17:01 - 2014-03-24 17:04 - 00000000 ___DC () C:\Users\Daniel\Downloads\dokumente
2014-03-24 16:58 - 2014-03-24 16:58 - 00000000 ___DC () C:\Users\Daniel\Downloads\flash spiele
2014-03-22 16:24 - 2014-03-22 16:24 - 00003337 ____C () C:\Users\Daniel\Downloads\NRaas_NoCD.zip
2014-03-22 01:43 - 2014-03-22 01:43 - 00000000 ___DC () C:\Program Files (x86)\Hex-Editor MX
2014-03-21 19:18 - 2014-03-21 19:18 - 00000000 ___DC () C:\Users\Public\Documents\DAEMON Tools Images
2014-03-21 19:01 - 2014-03-21 19:17 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite
2014-03-21 18:59 - 2014-03-21 19:19 - 00000000 ___DC () C:\ProgramData\DAEMON Tools Lite
2014-03-18 19:07 - 2014-03-18 19:07 - 00000000 ___DC () C:\Users\Daniel\Documents\Epubsoft
2014-03-18 19:07 - 2014-03-18 19:07 - 00000000 ___DC () C:\ProgramData\Epubsoft
2014-03-18 19:06 - 2014-03-18 19:06 - 00002819 ____C () C:\Users\Public\Desktop\EPubsoft Adobe PDF ePub DRM Removal.lnk
2014-03-18 19:06 - 2014-03-18 19:06 - 00000000 ___DC () C:\Program Files (x86)\EPUBSOFT
2014-03-18 18:59 - 2014-03-18 18:59 - 00000000 ___DC () C:\Users\Daniel\AppData\Local\Adobe_Systems_Incorporate
2014-03-18 18:58 - 2014-03-18 19:10 - 00000000 ___DC () C:\Users\Daniel\Documents\My Digital Editions
2014-03-18 18:37 - 2014-03-18 18:37 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\SomePDF
2014-03-18 18:37 - 2014-03-18 18:37 - 00000000 ___DC () C:\Program Files (x86)\SomePDF
2014-03-18 16:18 - 2014-03-18 16:18 - 00000000 ___DC () C:\Users\Daniel\Documents\4Media
2014-03-18 16:18 - 2014-03-18 16:18 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\4Media
2014-03-18 16:17 - 2014-03-18 16:17 - 00000000 ___DC () C:\Program Files (x86)\4Media
2014-03-16 20:20 - 2007-07-23 13:11 - 00425984 ____C () C:\Users\Daniel\Desktop\AnimalMap.exe
2014-03-16 20:20 - 2007-07-22 13:05 - 00000031 ____C () C:\Users\Daniel\Desktop\AnimalMap_AdvancedMode.bat
2014-03-16 14:13 - 2014-03-16 14:13 - 00132628 ____C () C:\Users\Daniel\Desktop\usrcheat.dat
2014-03-15 20:16 - 2014-03-15 20:16 - 00000000 ___DC () C:\Users\Daniel\Desktop\r4cce086
2014-03-15 19:56 - 2014-03-15 19:56 - 00002990 ____C () C:\Windows\System32\Tasks\{A5C24906-6C19-4574-85F9-6616289EB799}
2014-03-15 19:54 - 2014-03-15 20:13 - 00000000 ___DC () C:\Users\Daniel\Desktop\Cheat code editor
2014-03-13 00:05 - 2014-03-13 00:05 - 00000000 ___DC () C:\Users\Daniel\Downloads\de
2014-03-12 23:54 - 2014-03-18 19:11 - 00000000 ___DC () C:\Users\Daniel\Desktop\pokesavplat_en
2014-03-12 20:03 - 2014-03-12 20:03 - 00000000 ___DC () C:\Users\Daniel\Downloads\R4 V1.78b German
2014-03-12 12:38 - 2014-03-13 04:03 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 12:38 - 2014-03-13 04:03 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 12:38 - 2014-03-13 04:03 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 12:38 - 2014-03-13 04:02 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 12:38 - 2014-03-13 04:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 12:38 - 2014-03-13 04:02 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 