Add on: Download Protect lässt sich nicht entfernen. (Windows 7, Mozilla Firefox)

Mullemulle1 · 13.04.2014, 12:31

Hallo ich bin Mullemulle1.
Ich habe bei meinem Browser seit längern dauer Werbung die sich nicht entfernen lässt. Unter Add-ons ist ein Download Protect den man nur Deaktiviern kann aber was auch nicht funktoiniert da er nach dem Fenster Neustart sofort wieder aktive ist. Ich habe schon bei CCleaner nach geguckt ob dort irgendwo so ein Programm. ist was auch so heißt aber nichts gefunden. Mein Virenprogramm (Avira) hat auch nichts gefunden.
Liebe Grüße Mullemulle1

schrauber · 13.04.2014, 13:19

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Mullemulle1 · 13.04.2014, 13:59

Ok danke
Ist das, dass richtige? Wo finde ich die Addition.txt?
FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-04-2014 01
Ran by Mulle (administrator) on MULLEPC on 13-04-2014 14:57:05
Running from C:\Users\Mulle\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Re-markit-soft\Re-markitfQL158.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Windows\DAODx.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
() C:\Program Files (x86)\Re-markit-soft\Re-markitfQLOWw.exe
() C:\Users\Mulle\AppData\Local\fst_de_1\upfst_de_1.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Spotify Ltd) C:\Users\Mulle\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files (x86)\MP4 Player\Mp4Player.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe
(
ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU\EPU.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Smart PC Solutions) C:\Program Files (x86)\PC Speed Maximizer\SPMSmartScan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Smart PC Solutions) C:\Program Files (x86)\PC Speed Maximizer\SPMReminder.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper64.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2369536 2010-03-15] (VIA)
HKLM-x32\...\Run: [TurboV EVO] - C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe [9936512 2010-07-15] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Six Engine] - C:\Program Files (x86)\ASUS\EPU\EPU.exe [5309056 2010-03-16] (
ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Download Protect] - C:\ProgramData\dlprotect.exe
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [fst_de_1] - "C:\Program Files (x86)\fst_de_1\fst_de_1.exe"
HKLM-x32\...\RunOnce: [upfst_de_1.exe] - C:\Users\Mulle\AppData\Local\fst_de_1\upfst_de_1.exe -runonce [3267536 2014-04-08] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-12-15] (Microsoft Corporation)
HKU\S-1-5-21-892184812-1128609943-1869083631-1000\...\Run: [Overwolf] - C:\Program Files (x86)\Overwolf\Overwolf.exe [37664 2014-03-05] (Overwolf LTD)
HKU\S-1-5-21-892184812-1128609943-1869083631-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-892184812-1128609943-1869083631-1000\...\Run: [Spotify] - C:\Users\Mulle\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-01-21] (Spotify Ltd)
HKU\S-1-5-21-892184812-1128609943-1869083631-1000\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-892184812-1128609943-1869083631-1000\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-892184812-1128609943-1869083631-1000\...\Run: [Spotify Web Helper] - C:\Users\Mulle\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-21] (Spotify Ltd)
HKU\S-1-5-21-892184812-1128609943-1869083631-1000\...\Run: [RoccatPowerGrid] - C:\Program Files (x86)\ROCCAT\Power-Grid\ROCCATPowerGrid.exe [5147248 2013-12-18] ()
HKU\S-1-5-21-892184812-1128609943-1869083631-1000\...\Run: [Free Download Manager] - "C:\Program Files (x86)\Free Download Manager\fdm.exe" -autorun
HKU\S-1-5-21-892184812-1128609943-1869083631-1000\...\Run: [MP4 Player] - C:\Program Files (x86)\MP4 Player\mp4Player.exe [772096 2008-11-06] ()
HKU\S-1-5-21-892184812-1128609943-1869083631-1000\...\Run: [PC Speed Maximizer] - C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe [134456 2013-03-09] (Smart PC Solutions)
HKU\S-1-5-21-892184812-1128609943-1869083631-1000\...\MountPoints2: {53ec4645-61a8-11e3-b2fe-806e6f6e6963} - D:\.\Bin\ASSETUP.exe
HKU\S-1-5-21-892184812-1128609943-1869083631-1000\...\MountPoints2: {a1265848-61ad-11e3-a5d6-806e6f6e6963} - D:\Autorun.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrId=F66E10BF485AEBB8&affID=127101&tsp=5215
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2CE462A1D4F5CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1397285347&from=tugs&uid=HitachiXHDS721010CLA332_JP9930HZ0LN5SH0LN5SHX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397285347&from=tugs&uid=HitachiXHDS721010CLA332_JP9930HZ0LN5SH0LN5SHX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1397285347&from=tugs&uid=HitachiXHDS721010CLA332_JP9930HZ0LN5SH0LN5SHX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1397285347&from=tugs&uid=HitachiXHDS721010CLA332_JP9930HZ0LN5SH0LN5SHX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1397285347&from=tugs&uid=HitachiXHDS721010CLA332_JP9930HZ0LN5SH0LN5SHX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397285347&from=tugs&uid=HitachiXHDS721010CLA332_JP9930HZ0LN5SH0LN5SHX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1397285347&from=tugs&uid=HitachiXHDS721010CLA332_JP9930HZ0LN5SH0LN5SHX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1397285347&from=tugs&uid=HitachiXHDS721010CLA332_JP9930HZ0LN5SH0LN5SHX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1397285347&from=tugs&uid=HitachiXHDS721010CLA332_JP9930HZ0LN5SH0LN5SHX&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1397285347&from=tugs&uid=HitachiXHDS721010CLA332_JP9930HZ0LN5SH0LN5SHX
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397285347&from=tugs&uid=HitachiXHDS721010CLA332_JP9930HZ0LN5SH0LN5SHX&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397285347&from=tugs&uid=HitachiXHDS721010CLA332_JP9930HZ0LN5SH0LN5SHX&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397285347&from=tugs&uid=HitachiXHDS721010CLA332_JP9930HZ0LN5SH0LN5SHX&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397285347&from=tugs&uid=HitachiXHDS721010CLA332_JP9930HZ0LN5SH0LN5SHX&q={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=F66E10BF485AEBB8&affID=127101&tsp=5215
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397285347&from=tugs&uid=HitachiXHDS721010CLA332_JP9930HZ0LN5SH0LN5SHX&q={searchTerms}
BHO: The weDownload Manager - {11111111-1111-1111-1111-110411901174} - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho64.dll (weDownload)
BHO: HQVid8.1v4 - {11111111-1111-1111-1111-110511311172} - C:\Program Files (x86)\HQVid8.1v4\HQVid8.1v4-bho64.dll (High-QualityV7)
BHO: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho64.dll (Freeven)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: The weDownload Manager - {11111111-1111-1111-1111-110411901174} - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho.dll (weDownload)
BHO-x32: HQVid8.1v4 - {11111111-1111-1111-1111-110511311172} - C:\Program Files (x86)\HQVid8.1v4\HQVid8.1v4-bho.dll (High-QualityV7)
BHO-x32: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho.dll (Freeven)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: ResultsAlpha - {cbab673a-a480-4050-bd2b-5de24a7a0282} - C:\Program Files (x86)\ResultsAlpha\ResultsAlphaBHO.dll No File
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll (MySearchDial)
BHO-x32: buenosearch Helper Object - {F1C81E40-2485-4DB6-8C9D-04BD596B281E} - C:\Program Files (x86)\buenosearch LTD\buenosearch\1.8.28.7\bh\buenosearch.dll (Montiera Technologies LTD)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll (MySearchDial)
Toolbar: HKLM-x32 - buenosearch Toolbar - {828DC97A-2277-4E10-92A9-4907FA0922A9} - C:\Program Files (x86)\buenosearch LTD\buenosearch\1.8.28.7\buenosearchTlbr.dll (Montiera Technologies LTD)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Mulle\AppData\Roaming\Mozilla\Firefox\Profiles\gukehq7r.default-1397325105305
FF user.js: detected! => C:\Users\Mulle\AppData\Roaming\Mozilla\Firefox\Profiles\gukehq7r.default-1397325105305\user.js
FF NewTab: hxxp://www.buenosearch.com/?babsrc=NT_ss&mntrId=F66E10BF485AEBB8&affID=127101&tsp=5215
FF Homepage: hxxp://www.web.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Mulle\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Mulle\AppData\Roaming\Mozilla\Firefox\Profiles\gukehq7r.default-1397325105305\searchplugins\buenosearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: MediaPlayerplus - C:\Users\Mulle\AppData\Roaming\Mozilla\Firefox\Profiles\gukehq7r.default-1397325105305\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-04-12]
FF Extension: The weDownload Manager - C:\Users\Mulle\AppData\Roaming\Mozilla\Firefox\Profiles\gukehq7r.default-1397325105305\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com [2014-04-13]
FF Extension: HQVid8.1v4 - C:\Users\Mulle\AppData\Roaming\Mozilla\Firefox\Profiles\gukehq7r.default-1397325105305\Extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com [2014-04-12]
FF Extension: No Name - C:\Users\Mulle\AppData\Roaming\Mozilla\Firefox\Profiles\gukehq7r.default-1397325105305\Extensions\staged [2014-04-13]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Mulle\AppData\Roaming\Mozilla\Firefox\Profiles\8abz80ak.default\extensions\quick_start@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [{FCFB5042-7AA9-4A71-AD93-2AD6B45F8D5E}] - C:\Windows\Installer\{1BEC823D-FD9E-4E35-9E2A-BDED405576DF}\{FCFB5042-7AA9-4A71-AD93-2AD6B45F8D5E}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{1BEC823D-FD9E-4E35-9E2A-BDED405576DF}\{FCFB5042-7AA9-4A71-AD93-2AD6B45F8D5E}.xpi [2014-04-12]
FF HKCU\...\Firefox\Extensions: [{372479DD-B552-F0A8-F0E5-EEEEA6602285}] - C:\Program Files (x86)\Re-markit-soft\158.xpi

