unregelmäßige aber stätige Ladefehler von Webseiten

GrenSo · 22.04.2014, 23:29

Hallo.

Ich bin noch neu hier und hoffe mir kann ggf. geholfen werden, da ich mit meinem Latein erst mal am Ende bin.
Zum Thema:
Ich hab seit ca. 2 Wochen - es können auch durchaus 3 oder 4 Wochen sein - das Problem, dass ich in unregelmäßigen Abständen keine Webseiten öffnen kann. Dabei sind alle installierten Browser (FF, Opera, IE und SRWare Iron) Das Komische dabei ist allerdings, dass parallel der Ping auf Router (Easybox), Router-Modem (TC7200), IP-Adressen und unterschiedliche Domains ohne Probleme gehen und ebenso ein anderer PC und auch ein Tablet während der Störung surfen können.

Habe bereits andere WLAN-Adapter bzw. WLAN-Karten (PCI und PCIe) getestet und auch die Verbindung per LAN aber es hatte nichts geändert. Das Problem selbst ist meist so für ca. 5 bis 10 Minuten vorhanden und meist deaktiviere ich die Netzwerkkarte oder Melde mich ab und an und es geht dann wieder, bis das Problem wieder auftritt.
Hab bereits mein System auf eine andere Platte kopiert, um meine SSD ausschließen zu können aber auch das Problem erschien ebenso auf der anderen Platte. Bisher hab ich erst mal ein älteres Backup aufgespielt und überlegt was ich seit dem installierte bzw. am System änderte und diese Änderung nicht erneut getätigt aber das Problem ist leider noch immer nicht ganz verschwunden.

Viren oder so hat mein System nicht finden können aber ich hab von der Materie leider keine Ahnung.

Hat jemand von euch eine Idee oder kann mir sonst nen Tipp - neben einer kompletten Neuinstallation - geben?

System:
Windows 7 64 Bit SP1
Antivirus:
ESET Endpoint Antivirus 5.0.2228.1
Malwarebytes Anti-Malware 2.0.1.1004

schrauber · 23.04.2014, 07:06

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

GrenSo · 23.04.2014, 18:39

Danke für deine Hilfe.

Hier die FRST.txt:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by GrenSo (administrator) on 790FX-PHENOM-X4 on 23-04-2014 19:28:23
Running from C:\Users\GrenSo\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
( ) C:\Windows\system32\lxcgcoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files (x86)\AMD\AMD Power Monitor\AMD Power Monitor.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 2300 Series\lxcgmon.exe
(Lexmark International Inc.) C:\Program Files (x86)\Lexmark 2300 Series\ezprint.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(PeerBlock, LLC) C:\Program Files\PeerBlock\peerblock.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(FastStone Soft) C:\Program Files (x86)\FastStone Capture\FSCapture.exe
() C:\Program Files (x86)\Razer\Diamondback\Razer\Diamondback\razerhid.exe
(Razer USA Ltd.) C:\Program Files (x86)\Razer\Reclusa\razerhid.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\NaturalPoint\TrackIR4\TrackIR.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Zemana Ltd.) C:\Program Files (x86)\AntiLogger\AntiLogger.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Program Files (x86)\Razer\Reclusa\razertra.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Core Temp\Core Temp.exe
(Binarysense) C:\Program Files (x86)\SSDlife\ssdlife.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 4.0\EMET_Agent.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Razer\Diamondback\Razer\Diamondback\razertra.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10Tray.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Diamondback\Razer\Diamondback\razerofa.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\vc10fwd.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_199.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_199.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Power Monitor] => C:\Program Files (x86)\AMD\AMD Power Monitor\AMD Power Monitor.exe [624640 2009-05-21] ()
HKLM\...\Run: [lxcgmon.exe] => C:\Program Files (x86)\Lexmark 2300 Series\lxcgmon.exe [205744 2007-04-29] (Lexmark International, Inc.)
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark 2300 Series\ezprint.exe [103344 2007-04-29] (Lexmark International Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [517912 2013-02-15] (Acronis)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-18] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [4148664 2013-10-07] (ESET)
HKLM-x32\...\Run: [Diamondback] => C:\Program Files (x86)\Razer\Diamondback\Razer\Diamondback\razerhid.exe [226816 2009-10-09] ()
HKLM-x32\...\Run: [Reclusa] => C:\Program Files (x86)\Razer\Reclusa\razerhid.exe [292352 2010-01-12] (Razer USA Ltd.)
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470120 2011-02-24] ()
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [NaturalPoint] => C:\Program Files (x86)\NaturalPoint\TrackIR4\TrackIR.exe [1152592 2012-10-11] ()
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-28] (Acronis)
HKLM-x32\...\Run: [VC10Player] => C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe [411976 2011-10-19] (H+H Software GmbH)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [AntiLogger] => C:\Program Files (x86)\AntiLogger\AntiLogger.exe [19362728 2014-03-26] (Zemana Ltd.)
HKLM-x32\...\Run: [EMET Agent] => C:\Program Files (x86)\EMET 4.0\EMET_agent.exe [78496 2013-06-14] (Microsoft Corporation)
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [508144 2013-11-14] (QFX Software Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-03-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1826496 2014-04-22] (Valve Corporation)
HKLM-x32\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-03-28] (AMD)
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [CDRAutoRun] 0
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\Run: [] => [X]
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC)
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-02-19] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-03-28] (AMD)
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\MountPoints2: K - K:\bob2.EXE
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\MountPoints2: {8025a195-c49c-11e2-abce-002421da6b47} - P:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\MountPoints2: {8025a1c9-c49c-11e2-abce-002421da6b47} - P:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\MountPoints2: {b1a1f59f-c490-11e2-974e-002421da6b47} - P:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\MountPoints2: {b1a1f5a2-c490-11e2-974e-002421da6b47} - P:\setup_vmb_lite.exe /checkApplicationPresence
Startup: C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk
ShortcutTarget: FastStone Capture.lnk -> C:\Program Files (x86)\FastStone Capture\FSCapture.exe (FastStone Soft)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/de-de/default.aspx
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xACD295AE5894CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: livecall - No CLSID Value - 
Handler: msnim - No CLSID Value - 
Handler-x32: livecall - No CLSID Value - 
Handler-x32: msnim - No CLSID Value - 
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.66.1

FireFox:
========
FF ProfilePath: C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default
FF NewTab: google.de
FF Homepage: hxxp://www.winboard.org/|hxxp://www.fcenergie.de/content/home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_199.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_199.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.5.2 - C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll No File
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Roomy Bookmarks Toolbar - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\ALone-live@ya.ru [2014-04-18]
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\de_DE@dicts.j3e.de [2014-04-18]
FF Extension: United States English Spellchecker - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\en-US@dictionaries.addons.mozilla.org [2014-04-18]
FF Extension: MinimizeToTray revived (MinTrayR) - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\mintrayr@tn123.ath.cx [2014-04-18]
FF Extension: Forecastfox - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2014-04-18]
FF Extension: FoxClocks - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1} [2014-04-18]
FF Extension: about:addons Launcher - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\aboutaddons@about-addons-launcher.org.xpi [2014-04-18]
FF Extension: Locationbar² - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\locationbar2@design-noir.de.xpi [2014-04-18]
FF Extension: Long URL Please Mod - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\longurlplease@tseng.xpi [2014-04-18]
FF Extension: Secure Login - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\secureLogin@blueimp.net.xpi [2014-04-18]
FF Extension: Slim Add-ons Manager - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\slimaddonmanager@opendfki.de.xpi [2014-04-18]
FF Extension: Tab Scope - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\tabscope@xuldev.org.xpi [2014-04-18]
FF Extension: Flagfox - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-04-18]
FF Extension: NoScript - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-04-18]
FF Extension: Tab Mix Plus - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-04-18]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
FF Extension: ESET Endpoint Security Extension - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2014-04-18]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
FF Extension: ESET Endpoint Security Extension - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2014-04-18]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-03-12] (Advanced Micro Devices, Inc.)
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
S3 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
S4 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [85104 2012-09-18] ()
S4 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [78352 2012-09-19] (CyberLink)
S4 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [295440 2012-09-19] (CyberLink)
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [42048 2013-10-07] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1025584 2013-10-07] (ESET)
R2 ESHASRV; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [191368 2013-10-07] (ESET)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-02-28] (Futuremark)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-14] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2153792 2014-03-14] (IObit)
R2 lxcg_device; C:\Windows\system32\lxcgcoms.exe [566704 2007-04-29] ( )
R2 lxcg_device; C:\Windows\SysWOW64\lxcgcoms.exe [537520 2007-04-29] ( )
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S4 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-02-19] (Sandboxie Holdings, LLC)
S4 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
S4 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
R2 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [144712 2011-10-19] (H+H Software GmbH)
S2 PnkBstrA; No ImagePath
S2 PnkBstrB; No ImagePath