12:38 - 2014-03-13 04:02 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 12:38 - 2014-03-13 04:02 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 12:38 - 2014-03-13 04:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 12:38 - 2014-03-13 04:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 12:38 - 2014-03-13 04:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 12:38 - 2014-03-13 04:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 12:38 - 2014-03-13 04:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 12:37 - 2014-03-13 04:02 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 12:37 - 2014-03-13 04:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 12:36 - 2014-03-13 04:02 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 12:36 - 2014-03-13 04:02 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 12:36 - 2014-03-13 04:01 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 12:36 - 2014-03-13 04:01 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-11 17:00 - 2014-03-24 17:54 - 00000000 ___DC () C:\Users\Daniel\Downloads\en
2014-03-11 13:47 - 2014-03-11 13:47 - 00002962 ____C () C:\Windows\System32\Tasks\{7438BE65-7E2E-47AC-B28F-7D1B1CD340BF}
2014-03-11 13:04 - 2014-03-12 18:16 - 00000000 ___DC () C:\Users\Daniel\Desktop\mew sav
2014-03-11 12:33 - 2014-03-11 12:40 - 00000000 ___DC () C:\Users\Daniel\Downloads\Marvelous Designer 2 (64 bit) 3.8.3 Multilanguage [ChingLiu]
2014-03-09 16:51 - 2014-03-09 16:51 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\DropboxMaster
2014-03-09 00:34 - 2014-03-09 00:34 - 00001182 ____C () C:\Users\Daniel\Desktop\Cheatbook Database 2014.lnk
2014-03-09 00:34 - 2014-03-09 00:34 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cheatbook Database2014
2014-03-09 00:30 - 2014-03-09 02:32 - 00000000 ___DC () C:\Program Files (x86)\Cheatbook Database 2014
2014-03-09 00:22 - 2014-03-09 00:31 - 00000000 ___DC () C:\Program Files (x86)\Cheatbook 07.2013
2014-03-08 18:51 - 2014-03-08 22:53 - 00000000 ___DC () C:\Users\Daniel\Downloads\MotherLoad.Goldium.Edition
2014-03-06 20:20 - 2014-03-06 20:38 - 00000000 ___DC () C:\Windows\erdnt
2014-03-06 12:33 - 2014-03-06 12:33 - 00001026 ____C () C:\Users\Public\Desktop\DivX Player.lnk
2014-03-05 16:42 - 2014-03-05 16:42 - 00001120 ____C () C:\Users\Public\Desktop\MAGIX Web Designer 9 Premium (32-bit).lnk
2014-03-05 16:41 - 2014-03-05 16:41 - 00000000 ___DC () C:\Program Files\Common Files\MAGIX Services
2014-03-05 15:53 - 2014-03-05 15:53 - 00000000 ___DC () C:\Users\Daniel\AppData\Local\Xara
2014-03-02 01:21 - 2014-03-02 01:21 - 00000000 ___DC () C:\Users\Daniel\Downloads\129791_ndssaveconverter25
2014-02-28 16:09 - 2007-02-08 14:48 - 00051600 ____C (Thesycon GmbH, Germany) C:\Windows\system32\Drivers\ActionReplayDS_x64.sys
2014-02-28 15:58 - 2014-02-28 15:58 - 00001059 ____C () C:\Users\Administrator\Desktop\MAX DS Video Converter.lnk
2014-02-28 15:56 - 2014-02-28 15:58 - 00000000 ___DC () C:\Program Files (x86)\Datel
2014-02-28 03:33 - 2014-02-28 03:33 - 00000000 ___DC () C:\Nerf Arena Blast