Chrome: 
=======
CHR HomePage: hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrId=F66E10BF485AEBB8&affID=127101&tsp=5215
CHR DefaultSearchKeyword: buenosearch.com
CHR DefaultSearchProvider: Bueno Search
CHR DefaultSearchURL: hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=F66E10BF485AEBB8&affID=127101&tsp=5215
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Mulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-16]
CHR Extension: (Google Drive) - C:\Users\Mulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-16]
CHR Extension: (YouTube) - C:\Users\Mulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-16]
CHR Extension: (McAfee Security Scan+) - C:\Users\Mulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-03-16]
CHR Extension: (Google-Suche) - C:\Users\Mulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-16]
CHR Extension: (HQVid8.1v4) - C:\Users\Mulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm [2014-04-12]
CHR Extension: (The weDownload Manager) - C:\Users\Mulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode [2014-03-16]
CHR Extension: (Download Protect) - C:\Users\Mulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfkplkifocdkkemmiicamcakmlemnlcf [2014-04-12]
CHR Extension: (Re-markit) - C:\Users\Mulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikcggonfhgaingjbhjanbibmlfeomooc [2014-04-12]
CHR Extension: (MediaPlayerplus) - C:\Users\Mulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-04-12]
CHR Extension: (Google Wallet) - C:\Users\Mulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-16]
CHR Extension: (Quick Start) - C:\Users\Mulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-04-12]
CHR Extension: (Google Mail) - C:\Users\Mulle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-16]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://istart.webssearches.com/?type=sc&ts=1397285347&from=tugs&uid=HitachiXHDS721010CLA332_JP9930HZ0LN5SH0LN5SHX
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [109056 2010-06-24] ()
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-12] ()
R2 Re-markit; C:\Program Files (x86)\Re-markit-soft\Re-markitfQL158.exe [141824 2014-04-12] ()
S2 sfrem01; C:\Windows\system32\sfrem01.exe [601208 2006-07-05] (Protection Technology (StarForce))
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [566272 2014-04-12] (Cherished Technololgy LIMITED)
S2 Update ResultsAlpha; "C:\Program Files (x86)\ResultsAlpha\updateResultsAlpha.exe" [X]
S2 Util ResultsAlpha; "C:\Program Files (x86)\ResultsAlpha\bin\utilResultsAlpha.exe" [X]