==================== Drivers (Whitelisted) ====================

R1 A2DDA; C:\PROGRAM FILES (X86)\EMSISOFT EMERGENCY KIT\RUN\a2ddax64.sys [26176 2013-08-20] (Emsisoft GmbH)
R1 AntiLog32; C:\Windows\system32\drivers\AntiLog64.sys [49752 2014-04-18] (Zemana Ltd.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
S3 atillk64; No ImagePath
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-10-03] ()
S3 cleanhlp; C:\PROGRAM FILES (X86)\EMSISOFT EMERGENCY KIT\RUN\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [219184 2013-10-25] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [185224 2013-09-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [155896 2013-09-09] (ESET)
S3 ENTECH; C:\Windows\SysWow64\Drivers\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [147096 2013-09-09] (ESET)
S1 ESProtectionDriver; No ImagePath
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [422400 2012-03-16] (Huawei Technologies Co., Ltd.)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-02-06] ()
S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [227840 2012-03-16] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31136 2013-10-16] (REALiX(tm))
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [222200 2013-05-31] (QFX Software Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-10-03] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 MEMSWEEP2; No ImagePath
R3 MTKSCVAD; C:\Windows\System32\drivers\mtkvadx.sys [44544 2012-07-16] (Ralink Technology, Corp.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 npusbio; C:\Windows\System32\Drivers\npusbio_x64.sys [38400 2012-07-10] ()
R0 ocz10xx; C:\Windows\System32\DRIVERS\ocz10xx.sys [75056 2014-03-07] (OCZ Storage Solutions)
R0 ocztrimfilter; C:\Windows\System32\DRIVERS\ocztrimfilter.sys [18400 2014-03-07] (OCZ Storage Solutions)
R3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()
R3 Razerlow; C:\Windows\System32\drivers\Razerlow.sys [11136 2013-11-05] (Razer (Asia-Pacific) Pte Ltd)
R3 RecFltr; C:\Windows\System32\drivers\RecFltr.sys [44800 2010-01-04] (Razer USA Ltd.)
S3 SANDRA; No ImagePath
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-02-19] (Sandboxie Holdings, LLC)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-04-06] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-04-06] (Acronis)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit?
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106256 2013-02-20] (Oracle Corporation)
R1 vdrv1000; C:\Windows\System32\DRIVERS\vdrv1000.sys [223256 2011-04-19] (H+H Software GmbH)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-04-06] (Acronis International GmbH)
S3 WinRing0_1_2_0; No ImagePath
S3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [767488 2009-10-21] (Atheros Communications, Inc.)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [146928 2012-09-19] (CyberLink Corp.)
R3 ALSysIO; \??\C:\Users\GrenSo\AppData\Local\Temp\ALSysIO64.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-23 19:28 - 2014-04-23 19:28 - 00027562 _____ () C:\Users\GrenSo\Desktop\FRST.txt
2014-04-23 19:26 - 2014-04-23 19:28 - 00000000 ____D () C:\FRST
2014-04-23 19:24 - 2014-04-23 19:24 - 02061312 _____ (Farbar) C:\Users\GrenSo\Desktop\FRST64.exe
2014-04-23 18:58 - 2014-04-23 18:58 - 00001730 _____ () C:\Users\GrenSo\Desktop\Powerline Scan.lnk
2014-04-23 18:57 - 2014-04-23 18:57 - 00002657 _____ () C:\Users\Public\Desktop\PowerLine Utility.lnk
2014-04-23 18:57 - 2014-04-23 18:57 - 00000000 ____D () C:\Program Files (x86)\TP-LINK
2014-04-23 07:54 - 2014-04-23 18:55 - 00000168 _____ () C:\Windows\setupact.log
2014-04-23 07:54 - 2014-04-23 07:54 - 05153400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-23 07:54 - 2014-04-23 07:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-23 01:17 - 2014-04-23 01:17 - 00146320 _____ () C:\Users\GrenSo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-23 01:16 - 2014-04-23 01:16 - 00000000 _____ () C:\Windows\SysWOW64\FAP3FAF.tmp
2014-04-23 01:14 - 2014-04-23 01:14 - 00000000 _____ () C:\Windows\SysWOW64\FAP72CE.tmp
2014-04-23 01:10 - 2014-04-23 01:10 - 00000000 _____ () C:\Windows\SysWOW64\FAP8340.tmp
2014-04-23 01:10 - 2014-04-23 01:10 - 00000000 _____ () C:\Windows\SysWOW64\FAP3010.tmp
2014-04-23 01:09 - 2014-04-23 01:09 - 00000000 _____ () C:\Windows\SysWOW64\FAP547F.tmp
2014-04-23 01:08 - 2014-04-23 01:08 - 00000000 _____ () C:\Windows\SysWOW64\FAP2996.tmp
2014-04-23 01:05 - 2014-04-23 01:05 - 00000000 _____ () C:\Windows\SysWOW64\FAPC749.tmp
2014-04-23 01:05 - 2014-04-23 01:05 - 00000000 _____ () C:\Windows\SysWOW64\FAPC737.tmp
2014-04-22 23:36 - 2014-04-22 23:36 - 00000000 _____ () C:\Users\GrenSo\defogger_reenable
2014-04-22 23:19 - 2014-04-22 23:19 - 00050477 _____ () C:\Users\GrenSo\Desktop\Defogger.exe
2014-04-22 23:17 - 2014-04-22 23:17 - 00380416 _____ () C:\Users\GrenSo\Desktop\Gmer-19357.exe
2014-04-22 23:16 - 2014-04-22 23:16 - 00602112 _____ (OldTimer Tools) C:\Users\GrenSo\Desktop\OTL.exe
2014-04-22 23:04 - 2014-04-22 23:04 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-04-22 23:04 - 2014-04-22 23:04 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Apple Computer
2014-04-22 23:01 - 2014-04-22 23:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-22 23:01 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-22 23:01 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-21 20:07 - 2014-04-21 19:57 - 00002122 _____ () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Endpoint Antivirus.lnk
2014-04-18 21:08 - 2014-04-18 21:08 - 00000000 ____D () C:\ProgramData\ESET
2014-04-18 21:08 - 2014-04-18 21:08 - 00000000 ____D () C:\Program Files\ESET
2014-04-18 20:41 - 2014-04-18 20:41 - 00000000 __SHD () C:\Users\GrenSo\AppData\Local\EmieUserList
2014-04-18 20:41 - 2014-04-18 20:41 - 00000000 __SHD () C:\Users\GrenSo\AppData\Local\EmieSiteList
2014-04-18 19:18 - 2014-04-18 19:18 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-04-18 19:18 - 2014-04-18 19:18 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-04-18 19:04 - 2014-04-18 19:04 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 02037336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 01033304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-04-18 19:04 - 2014-04-18 19:04 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-04-18 17:44 - 2014-04-18 17:44 - 00002181 _____ () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-04-18 17:39 - 2014-03-25 15:27 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-04-18 17:39 - 2014-03-25 15:24 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-04-18 17:35 - 2014-04-18 17:35 - 00000000 __HDC () C:\ProgramData\{727C5CC8-3A5E-4517-BA8B-35A93F9B2EBD}
2014-04-18 17:28 - 2014-04-18 17:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-18 17:28 - 2014-04-18 17:28 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-18 17:28 - 2014-04-18 17:28 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-18 17:28 - 2014-04-18 17:28 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-18 16:51 - 2014-04-18 16:48 - 00000513 _____ () C:\Users\GrenSo\Documents\indexfile.txt
2014-04-17 21:52 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-17 21:52 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-17 21:52 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-17 21:52 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-17 21:52 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-17 21:52 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-17 21:52 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-17 21:52 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-17 21:52 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-17 21:52 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-17 21:52 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-17 21:52 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-17 21:52 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-17 21:52 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-17 21:52 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-17 21:52 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-17 21:52 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-17 21:52 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-17 21:52 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-17 21:52 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-17 21:52 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-17 21:52 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-17 21:52 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-17 21:52 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-17 21:52 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-17 21:52 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-17 21:52 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-17 21:52 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-17 21:52 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-17 21:52 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-17 21:52 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-17 21:52 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-17 21:52 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-17 21:52 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-17 21:52 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-17 21:52 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-17 21:52 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-17 21:52 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-17 21:52 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-17 21:52 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-17 21:52 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-17 21:52 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-17 21:52 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-17 21:52 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-17 21:52 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-17 21:52 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-17 21:52 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-17 21:52 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-17 21:46 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-17 21:46 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-17 21:46 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-17 21:46 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-17 21:46 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-17 21:46 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-17 21:46 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-17 21:46 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-17 21:46 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-17 21:46 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-17 21:46 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-17 21:38 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-17 21:38 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-17 21:38 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-17 21:38 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-17 21:38 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-17 21:38 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-03-30 18:28 - 2014-03-07 16:38 - 00132608 _____ (OCZ Storage Solutions) C:\Windows\system32\OczTrimCoinstaller.dll
2014-03-30 18:28 - 2014-03-07 16:38 - 00075056 _____ (OCZ Storage Solutions) C:\Windows\system32\Drivers\ocz10xx.sys
2014-03-30 18:28 - 2014-03-07 16:38 - 00018400 _____ (OCZ Storage Solutions) C:\Windows\system32\Drivers\ocztrimfilter.sys
2014-03-25 15:24 - 2014-03-25 15:24 - 00156448 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2014-03-25 15:24 - 2014-03-25 15:24 - 00141600 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2014-03-25 15:20 - 2014-03-25 15:20 - 00204064 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2014-03-24 09:11 - 2014-03-24 09:11 - 00003166 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update