==================== One Month Modified Files and Folders =======

2014-03-30 11:00 - 2014-03-29 13:13 - 00019827 ____C () C:\Users\Daniel\Desktop\FRST.txt
2014-03-30 10:59 - 2014-03-29 13:12 - 00000000 ___DC () C:\FRST
2014-03-30 10:10 - 2013-11-11 17:47 - 00001110 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-30 10:08 - 2013-07-31 22:11 - 00000884 ____C () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-30 04:00 - 2013-08-14 09:41 - 01873634 ____C () C:\Windows\WindowsUpdate.log
2014-03-30 02:21 - 2013-08-01 17:23 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\Skype
2014-03-30 01:44 - 2014-03-30 01:44 - 00000000 ___DC () C:\Program Files (x86)\ESET
2014-03-30 01:42 - 2014-03-30 01:42 - 02347384 ____C (ESET) C:\Users\Daniel\Desktop\esetsmartinstaller_enu.exe
2014-03-29 23:39 - 2014-03-29 22:51 - 170443072 ____C () C:\Users\Daniel\Downloads\plants_vs_zombies_2.zip
2014-03-29 23:17 - 2014-03-29 18:33 - 00000000 ___DC () C:\Windroy
2014-03-29 23:01 - 2013-11-01 17:13 - 00000000 ___DC () C:\Users\Daniel\Downloads\programe
2014-03-29 22:58 - 2014-03-29 23:05 - 26291411 ____C () C:\Users\Daniel\Downloads\sky_burger.apk
2014-03-29 22:51 - 2013-07-31 19:47 - 00000000 ___DC () C:\Users\Daniel\AppData\Local\VirtualStore
2014-03-29 18:55 - 2009-07-14 05:20 - 00000000 _RHDC () C:\Users\Public\Libraries
2014-03-29 18:31 - 2014-03-29 18:29 - 83252212 ____C (Windroy, Inc. ) C:\Users\Daniel\Downloads\windroy_20140113.exe
2014-03-29 18:13 - 2014-03-29 18:08 - 00000000 ___DC () C:\ProgramData\BlueStacksSetup
2014-03-29 18:07 - 2014-03-29 18:07 - 10245808 ____C (BlueStack Systems Inc.) C:\Users\Daniel\Downloads\BlueStacks-SplitInstaller_native_0.8.4.3036.exe
2014-03-29 18:06 - 2014-03-29 18:05 - 04999351 ____C () C:\Users\Daniel\Downloads\tower-bloxx-deluxe-3d-320-480.swf
2014-03-29 17:53 - 2013-11-21 01:43 - 00000000 ___DC () C:\Users\Daniel\Desktop\bilder
2014-03-29 13:16 - 2014-03-29 13:14 - 00076034 ____C () C:\Users\Daniel\Desktop\Addition.txt
2014-03-29 13:11 - 2014-03-29 13:11 - 02157056 ____C (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-03-29 12:55 - 2014-03-29 12:55 - 00000000 ___DC () C:\ProgramData\Package Cache
2014-03-29 12:55 - 2014-03-29 12:55 - 00000000 ___DC () C:\Program Files\Adblock Plus for IE
2014-03-29 12:52 - 2014-03-29 12:52 - 04741136 ____C () C:\Users\Daniel\Downloads\adblockplusie-1.1.exe
2014-03-29 12:38 - 2009-07-14 06:45 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-29 12:38 - 2009-07-14 06:45 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-29 12:24 - 2013-11-18 11:37 - 00012184 ____C () C:\Windows\setupact.log
2014-03-29 12:24 - 2013-11-11 17:47 - 00001106 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-29 12:24 - 2009-07-14 07:08 - 00000006 ___HC () C:\Windows\Tasks\SA.DAT
2014-03-29 12:20 - 2014-03-29 12:20 - 00991232 ____C () C:\Users\Daniel\Downloads\MicrosoftFixit50267.msi
2014-03-29 12:05 - 2013-11-11 17:47 - 00004106 ____C () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-29 12:05 - 2013-11-11 17:47 - 00003854 ____C () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-29 12:03 - 2013-11-11 17:48 - 00002127 ____C () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-29 11:53 - 2013-11-20 01:00 - 00257204 ____C () C:\Windows\PFRO.log
2014-03-29 11:20 - 2013-12-09 02:50 - 00001976 ____C () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-03-29 11:19 - 2014-03-29 11:19 - 00043152 ____C (AVAST Software) C:\Windows\avastSS.scr