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-02-22] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-21] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-21] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-21] (Avira Operations GmbH & Co. KG)
R3 debutfilter; C:\Windows\System32\DRIVERS\debutfilterx64.sys [33488 2014-03-09] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-02-22] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce))
S0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [78208 2006-08-11] (Protection Technology (StarForce))
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-12 21:49 - 2014-04-12 21:49 - 00000000 ____D () C:\Users\Mulle\AppData\Local\Ubisoft
2014-04-12 21:25 - 2014-04-12 21:26 - 00000256 _____ () C:\Users\Mulle\Desktop\Fixlist.txt
2014-04-12 21:19 - 2014-04-13 14:57 - 00028691 _____ () C:\Users\Mulle\Downloads\FRST.txt
2014-04-12 21:19 - 2014-04-13 14:57 - 00000000 ____D () C:\FRST
2014-04-12 21:19 - 2014-04-12 21:20 - 00029196 _____ () C:\Users\Mulle\Downloads\Addition.txt
2014-04-12 21:18 - 2014-04-12 21:18 - 02157568 _____ (Farbar) C:\Users\Mulle\Downloads\FRST64.exe
2014-04-12 20:08 - 2014-04-12 20:08 - 00003386 _____ () C:\Windows\System32\Tasks\EPUpdater
2014-04-12 20:08 - 2014-04-12 20:08 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\buenosearch LTD
2014-04-12 20:08 - 2014-04-12 20:08 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\BabSolution
2014-04-12 20:08 - 2014-04-12 20:08 - 00000000 ____D () C:\ProgramData\Babylon
2014-04-12 20:08 - 2014-04-12 20:08 - 00000000 ____D () C:\Program Files (x86)\buenosearch LTD
2014-04-12 20:03 - 2014-04-13 09:57 - 00004368 _____ () C:\Windows\setupact.log
2014-04-12 20:03 - 2014-04-13 09:54 - 00002596 _____ () C:\Windows\PFRO.log
2014-04-12 20:03 - 2014-04-12 20:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-12 19:51 - 2014-04-12 19:51 - 00000000 ____D () C:\Users\Mulle\Desktop\Alte Firefox-Daten
2014-04-12 19:12 - 2014-04-12 19:12 - 00000000 ___RD () C:\Users\Mulle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-12 19:09 - 2014-04-12 19:09 - 00003150 _____ () C:\Windows\System32\Tasks\{ECB3284D-81FA-4DF6-A51E-6E1EB8B37D05}
2014-04-12 09:25 - 2014-04-12 09:25 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\PC Speed Maximizer
2014-04-12 09:20 - 2014-04-13 14:20 - 00000292 _____ () C:\Windows\Tasks\MySearchDial.job
2014-04-12 09:20 - 2014-04-12 19:45 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-04-12 09:20 - 2014-04-12 09:20 - 00003230 _____ () C:\Windows\System32\Tasks\MySearchDial
2014-04-12 09:20 - 2014-04-12 09:20 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\mysearchdial
2014-04-12 09:20 - 2014-04-12 09:20 - 00000000 ____D () C:\Program Files (x86)\PC Speed Maximizer
2014-04-12 09:20 - 2014-04-12 09:20 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial
2014-04-12 09:18 - 2014-04-12 09:18 - 00076400 _____ (AppWork GmbH) C:\Users\Mulle\Downloads\WebInstaller.exe
2014-04-12 08:52 - 2014-04-13 14:52 - 00001514 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5.job
2014-04-12 08:52 - 2014-04-12 08:55 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-12 08:52 - 2014-04-12 08:52 - 00004544 _____ () C:\Windows\System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5
2014-04-12 08:52 - 2014-04-12 08:52 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\SupTab
2014-04-12 08:52 - 2014-04-12 08:52 - 00000000 ____D () C:\ProgramData\WPM
2014-04-12 08:52 - 2014-04-12 08:52 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-12 08:51 - 2014-04-13 14:51 - 00001436 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-1.job
2014-04-12 08:51 - 2014-04-13 14:51 - 00001424 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-2.job
2014-04-12 08:51 - 2014-04-12 08:52 - 00004466 _____ () C:\Windows\System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-1
2014-04-12 08:51 - 2014-04-12 08:52 - 00004454 _____ () C:\Windows\System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-2
2014-04-12 08:50 - 2014-04-13 14:51 - 00001428 _____ () C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-5.job
2014-04-12 08:50 - 2014-04-13 14:50 - 00002204 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4.job
2014-04-12 08:50 - 2014-04-12 08:51 - 00005234 _____ () C:\Windows\System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4
2014-04-12 08:50 - 2014-04-12 08:51 - 00004458 _____ () C:\Windows\System32\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-5
2014-04-12 08:49 - 2014-04-13 14:54 - 00002364 _____ () C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-4.job
2014-04-12 08:49 - 2014-04-13 14:49 - 00003122 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3.job
2014-04-12 08:49 - 2014-04-13 14:49 - 00001340 _____ () C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-2.job
2014-04-12 08:49 - 2014-04-13 14:49 - 00001338 _____ () C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-1.job
2014-04-12 08:49 - 2014-04-12 08:52 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-04-12 08:49 - 2014-04-12 08:51 - 00004370 _____ () C:\Windows\System32\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-2
2014-04-12 08:49 - 2014-04-12 08:50 - 00006152 _____ () C:\Windows\System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3
2014-04-12 08:49 - 2014-04-12 08:50 - 00004368 _____ () C:\Windows\System32\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-1
2014-04-12 08:49 - 2014-04-12 08:49 - 00005394 _____ () C:\Windows\System32\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-4
2014-04-12 08:48 - 2014-04-13 14:48 - 00002772 _____ () C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-3.job
2014-04-12 08:48 - 2014-04-13 13:02 - 00000000 ____D () C:\Users\Mulle\AppData\Local\fst_de_1
2014-04-12 08:48 - 2014-04-13 09:59 - 00000406 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-04-12 08:48 - 2014-04-13 09:56 - 00000396 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-04-12 08:48 - 2014-04-12 19:03 - 00000000 ____D () C:\Program Files (x86)\Re-markit-soft
2014-04-12 08:48 - 2014-04-12 08:50 - 00000000 ____D () C:\Program Files (x86)\HQVid8.1v4
2014-04-12 08:48 - 2014-04-12 08:49 - 00000000 ____D () C:\Program Files (x86)\fst_de_1
2014-04-12 08:48 - 2014-04-12 08:48 - 00005802 _____ () C:\Windows\System32\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-3
2014-04-12 08:48 - 2014-04-12 08:48 - 00003054 _____ () C:\Windows\System32\Tasks\Re-markit Update
2014-04-12 08:48 - 2014-04-12 08:48 - 00002984 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-04-12 08:47 - 2014-04-12 08:47 - 00634776 _____ () C:\Users\Mulle\Downloads\Java.exe
2014-04-09 07:55 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 07:55 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 07:55 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 07:55 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-09 07:55 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 07:55 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 07:55 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 07:55 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 07:55 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 07:55 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 07:55 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 07:55 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 07:55 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 07:55 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 07:55 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 07:55 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 07:55 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 07:55 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 07:55 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 07:55 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 07:55 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 00:19 - 2014-04-09 00:19 - 04787368 _____ (Piriform Ltd) C:\Users\Mulle\Downloads\ccsetup412.exe
2014-04-09 00:18 - 2014-04-09 00:18 - 00610224 _____ () C:\Users\Mulle\Downloads\Setup(1).exe
2014-04-09 00:14 - 2014-04-09 00:14 - 00000000 ____D () C:\Users\Mulle\AppData\Local\EA Games
2014-04-09 00:13 - 2014-04-09 00:13 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\WinRAR
2014-04-09 00:13 - 2014-04-09 00:13 - 00000000 ____D () C:\Program Files\WinRAR
2014-04-09 00:12 - 2014-04-09 00:12 - 02087616 _____ () C:\Users\Mulle\Downloads\winrar-x64-501d.exe
2014-04-08 20:14 - 2014-04-08 20:15 - 13772765 _____ () C:\Users\Mulle\Desktop\flt-ds2f.7z
2014-04-08 18:57 - 2014-04-08 18:57 - 00000000 ____D () C:\Users\Mulle\AppData\Local\SCE
2014-04-08 12:02 - 2014-04-08 12:02 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-04-08 10:54 - 2014-03-04 13:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-04-08 10:42 - 2014-04-08 10:45 - 276762432 _____ (NVIDIA Corporation) C:\Users\Mulle\Downloads\335.23-desktop-win8-win7-winvista-64bit-international-whql(1).exe
2014-04-08 10:29 - 2014-04-08 10:29 - 00000000 ____D () C:\Users\Mulle\Documents\Electronic Arts
2014-04-08 10:29 - 2014-04-08 10:29 - 00000000 ____D () C:\Users\Mulle\AppData\Local\Electronic Arts
2014-04-07 23:13 - 2014-04-08 10:55 - 00000000 ____D () C:\Users\Mulle\AppData\Local\NVIDIA Corporation
2014-04-07 23:12 - 2014-04-07 23:12 - 00000000 ____D () C:\Users\Mulle\AppData\Local\NVIDIA
2014-04-07 23:12 - 2014-02-05 11:31 - 01048152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-04-07 23:12 - 2014-02-05 11:30 - 01179576 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-04-07 23:11 - 2014-04-07 23:11 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-04-07 23:10 - 2014-03-04 15:05 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-04-07 23:08 - 2014-03-04 16:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-04-07 23:08 - 2014-03-04 16:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-04-07 23:08 - 2014-03-04 16:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-04-07 23:08 - 2013-12-27 20:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-04-07 23:08 - 2013-12-27 20:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-04-07 23:08 - 2013-12-27 20:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-04-07 23:08 - 2013-11-28 15:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-04-07 23:08 - 2013-11-28 15:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-04-07 23:08 - 2013-11-22 10:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-04-07 23:04 - 2014-04-07 23:07 - 276762432 _____ (NVIDIA Corporation) C:\Users\Mulle\Downloads\335.23-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-04-07 23:00 - 2014-04-07 22:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-07 23:00 - 2014-04-07 22:59 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-07 23:00 - 2014-04-07 22:59 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-07 23:00 - 2014-04-07 22:59 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-07 22:59 - 2014-04-07 22:59 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-07 22:58 - 2014-04-07 22:58 - 00921000 _____ (Oracle Corporation) C:\Users\Mulle\Downloads\jxpiinstall(2).exe
2014-04-07 22:40 - 2014-04-07 22:40 - 00001246 _____ () C:\Users\Public\Desktop\FIFA 13.lnk
2014-04-07 19:46 - 2014-04-07 22:36 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-04-01 19:20 - 2014-04-01 19:20 - 07376896 _____ () C:\Users\Mulle\Downloads\LibreOffice_4.1.5_Win_x86_helppack_de.msi
2014-04-01 18:46 - 2014-04-12 19:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-01 18:32 - 2014-04-12 20:01 - 00000000 ____D () C:\Users\Mulle\Desktop\Zeug
2014-03-31 19:11 - 2014-04-13 14:53 - 00000000 ____D () C:\Users\Mulle\Documents\FIFA 13
2014-03-31 18:30 - 2014-03-31 19:18 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\Origin
2014-03-31 18:30 - 2014-03-31 19:11 - 00000000 ____D () C:\Users\Mulle\AppData\Local\Origin
2014-03-31 18:17 - 2014-04-13 10:51 - 00000000 ____D () C:\ProgramData\Origin
2014-03-31 18:17 - 2014-03-31 18:17 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-03-31 18:16 - 2014-04-13 10:51 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-31 18:04 - 2014-04-12 19:06 - 00000934 __RSH () C:\ProgramData\ntuser.pol
2014-03-16 01:34 - 2014-04-12 19:10 - 00002247 _____ () C:\Users\Mulle\Desktop\Google Chrome.lnk
2014-03-16 00:37 - 2014-04-13 14:54 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-16 00:37 - 2014-04-13 09:56 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-16 00:37 - 2014-04-08 00:49 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-16 00:37 - 2014-04-08 00:49 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-16 00:37 - 2014-03-16 00:43 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-16 00:33 - 2014-03-16 00:34 - 04765152 _____ (Piriform Ltd) C:\Users\Mulle\Downloads\ccsetup411.exe
2014-03-16 00:26 - 2014-04-12 19:47 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-16 00:26 - 2014-04-01 19:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-15 23:40 - 2014-03-16 00:07 - 00283256 _____ (Mozilla) C:\Users\Mulle\Downloads\Firefox Setup Stub 27.0.1.exe
2014-03-15 20:43 - 2014-03-15 20:43 - 00002728 _____ () C:\Windows\system32\RaCoInst.log
2014-03-15 20:23 - 2014-03-15 20:23 - 00000981 _____ () C:\Users\Mulle\Desktop\Steam.lnk
2014-03-15 15:19 - 2014-03-15 15:22 - 00000000 ____D () C:\Users\Mulle\Documents\SelfMV
2014-03-15 15:19 - 2014-02-25 17:48 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-03-15 15:05 - 2014-03-15 15:13 - 39500592 _____ (Samsung Electronics Co., Ltd.) C:\Users\Mulle\Downloads\Kies3Setup.exe
2014-03-15 14:59 - 2014-03-15 14:59 - 00000000 ____D () C:\Program Files (x86)\iZotope
2014-03-15 14:52 - 2014-03-15 14:52 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\Publish Providers
2014-03-15 14:46 - 2014-03-15 23:16 - 00000000 ____D () C:\Users\Mulle\Documents\Movie Studio Platinum 12.0 Projekte
2014-03-15 14:43 - 2014-03-15 14:58 - 00000000 ____D () C:\ProgramData\Sony
2014-03-15 14:43 - 2014-03-15 14:46 - 00000000 ____D () C:\Users\Mulle\AppData\Local\Sony
2014-03-15 14:43 - 2014-03-15 14:43 - 00000000 ____D () C:\Program Files\Sony
2014-03-15 14:43 - 2014-03-15 14:43 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-03-15 14:40 - 2014-03-15 17:24 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\Sony
2014-03-15 14:40 - 2014-03-15 14:40 - 00000036 ____H () C:\Users\Mulle\AppData\Roaming\swk.ini
2014-03-15 01:44 - 2014-03-15 01:44 - 00000000 ____D () C:\Users\Mulle\Documents\ANNO 1404 Venedig
2014-03-15 01:37 - 2014-03-15 02:08 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\Ubisoft
2014-03-15 01:21 - 2014-03-15 01:36 - 167149448 _____ (Ubisoft) C:\Users\Mulle\Downloads\anno1404_addon_2.1.exe
2014-03-15 00:59 - 2014-03-15 01:19 - 239992744 _____ () C:\Users\Mulle\Downloads\anno1404_goldedition_3.1.exe