==================== One Month Modified Files and Folders =======

2014-04-23 19:28 - 2014-04-23 19:28 - 00027562 _____ () C:\Users\GrenSo\Desktop\FRST.txt
2014-04-23 19:28 - 2014-04-23 19:26 - 00000000 ____D () C:\FRST
2014-04-23 19:26 - 2013-10-15 19:15 - 00047719 _____ () C:\Users\GrenSo\IP_Log_Data.js
2014-04-23 19:24 - 2014-04-23 19:24 - 02061312 _____ (Farbar) C:\Users\GrenSo\Desktop\FRST64.exe
2014-04-23 19:05 - 2009-07-14 19:58 - 00786872 _____ () C:\Windows\system32\perfh007.dat
2014-04-23 19:05 - 2009-07-14 19:58 - 00181826 _____ () C:\Windows\system32\perfc007.dat
2014-04-23 19:05 - 2009-07-14 07:13 - 01837466 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-23 19:03 - 2009-07-14 06:45 - 00015120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-23 19:03 - 2009-07-14 06:45 - 00015120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-23 19:00 - 2013-03-04 09:00 - 00115063 _____ () C:\Users\GrenSo\Network_Meter_Data.js
2014-04-23 18:58 - 2014-04-23 18:58 - 00001730 _____ () C:\Users\GrenSo\Desktop\Powerline Scan.lnk
2014-04-23 18:58 - 2013-03-06 20:38 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-23 18:57 - 2014-04-23 18:57 - 00002657 _____ () C:\Users\Public\Desktop\PowerLine Utility.lnk
2014-04-23 18:57 - 2014-04-23 18:57 - 00000000 ____D () C:\Program Files (x86)\TP-LINK
2014-04-23 18:57 - 2014-02-09 20:32 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-23 18:57 - 2012-09-16 23:01 - 00000000 ____D () C:\Program Files\PeerBlock
2014-04-23 18:55 - 2014-04-23 07:54 - 00000168 _____ () C:\Windows\setupact.log
2014-04-23 18:55 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-23 08:30 - 2014-01-07 20:47 - 01601681 _____ () C:\Windows\WindowsUpdate.log
2014-04-23 08:29 - 2013-03-04 09:36 - 00000026 _____ () C:\Users\GrenSo\AppData\Roaming\Network Meter_Usage.ini
2014-04-23 07:54 - 2014-04-23 07:54 - 05153400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-23 07:54 - 2014-04-23 07:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-23 01:17 - 2014-04-23 01:17 - 00146320 _____ () C:\Users\GrenSo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-23 01:16 - 2014-04-23 01:16 - 00000000 _____ () C:\Windows\SysWOW64\FAP3FAF.tmp
2014-04-23 01:14 - 2014-04-23 01:14 - 00000000 _____ () C:\Windows\SysWOW64\FAP72CE.tmp
2014-04-23 01:10 - 2014-04-23 01:10 - 00000000 _____ () C:\Windows\SysWOW64\FAP8340.tmp
2014-04-23 01:10 - 2014-04-23 01:10 - 00000000 _____ () C:\Windows\SysWOW64\FAP3010.tmp
2014-04-23 01:09 - 2014-04-23 01:09 - 00000000 _____ () C:\Windows\SysWOW64\FAP547F.tmp
2014-04-23 01:08 - 2014-04-23 01:08 - 00000000 _____ () C:\Windows\SysWOW64\FAP2996.tmp
2014-04-23 01:05 - 2014-04-23 01:05 - 00000000 _____ () C:\Windows\SysWOW64\FAPC749.tmp
2014-04-23 01:05 - 2014-04-23 01:05 - 00000000 _____ () C:\Windows\SysWOW64\FAPC737.tmp
2014-04-23 00:03 - 2013-11-24 21:36 - 00000000 ___HD () C:\AdwCleaner
2014-04-23 00:00 - 2012-10-19 19:07 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-04-22 23:58 - 2012-09-28 18:47 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System
2014-04-22 23:36 - 2014-04-22 23:36 - 00000000 _____ () C:\Users\GrenSo\defogger_reenable
2014-04-22 23:36 - 2012-09-16 17:23 - 00000000 ____D () C:\Users\GrenSo
2014-04-22 23:25 - 2012-11-20 20:09 - 00000000 ____D () C:\Program Files (x86)\AnvilBenchmark
2014-04-22 23:22 - 2013-03-23 22:12 - 00000000 ____D () C:\Program Files\McAfee AVERT Stinger
2014-04-22 23:19 - 2014-04-22 23:19 - 00050477 _____ () C:\Users\GrenSo\Desktop\Defogger.exe
2014-04-22 23:17 - 2014-04-22 23:17 - 00380416 _____ () C:\Users\GrenSo\Desktop\Gmer-19357.exe
2014-04-22 23:16 - 2014-04-22 23:16 - 00602112 _____ (OldTimer Tools) C:\Users\GrenSo\Desktop\OTL.exe
2014-04-22 23:04 - 2014-04-22 23:04 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-04-22 23:04 - 2014-04-22 23:04 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Apple Computer
2014-04-22 23:01 - 2014-04-22 23:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-21 21:17 - 2012-09-17 08:12 - 00000000 ____D () C:\Users\GrenSo\SecurityScans
2014-04-21 20:58 - 2014-02-07 14:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-21 20:58 - 2012-09-16 19:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-21 20:56 - 2012-09-16 19:00 - 00000000 ____D () C:\Users\GrenSo\AppData\Local\Adobe
2014-04-21 20:41 - 2013-09-25 18:55 - 00000000 ____D () C:\Program Files (x86)\AdwCleaner
2014-04-21 20:09 - 2012-09-19 21:14 - 00000000 ____D () C:\Program Files (x86)\XMedia Recode
2014-04-21 19:57 - 2014-04-21 20:07 - 00002122 _____ () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Endpoint Antivirus.lnk
2014-04-21 19:47 - 2014-01-17 19:50 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\ProductData
2014-04-21 19:47 - 2013-11-05 00:56 - 00000000 ____D () C:\ProgramData\ProductData
2014-04-21 19:47 - 2013-10-06 20:30 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\vlc
2014-04-21 19:47 - 2013-09-27 20:00 - 00000000 ____D () C:\Program Files (x86)\AntiLogger
2014-04-21 19:47 - 2013-02-08 20:15 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\QFX Software
2014-04-21 19:47 - 2013-02-08 20:15 - 00000000 ____D () C:\ProgramData\QFX Software
2014-04-21 19:47 - 2013-01-11 23:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-21 19:47 - 2012-09-17 01:59 - 00000000 ____D () C:\Program Files (x86)\AIDA64 Extreme Edition
2014-04-21 19:47 - 2012-09-16 19:49 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\TeraCopy
2014-04-21 19:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-18 21:08 - 2014-04-18 21:08 - 00000000 ____D () C:\ProgramData\ESET
2014-04-18 21:08 - 2014-04-18 21:08 - 00000000 ____D () C:\Program Files\ESET
2014-04-18 20:47 - 2012-09-16 18:22 - 00000000 ____D () C:\ProgramData\Razer
2014-04-18 20:46 - 2012-09-18 21:49 - 00000000 ____D () C:\Program Files (x86)\Alternative Flash Player Auto-Updater
2014-04-18 20:41 - 2014-04-18 20:41 - 00000000 __SHD () C:\Users\GrenSo\AppData\Local\EmieUserList
2014-04-18 20:41 - 2014-04-18 20:41 - 00000000 __SHD () C:\Users\GrenSo\AppData\Local\EmieSiteList
2014-04-18 20:18 - 2012-09-16 18:58 - 00001485 _____ () C:\Users\GrenSo\AppData\Roaming\Network Meter_Settings.ini
2014-04-18 19:18 - 2014-04-18 19:18 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-04-18 19:18 - 2014-04-18 19:18 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-04-18 19:18 - 2012-09-16 18:17 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-04-18 19:05 - 2013-11-12 23:10 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-04-18 19:04 - 2014-04-18 19:04 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-04-18 19:04 - 2014-04-18 19:04 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 02037336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 01033304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-04-18 19:04 - 2014-04-18 19:04 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-04-18 19:01 - 2012-11-23 21:14 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\TeamViewer
2014-04-18 19:01 - 2012-09-28 19:09 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Editoren
2014-04-18 19:01 - 2012-09-28 18:47 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bildbearbeitung
2014-04-18 19:01 - 2012-09-28 18:46 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download
2014-04-18 19:01 - 2012-09-19 21:26 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3D Animation
2014-04-18 17:57 - 2012-09-16 20:26 - 00000000 ____D () C:\Users\GrenSo\.VirtualBox
2014-04-18 17:50 - 2012-10-14 12:42 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2014-04-18 17:44 - 2014-04-18 17:44 - 00002181 _____ () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-04-18 17:42 - 2013-02-12 19:48 - 00000000 ____D () C:\Program Files\FreeFixer
2014-04-18 17:41 - 2012-12-27 15:43 - 00000000 ____D () C:\ProgramData\IObit
2014-04-18 17:37 - 2013-10-18 11:59 - 00000000 ____D () C:\Program Files\Wireshark
2014-04-18 17:37 - 2012-09-16 17:23 - 00000000 ___RD () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-18 17:35 - 2014-04-18 17:35 - 00000000 __HDC () C:\ProgramData\{727C5CC8-3A5E-4517-BA8B-35A93F9B2EBD}
2014-04-18 17:35 - 2013-09-27 20:00 - 00049752 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\AntiLog64.sys
2014-04-18 17:33 - 2014-03-20 00:05 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-18 17:33 - 2014-01-15 01:54 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-18 17:33 - 2014-01-15 01:54 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-18 17:33 - 2014-01-15 01:54 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-18 17:32 - 2012-09-24 11:09 - 00000000 ____D () C:\Program Files\Adobe
2014-04-18 17:29 - 2013-09-13 20:07 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-18 17:29 - 2013-03-05 09:11 - 00000000 ____D () C:\Program Files\Java
2014-04-18 17:29 - 2013-01-14 01:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-18 17:28 - 2014-04-18 17:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-18 17:28 - 2014-04-18 17:28 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-18 17:28 - 2014-04-18 17:28 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-18 17:28 - 2014-04-18 17:28 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-18 17:26 - 2012-09-16 22:57 - 00000000 ____D () C:\Program Files (x86)\EditPlus 3
2014-04-18 17:23 - 2014-01-10 19:54 - 00000000 ____D () C:\Program Files (x86)\AppRemover
2014-04-18 17:22 - 2013-04-20 10:58 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
2014-04-18 17:20 - 2012-09-26 20:50 - 00000000 ____D () C:\Program Files\Network Scanner
2014-04-18 17:18 - 2012-09-24 11:09 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-04-18 17:18 - 2012-09-17 20:02 - 00000000 ____D () C:\Program Files (x86)\Passbild-Generator
2014-04-18 17:17 - 2012-09-16 23:05 - 00000000 ____D () C:\Program Files (x86)\XnView
2014-04-18 17:15 - 2013-07-02 20:48 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-18 17:15 - 2012-09-16 19:00 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-18 17:15 - 2012-09-16 18:35 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Adobe
2014-04-18 17:14 - 2013-11-03 12:34 - 00000000 ____D () C:\Program Files\CrystalDiskInfo
2014-04-18 17:13 - 2013-03-09 15:59 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-18 17:13 - 2013-03-09 15:59 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-18 17:13 - 2012-09-16 22:22 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-18 16:48 - 2014-04-18 16:51 - 00000513 _____ () C:\Users\GrenSo\Documents\indexfile.txt
2014-04-17 22:47 - 2013-05-24 20:01 - 00000000 ____D () C:\ProgramData\Vodafone
2014-04-17 22:32 - 2014-02-09 20:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-17 22:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-17 21:52 - 2013-07-09 20:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-17 21:46 - 2012-09-16 20:01 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-17 21:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-14 04:24 - 2014-04-22 23:01 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-04-22 23:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-03 09:51 - 2014-02-09 20:32 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-02-09 20:32 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2012-09-17 19:04 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-25 15:27 - 2014-04-18 17:39 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-03-25 15:24 - 2014-04-18 17:39 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-03-25 15:24 - 2014-03-25 15:24 - 00156448 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2014-03-25 15:24 - 2014-03-25 15:24 - 00141600 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2014-03-25 15:20 - 2014-03-25 15:20 - 00204064 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2014-03-24 22:43 - 2011-01-01 15:00 - 00000000 ____D () C:\Users\GrenSo\Documents\My Games
2014-03-24 22:36 - 2012-09-16 19:50 - 00000000 ____D () C:\Program Files (x86)\SRWare Iron
2014-03-24 21:15 - 2013-10-11 22:48 - 00000000 ____D () C:\Users\GrenSo\AppData\Local\Eisenwald_Launcher
2014-03-24 21:15 - 2013-10-11 22:48 - 00000000 ____D () C:\Users\GrenSo\AppData\Local\Eisenwald
2014-03-24 21:15 - 2013-01-04 01:44 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-03-24 21:15 - 2012-10-23 19:58 - 00000000 ____D () C:\Users\GrenSo\.jajuk_test_1.11
2014-03-24 21:15 - 2012-09-19 21:28 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\MilkShape 3D 1.x.x
2014-03-24 21:15 - 2012-09-17 08:18 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\AckiSoft
2014-03-24 21:15 - 2012-09-16 22:56 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-03-24 21:05 - 2012-10-19 19:07 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\IObit
2014-03-24 09:11 - 2014-03-24 09:11 - 00003166 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update

Files to move or delete:
====================
C:\Users\GrenSo\IP_Log_Data.js
C:\Users\GrenSo\Network_Meter_Data.js


Some content of TEMP:
====================
C:\Users\GrenSo\AppData\Local\Temp\NEventMessages.dll
C:\Users\GrenSo\AppData\Local\Temp\NOSEventMessages.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-12 11:01