2014-03-29 11:19 - 2013-12-22 00:19 - 00084816 ____C (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-03-29 11:19 - 2013-12-09 02:49 - 01039096 ____C (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-29 11:19 - 2013-12-09 02:49 - 00423240 ____C (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-29 11:19 - 2013-12-09 02:49 - 00334648 ____C (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-29 11:19 - 2013-12-09 02:49 - 00208928 ____C () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-29 11:19 - 2013-12-09 02:49 - 00093568 ____C (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-03-29 11:19 - 2013-12-09 02:49 - 00079184 ____C (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-29 11:19 - 2013-12-09 02:49 - 00065776 ____C () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-29 11:19 - 2013-12-09 02:49 - 00028184 ____C (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-03-29 11:19 - 2013-12-09 02:49 - 00003924 ____C () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-29 11:18 - 2014-03-29 11:18 - 00445304 ____C (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-03-29 09:04 - 2013-08-07 20:01 - 00000000 ___DC () C:\Program Files (x86)\DVDVideoSoft
2014-03-28 23:23 - 2014-03-28 23:17 - 25467065 ____C () C:\Users\Daniel\Downloads\1309StOb.rar
2014-03-27 23:16 - 2010-05-12 10:18 - 00699342 ____C () C:\Windows\system32\perfh007.dat
2014-03-27 23:16 - 2010-05-12 10:18 - 00149450 ____C () C:\Windows\system32\perfc007.dat
2014-03-27 23:16 - 2009-07-14 07:13 - 01619284 ____C () C:\Windows\system32\PerfStringBackup.INI
2014-03-25 17:02 - 2013-10-30 16:15 - 00000000 ___DC () C:\Users\Daniel\Downloads\bilder
2014-03-24 18:34 - 2014-03-24 17:58 - 78938112 ____C () C:\Users\Daniel\Downloads\1102StOb.rar
2014-03-24 17:54 - 2014-03-24 17:08 - 00000000 ___DC () C:\Users\Daniel\Downloads\sims
2014-03-24 17:54 - 2014-03-11 17:00 - 00000000 ___DC () C:\Users\Daniel\Downloads\en
2014-03-24 17:05 - 2013-07-31 21:43 - 00000000 __RDC () C:\Users\Daniel\Desktop\Dj Musik
2014-03-24 17:04 - 2014-03-24 17:04 - 00000000 ___DC () C:\Users\Daniel\Downloads\video
2014-03-24 17:04 - 2014-03-24 17:01 - 00000000 ___DC () C:\Users\Daniel\Downloads\dokumente
2014-03-24 16:58 - 2014-03-24 16:58 - 00000000 ___DC () C:\Users\Daniel\Downloads\flash spiele
2014-03-24 16:56 - 2013-11-01 17:12 - 00000000 ___DC () C:\Users\Daniel\Downloads\rar verzeichnisse
2014-03-24 15:34 - 2013-11-19 19:45 - 00000000 ___DC () C:\Users\Daniel\Desktop\sims
2014-03-23 14:23 - 2013-12-16 03:22 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\BitTorrent
2014-03-22 20:58 - 2013-08-21 23:22 - 00000000 ___DC () C:\Users\Daniel\Desktop\spiele
2014-03-22 20:57 - 2013-08-13 18:16 - 00000000 ___DC () C:\Users\Daniel\AppData\Local\SecondLife
2014-03-22 20:50 - 2013-08-01 17:06 - 00000000 ___DC () C:\Users\Daniel\Documents\Youcam
2014-03-22 19:30 - 2013-08-13 18:30 - 00000000 ____C () C:\conversation.log
2014-03-22 19:28 - 2013-08-13 18:14 - 00000000 ___DC () C:\Program Files (x86)\SecondLifeViewer
2014-03-22 16:24 - 2014-03-22 16:24 - 00003337 ____C () C:\Users\Daniel\Downloads\NRaas_NoCD.zip
2014-03-22 13:57 - 2013-10-26 18:48 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\Notepad++
2014-03-22 13:57 - 2013-10-26 18:48 - 00000000 ___DC () C:\Program Files (x86)\Notepad++
2014-03-22 01:43 - 2014-03-22 01:43 - 00000000 ___DC () C:\Program Files (x86)\Hex-Editor MX
2014-03-21 20:08 - 2013-08-21 23:55 - 00000000 ___DC () C:\Users\Daniel\AppData\Local\Apps\2.0
2014-03-21 19:19 - 2014-03-21 18:59 - 00000000 ___DC () C:\ProgramData\DAEMON Tools Lite
2014-03-21 19:18 - 2014-03-21 19:18 - 00000000 ___DC () C:\Users\Public\Documents\DAEMON Tools Images
2014-03-21 19:17 - 2014-03-21 19:01 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite
2014-03-21 19:02 - 2013-10-21 17:29 - 00386680 ____C (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-03-20 22:45 - 2014-02-09 15:24 - 00000000 ___DC () C:\Users\Daniel\Desktop\überweisungen
2014-03-18 19:11 - 2014-03-12 23:54 - 00000000 ___DC () C:\Users\Daniel\Desktop\pokesavplat_en
2014-03-18 19:10 - 2014-03-18 18:58 - 00000000 ___DC () C:\Users\Daniel\Documents\My Digital Editions
2014-03-18 19:07 - 2014-03-18 19:07 - 00000000 ___DC () C:\Users\Daniel\Documents\Epubsoft
2014-03-18 19:07 - 2014-03-18 19:07 - 00000000 ___DC () C:\ProgramData\Epubsoft