==================== One Month Modified Files and Folders =======

2014-04-13 14:57 - 2014-04-12 21:19 - 00028691 _____ () C:\Users\Mulle\Downloads\FRST.txt
2014-04-13 14:57 - 2014-04-12 21:19 - 00000000 ____D () C:\FRST
2014-04-13 14:57 - 2013-12-10 22:13 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\Skype
2014-04-13 14:54 - 2014-04-12 08:49 - 00002364 _____ () C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-4.job
2014-04-13 14:54 - 2014-03-16 00:37 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-13 14:53 - 2014-03-31 19:11 - 00000000 ____D () C:\Users\Mulle\Documents\FIFA 13
2014-04-13 14:52 - 2014-04-12 08:52 - 00001514 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5.job
2014-04-13 14:51 - 2014-04-12 08:51 - 00001436 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-1.job
2014-04-13 14:51 - 2014-04-12 08:51 - 00001424 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-2.job
2014-04-13 14:51 - 2014-04-12 08:50 - 00001428 _____ () C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-5.job
2014-04-13 14:50 - 2014-04-12 08:50 - 00002204 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4.job
2014-04-13 14:49 - 2014-04-12 08:49 - 00003122 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3.job
2014-04-13 14:49 - 2014-04-12 08:49 - 00001340 _____ () C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-2.job
2014-04-13 14:49 - 2014-04-12 08:49 - 00001338 _____ () C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-1.job
2014-04-13 14:48 - 2014-04-12 08:48 - 00002772 _____ () C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-3.job
2014-04-13 14:30 - 2013-12-10 23:10 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-13 14:20 - 2014-04-12 09:20 - 00000292 _____ () C:\Windows\Tasks\MySearchDial.job
2014-04-13 13:05 - 2014-02-02 00:43 - 00271200 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-04-13 13:05 - 2014-01-02 12:50 - 00271200 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-04-13 13:05 - 2013-12-12 19:10 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-13 13:02 - 2014-04-12 08:48 - 00000000 ____D () C:\Users\Mulle\AppData\Local\fst_de_1
2014-04-13 10:52 - 2013-12-10 20:34 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\TS3Client
2014-04-13 10:51 - 2014-03-31 18:17 - 00000000 ____D () C:\ProgramData\Origin
2014-04-13 10:51 - 2014-03-31 18:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-13 10:40 - 2014-02-02 00:43 - 00271200 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-13 10:12 - 2014-03-10 17:12 - 00003136 _____ () C:\Windows\Tasks\The weDownload Manager-chromeinstaller.job
2014-04-13 10:12 - 2014-03-10 17:12 - 00002542 _____ () C:\Windows\Tasks\The weDownload Manager-firefoxinstaller.job
2014-04-13 10:12 - 2014-03-10 17:12 - 00001592 _____ () C:\Windows\Tasks\The weDownload Manager-updater.job
2014-04-13 10:12 - 2014-03-10 17:12 - 00001548 _____ () C:\Windows\Tasks\The weDownload Manager-codedownloader.job
2014-04-13 10:12 - 2014-03-10 17:12 - 00001446 _____ () C:\Windows\Tasks\The weDownload Manager-enabler.job
2014-04-13 09:59 - 2014-04-12 08:48 - 00000406 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-04-13 09:59 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-13 09:59 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-13 09:58 - 2013-12-12 17:42 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\Spotify
2014-04-13 09:58 - 2013-12-10 20:34 - 00000000 ____D () C:\Users\Mulle\AppData\Local\Overwolf
2014-04-13 09:57 - 2014-04-12 20:03 - 00004368 _____ () C:\Windows\setupact.log
2014-04-13 09:57 - 2013-12-14 21:13 - 00000000 ____D () C:\Users\Mulle\AppData\Local\LogMeIn Hamachi
2014-04-13 09:56 - 2014-04-12 08:48 - 00000396 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-04-13 09:56 - 2014-03-16 00:37 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-13 09:54 - 2014-04-12 20:03 - 00002596 _____ () C:\Windows\PFRO.log
2014-04-13 09:54 - 2013-12-10 16:59 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-13 09:54 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-12 23:11 - 2013-12-10 16:51 - 01995082 _____ () C:\Windows\WindowsUpdate.log
2014-04-12 21:54 - 2013-12-10 21:02 - 00000000 ____D () C:\Users\Mulle\AppData\Local\PunkBuster
2014-04-12 21:50 - 2014-02-02 00:43 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-12 21:49 - 2014-04-12 21:49 - 00000000 ____D () C:\Users\Mulle\AppData\Local\Ubisoft
2014-04-12 21:26 - 2014-04-12 21:25 - 00000256 _____ () C:\Users\Mulle\Desktop\Fixlist.txt
2014-04-12 21:20 - 2014-04-12 21:19 - 00029196 _____ () C:\Users\Mulle\Downloads\Addition.txt
2014-04-12 21:18 - 2014-04-12 21:18 - 02157568 _____ (Farbar) C:\Users\Mulle\Downloads\FRST64.exe
2014-04-12 21:10 - 2013-12-10 23:10 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-12 21:10 - 2013-12-10 23:10 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-12 21:10 - 2013-12-10 23:10 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-12 21:10 - 2013-12-10 23:07 - 00000000 ____D () C:\Users\Mulle\AppData\Local\Adobe
2014-04-12 20:08 - 2014-04-12 20:08 - 00003386 _____ () C:\Windows\System32\Tasks\EPUpdater
2014-04-12 20:08 - 2014-04-12 20:08 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\buenosearch LTD
2014-04-12 20:08 - 2014-04-12 20:08 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\BabSolution
2014-04-12 20:08 - 2014-04-12 20:08 - 00000000 ____D () C:\ProgramData\Babylon
2014-04-12 20:08 - 2014-04-12 20:08 - 00000000 ____D () C:\Program Files (x86)\buenosearch LTD
2014-04-12 20:03 - 2014-04-12 20:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-12 20:01 - 2014-04-01 18:32 - 00000000 ____D () C:\Users\Mulle\Desktop\Zeug
2014-04-12 19:51 - 2014-04-12 19:51 - 00000000 ____D () C:\Users\Mulle\Desktop\Alte Firefox-Daten
2014-04-12 19:47 - 2014-04-01 18:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-12 19:47 - 2014-03-16 00:26 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-12 19:45 - 2014-04-12 09:20 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-04-12 19:39 - 2013-12-22 15:39 - 00000292 _____ () C:\Windows\Tasks\Digital Sites.job
2014-04-12 19:12 - 2014-04-12 19:12 - 00000000 ___RD () C:\Users\Mulle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-12 19:10 - 2014-03-16 01:34 - 00002247 _____ () C:\Users\Mulle\Desktop\Google Chrome.lnk
2014-04-12 19:09 - 2014-04-12 19:09 - 00003150 _____ () C:\Windows\System32\Tasks\{ECB3284D-81FA-4DF6-A51E-6E1EB8B37D05}
2014-04-12 19:06 - 2014-03-31 18:04 - 00000934 __RSH () C:\ProgramData\ntuser.pol
2014-04-12 19:03 - 2014-04-12 08:48 - 00000000 ____D () C:\Program Files (x86)\Re-markit-soft
2014-04-12 09:25 - 2014-04-12 09:25 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\PC Speed Maximizer
2014-04-12 09:20 - 2014-04-12 09:20 - 00003230 _____ () C:\Windows\System32\Tasks\MySearchDial
2014-04-12 09:20 - 2014-04-12 09:20 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\mysearchdial
2014-04-12 09:20 - 2014-04-12 09:20 - 00000000 ____D () C:\Program Files (x86)\PC Speed Maximizer
2014-04-12 09:20 - 2014-04-12 09:20 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial
2014-04-12 09:18 - 2014-04-12 09:18 - 00076400 _____ (AppWork GmbH) C:\Users\Mulle\Downloads\WebInstaller.exe
2014-04-12 08:55 - 2014-04-12 08:52 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-12 08:52 - 2014-04-12 08:52 - 00004544 _____ () C:\Windows\System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5
2014-04-12 08:52 - 2014-04-12 08:52 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\SupTab
2014-04-12 08:52 - 2014-04-12 08:52 - 00000000 ____D () C:\ProgramData\WPM
2014-04-12 08:52 - 2014-04-12 08:52 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-12 08:52 - 2014-04-12 08:51 - 00004466 _____ () C:\Windows\System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-1
2014-04-12 08:52 - 2014-04-12 08:51 - 00004454 _____ () C:\Windows\System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-2
2014-04-12 08:52 - 2014-04-12 08:49 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-04-12 08:51 - 2014-04-12 08:50 - 00005234 _____ () C:\Windows\System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4
2014-04-12 08:51 - 2014-04-12 08:50 - 00004458 _____ () C:\Windows\System32\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-5
2014-04-12 08:51 - 2014-04-12 08:49 - 00004370 _____ () C:\Windows\System32\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-2
2014-04-12 08:50 - 2014-04-12 08:49 - 00006152 _____ () C:\Windows\System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3
2014-04-12 08:50 - 2014-04-12 08:49 - 00004368 _____ () C:\Windows\System32\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-1
2014-04-12 08:50 - 2014-04-12 08:48 - 00000000 ____D () C:\Program Files (x86)\HQVid8.1v4
2014-04-12 08:49 - 2014-04-12 08:49 - 00005394 _____ () C:\Windows\System32\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-4