==================== End Of Log ============================

--- --- ---

GrenSo · 23.04.2014, 18:40

Hier die Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2014
Ran by GrenSo at 2014-04-23 19:28:46
Running from C:\Users\GrenSo\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30716 - BitTorrent Inc.)
0 A.D. (HKCU\...\0 A.D.) (Version: r14386-alpha - Wildfire Games)
3DMark (HKLM-x32\...\{38f32cea-14ce-4349-882e-8779bcd45e5c}) (Version: 1.2.362.0 - Futuremark)
3DMark (Version: 1.2.362.0 - Futuremark) Hidden
7554 Final Release 1.0.1 (HKLM-x32\...\7554) (Version:  - )
7-Zip 9.32 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0932-000001000000}) (Version: 9.32.00.0 - Igor Pavlov)
A Virus Named TOM (HKLM-x32\...\Steam App 207650) (Version:  - Misfits Attic)
Acronis Drive Monitor (HKLM-x32\...\{706AE61D-40A4-4F50-8359-FE8F6F7FA461}) (Version: 1.0.566 - Acronis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.95 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.95 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.0.367 - Adobe Systems Incorporated)
Adobe Edge Animate (HKLM-x32\...\{181241DD-2FC2-4CF9-94CE-97F3E37D6F0B}) (Version: 1.5 - Adobe Systems Incorporated)
Adobe Exchange Panel (HKLM-x32\...\{41A12FFC-89E9-4743-A51E-00975CA31F40}) (Version: 1 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.199 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.199 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 5.4 64-bit (HKLM\...\{558B5965-CC1B-4AF1-BA07-5D6832404050}) (Version: 5.4.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.2 - Adobe Systems, Incorporated)
Adobe® Content Viewer (x32 Version: 3.4.2 - Adobe Systems, Incorporated) Hidden
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM-x32\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
Age of Empires III (HKLM-x32\...\InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
AIDA64 Engineer v4.30 (HKLM-x32\...\AIDA64 Engineer_is1) (Version: 4.30 - FinalWire Ltd.)
AIDA64 Extreme Edition v3.20 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 3.20 - FinalWire Ltd.)
Alan Wake (HKLM-x32\...\Steam App 108710) (Version:  - Remedy Entertainment)
Alice im Wunderland (HKLM-x32\...\{E935DF41-EB7A-4519-93E8-C5822EB5B6D6}) (Version: 1.00.0000 - Disney Interactive Studios)
Alien Arena 7.66 (HKLM-x32\...\Alien Arena 7.66_is1) (Version:  - COR Entertainment, LLC)
Alternative Flash Player Auto-Updater (HKLM-x32\...\{2FB1052B-2F3D-48CE-A65D-006240516ECE}_is1) (Version: 1.1.0.5 - pXc-coding.com)
AMD Accelerated Video Transcoding (Version: 13.30.100.40312 - Advanced Micro Devices, Inc.) Hidden
AMD APP CPU SDK Runtime (Version: 2.8.1016.5 - Advanced Micro Devices Inc.) Hidden
AMD APP SDK Developer (Version: 2.8.1016.5 - Advanced Micro Devices Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0312.1131.18796 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{8F3C9854-8EB9-3D28-4AD7-E3ADD800C7E3}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0312.1131.18796 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD OverDrive (HKLM-x32\...\{34D5220A-58D0-473C-90E4-15136C3FB0E3}) (Version: 4.3.1.0690 - Advanced Micro Devices, Inc.)
AMD Power Monitor (HKLM-x32\...\{49993B6D-4D78-4A55-9390-15E63BCE83F6}) (Version: 1.3.1.0016 - AMD)
AMD Steady Video Plug-In  (Version: 2.07.0000 - AMD) Hidden
AMD System Monitor (HKLM-x32\...\{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}) (Version: 1.0.9 - Advanced Micro Devices, Inc.)
AMD Wireless Display v3.0 (Version: 1.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
America's Army 3 (HKLM-x32\...\Steam App 13140) (Version:  - U.S. Army)
Anna (HKLM-x32\...\Anna_is1) (Version:  - )
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.00.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
AntiLogger (HKLM-x32\...\AntiLogger) (Version:  - Zemana Ltd.)
AntiLogger (x32 Version: 1.9.3.525 - Zemana Ltd.) Hidden
Application Profiles (HKLM-x32\...\{148971EC-8755-A666-D384-8F2E9E8B0DC8}) (Version: 2.0.4854.34117 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{63059735-CA97-FDFB-0E7A-3B8D81572EFD}) (Version: 2.0.4888.34279 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{A231A6F2-2C80-6203-ED35-2CFB96B25A38}) (Version: 2.0.4719.35969 - Advanced Micro Devices, Inc.)
ARMA 2 Operation Arrowhead Uninstall (HKLM-x32\...\ARMA 2 Operation Arrowhead) (Version:  - )
Arma 3 Beta (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Arma 3 Server (HKLM-x32\...\Steam App 233780) (Version:  - Bohemia Interactive)
Arma 3 Tools (HKLM-x32\...\Steam App 233800) (Version:  - Bohemia Interactive)
Arma Cold War Assault Uninstall (HKLM-x32\...\Arma Cold War Assault) (Version:  - )
ArmA Queen's Gambit Uninstall (HKLM-x32\...\ArmA Queen's Gambit) (Version:  - )
ArmA Uninstall (HKLM-x32\...\ArmA) (Version:  - )
ArmA2 Uninstall (HKLM-x32\...\ArmA2) (Version:  - )
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
B17 - The Mighty Eighth (HKLM-x32\...\{63B263C2-1B61-11D4-8B6D-00C0F01F6881}) (Version:  - )
Bad Piggies (HKLM-x32\...\{9524C306-CC16-44A0-82AA-996409D1A059}) (Version: 1.3.0.0 - Rovio Entertainment Ltd.)
Banished (HKLM-x32\...\QmFuaXNoZWQ=_is1) (Version: 1 - )
Bastion (HKLM-x32\...\Steam App 107100) (Version:  - Supergiant Games)
Battle Academy (HKLM-x32\...\Battle Academy1.6.0) (Version: 1.6.0 - Slitherine)
Battle of Britain II (HKLM-x32\...\Battle of Britain II) (Version:  - )
Battlestations: Midway (HKLM-x32\...\{6BC0CDD6-E0C2-434D-9365-23E79E42DA95}) (Version: 1.00.0000 - Ihr Firmenname)
BattlEye for Iron Front Uninstall (HKLM-x32\...\BattlEye for Iron Front) (Version:  - )
Bing Bar (HKLM-x32\...\{449CE12D-E2C7-4B97-B19E-55D163EA9435}) (Version: 7.0.619.0 - Microsoft Corporation)
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.171.0 - Microsoft Corporation)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blender (HKLM\...\Blender) (Version: 2.70 - Blender Foundation)
Blitzkrieg 2 Anthology (HKLM-x32\...\GOGPACKBLITZKRIEG2ANTHOLOGY_is1) (Version: 2.0.0.12 - GOG.com)
Blitzkrieg Mod (HKLM-x32\...\Blitzkrieg) (Version: 4.51 - )
BodyPaint 3D 14.042 (HKLM\...\MAXON564B2695) (Version: 14.042 - MAXON Computer GmbH)
Bridge Project version 1 (HKLM-x32\...\QnJpZGdlIFByb2plY3Q=_is1) (Version: 1 - )
Brothers In Arms (HKLM-x32\...\BrothersInArms) (Version:  - Ubisoft)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
Call of Duty Ghosts (HKLM-x32\...\Q2FsbG9mRHV0eUdob3N0cw==_is1) (Version: 1 - )
Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version:  - Activision)
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.5 - Activision)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version: 1.2 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.3 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.3 Patch (x32 Version: 1.3 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version: 1.5 - Activision) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.3 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 2 Patch 1.3 (x32 Version: 1.3 - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch (x32 Version: 1.5 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty: Black Ops (HKLM-x32\...\Call of Duty: Black Ops_is1) (Version:  - )
Call of Duty: Black Ops II v1.0 (HKLM-x32\...\{26B8A445-02C6-4F87-AD2A-024BBFC99A06}_is1) (Version: 1.0 - RAF)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
CINEMA 4D 14.042 (HKLM\...\MAXON656170D5) (Version: 14.042 - MAXON Computer GmbH)
Clive Barker's Jericho (HKLM-x32\...\{BE9A67F1-BDD3-4259-9F5C-2EFCE6B3A6C5}) (Version: 0.10.0000 - Codemasters)
Codename: Panzers Cold War (HKLM-x32\...\{F2485BF4-830D-4D7F-B553-3B125CCFB255}) (Version: 1.00.0000 - Atari)
Color Efex Pro 4 (HKLM-x32\...\Color Efex Pro 4) (Version: 4.0.0.2 - Nik Software, Inc.)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.602.0 - THQ Inc.)
Company of Heroes 2 v3.0.0.9704 *GERMAN* (HKLM-x32\...\Q29tcGFueW9mSGVyb2VzMg==_is1) (Version: 1 - )
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.010.0000 - Corel Corporation)
CPUID CPU-Z 1.69 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor Pro 1.15 (HKLM\...\CPUID HWMonitorPro_is1) (Version:  - )
Crazy Machines II (HKLM-x32\...\{112B0ED9-57F8-4883-8E6A-5BEAABDABBC1}) (Version: 1.00 - FAKT Software GmbH)
Crysis(R) (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.21.0000 - Electronic Arts)
CrystalDiskMark 3.0.3 (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.3 - Crystal Dew World)
CyberLink PowerDVD 11 (HKLM-x32\...\InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.3318.57 - CyberLink Corp.)
CyberLink PowerDVD 11 (x32 Version: 11.0.3318.57 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deadlight (HKLM-x32\...\Deadlight_is1) (Version:  - )
Deadpool (HKLM-x32\...\{FF7F4966-C56F-401F-A1D3-2E619600A0CF}) (Version: 1.0 - Activision)
Diaspora version 1.0.4 (HKLM-x32\...\{1F5ABAAA-6D61-4FC1-A595-86CBA5517E7A}_is1) (Version: 1.0.4 - Diaspora Development)
Die*Sims™*3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts)
Divinity 2 Developers Cut version 1.00 (HKLM-x32\...\Divinity 2 Developers Cut_is1) (Version: 1.00 - )
DivX Author 1.5 (HKLM-x32\...\{55718B4B90B54F7EADC5621C750A14E6}) (Version: 1.5.0 - DivX, Inc.)
DivX Version Checker (HKLM-x32\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.0.0.19 - DivX, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
Door Kickers (HKLM-x32\...\Steam App 248610) (Version:  - Killhouse Games)
Drakensang - Am Fluss der Zeit (HKLM-x32\...\Drakensang_TRoT_is1) (Version:  - dtp)
Drakensang - Phileassons Geheimnis (HKLM-x32\...\Drakensang_Phileasson_is1) (Version:  - dtp)
Drakensang (High Texture Pack) (HKLM-x32\...\Drakensang_is1) (Version:  - dtp AG)
Driver: Parallel Lines (HKLM-x32\...\{31CB0D80-1866-462A-9455-88614410971F}) (Version: 1.00.0000 - Ubisoft)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
EditPlus 3 (64 bit) (HKLM\...\EditPlus 3) (Version:  - ES-Computing)
EditPlus 3 (HKLM-x32\...\EditPlus 3) (Version:  - ES-Computing)
EMET 4.0 (HKLM-x32\...\{1F7019BB-1C9A-4E54-9B59-1744629E63B1}) (Version: 4.0 - Microsoft)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Endpoint Antivirus (HKLM\...\{79FB08E5-E976-4731-B4E8-AFB191C4E65C}) (Version: 5.0.2228.1 - ESET, spol. s r.o.)
eXperience112 (HKLM-x32\...\{3CF44BDE-BDDC-4510-A5CF-EBE97D1B8F73}) (Version: 1.01.0000 - XIDER)
FastStone Capture 7.7 (HKLM-x32\...\FastStone Capture) (Version: 7.7 - FastStone Soft)
FIFA 11 (HKLM-x32\...\{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{7A6577E7-F341-430F-9173-91E14E2DE270}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{7A6577E7-F341-430F-9173-91E14E2DE270}_is1) (Version: 1.0 - Electronic Arts)
FIFA Manager 13 (HKLM-x32\...\{0784CF03-D013-402F-A98B-7FC4877ACF2E}_is1) (Version: 1.0.4.0 - Electronic Arts)
FileZilla Client 3.8.0-beta1 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0-beta1 - Tim Kosse)
FinanzmanagerV8 (HKLM-x32\...\{78E2401D-39D5-4023-B0BF-7FA96F3FD425}_is1) (Version: 10.4.0.2 - Ackisoft)
FormatFactory 3.3.4.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.4.0 - Format Factory)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Sound Recorder v9.6.1 (HKLM-x32\...\Free Sound Recorder_is1) (Version:  - Copyright(C) 2005-2013 FreeSoundRecorder Technologies, Inc.)
FreeFixer (HKLM-x32\...\FreeFixer1.10) (Version: 1.10 - Kephyr)
Futuremark SystemInfo (HKLM-x32\...\{EF7EA37B-C009-4D53-AE2A-FF7C6AEC35CE}) (Version: 4.26.386 - Futuremark)
Gears of War (HKLM-x32\...\InstallShield_{1170D24F-42B7-40CF-AA1B-6395CE562354}) (Version: 1.00.0000 - Microsoft Game Studios)
Gears of War (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Geeks3D FurMark 1.13.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Google Earth (HKLM-x32\...\{A2264E8F-1649-11E3-8BED-B8AC6F98CCE3}) (Version: 7.1.2.2019 - Google)
Gothic (HKLM-x32\...\{BBF10B37-4ED3-11D5-A818-00500435FC18}) (Version:  - )
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Half-Life 2 Complete Edition Incl. FakeFactory Cinematic Mod 2013 MULTI-2 1.0 (HKLM-x32\...\Half-Life 2 Complete Edition Incl. FakeFactory Cinematic Mod 2013 MULTI-2 1.0) (Version:  - )
Hard Disk Low Level Format Tool 4.25 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version:  - HDDGURU)
HD Tune Pro 5.00 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Heavy Metal - FAKK2 (HKLM-x32\...\{A9B39004-8748-435E-A4C2-BE983B4C737B}) (Version:  - )
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Image Resizer Powertoy Clone for Windows (64 bit) (HKLM\...\{80A620C1-B22C-4781-A351-B14B8A37BFE3}) (Version: 2.1 - Brice Lambson)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Into the Dark (HKLM-x32\...\{F97194CE-464F-4C07-A335-0373E1CA8AE6}_is1) (Version:  - UIG GmbH)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.2.9.10 - IObit)
Iron Front Uninstall (HKLM-x32\...\Iron Front) (Version:  - )
Iron Sky Invasion (HKLM-x32\...\Iron Sky Invasion) (Version: 1.0.0.0 - Reality Pump)
IsoBuster 3.2 (HKLM-x32\...\IsoBuster_is1) (Version: 3.2 - Smart Projects)
IsoBuster 3.3 (HKLM-x32\...\IsoBuster3_is1) (Version: 3.3 - Smart Projects)
Jajuk (HKLM-x32\...\{23131D94-868A-4F2D-935A-6E89A7F19D00}) (Version:  - )