2014-03-18 19:06 - 2014-03-18 19:06 - 00002819 ____C () C:\Users\Public\Desktop\EPubsoft Adobe PDF ePub DRM Removal.lnk
2014-03-18 19:06 - 2014-03-18 19:06 - 00000000 ___DC () C:\Program Files (x86)\EPUBSOFT
2014-03-18 19:02 - 2013-08-03 20:09 - 00000000 ___DC () C:\Users\Daniel\AppData\Local\CrashDumps
2014-03-18 18:59 - 2014-03-18 18:59 - 00000000 ___DC () C:\Users\Daniel\AppData\Local\Adobe_Systems_Incorporate
2014-03-18 18:58 - 2013-12-08 21:28 - 00000000 ___DC () C:\Users\Daniel\Desktop\programme
2014-03-18 18:58 - 2013-07-31 22:15 - 00000000 ___DC () C:\Program Files (x86)\Adobe
2014-03-18 18:37 - 2014-03-18 18:37 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\SomePDF
2014-03-18 18:37 - 2014-03-18 18:37 - 00000000 ___DC () C:\Program Files (x86)\SomePDF
2014-03-18 16:18 - 2014-03-18 16:18 - 00000000 ___DC () C:\Users\Daniel\Documents\4Media
2014-03-18 16:18 - 2014-03-18 16:18 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\4Media
2014-03-18 16:17 - 2014-03-18 16:17 - 00000000 ___DC () C:\Program Files (x86)\4Media
2014-03-18 14:28 - 2013-08-01 11:11 - 00000000 ___DC () C:\Windows\system32\MRT
2014-03-18 14:20 - 2013-07-31 23:46 - 90015360 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-16 14:13 - 2014-03-16 14:13 - 00132628 ____C () C:\Users\Daniel\Desktop\usrcheat.dat
2014-03-15 20:16 - 2014-03-15 20:16 - 00000000 ___DC () C:\Users\Daniel\Desktop\r4cce086
2014-03-15 20:13 - 2014-03-15 19:54 - 00000000 ___DC () C:\Users\Daniel\Desktop\Cheat code editor
2014-03-15 19:56 - 2014-03-15 19:56 - 00002990 ____C () C:\Windows\System32\Tasks\{A5C24906-6C19-4574-85F9-6616289EB799}
2014-03-15 01:55 - 2014-03-29 23:06 - 00915558 ____C () C:\Users\Daniel\Downloads\com.dotgears.flappybird.apk
2014-03-13 08:24 - 2013-11-18 11:37 - 03268448 ____C () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 04:03 - 2014-03-12 12:38 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 04:03 - 2014-03-12 12:38 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 04:03 - 2014-03-12 12:38 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 04:02 - 2014-03-12 12:38 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 04:02 - 2014-03-12 12:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 04:02 - 2014-03-12 12:38 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 04:02 - 2014-03-12 12:38 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 04:02 - 2014-03-12 12:38 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 04:02 - 2014-03-12 12:38 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 04:02 - 2014-03-12 12:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 04:02 - 2014-03-12 12:38 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 04:02 - 2014-03-12 12:38 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 04:02 - 2014-03-12 12:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 04:02 - 2014-03-12 12:37 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 04:02 - 2014-03-12 12:37 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 04:02 - 2014-03-12 12:36 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 04:02 - 2014-03-12 12:36 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 04:01 - 2014-03-12 12:36 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 04:01 - 2014-03-12 12:36 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 00:05 - 2014-03-13 00:05 - 00000000 ___DC () C:\Users\Daniel\Downloads\de
2014-03-12 22:19 - 2013-08-03 16:10 - 00000000 __RDC () C:\Users\Daniel\Dropbox
2014-03-12 22:11 - 2013-08-03 16:06 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\Dropbox
2014-03-12 20:03 - 2014-03-12 20:03 - 00000000 ___DC () C:\Users\Daniel\Downloads\R4 V1.78b German
2014-03-12 19:08 - 2013-07-31 22:11 - 00692616 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 19:08 - 2013-07-31 22:11 - 00071048 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 19:08 - 2013-07-31 22:11 - 00003822 ____C () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 18:16 - 2014-03-11 13:04 - 00000000 ___DC () C:\Users\Daniel\Desktop\mew sav