2014-04-12 08:49 - 2014-04-12 08:48 - 00000000 ____D () C:\Program Files (x86)\fst_de_1
2014-04-12 08:48 - 2014-04-12 08:48 - 00005802 _____ () C:\Windows\System32\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-3
2014-04-12 08:48 - 2014-04-12 08:48 - 00003054 _____ () C:\Windows\System32\Tasks\Re-markit Update
2014-04-12 08:48 - 2014-04-12 08:48 - 00002984 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-04-12 08:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-12 08:47 - 2014-04-12 08:47 - 00634776 _____ () C:\Users\Mulle\Downloads\Java.exe
2014-04-12 00:39 - 2013-12-22 16:39 - 00000250 _____ () C:\Users\Mulle\AppData\Roaming\WB.CFG
2014-04-11 15:02 - 2013-12-11 21:55 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\.minecraft
2014-04-10 21:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-09 09:29 - 2013-12-13 17:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 00:20 - 2014-02-17 17:18 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-09 00:20 - 2014-02-17 17:18 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-09 00:19 - 2014-04-09 00:19 - 04787368 _____ (Piriform Ltd) C:\Users\Mulle\Downloads\ccsetup412.exe
2014-04-09 00:18 - 2014-04-09 00:18 - 00610224 _____ () C:\Users\Mulle\Downloads\Setup(1).exe
2014-04-09 00:14 - 2014-04-09 00:14 - 00000000 ____D () C:\Users\Mulle\AppData\Local\EA Games
2014-04-09 00:13 - 2014-04-09 00:13 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\WinRAR
2014-04-09 00:13 - 2014-04-09 00:13 - 00000000 ____D () C:\Program Files\WinRAR
2014-04-09 00:12 - 2014-04-09 00:12 - 02087616 _____ () C:\Users\Mulle\Downloads\winrar-x64-501d.exe
2014-04-08 20:15 - 2014-04-08 20:14 - 13772765 _____ () C:\Users\Mulle\Desktop\flt-ds2f.7z
2014-04-08 18:57 - 2014-04-08 18:57 - 00000000 ____D () C:\Users\Mulle\AppData\Local\SCE
2014-04-08 12:02 - 2014-04-08 12:02 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-04-08 10:55 - 2014-04-07 23:13 - 00000000 ____D () C:\Users\Mulle\AppData\Local\NVIDIA Corporation
2014-04-08 10:54 - 2013-12-10 16:59 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-08 10:45 - 2014-04-08 10:42 - 276762432 _____ (NVIDIA Corporation) C:\Users\Mulle\Downloads\335.23-desktop-win8-win7-winvista-64bit-international-whql(1).exe
2014-04-08 10:29 - 2014-04-08 10:29 - 00000000 ____D () C:\Users\Mulle\Documents\Electronic Arts
2014-04-08 10:29 - 2014-04-08 10:29 - 00000000 ____D () C:\Users\Mulle\AppData\Local\Electronic Arts
2014-04-08 00:49 - 2014-03-16 00:37 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-08 00:49 - 2014-03-16 00:37 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-07 23:13 - 2013-12-10 16:58 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-07 23:12 - 2014-04-07 23:12 - 00000000 ____D () C:\Users\Mulle\AppData\Local\NVIDIA
2014-04-07 23:12 - 2013-12-10 16:58 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-04-07 23:11 - 2014-04-07 23:11 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-04-07 23:07 - 2014-04-07 23:04 - 276762432 _____ (NVIDIA Corporation) C:\Users\Mulle\Downloads\335.23-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-04-07 23:01 - 2013-12-11 08:22 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-07 22:59 - 2014-04-07 23:00 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-07 22:59 - 2014-04-07 23:00 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-07 22:59 - 2014-04-07 23:00 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-07 22:59 - 2014-04-07 23:00 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-07 22:59 - 2014-04-07 22:59 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-07 22:58 - 2014-04-07 22:58 - 00921000 _____ (Oracle Corporation) C:\Users\Mulle\Downloads\jxpiinstall(2).exe
2014-04-07 22:40 - 2014-04-07 22:40 - 00001246 _____ () C:\Users\Public\Desktop\FIFA 13.lnk
2014-04-07 22:36 - 2014-04-07 19:46 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-04-07 19:47 - 2013-12-31 11:57 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-04-07 19:47 - 2013-12-10 17:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-01 23:32 - 2014-01-05 14:30 - 00000000 ____D () C:\Users\Mulle\Desktop\Schule
2014-04-01 21:36 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-04-01 19:33 - 2013-12-10 20:40 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-04-01 19:33 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-04-01 19:33 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-04-01 19:33 - 2009-07-14 07:13 - 01620804 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-01 19:27 - 2014-03-16 00:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-01 19:20 - 2014-04-01 19:20 - 07376896 _____ () C:\Users\Mulle\Downloads\LibreOffice_4.1.5_Win_x86_helppack_de.msi
2014-04-01 18:43 - 2013-12-30 02:18 - 00000000 ____D () C:\Users\Mulle\Desktop\Spiele
2014-03-31 22:52 - 2013-12-23 01:00 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\vlc
2014-03-31 19:18 - 2014-03-31 18:30 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\Origin
2014-03-31 19:11 - 2014-03-31 18:30 - 00000000 ____D () C:\Users\Mulle\AppData\Local\Origin
2014-03-31 19:11 - 2014-02-22 01:46 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-03-31 18:17 - 2014-03-31 18:17 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-03-31 18:04 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-31 03:16 - 2014-04-09 07:55 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-09 07:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-09 07:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-09 07:55 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-18 22:29 - 2014-02-17 19:04 - 00000000 ____D () C:\Users\Mulle\Desktop\Hintergrundbilder
2014-03-17 22:54 - 2014-01-21 08:01 - 00000000 ____D () C:\Users\Mulle\AppData\Local\DayZ
2014-03-16 00:43 - 2014-03-16 00:37 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-16 00:40 - 2014-02-21 22:16 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\Free Download Manager
2014-03-16 00:37 - 2014-01-27 20:16 - 00000000 ____D () C:\Users\Mulle\AppData\Local\Google
2014-03-16 00:34 - 2014-03-16 00:33 - 04765152 _____ (Piriform Ltd) C:\Users\Mulle\Downloads\ccsetup411.exe
2014-03-16 00:28 - 2013-12-10 20:24 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\Mozilla
2014-03-16 00:07 - 2014-03-15 23:40 - 00283256 _____ (Mozilla) C:\Users\Mulle\Downloads\Firefox Setup Stub 27.0.1.exe
2014-03-15 23:16 - 2014-03-15 14:46 - 00000000 ____D () C:\Users\Mulle\Documents\Movie Studio Platinum 12.0 Projekte
2014-03-15 20:43 - 2014-03-15 20:43 - 00002728 _____ () C:\Windows\system32\RaCoInst.log
2014-03-15 20:23 - 2014-03-15 20:23 - 00000981 _____ () C:\Users\Mulle\Desktop\Steam.lnk
2014-03-15 17:24 - 2014-03-15 14:40 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\Sony
2014-03-15 16:36 - 2014-02-22 02:00 - 00000000 ____D () C:\ProgramData\Solidshield
2014-03-15 15:40 - 2013-12-12 21:00 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\Samsung
2014-03-15 15:22 - 2014-03-15 15:19 - 00000000 ____D () C:\Users\Mulle\Documents\SelfMV
2014-03-15 15:19 - 2013-12-12 19:44 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-03-15 15:18 - 2013-12-12 19:41 - 00000000 ____D () C:\Users\Mulle\AppData\Local\Downloaded Installations
2014-03-15 15:13 - 2014-03-15 15:05 - 39500592 _____ (Samsung Electronics Co., Ltd.) C:\Users\Mulle\Downloads\Kies3Setup.exe
2014-03-15 14:59 - 2014-03-15 14:59 - 00000000 ____D () C:\Program Files (x86)\iZotope
2014-03-15 14:58 - 2014-03-15 14:43 - 00000000 ____D () C:\ProgramData\Sony
2014-03-15 14:52 - 2014-03-15 14:52 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\Publish Providers
2014-03-15 14:46 - 2014-03-15 14:43 - 00000000 ____D () C:\Users\Mulle\AppData\Local\Sony
2014-03-15 14:43 - 2014-03-15 14:43 - 00000000 ____D () C:\Program Files\Sony
2014-03-15 14:43 - 2014-03-15 14:43 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-03-15 14:40 - 2014-03-15 14:40 - 00000036 ____H () C:\Users\Mulle\AppData\Roaming\swk.ini
2014-03-15 13:03 - 2014-02-06 17:25 - 00000000 ____D () C:\Users\Mulle\AppData\Local\Battle.net
2014-03-15 11:16 - 2013-12-23 23:22 - 00000000 ____D () C:\ProgramData\Codemasters
2014-03-15 11:16 - 2013-12-13 19:10 - 00000000 ____D () C:\Users\Mulle\Documents\My Games
2014-03-15 02:08 - 2014-03-15 01:37 - 00000000 ____D () C:\Users\Mulle\AppData\Roaming\Ubisoft
2014-03-15 01:44 - 2014-03-15 01:44 - 00000000 ____D () C:\Users\Mulle\Documents\ANNO 1404 Venedig
2014-03-15 01:36 - 2014-03-15 01:21 - 167149448 _____ (Ubisoft) C:\Users\Mulle\Downloads\anno1404_addon_2.1.exe
2014-03-15 01:25 - 2014-02-06 17:25 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-15 01:19 - 2014-03-15 00:59 - 239992744 _____ () C:\Users\Mulle\Downloads\anno1404_goldedition_3.1.exe
2014-03-14 20:42 - 2013-12-10 20:34 - 00000000 ____D () C:\Users\Mulle\AppData\Local\TeamSpeak 3 Client