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java 8 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.63.1 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.3.0.0 - QFX Software Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LAN-Explorer (HKLM-x32\...\LAN-Explorer) (Version: 1.72 - Speed-Soft)
Legends of Eisenwald (HKLM-x32\...\Steam App 246760) (Version:  - Aterdux Entertainment)
Lexmark 2300 Series (HKLM\...\Lexmark 2300 Series) (Version:  - Lexmark International, Inc.)
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - Playdead)
Lock On: Modern Air Combat (HKLM-x32\...\{E90DCEE9-DC27-401B-A7AC-B0AFF5B34E4D}) (Version: 1.00.000 - )
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Mafia II DLC Jimmy's Vendetta (HKLM-x32\...\Mafia II DLC Jimmy's Vendetta_is1) (Version:  - )
Mafia II DLC Joe's Adventures (HKLM-x32\...\Mafia II_is1) (Version:  - )
Majesty 2: The Fantasy Kingdom Sim (HKLM-x32\...\{CDCA3C32-FCE7-40E8-8CB5-7B0E87ADDFC9}_is1) (Version: 1.0.0.0 - Paradox Interactive)
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
maxx PDFMAILER Professional (HKLM-x32\...\{59DF4C0C-8FC1-4874-8888-6BD8A601B32A}) (Version: 3.0.30 - gotomaxx GmbH)
Medal of Honor Allied Assault (HKLM-x32\...\{0DEA94ED-915A-4834-A87E-388D012C8E02}) (Version:  - )
Men of War: Vietnam (Remove Only) (HKLM-x32\...\{C9935C7E-ED44-427D-B8DF-39E2ACF1AA6A}_is1) (Version: 1.0.0.0 - 1C Company)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Baseline Security Analyzer 2.2 (HKLM\...\{08C3441C-4FAF-48D3-A551-70DD6031734F}) (Version: 2.2.2170 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{A2E24035-9B11-4E1D-9FBC-FA7F20C16832}) (Version: 16.4.1970.0624 - Microsoft Corporation)
Microsoft Deployment Toolkit 2012 Update 1 (6.1.2373.0) (HKLM\...\{C74FB740-D02E-40EA-A09E-B19FC74F324F}) (Version: 6.1.2373.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version:  - Microsoft)
Microsoft Office Project 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Project MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Project Professional 2007 (HKLM-x32\...\PRJPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Project Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MilkShape 3D 1.8.5 (HKLM-x32\...\MilkShape 3D 1.8.5) (Version: 1.8.5 - chUmbaLum sOft)
Monopoly (HKLM-x32\...\{D7E7EC5E-4349-4E40-B37C-4342188B86EC}) (Version:  - )
Morrowind (HKLM-x32\...\{1D108D70-E7D1-4089-9A0A-99629C4D0CB8}) (Version:  - )
Mortal Kombat Komplete Edition (HKLM-x32\...\{BC8A9E23-2295-4821-9654-D51D7C3E1B9D}_is1) (Version: 1.0 - Warner Bros. Interactive Entertainment)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 29.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 de)) (Version: 29.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM-x32\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NASCAR '14 (HKLM-x32\...\TkFTQ0FSMTQ=_is1) (Version: 1 - )
NaturalPoint USB Drivers x64 (HKLM\...\{B408139D-04D6-4464-A979-D335E48F7063}) (Version: 2.50.0000 - NaturalPoint)
Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version:  - )
Nero 10 Menu TemplatePack Basic (x32 Version: 10.0.10600.6.0 - Nero AG) Hidden
Nero 10 Movie ThemePack Basic (x32 Version: 10.0.10600.6.0 - Nero AG) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)
Nero BackItUp 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurningROM 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.0.12000.1.4 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.13700.0.1 - Nero AG) Hidden
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero Dolby Files 10 (x32 Version: 2.0.11000.0.10 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero MediaHub 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero Recode 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero SoundTrax 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero Vision 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
Nero WaveEditor 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version:  - No More Room in Hell Team)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Nosferatu (HKLM-x32\...\{DC857502-657E-4046-83C9-2CB973E62C26}) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OCZ 10xx Driver (HKLM\...\{2D698270-17B8-45E7-9D26-0A43FC93C39A}) (Version: 1.3.6.17083 - OCZ Technology Group)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 20.0.1387.91 (HKLM-x32\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA)
Oracle VM VirtualBox 4.3.10 (HKLM\...\{3EC092F5-9457-4C31-8E8A-BBE4BB2A59FF}) (Version: 4.3.10 - Oracle Corporation)
paint.net 4.0 Pre-Release (HKLM\...\{3F5F509B-E226-417C-8CD1-CAAE756C328A}) (Version: 4.0.0 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Passbild-Generator v3.6b (HKLM-x32\...\Passbild-Generator_is1) (Version:  - Passbild-Generator)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
phonostar-Player Version 3.03.1 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version:  - )
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pingus (HKLM-x32\...\Pingus) (Version: 0.7.6 - )
Pontifex II (HKLM-x32\...\Pontifex II) (Version:  - )
Postal 2 (HKLM-x32\...\Postal 2) (Version:  - )
POV-Ray for Windows v3.7 RC6 (HKCU\...\POV-Ray for Windows v3.7 RC) (Version: 3.7.RC6 - Persistence of Vision Raytracer Pty. Ltd.)
PowerLine Utility (HKLM-x32\...\{5D1E5ED5-E436-4A0D-8812-953FFBDFF3B3}) (Version: 1.2.709 - TP-LINK)
Primo (x32 Version: 1.00.0000 - Your Company Name) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
Python 2.6 (HKLM-x32\...\{110EB5C4-E995-4CFB-AB80-A5F315BEA9E8}) (Version: 2.6.150 - Python Software Foundation)
Radeon RAMDisk (HKLM-x32\...\{52EF03A3-2070-4A6E-A11F-605C78ED8797}) (Version: 4.0.6.3 - Dataram, Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.21.0 - Ralink)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Raven Squad (HKLM-x32\...\Darkest of Days_is1) (Version:  - )
Razer Diamondback (HKLM-x32\...\{DE4CF159-4AD2-4754-BDA0-5FB088C8B58B}) (Version: 5.01 - Razer USA Ltd.)
Razer Imperator (HKLM-x32\...\{C05905B9-775A-4894-A4DF-B57C15250958}) (Version: 2.02.00 - Razer USA Ltd.)
Razer Reclusa Config (HKLM-x32\...\{328591D2-4F59-4EE1-ABF1-7F47E90E31A1}) (Version: 1.05 - Razer USA Ltd.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Return to Castle Wolfenstein (HKLM-x32\...\Return to Castle Wolfenstein) (Version: 1.40 - Activision, Inc.)
Risiko II (HKLM-x32\...\{0EE11800-A1BD-11D3-BFEB-005004AF2D32}) (Version:  - )
Rocketbirds: Hardboiled Chicken (HKLM-x32\...\Steam App 215510) (Version:  - Ratloop Asia)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Runtime (x32 Version: 1.00.0000 - Your Company Name) Hidden
Saboteur™ (HKLM-x32\...\{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}) (Version: 1.0.0.0 - Electronic Arts)
Sandboxie 4.09 (64-bit) (HKLM\...\Sandboxie) (Version: 4.09 - Sandboxie Holdings, LLC)
Sherlock Holmes jagt Jack the Ripper (HKLM-x32\...\{3F64C088-9A45-41B3-8B99-71AFAB720A56}) (Version: 1.00.0777 - Frogwares)
Silent Hunter 4 Wolves of the Pacific (HKLM-x32\...\{0D005F09-A5F4-473B-A901-5735C6AF5628}) (Version: 1.05.0000 - Ubisoft)
Silent Hunter 5 (HKLM-x32\...\{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}) (Version: 1.2.0 - Ubisoft)
SketchUp 2014 (HKLM-x32\...\{D71C0CA7-A245-4CB7-A958-7DB3377602AE}) (Version: 14.0.4900 - Trimble Navigation Limited)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sleeping Dogs (HKLM-x32\...\Sleeping Dogs_is1) (Version:  - )
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.1 - IObit)
Sniper Elite V2 (HKLM-x32\...\Sniper Elite V2_is1) (Version:  - )
Sniper Ghost Warrior (HKLM-x32\...\Sniper Ghost Warrior_is1) (Version:  - )
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Source SDK Base 2013 Multiplayer (HKLM-x32\...\Steam App 243750) (Version:  - )
Source SDK Base 2013 Singleplayer (HKLM-x32\...\Steam App 243730) (Version:  - )
South Park Der Stab der Wahrheit Incl. Ultimate Fellowship Pack MULTI-2 1.00 (HKLM-x32\...\South Park Der Stab der Wahrheit Incl. Ultimate Fellowship Pack MULTI-2 1.00) (Version:  - )
Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.05.0001 - Electronic Arts)
SRWare Iron Version SRWare Iron 32.0.1750.1 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 32.0.1750.1 - SRWare)
SSDlife Pro (HKLM-x32\...\{B6AC6742-741D-4284-B9D0-626A72FF657E}) (Version: 2.5.60 - BinarySense Inc.)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)
State of Decay Version 1.0 (HKLM-x32\...\State of Decay_is1) (Version: 1.0 - Undead Labs)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steel Armor (HKLM-x32\...\{C3B22968-5D94-4CBF-AC9B-4ACDD95E1153}_is1) (Version:  - UIG GmbH)
Steel Beasts Gold (HKLM-x32\...\Steel Beasts Gold) (Version:  - )
Steuersparer 2013 (HKLM-x32\...\{0D977193-14AE-415A-99E0-1B7C3B5ED8E4}) (Version: 20.00.8137 - Buhl Data Service GmbH)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Terrorist Takedown 2 (1.01) (HKLM-x32\...\tt2_is1) (Version:  - City Interactive)
TES Construction Set (HKLM-x32\...\{58D68DF0-4E8B-4E9E-B425-670F9E37C1A8}) (Version:  - )
The Haunted Hells Reach (HKLM-x32\...\The Haunted Hells Reach_is1) (Version:  - )
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
The Walking Dead Survival Instinct (c) Activision version 1 (HKLM-x32\...\VGhlIFdhbGtpbmcgRGVhZCBTdXJ2aXZhbCBJbnN0aW5jdCAo~1255DFC2_is1) (Version: 1 - )
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
The Wolf Among Us (HKLM-x32\...\VGhlV29sZkFtb25nVXM=_is1) (Version: 1 - )
Theatre of War 2 (HKLM-x32\...\Theatre of War 2: Africa 1943_is1) (Version:  - Battlefront.com)
Theatre of War 3 Korea Review (Remove Only) (HKLM-x32\...\{0FF83477-DF37-455F-9AE6-6EF918ACCC7F}_is1) (Version: 1.2.0 - 1C Company)
Tiny Token Empires (HKCU\...\Tiny Token Empires) (Version:  - BiP media)
Tom Clancy's Ghost Recon Advanced Warfighter® 2 (HKLM-x32\...\{F78AC3C0-578C-49AB-BD4E-3107A6036A13}) (Version: 1.04 - UBISOFT)
Tom Clancy's Splinter Cell Conviction (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.00.000 - Ubisoft)
Tomb Raider (HKLM-x32\...\Tomb Raider_is1) (Version:  - )
Tomb Raider Update v.1.0.718.4 1.0 (HKLM-x32\...\Tomb Raider Update v.1.0.718.4 1.0) (Version: 1.0 - .x.X.RIDDICK.X.x.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51 beta 1 - Ghisler Software GmbH)
TrackIR 4 (HKLM-x32\...\{b5931be2-83a8-4460-969a-29eb5e89d3c0}) (Version: 4.02.038 - NaturalPoint)
TrackIR4 (HKLM-x32\...\{BE6E6BF7-6A81-4EC2-AD29-4580025149F1}) (Version:  - )
TripleA Version 1_6_1_4 (HKLM-x32\...\TripleAVersion1_6_1_4) (Version:  - )
True Image 2013 (HKLM-x32\...\{4AA75223-6CBF-46F4-8EE4-7BF0591089F7}Visible) (Version: 16.0.6514 - Acronis)
True Image 2013 (x32 Version: 16.0.6514 - Acronis) Hidden
True Image 2013 Plus Pack (HKLM-x32\...\{1547FF3D-F82F-46AE-819B-78C7BB3D53EC}) (Version: 16.0.6514 - Acronis)
TweakMe! (HKLM-x32\...\{709D0207-B1F8-4ADC-BB2F-CDBE2367A475}_is1) (Version: 1.3.0.0 - pXc-coding.com)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PRJPRO_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Strip Poker (HKLM-x32\...\Video Strip Poker) (Version:  - (c)2002-2006 Torquemada Games)
Virtual CD v10 (HKLM-x32\...\{10C51313-A308-4B40-90E3-B368D5882660}) (Version: 10.10.14 - H+H Software GmbH)
Visual Basic for Applications (R) Core - English (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core - German (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
War Inc. Battlezone (HKLM-x32\...\Steam App 107900) (Version:  - Online Warmongers Group Inc.)
WinAce Archiver (HKLM-x32\...\WinAce Archiver) (Version: 2.69 - e-merge GmbH)
Windows Automated Installation Kit (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 2.0.0.0 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series x64 Edition (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series x64 Edition (Version: 10.0.0.3809 - Microsoft Corporation) Hidden
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Wing Commander Saga 1.0.2.7795 (HKLM\...\{F6FD24B4-34A3-4635-8ECD-7B5C791EAE5F}) (Version: 1.0.2.7795 - Wing Commander Saga Team)
Wing Commander Saga 1.1.0.7822 (HKLM\...\{5BECA583-A49D-4C21-ADFD-89C844F1F1A1}) (Version: 1.1.0.7822 - Wing Commander Saga Team)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.1 - win.rar GmbH)
Wireshark 1.11.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.11.3 - The Wireshark developer community, hxxp://www.wireshark.org)
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{D1AB0CDF-0B72-41AB-BACD-C2FAAA7F07CB}) (Version: 21.01.8499 - Buhl Data Service GmbH)
Wolfenstein (HKLM-x32\...\InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}) (Version: 1.2 - Activision)
Wolfenstein (x32 Version: 1.0 - Activision) Hidden
Wolfenstein(TM) 1.2 Patch  (x32 Version: 1.2 - Activision) Hidden
Wolfenstein(TM) 1.2 Patch (x32 Version:  - ) Hidden
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version:  - Team17 Digital Ltd.)
WW II Tank Commander (HKLM-x32\...\WW II Tank Commander) (Version: 1.00 - Rondomedia)
XMedia Recode Version 3.1.8.6 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.8.6 - XMedia Recode)
XnView 2.22 (HKLM-x32\...\XnView_is1) (Version: 2.22 - Gougelet Pierre-e)
Zombie Driver Summer of Slaughter (HKLM-x32\...\Zombie Driver Summer of Slaughter_is1) (Version:  - )