2014-03-11 13:47 - 2014-03-11 13:47 - 00002962 ____C () C:\Windows\System32\Tasks\{7438BE65-7E2E-47AC-B28F-7D1B1CD340BF}
2014-03-11 12:40 - 2014-03-11 12:33 - 00000000 ___DC () C:\Users\Daniel\Downloads\Marvelous Designer 2 (64 bit) 3.8.3 Multilanguage [ChingLiu]
2014-03-11 04:39 - 2009-07-14 05:20 - 00000000 ___DC () C:\Windows\system32\NDF
2014-03-09 17:44 - 2013-08-07 20:01 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\DVDVideoSoft
2014-03-09 17:42 - 2013-08-07 20:01 - 00001203 ____C () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-03-09 17:07 - 2013-08-03 16:08 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-03-09 16:51 - 2014-03-09 16:51 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\DropboxMaster
2014-03-09 02:32 - 2014-03-09 00:30 - 00000000 ___DC () C:\Program Files (x86)\Cheatbook Database 2014
2014-03-09 00:34 - 2014-03-09 00:34 - 00001182 ____C () C:\Users\Daniel\Desktop\Cheatbook Database 2014.lnk
2014-03-09 00:34 - 2014-03-09 00:34 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cheatbook Database2014
2014-03-09 00:31 - 2014-03-09 00:22 - 00000000 ___DC () C:\Program Files (x86)\Cheatbook 07.2013
2014-03-09 00:31 - 2009-07-14 04:34 - 00000634 ____C () C:\Windows\win.ini
2014-03-08 22:53 - 2014-03-08 18:51 - 00000000 ___DC () C:\Users\Daniel\Downloads\MotherLoad.Goldium.Edition
2014-03-06 21:44 - 2013-11-15 14:02 - 00001026 ____C () C:\DelFix.txt
2014-03-06 20:38 - 2014-03-06 20:20 - 00000000 ___DC () C:\Windows\erdnt
2014-03-06 20:36 - 2009-07-14 04:34 - 00000215 ____C () C:\Windows\system.ini
2014-03-06 14:51 - 2013-08-03 17:19 - 00000000 ___DC () C:\Users\Daniel\Documents\MAGIX
2014-03-06 14:41 - 2013-07-31 19:47 - 00000000 ___DC () C:\Users\Daniel
2014-03-06 12:33 - 2014-03-06 12:33 - 00001026 ____C () C:\Users\Public\Desktop\DivX Player.lnk
2014-03-06 12:33 - 2013-07-31 22:36 - 00001612 ____C () C:\Users\Daniel\Desktop\DivX Movies.lnk
2014-03-06 12:33 - 2013-07-31 22:31 - 00000000 ___DC () C:\Program Files (x86)\DivX
2014-03-06 12:33 - 2013-07-31 22:29 - 00000000 ___DC () C:\ProgramData\DivX
2014-03-06 12:32 - 2013-09-10 01:46 - 00001091 ____C () C:\Users\Public\Desktop\DivX Converter.lnk
2014-03-06 12:32 - 2013-07-31 22:36 - 00000000 ___DC () C:\Program Files\DivX
2014-03-05 17:33 - 2013-08-14 17:22 - 00000952 __SHC () C:\ProgramData\KGyGaAvL.sys
2014-03-05 17:28 - 2013-11-19 17:01 - 00217648 ____C () C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-05 16:42 - 2014-03-05 16:42 - 00001120 ____C () C:\Users\Public\Desktop\MAGIX Web Designer 9 Premium (32-bit).lnk
2014-03-05 16:41 - 2014-03-05 16:41 - 00000000 ___DC () C:\Program Files\Common Files\MAGIX Services
2014-03-05 16:41 - 2013-08-03 17:38 - 00000000 ___DC () C:\Program Files (x86)\MAGIX
2014-03-05 15:53 - 2014-03-05 15:53 - 00000000 ___DC () C:\Users\Daniel\AppData\Local\Xara
2014-03-05 15:53 - 2013-08-03 17:19 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\MAGIX
2014-03-05 15:53 - 2013-08-03 17:17 - 00000000 ___DC () C:\ProgramData\MAGIX
2014-03-05 15:53 - 2007-04-27 10:43 - 00120200 ____C () C:\Windows\SysWOW64\DLLDEV32i.dll
2014-03-03 06:46 - 2013-08-19 07:16 - 00000919 ____C () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-02 23:32 - 2013-08-06 01:06 - 00000000 ___DC () C:\ProgramData\firebird
2014-03-02 03:22 - 2013-08-19 07:16 - 00000000 ___DC () C:\Users\Daniel\AppData\Roaming\vlc
2014-03-02 01:21 - 2014-03-02 01:21 - 00000000 ___DC () C:\Users\Daniel\Downloads\129791_ndssaveconverter25
2014-02-28 15:58 - 2014-02-28 15:58 - 00001059 ____C () C:\Users\Administrator\Desktop\MAX DS Video Converter.lnk
2014-02-28 15:58 - 2014-02-28 15:56 - 00000000 ___DC () C:\Program Files (x86)\Datel
2014-02-28 15:57 - 2013-12-29 20:01 - 00001084 ____C () C:\Windows\KB893803v2.log
2014-02-28 03:33 - 2014-02-28 03:33 - 00000000 ___DC () C:\Nerf Arena Blast

Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmfxln_.dll
C:\Users\Daniel\AppData\Local\Temp\npp.6.5.5.Installer.exe
C:\Users\Daniel\AppData\Local\Temp\SWFXXLRT.DLL
C:\Users\Daniel\AppData\Local\Temp\Upgrade.exe
C:\Users\Daniel\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-30 08:18

==================== End Of Log ============================

--- --- ---

--- --- ---

die website wolte beim start vom browser selbst als sie entfernt wurde wieder manipulieren hatte auf einmal 3 google startseiten offen ^^

Bootsektor · 30.03.2014, 17:09

Zitat:

die website wolte beim start vom browser selbst als sie entfernt wurde wieder manipulieren hatte auf einmal 3 google startseiten offen ^^

Sie ist jetzt also immer noch da?

saufbiene · 30.03.2014, 21:16

ja sie ist wieder da ^^
internet explorer startseite ist wieder verändert worden.

Bootsektor · 30.03.2014, 22:44

Hallo saufbiene,
startest du den Internetexplorer über eine Verknüpfung auf dem Desktop?

Mache folgendes, starte nach dem Schritt nochmal den Internetexplorer und berichte mir ob das Problem damit beseitigt wurde.
Schritt 1
Downloade dir bitte Shortcut Cleaner (by Grinler) auf deinen Desktop.

Starte die sc-cleaner.exe mit einem Doppelclick.
Bestätige die Meldung Shortcut Cleaner Finished am Ende des Suchlaufs mit Ok.
Eine Logdatei wird sich öffnen (sc-cleaner.txt).
Poste den Inhalt mit deiner nächsten Antwort.

saufbiene · 30.03.2014, 22:52

Code:

ATTFilter

Shortcut Cleaner 1.3.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
 http://www.bleepingcomputer.com/download/shortcut-cleaner/

Windows Version: Windows 7 Home Premium Service Pack 1
Program started at: 03/30/2014 11:49:12 PM.

Scanning for registry hijacks:

 * No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\Daniel\Desktop


0 bad shortcuts found.

Program finished at: 03/30/2014 11:50:24 PM
Execution time: 0 hours(s), 1 minute(s), and 12 seconds(s)

nein ich starte alle programme über meine taskleiste ^^
und das problem besteht weiter hin.
-.-*

Bootsektor · 30.03.2014, 23:25

Hallo saufbiene,

klicke mal mit deiner rechten Taste auf das Icon des Internetexplorers in der Taskleiste, dann rechte Taste auf Internet Explorer > Eigenschaften (linke Taste) > Reiter Verknüpfung.
Was ist dort unter Ziel eingetragen? Steht dort nur C:\Program Files\Internet Explorer\iexplore.exe

saufbiene · 30.03.2014, 23:32

ja steht dort ^^

Code:

ATTFilter

"C:\Program Files\Internet Explorer\iexplore.exe"

Bootsektor · 30.03.2014, 23:35

Hallo saufbiene.
Das ist merkwürdig.
Mach bitte noch mal ein neues FRST-Log.
Schritt 1
Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

www.feed.plusnetwork.com ändert die websiten startseite immer um -.-*

Plagegeister aller Art und deren Bekämpfung: www.feed.plusnetwork.com ändert die websiten startseite immer um -.-*