Files to move or delete:
====================
C:\Users\Mulle\AppData\Roaming\swk.ini


Some content of TEMP:
====================
C:\Users\Mulle\AppData\Local\Temp\avgnt.exe
C:\Users\Mulle\AppData\Local\Temp\BackupSetup.exe
C:\Users\Mulle\AppData\Local\Temp\JDSetup20140412091908380.exe
C:\Users\Mulle\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-09 03:07

==================== End Of Log ============================

--- --- ---

--- --- ---
Gruß Mullemulle1
--- --- ---

schrauber · 14.04.2014, 10:27

Zitat:

C:\Users\Mulle\Downloads\Addition.txt

hier

Mullemulle1 · 14.04.2014, 10:30

Danke
Hier:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-04-2014 01
Ran by Mulle at 2014-04-12 21:19:40
Running from C:\Users\Mulle\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{64555D45-1F57-BF1D-1A5E-BFD4C8C0ADB4}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bueno Chrome Toolbar (HKLM-x32\...\Bueno Chrome Toolbar) (Version: - BuenoSearch) <==== ATTENTION
buenosearch toolbar (HKLM-x32\...\buenosearch) (Version: 1.8.28.7 - Montiera technologies LTD) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Studio Platinum 12.0 (64-bit) (HKLM\...\{A7A09021-0A86-11E3-87DD-F04DA23A5C58}) (Version: 12.0.1184 - Sony)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5856 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
ResultsAlpha (HKLM\...\ResultsAlpha) (Version: 2014.01.25.024532 - ResultsAlpha)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Restore Points =========================

09-04-2014 07:28:27 Windows Update
12-04-2014 06:48:54 Uniblue SpeedUpMyPC installation