==================== Restore Points  =========================

22-04-2014 22:44:59 Removed HiJackThis
23-04-2014 16:57:30 Installed PowerLine Utility

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-12 22:23 - 00446097 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	www.10sek.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {1C4CDAF8-0E8D-4666-B9BF-8A4265849212} - System32\Tasks\SmartDefrag3_Schedule => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-03-10] (IObit)
Task: {5731BDD7-07E0-46B7-915F-C40E5B9E7F14} - System32\Tasks\Core Temp Autostart GrenSo => C:\Program Files (x86)\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {61BA50CF-8BBD-4751-874F-4965106F3DBA} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-03-14] (IObit)
Task: {95254F94-B1A6-4085-8FFF-10D9ED340842} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-03-10] (IObit)
Task: {BAF76E66-4928-4230-9199-B55FCC22A177} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {BE1F61ED-8CB8-4F0A-922B-7F67077521D0} - System32\Tasks\SSDlife => C:\Program Files (x86)\SSDlife\ssdlife.exe [2013-08-30] (Binarysense)
Task: {CF82551C-60EB-4127-BC74-644FBF09FF24} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-03-10] (IObit)

==================== Loaded Modules (whitelisted) =============

2013-06-14 16:19 - 2013-06-14 16:19 - 00069280 _____ () C:\Program Files (x86)\EMET 4.0\EMET_CE64.DLL
2012-09-16 18:59 - 2006-03-22 17:19 - 00014848 _____ () C:\Windows\System32\gengpmon.dll
2014-03-12 12:34 - 2014-03-12 12:34 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-11-04 17:03 - 2013-11-04 17:03 - 00818688 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-11-04 17:03 - 2013-11-04 17:03 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-03-12 12:33 - 2014-03-12 12:33 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2005-04-29 12:49 - 2005-04-29 12:49 - 00054784 _____ () C:\Windows\system32\lxcgcnv4.dll
2014-03-20 12:24 - 2014-03-20 12:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-03-27 22:39 - 2013-03-27 22:39 - 00021824 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\x64\ti_managers_proxy_stub.dll
2013-12-12 19:59 - 2012-01-29 17:55 - 00657920 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2009-05-21 05:56 - 2009-05-21 05:56 - 00624640 _____ () C:\Program Files (x86)\AMD\AMD Power Monitor\AMD Power Monitor.exe
2009-05-21 05:53 - 2009-05-21 05:53 - 02556416 _____ () C:\Program Files (x86)\AMD\AMD Power Monitor\QtCore4.dll
2009-05-21 05:53 - 2009-05-21 05:53 - 09176064 _____ () C:\Program Files (x86)\AMD\AMD Power Monitor\QtGui4.dll
2013-06-07 18:42 - 2013-06-07 18:42 - 00012520 _____ () C:\Users\GrenSo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.1.gadget\CoreTempReader.dll
2013-06-07 18:42 - 2013-06-07 18:42 - 00015080 _____ () C:\Users\GrenSo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.1.gadget\GetCoreTempInfoNET.dll
2013-06-07 18:42 - 2013-06-07 18:42 - 00014056 _____ () C:\Users\GrenSo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.1.gadget\SystemInfo.dll
2012-09-16 20:27 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2012-10-22 20:49 - 2009-10-09 20:11 - 00226816 _____ () C:\Program Files (x86)\Razer\Diamondback\Razer\Diamondback\razerhid.exe
2011-02-24 19:07 - 2011-02-24 19:07 - 00470120 _____ () C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
2012-10-11 11:16 - 2012-10-11 11:16 - 01152592 _____ () C:\Program Files (x86)\NaturalPoint\TrackIR4\TrackIR.exe
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2012-09-16 18:22 - 2010-01-09 14:42 - 00206848 _____ () C:\Program Files (x86)\Razer\Reclusa\razertra.exe
2013-10-12 10:05 - 2013-10-08 13:23 - 00890016 _____ () C:\Program Files (x86)\Core Temp\Core Temp.exe
2013-06-14 16:19 - 2013-06-14 16:19 - 00116384 _____ () C:\Program Files (x86)\EMET 4.0\HelperLib.dll
2013-06-14 16:19 - 2013-06-14 16:19 - 00034464 _____ () C:\Program Files (x86)\EMET 4.0\ReportingSubsystem.dll
2013-06-12 16:53 - 2013-06-12 16:53 - 00348160 _____ () C:\Program Files (x86)\EMET 4.0\DevExpress.UserSkins.HighContrast.dll
2013-06-14 16:19 - 2013-06-14 16:19 - 00029856 _____ () C:\Program Files (x86)\EMET 4.0\TrayIconSubsystem.dll
2013-06-14 16:19 - 2013-06-14 16:19 - 00049824 _____ () C:\Program Files (x86)\EMET 4.0\PKIPinningSubsystem.dll
2014-03-12 12:33 - 2014-03-12 12:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-10-22 20:49 - 2007-02-07 16:00 - 00131072 _____ () C:\Program Files (x86)\Razer\Diamondback\Razer\Diamondback\razertra.exe
2013-06-14 16:19 - 2013-06-14 16:19 - 00062112 _____ () C:\Program Files (x86)\EMET 4.0\EMET_CE.DLL
2012-09-16 20:27 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2013-11-25 23:45 - 2005-12-13 16:52 - 00122880 _____ () C:\Program Files (x86)\Lexmark 2300 Series\lxcgdrec.dll
2013-11-25 23:45 - 2005-06-14 18:08 - 00196608 _____ () C:\Program Files (x86)\Lexmark 2300 Series\iptk.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 08507232 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 02354016 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 01014624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 00364384 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 02480992 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 01346912 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 00206176 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 02653024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2013-04-19 01:45 - 2013-04-19 01:45 - 00033120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2013-04-19 01:45 - 2013-04-19 01:45 - 00035680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2013-04-19 01:45 - 2013-04-19 01:45 - 00207200 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 11166560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 00276832 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2013-04-15 13:26 - 2013-04-15 13:26 - 00391600 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2013-04-15 13:26 - 2013-04-15 13:26 - 00059280 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2013-10-02 20:28 - 2013-10-02 20:28 - 00438624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 00446304 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 00520544 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 00720736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2013-04-19 01:44 - 2013-04-19 01:44 - 00606560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2013-10-02 20:30 - 2013-10-02 20:30 - 00093024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2011-02-24 18:39 - 2011-02-24 18:39 - 00012128 _____ () C:\Program Files (x86)\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 02145304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 07956504 ____N () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 00342552 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 00029208 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 00128536 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-16 21:39 - 2011-02-10 23:30 - 00310784 _____ () C:\Program Files (x86)\NaturalPoint\TrackIR4\Language\tirrc-deu.dll
2013-03-28 00:37 - 2013-03-28 00:37 - 13627872 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2012-09-27 20:43 - 2008-08-18 16:08 - 00050688 _____ () C:\Program Files (x86)\Virtual CD v10\System\ogg.dll
2012-09-27 20:43 - 2008-08-18 16:11 - 01237504 _____ () C:\Program Files (x86)\Virtual CD v10\System\vorbis.dll
2013-01-10 13:43 - 2013-01-10 13:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2013-02-25 21:44 - 2013-02-24 06:04 - 00020480 _____ () C:\Program Files (x86)\SSDlife\Armaccess.dll
2013-12-04 23:17 - 2012-09-05 19:55 - 00892288 _____ () C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll
2013-12-14 12:51 - 2014-04-22 00:55 - 00340480 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-03-04 09:02 - 2014-04-22 00:55 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2013-02-28 11:52 - 2014-04-01 00:09 - 00754688 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-02-25 08:39 - 2014-04-22 01:42 - 01135808 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-02-19 12:48 - 2014-03-03 21:15 - 20626624 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-12-11 10:51 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-12-11 10:51 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-12-11 10:51 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-03-27 22:09 - 2013-03-27 22:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-02-07 14:24 - 2014-04-18 07:47 - 03829360 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-18 16:52 - 2012-11-21 07:26 - 00008704 _____ () C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
2014-04-18 17:13 - 2014-04-18 17:13 - 16358576 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_199.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:m72Chd27zJOEGmy2mc5tmx
AlternateDataStreams: C:\ProgramData\Microsoft:3U1YoYfWJP87uAxQveUN2ED
AlternateDataStreams: C:\ProgramData\Microsoft:SFMZyD1OVnr48S2Fq2J2LqSdYc
AlternateDataStreams: C:\ProgramData\Temp:4FC01C57
AlternateDataStreams: C:\ProgramData\Temp:55B41E6A
AlternateDataStreams: C:\ProgramData\Temp:58A5270D
AlternateDataStreams: C:\ProgramData\Temp:A5A1816B