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00045AB6-4E6C-4942-8177-9CB84AD6EEB4} - System32\Tasks\MySearchDial => C:\Users\Mulle\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {0584A693-3FFD-42E4-850A-0638F3292D44} - System32\Tasks\EPUpdater => C:\Users\Mulle\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-12-12] () <==== ATTENTION
Task: {096F2CB6-BD1D-453A-89EB-81ADC2B67E7D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0BD00B39-43C7-4488-8157-9754AA5D43B5} - System32\Tasks\The weDownload Manager-firefoxinstaller => C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-firefoxinstaller.exe [2014-03-10] (weDownload) <==== ATTENTION
Task: {19645633-675D-45C1-949F-67B129DD13B6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-16] (Google Inc.)
Task: {1B255E02-9656-4F8E-A809-A4ECCF337888} - System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-1 => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [2014-04-12] (Freeven)
Task: {2FA2B510-A321-4B40-A829-5B62305D59E5} - System32\Tasks\Digital Sites => C:\Users\Mulle\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {3DF01E04-09F0-42B7-A732-A59F40DAF9BB} - System32\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-2 => C:\Program Files (x86)\HQVid8.1v4\6f4fbe62-8c8b-4036-a9fe-561497b1f445-2.exe [2014-04-12] (High-QualityV7)
Task: {4775576F-D62B-4956-BFC9-8AFB39DDE278} - System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5 => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5.exe [2014-04-12] (Freeven)
Task: {4AAC8E71-ED34-4654-9A21-032C4B0B0379} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {5569ACDF-6C15-4813-8372-FBE0EFEE2FE5} - System32\Tasks\The weDownload Manager-chromeinstaller => C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-chromeinstaller.exe [2014-03-10] (weDownload) <==== ATTENTION
Task: {75A6D48C-CBEB-4DD7-9C02-143653F71F0B} - System32\Tasks\Re-markit_wd => C:\Program Files (x86)\Re-markit-soft\Re-markitfQLOWw.exe [2014-04-12] () <==== ATTENTION
Task: {7F591018-B188-4B2A-92DB-F7E2BE71EC75} - System32\Tasks\Re-markit Update => C:\Program Files (x86)\Re-markit-soft\Re-markitfQL.exe [2014-04-12] () <==== ATTENTION
Task: {823C7A78-DFF3-49C8-B492-EBBF48951D70} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {8B464762-0CAF-414E-ABE5-D363ED85D5B2} - System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3 => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3.exe [2014-04-12] (Freeven)
Task: {8E48EA50-96D7-40B3-B06E-9DACD6C819B9} - System32\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-5 => C:\Program Files (x86)\HQVid8.1v4\6f4fbe62-8c8b-4036-a9fe-561497b1f445-5.exe [2014-04-12] (High-QualityV7)
Task: {9D3DFDCC-91F5-4AD5-9AC3-CF224CEBEF96} - System32\Tasks\The weDownload Manager-enabler => C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-enabler.exe [2014-03-10] (weDownload) <==== ATTENTION
Task: {9E3D6F4D-CFA4-404F-8AE1-00B7FA64CE53} - System32\Tasks\ASUS\TurboVHelp => C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe [2010-07-07] (ASUSTeK Computer Inc.)
Task: {9E5497FB-293C-4BB4-8B35-4A5314C5DE46} - System32\Tasks\The weDownload Manager-codedownloader => C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-codedownloader.exe [2014-03-10] (weDownload) <==== ATTENTION
Task: {A6B7F6A9-E1B4-4867-BD0F-6F52F1617FA9} - System32\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-1 => C:\Program Files (x86)\HQVid8.1v4\HQVid8.1v4-codedownloader.exe [2014-04-12] (High-QualityV7)
Task: {C11B23F8-6C69-4348-8EC7-C9B2D7627D07} - System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-2 => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-2.exe [2014-04-12] (Freeven)
Task: {CB2CAC23-E8C7-4BEF-AB3A-05D8C1466B14} - System32\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-3 => C:\Program Files (x86)\HQVid8.1v4\6f4fbe62-8c8b-4036-a9fe-561497b1f445-3.exe [2014-04-12] (High-QualityV7)
Task: {D4BFAAF9-86B3-448A-8CFD-2EE79DD11C08} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-12] (Adobe Systems Incorporated)
Task: {D547921A-995E-447F-AAB1-3DA56E75B0B9} - System32\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-4 => C:\Program Files (x86)\HQVid8.1v4\6f4fbe62-8c8b-4036-a9fe-561497b1f445-4.exe [2014-04-12] (High-QualityV7)
Task: {E04AB861-82B6-4539-AE87-F63CED2BD76D} - System32\Tasks\The weDownload Manager-updater => C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-updater.exe [2014-03-10] (weDownload) <==== ATTENTION
Task: {ED8A8262-0571-4F71-B9EE-723CE45C6DD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-16] (Google Inc.)
Task: {EEA8EEE0-C12D-4005-8C32-232A2ADB685F} - System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4 => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4.exe [2014-04-12] (Freeven)
Task: C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-1.job => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe
Task: C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-2.job => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-2.exe
Task: C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3.job => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3.exe
Task: C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4.job => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4.exe
Task: C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5.job => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5.exe
Task: C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-1.job => C:\Program Files (x86)\HQVid8.1v4\HQVid8.1v4-codedownloader.exe
Task: C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-2.job => C:\Program Files (x86)\HQVid8.1v4\6f4fbe62-8c8b-4036-a9fe-561497b1f445-2.exe
Task: C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-3.job => C:\Program Files (x86)\HQVid8.1v4\6f4fbe62-8c8b-4036-a9fe-561497b1f445-3.exe
Task: C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-4.job => C:\Program Files (x86)\HQVid8.1v4\6f4fbe62-8c8b-4036-a9fe-561497b1f445-4.exe
Task: C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-5.job => C:\Program Files (x86)\HQVid8.1v4\6f4fbe62-8c8b-4036-a9fe-561497b1f445-5.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\Mulle\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\Mulle\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit-soft\Re-markitfQL.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit-soft\Re-markitfQLOWw.exe <==== ATTENTION
Task: C:\Windows\Tasks\The weDownload Manager-chromeinstaller.job => C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\The weDownload Manager-codedownloader.job => C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\The weDownload Manager-enabler.job => C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\The weDownload Manager-firefoxinstaller.job => C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\The weDownload Manager-updater.job => C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-updater.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-04-07 23:10 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-10 17:09 - 2010-06-24 08:19 - 00109056 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
2014-02-02 00:43 - 2014-03-14 22:19 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-12 08:48 - 2014-04-12 08:48 - 00141824 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markitfQL158.exe
2009-03-30 08:32 - 2009-03-30 08:32 - 00032768 ____R () C:\Windows\DAODx.exe
2014-04-12 08:48 - 2014-04-12 08:48 - 00077312 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markitfQLOWw.exe
2014-04-12 08:48 - 2014-04-08 11:08 - 03267536 _____ () C:\Users\Mulle\AppData\Local\fst_de_1\upfst_de_1.exe
2008-11-06 19:23 - 2008-11-06 19:23 - 00772096 _____ () C:\Program Files (x86)\MP4 Player\Mp4Player.exe
2013-12-10 17:06 - 2009-05-07 10:51 - 00071680 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-12-10 17:06 - 2009-05-07 10:53 - 00379392 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2013-12-10 17:06 - 2008-01-18 08:50 - 00098816 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2013-12-10 17:06 - 2010-03-02 09:31 - 64105984 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2013-12-10 23:25 - 2013-11-26 13:19 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-12 08:48 - 2014-04-12 08:48 - 00133120 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markitfQL158.dll
2013-12-10 17:09 - 2010-02-08 18:19 - 00053248 _____ () C:\Program Files (x86)\ASUS\TurboV EVO\HookKey32.dll
2013-12-10 17:09 - 2010-06-01 11:38 - 00253952 _____ () C:\Program Files (x86)\ASUS\TurboV EVO\pngio.dll
2014-03-05 19:30 - 2014-03-05 19:30 - 00025600 _____ () C:\Program Files (x86)\Overwolf\CoreAudioApi.dll
2013-12-10 20:40 - 2014-03-05 19:29 - 00016160 _____ () C:\Users\Mulle\AppData\Local\Overwolf\Apps\Contracts\ODK.AddIns.V2.Contract.dll
2013-12-10 20:40 - 2014-03-05 19:29 - 00016672 _____ () C:\Users\Mulle\AppData\Local\Overwolf\Apps\AddInViews\ODK.AddIns.V2.AddInView.dll
2014-02-02 01:04 - 2014-02-02 01:04 - 00128000 _____ () C:\Users\Mulle\AppData\Local\Overwolf\Apps\AddIns\Xylem_Spotify_1.0.0\ODK.AddIns.ThirdParty.Xylem_Spotify.dll
2013-12-10 20:40 - 2014-03-05 19:29 - 00018208 _____ () C:\Users\Mulle\AppData\Local\Overwolf\Apps\AddInSideAdapters\ODK.AddIns.V2.AddInSideAdapter.dll
2013-12-10 20:40 - 2014-03-05 19:28 - 00019232 _____ () C:\Users\Mulle\AppData\Local\Overwolf\Apps\HostSideAdapters\ODK.AddIns.V2.HostSideAdapter.dll
2014-03-05 19:29 - 2014-03-05 19:29 - 00607232 _____ () C:\Program Files (x86)\Overwolf\client_c_api_win32.dll
2013-12-10 17:09 - 2010-06-01 11:38 - 00061440 _____ () C:\Program Files (x86)\ASUS\TurboV EVO\flashobj.dll
2013-12-10 17:10 - 2009-04-22 21:20 - 00179712 _____ () C:\Program Files (x86)\ASUS\EPU\ASUSSERVICE.DLL
2013-12-10 17:10 - 2010-01-08 18:17 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU\pngio.dll
2013-12-10 17:10 - 2010-01-08 18:17 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU\AsSpindownTimeout.dll
2014-03-31 18:30 - 2014-03-31 18:30 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-03-31 18:30 - 2014-03-31 18:30 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-03-31 18:30 - 2014-03-31 18:30 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-03-31 18:30 - 2014-03-31 18:30 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-03-31 18:30 - 2014-03-31 18:30 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-03-31 18:30 - 2014-03-31 18:30 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-03-31 18:30 - 2014-03-31 18:30 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-03-31 18:30 - 2014-03-31 18:30 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-01-09 20:49 - 2013-12-13 00:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-09 20:49 - 2013-11-05 03:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-12-12 19:21 - 2014-02-11 04:34 - 00751616 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-12-12 19:21 - 2014-02-25 23:57 - 01135296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-12-12 19:21 - 2014-01-11 01:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-12-12 19:21 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-12-12 19:21 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-12-12 19:21 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-04-01 18:46 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-12 22:30 - 2014-03-12 22:30 - 16276872 ____N () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
2014-03-14 20:42 - 2014-03-14 20:42 - 00148480 _____ () C:\Users\Mulle\AppData\Local\TeamSpeak 3 Client\quazip.dll
2014-03-14 20:42 - 2014-03-14 20:42 - 00864768 _____ () C:\Users\Mulle\AppData\Local\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-14 20:42 - 2014-03-14 20:42 - 00677376 _____ () C:\Users\Mulle\AppData\Local\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2013-10-23 14:15 - 2014-03-14 20:42 - 00092104 _____ () C:\Users\Mulle\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2013-10-23 14:15 - 2014-03-14 20:42 - 00105416 _____ () C:\Users\Mulle\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2014-03-14 20:42 - 2014-03-14 20:42 - 00025600 _____ () C:\Users\Mulle\AppData\Local\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-14 20:42 - 2014-03-14 20:42 - 00242688 _____ () C:\Users\Mulle\AppData\Local\TeamSpeak 3 Client\imageformats\qjpeg.dll
2013-10-23 14:15 - 2014-03-14 20:42 - 00477128 _____ () C:\Users\Mulle\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-10-23 14:15 - 2014-03-14 20:42 - 00483784 _____ () C:\Users\Mulle\AppData\Local\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-04-12 21:10 - 2014-04-12 21:10 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (04/12/2014 08:14:55 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/12/2014 08:06:05 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16521, Zeitstempel: 0x53114399
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16521, Zeitstempel: 0x53115050
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008a95
ID des fehlerhaften Prozesses: 0x11cc
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (04/12/2014 07:50:32 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16521, Zeitstempel: 0x53114399
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16521, Zeitstempel: 0x53115050
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008a95
ID des fehlerhaften Prozesses: 0x3864
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (04/12/2014 07:17:35 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/12/2014 07:03:51 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Re-markitfQL158.exe, Version: 1.158.0.0, Zeitstempel: 0x53469750
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x4b8
Startzeit der fehlerhaften Anwendung: 0xRe-markitfQL158.exe0
Pfad der fehlerhaften Anwendung: Re-markitfQL158.exe1
Pfad des fehlerhaften Moduls: Re-markitfQL158.exe2
Berichtskennung: Re-markitfQL158.exe3

Error: (04/12/2014 09:53:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9984

Error: (04/12/2014 09:53:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9984

Error: (04/12/2014 09:53:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/12/2014 09:08:45 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (04/11/2014 07:42:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13057

System errors:
=============
Error: (04/12/2014 08:04:16 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sfdrv01a
sfsync04

Error: (04/12/2014 08:03:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Util ResultsAlpha" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/12/2014 08:03:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update ResultsAlpha" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/12/2014 08:03:35 PM) (Source: Application Popup) (User: )
Description: Treiber sfdrv01a.sys konnte nicht geladen werden.

Error: (04/12/2014 08:03:33 PM) (Source: Application Popup) (User: )
Description: Treiber sfsync04.sys konnte nicht geladen werden.

Error: (04/12/2014 07:12:05 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Computer Backup (MyPC Backup)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/12/2014 07:05:45 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sfdrv01a
sfsync04

Error: (04/12/2014 07:05:03 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Util ResultsAlpha" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/12/2014 07:05:03 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update ResultsAlpha" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/12/2014 07:04:39 PM) (Source: Application Popup) (User: )
Description: Treiber sfdrv01a.sys konnte nicht geladen werden.

Microsoft Office Sessions:
=========================
Error: (04/12/2014 08:14:55 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/12/2014 08:06:05 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1652153114399jscript9.dll11.0.9600.1652153115050c000000500008a9511cc01cf5679d44f038fC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\jscript9.dll1cef0c28-c26d-11e3-a2ac-bcaec5439894

Error: (04/12/2014 07:50:32 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1652153114399jscript9.dll11.0.9600.1652153115050c000000500008a95386401cf567722082cc9C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\jscript9.dllf0ed6f5c-c26a-11e3-bb7b-bcaec5439894

Error: (04/12/2014 07:17:35 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/12/2014 07:03:51 PM) (Source: Application Error)(User: )
Description: Re-markitfQL158.exe1.158.0.053469750KERNELBASE.dll6.1.7601.1822951fb1116e06d73630000c41f4b801cf561b3b06534bC:\Program Files (x86)\Re-markit-soft\Re-markitfQL158.exeC:\Windows\syswow64\KERNELBASE.dll6b1d3e17-c264-11e3-8061-bcaec5439894

Error: (04/12/2014 09:53:39 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9984

Error: (04/12/2014 09:53:39 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9984

Error: (04/12/2014 09:53:39 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/12/2014 09:08:45 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (04/11/2014 07:42:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13057

==================== Memory info ===========================

Percentage of memory in use: 28%
Total physical RAM: 12286.18 MB
Available physical RAM: 8771.73 MB
Total Pagefile: 24570.54 MB
Available Pagefile: 20705.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.5 GB) (Free:489.62 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FIFA 13) (CDROM) (Total:6.9 GB) (Free:0 GB) UDF
Drive f: (Disc2) (CDROM) (Total:4.71 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 26162615)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Gruß Mullemulle1

schrauber · 15.04.2014, 10:31

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Add on: Download Protect lässt sich nicht entfernen. (Windows 7, Mozilla Firefox)

Log-Analyse und Auswertung: Add on: Download Protect lässt sich nicht entfernen. (Windows 7, Mozilla Firefox)