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Razer Imperator Driver => C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"

==================== Faulty Device Manager Devices =============

Name: Malwarebytes Anti-Exploit
Description: Malwarebytes Anti-Exploit
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ESProtectionDriver
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Diskettenlaufwerk
Description: Diskettenlaufwerk
Class Guid: {4d36e980-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standarddiskettenlaufwerke)
Service: flpydisk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (04/23/2014 06:57:04 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004

Error: (04/23/2014 06:57:04 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004

Error: (04/23/2014 06:57:04 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004

Error: (04/23/2014 06:57:04 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004

Error: (04/23/2014 06:57:04 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004

Error: (04/23/2014 06:57:04 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004

Error: (04/23/2014 06:57:04 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004

Error: (04/23/2014 06:57:04 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004

Error: (04/23/2014 06:57:04 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004

Error: (04/23/2014 06:57:04 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-05-06 19:43:23.786
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-03-02 15:11:40.888
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\8C1C.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-02 15:11:40.772
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\8C1C.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-02 15:11:40.558
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\8C1C.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-02 15:11:40.409
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\8C1C.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-02 14:40:01.585
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\8C1C.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-02 14:40:01.455
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\8C1C.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-02 14:38:22.714
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\A00.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-02 14:38:22.598
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\A00.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-06 19:28:37.025
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\GrenSo\AppData\Local\Temp\{FA5ED3EA-1205-45F4-A366-C9B51A3CEE58}\fsgk.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 20%
Total physical RAM: 16381.23 MB
Available physical RAM: 13038.87 MB
Total Pagefile: 22523.41 MB
Available Pagefile: 18900.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System & Programme) (Fixed) (Total:223.48 GB) (Free:105.83 GB) NTFS
Drive e: (Spiele) (Fixed) (Total:1313.02 GB) (Free:649.21 GB) NTFS
Drive f: (Sicherung) (Fixed) (Total:605.47 GB) (Free:193.8 GB) NTFS
Drive g: (Musik, Filme & Co.) (Fixed) (Total:1171.87 GB) (Free:374.47 GB) NTFS
Drive h: (Download) (Fixed) (Total:931.51 GB) (Free:897.68 GB) NTFS
Drive i: (Acronis) (Fixed) (Total:232.88 GB) (Free:73.8 GB) NTFS
Drive x: (Bilder) (Fixed) (Total:85.62 GB) (Free:77.03 GB) NTFS
Drive z: (VM VirtualBox) (Fixed) (Total:550 GB) (Free:201.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 7981EF21)
Partition 1: (Not Active) - (Size=-940732055552) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=605 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=86 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 224 GB) (Disk ID: CE968D65)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 168 GB) (Disk ID: 8203DBD8)

========================================================
Disk: 3 (Size: 932 GB) (Disk ID: F3573CD3)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 1397 GB) (Disk ID: C15D30E2)
Partition 1: (Not Active) - (Size=-698750705664) - (Type=05)

========================================================
Disk: 5 (Size: 233 GB) (Disk ID: D4EF68C1)
Partition 1: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 349D9020)
Partition 1: (Active) - (Size=550 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-789183463424) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 24.04.2014, 11:41

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

GrenSo · 24.04.2014, 18:44

Hier die Fixlog.txt:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-04-2014
Ran by GrenSo at 2014-04-24 19:43:05 Run:1
Running from C:\Users\GrenSo\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInternetOpenWith => Value deleted successfully.

==== End of Fixlog ====

GrenSo · 24.04.2014, 19:29

Wären ComboFix lief hab ich mehrmals die Meldung erhalten "Commandline Standard Stream Splitter Funktioniert nicht mehr". Ich musste diese Meldung mit "Programm schließen" bestätigen, da der Scann sonst nicht weiter lief. Ich hoffe es war nicht falsch gewesen.
Zusätzlich hab ich jetzt auf meiner C-Partition im Root Ordner angezeigt, die ich dort bisher nie sah, neu sind oder systemseitig versteckt waren.

(siehe Anhang) Das Gleiche trifft auch auf die anderen Festplatten bzw. Partitionen zu, bei denen z.B. der Ordner "$Recycle.Bin" jetzt sichtbar ist.

Hier die ist die ComboFix.txt:

Code:

ATTFilter

ComboFix 14-04-20.01 - GrenSo 24.04.2014  19:51:54.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.16381.13644 [GMT 2:00]
ausgeführt von:: c:\users\GrenSo\Desktop\ComboFix.exe
AV: ESET Endpoint Antivirus 5.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET Endpoint Antivirus 5.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
 ADS - Windows: deleted 192 bytes in 1 streams. 
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe
c:\programdata\1355435896.bdinstall.bin
c:\programdata\1355488374.bdinstall.bin
c:\programdata\1355767018.10424.bin
c:\programdata\1355767018.6652.bin
c:\programdata\1355767018.6884.bin
c:\programdata\1355767018.7104.bin
c:\programdata\1355767854.bdinstall.bin
c:\users\GrenSo\AppData\Roaming\0ad
c:\users\GrenSo\AppData\Roaming\0ad\config\user.cfg
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-03-24 bis 2014-04-24  ))))))))))))))))))))))))))))))
.
.
2014-04-23 21:09 . 2014-04-22 09:26	46704	----a-w-	c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2014-04-23 17:26 . 2014-04-24 17:43	--------	d-----w-	C:\FRST
2014-04-23 16:57 . 2014-04-23 16:57	--------	d-----w-	c:\program files (x86)\TP-LINK
2014-04-22 21:04 . 2014-04-22 21:04	--------	d-----w-	c:\users\GrenSo\AppData\Roaming\Apple Computer
2014-04-22 21:01 . 2014-04-22 21:01	--------	d-s---w-	c:\windows\system32\CompatTel
2014-04-22 21:01 . 2014-04-14 02:24	465408	----a-w-	c:\windows\system32\aepdu.dll
2014-04-22 21:01 . 2014-04-14 02:19	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-04-18 19:08 . 2014-04-18 19:08	--------	d-----w-	c:\program files\ESET
2014-04-18 18:41 . 2014-04-18 18:41	--------	d-sh--w-	c:\users\GrenSo\AppData\Local\EmieUserList
2014-04-18 18:41 . 2014-04-18 18:41	--------	d-sh--w-	c:\users\GrenSo\AppData\Local\EmieSiteList
2014-04-18 17:18 . 2014-04-18 17:18	901848	----a-w-	c:\windows\system32\drivers\Rt64win7.sys
2014-04-18 17:18 . 2014-04-18 17:18	73800	----a-w-	c:\windows\system32\RtNicProp64.dll
2014-04-18 17:04 . 2014-04-18 17:04	2101848	----a-w-	c:\windows\system32\WavesGUILib64.dll
2014-04-18 17:04 . 2014-04-18 17:04	946392	----a-w-	c:\windows\system32\RCoInstII64.dll
2014-04-18 17:04 . 2014-04-18 17:04	624344	----a-w-	c:\windows\system32\RtDataProc64.dll
2014-04-18 17:04 . 2014-04-18 17:04	3872984	----a-w-	c:\windows\system32\drivers\RTKVHD64.sys
2014-04-18 17:04 . 2014-04-18 17:04	2792152	----a-w-	c:\windows\system32\RtkAPO64.dll
2014-04-18 17:04 . 2014-04-18 17:04	1286872	----a-w-	c:\windows\system32\RTCOM64.dll
2014-04-18 17:04 . 2014-04-18 17:04	1024216	----a-w-	c:\windows\system32\RtkApi64.dll
2014-04-18 17:04 . 2014-04-18 17:04	2770976	----a-w-	c:\windows\system32\FMAPO64.dll
2014-04-18 17:04 . 2014-04-18 17:04	2037336	----a-w-	c:\windows\system32\MaxxAudioEQ64.dll
2014-04-18 17:04 . 2014-04-18 17:04	1033304	----a-w-	c:\windows\system32\MaxxAudioAPOShell64.dll
2014-04-18 15:39 . 2014-03-25 13:27	254240	----a-w-	c:\windows\system32\drivers\VBoxDrv.sys
2014-04-18 15:39 . 2014-03-25 13:24	128288	----a-w-	c:\windows\system32\drivers\VBoxUSBMon.sys
2014-04-18 15:35 . 2014-04-18 15:35	--------	dc-h--w-	c:\programdata\{727C5CC8-3A5E-4517-BA8B-35A93F9B2EBD}
2014-04-18 15:28 . 2014-04-18 15:28	--------	d-----w-	c:\program files (x86)\Common Files\Java
2014-04-18 15:28 . 2014-04-18 15:28	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-17 19:46 . 2014-03-04 09:44	362496	----a-w-	c:\windows\system32\wow64win.dll
2014-04-17 19:46 . 2014-03-04 09:44	243712	----a-w-	c:\windows\system32\wow64.dll
2014-04-17 19:46 . 2014-03-04 09:44	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2014-04-17 19:46 . 2014-03-04 09:44	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2014-04-17 19:46 . 2014-03-04 09:44	1163264	----a-w-	c:\windows\system32\kernel32.dll
2014-04-17 19:46 . 2014-03-04 09:17	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2014-04-17 19:46 . 2014-03-04 09:16	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2014-04-17 19:46 . 2014-03-04 09:16	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2014-04-17 19:46 . 2014-03-04 08:09	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2014-04-17 19:46 . 2014-03-04 08:09	2048	----a-w-	c:\windows\SysWow64\user.exe
2014-04-17 19:38 . 2014-01-24 02:37	1684928	----a-w-	c:\windows\system32\drivers\ntfs.sys
2014-04-17 19:38 . 2014-02-04 02:35	190912	----a-w-	c:\windows\system32\drivers\storport.sys
2014-04-17 19:38 . 2014-02-04 02:35	274880	----a-w-	c:\windows\system32\drivers\msiscsi.sys
2014-04-17 19:38 . 2014-02-04 02:35	27584	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2014-04-17 19:38 . 2014-02-04 02:28	2048	----a-w-	c:\windows\system32\iologmsg.dll
2014-04-17 19:38 . 2014-02-04 02:00	2048	----a-w-	c:\windows\SysWow64\iologmsg.dll
2014-04-16 03:02 . 2014-04-16 03:02	354656	----a-w-	c:\windows\SysWow64\DivXControlPanelApplet.cpl
2014-03-30 16:28 . 2014-03-07 14:38	18400	----a-w-	c:\windows\system32\drivers\ocztrimfilter.sys
2014-03-30 16:28 . 2014-03-07 14:38	132608	----a-w-	c:\windows\system32\OczTrimCoinstaller.dll
2014-03-30 16:28 . 2014-03-07 14:38	75056	----a-w-	c:\windows\system32\drivers\ocz10xx.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-24 18:00 . 2013-03-04 07:00	115370	----a-w-	c:\users\GrenSo\Network_Meter_Data.js
2014-04-24 17:57 . 2013-10-15 17:15	48154	----a-w-	c:\users\GrenSo\IP_Log_Data.js
2014-04-24 16:36 . 2014-02-09 18:32	119512	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-18 17:18 . 2012-09-16 16:17	107552	----a-w-	c:\windows\system32\RTNUninst64.dll
2014-04-18 15:35 . 2013-09-27 18:00	49752	----a-w-	c:\windows\system32\drivers\AntiLog64.sys
2014-04-18 15:33 . 2014-01-14 23:54	111016	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-04-18 15:33 . 2014-03-19 22:05	313256	----a-w-	c:\windows\system32\javaws.exe
2014-04-18 15:33 . 2014-01-14 23:54	191400	----a-w-	c:\windows\system32\javaw.exe
2014-04-18 15:33 . 2014-01-14 23:54	190888	----a-w-	c:\windows\system32\java.exe
2014-04-18 15:13 . 2013-03-09 13:59	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-18 15:13 . 2013-03-09 13:59	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-17 19:46 . 2012-09-16 18:01	90655440	----a-w-	c:\windows\system32\MRT.exe
2014-04-03 07:51 . 2014-02-09 18:32	63192	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-04-03 07:51 . 2014-02-09 18:32	88280	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-04-03 07:50 . 2012-09-17 17:04	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-03-25 13:24 . 2014-03-25 13:24	156448	----a-w-	c:\windows\system32\drivers\VBoxNetFlt.sys
2014-03-25 13:24 . 2014-03-25 13:24	141600	----a-w-	c:\windows\system32\drivers\VBoxNetAdp.sys
2014-03-25 13:20 . 2014-03-25 13:20	204064	----a-w-	c:\windows\system32\VBoxNetFltNobj.dll
2014-03-14 11:08 . 2012-09-16 16:52	6656	----a-w-	c:\windows\system32\lpcio.dll
2014-03-12 20:40 . 2014-03-12 20:40	1958616	----a-w-	c:\windows\system32\RTSnMg64.cpl
2014-03-12 20:40 . 2014-03-12 20:40	2825432	----a-w-	c:\windows\system32\RtPgEx64.dll
2014-03-12 20:40 . 2014-03-12 20:40	397592	----a-w-	c:\windows\system32\MBWrp64.dll
2014-03-12 16:10 . 2014-03-19 22:29	127872	----a-w-	c:\windows\system32\amdhcp64.dll
2014-03-12 16:10 . 2014-03-19 22:29	117560	----a-w-	c:\windows\SysWow64\amdhcp32.dll
2014-03-12 16:10 . 2014-03-19 22:29	78432	----a-w-	c:\windows\system32\atimpc64.dll
2014-03-12 16:10 . 2014-03-19 22:29	78432	----a-w-	c:\windows\system32\amdpcom64.dll
2014-03-12 16:10 . 2014-03-19 22:29	71704	----a-w-	c:\windows\SysWow64\atimpc32.dll
2014-03-12 16:10 . 2014-03-19 22:29	71704	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2014-03-12 16:10 . 2014-03-19 22:29	126336	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2014-03-12 16:10 . 2013-01-02 22:05	143304	----a-w-	c:\windows\system32\atiuxp64.dll
2014-03-12 16:10 . 2014-03-19 22:29	116024	----a-w-	c:\windows\system32\atiu9p64.dll
2014-03-12 16:10 . 2013-01-02 22:05	98496	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2014-03-12 16:10 . 2013-01-02 22:05	1329352	----a-w-	c:\windows\system32\aticfx64.dll
2014-03-12 16:10 . 2013-01-02 22:05	1106872	----a-w-	c:\windows\SysWow64\aticfx32.dll
2014-03-12 16:10 . 2013-01-02 22:05	10176088	----a-w-	c:\windows\system32\atidxx64.dll
2014-03-12 16:10 . 2014-03-19 22:29	8764440	----a-w-	c:\windows\SysWow64\atidxx32.dll
2014-03-12 16:10 . 2013-01-02 22:05	10145128	----a-w-	c:\windows\SysWow64\atiumdva.dll
2014-03-12 16:10 . 2013-01-02 22:05	6716264	----a-w-	c:\windows\SysWow64\atiumdag.dll
2014-03-12 16:10 . 2014-01-31 21:06	10899112	----a-w-	c:\windows\system32\atiumd6a.dll
2014-03-12 16:10 . 2014-01-31 21:06	7892000	----a-w-	c:\windows\system32\atiumd64.dll
2014-03-12 16:06 . 2014-03-19 22:29	273632	----a-w-	c:\windows\system32\drivers\amdacpksd.sys
2014-03-12 16:04 . 2014-03-19 22:29	13929984	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2014-03-12 15:50 . 2014-03-19 22:29	230912	----a-w-	c:\windows\system32\clinfo.exe
2014-03-12 15:49 . 2014-03-19 22:29	98816	----a-w-	c:\windows\system32\OpenVideo64.dll
2014-03-12 15:49 . 2014-03-19 22:29	83456	----a-w-	c:\windows\SysWow64\OpenVideo.dll
2014-03-12 15:49 . 2014-03-19 22:29	86528	----a-w-	c:\windows\system32\OVDecode64.dll
2014-03-12 15:49 . 2014-03-19 22:29	73216	----a-w-	c:\windows\SysWow64\OVDecode.dll
2014-03-12 15:49 . 2014-03-19 22:29	28425216	----a-w-	c:\windows\system32\amdocl64.dll
2014-03-12 15:47 . 2014-03-19 22:29	23903744	----a-w-	c:\windows\SysWow64\amdocl.dll
2014-03-12 15:44 . 2014-03-19 22:29	65024	----a-w-	c:\windows\system32\OpenCL.dll
2014-03-12 15:44 . 2014-03-19 22:29	58880	----a-w-	c:\windows\SysWow64\OpenCL.dll
2014-03-12 15:27 . 2014-03-19 22:29	27490304	----a-w-	c:\windows\system32\atio6axx.dll
2014-03-12 15:24 . 2014-03-19 22:29	368640	----a-w-	c:\windows\system32\atiapfxx.exe
2014-03-12 15:24 . 2014-03-19 22:29	62464	----a-w-	c:\windows\system32\aticalrt64.dll
2014-03-12 15:24 . 2014-03-19 22:29	52224	----a-w-	c:\windows\SysWow64\aticalrt.dll
2014-03-12 15:24 . 2014-03-19 22:29	55808	----a-w-	c:\windows\system32\aticalcl64.dll
2014-03-12 15:24 . 2014-03-19 22:29	49152	----a-w-	c:\windows\SysWow64\aticalcl.dll
2014-03-12 15:23 . 2014-03-19 22:29	15716352	----a-w-	c:\windows\system32\aticaldd64.dll
2014-03-12 15:20 . 2014-03-19 22:29	126464	----a-w-	c:\windows\system32\mantle64.dll
2014-03-12 15:20 . 2014-03-19 22:29	14302208	----a-w-	c:\windows\SysWow64\aticaldd.dll
2014-03-12 15:20 . 2014-03-19 22:29	113152	----a-w-	c:\windows\SysWow64\mantle32.dll
2014-03-12 15:19 . 2014-03-19 22:29	5393408	----a-w-	c:\windows\system32\amdmantle64.dll
2014-03-12 15:07 . 2014-03-19 22:29	23108608	----a-w-	c:\windows\SysWow64\atioglxx.dll
2014-03-12 15:06 . 2014-03-19 22:29	4319744	----a-w-	c:\windows\SysWow64\amdmantle32.dll
2014-03-12 15:03 . 2014-01-31 20:06	442368	----a-w-	c:\windows\system32\atidemgy.dll
2014-03-12 15:03 . 2014-03-19 22:29	31232	----a-w-	c:\windows\system32\atimuixx.dll
2014-03-12 15:03 . 2014-03-19 22:29	586240	----a-w-	c:\windows\system32\atieclxx.exe
2014-03-12 15:02 . 2014-03-19 22:29	240128	----a-w-	c:\windows\system32\atiesrxx.exe
2014-03-12 15:00 . 2014-03-19 22:29	190976	----a-w-	c:\windows\system32\atitmm64.dll
2014-03-12 14:53 . 2014-03-19 22:29	81920	----a-w-	c:\windows\system32\mantleaxl64.dll
2014-03-12 14:53 . 2014-03-19 22:29	79360	----a-w-	c:\windows\SysWow64\mantleaxl32.dll
2014-03-12 14:50 . 2014-03-19 22:29	44544	----a-w-	c:\windows\system32\amdmmcl6.dll
2014-03-12 14:50 . 2014-03-19 22:29	35840	----a-w-	c:\windows\SysWow64\amdmmcl.dll
2014-03-12 14:34 . 2014-01-31 19:37	806912	----a-w-	c:\windows\system32\coinst_13.350.dll
2014-03-12 14:27 . 2014-01-31 19:30	1148416	----a-w-	c:\windows\system32\atiadlxx.dll
2014-03-12 14:26 . 2014-03-19 22:29	828416	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2014-03-12 14:26 . 2014-03-19 22:29	75264	----a-w-	c:\windows\system32\atig6pxx.dll
2014-03-12 14:26 . 2014-03-19 22:29	69632	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2014-03-12 14:26 . 2014-03-19 22:29	69632	----a-w-	c:\windows\system32\atiglpxx.dll
2014-03-12 14:26 . 2014-03-19 22:29	146432	----a-w-	c:\windows\system32\atig6txx.dll
2014-03-12 14:25 . 2014-03-19 22:29	133120	----a-w-	c:\windows\SysWow64\atigktxx.dll
2014-03-12 14:25 . 2014-03-19 22:29	636928	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2014-03-12 14:24 . 2014-03-19 22:29	95744	----a-w-	c:\windows\system32\amdave64.dll
2014-03-12 14:24 . 2014-03-19 22:29	90112	----a-w-	c:\windows\SysWow64\amdave32.dll
2014-03-12 14:24 . 2014-03-19 22:29	89088	----a-w-	c:\windows\system32\atisamu64.dll
2014-03-12 14:24 . 2014-03-19 22:29	80896	----a-w-	c:\windows\SysWow64\atisamu32.dll
2014-03-12 14:20 . 2014-03-19 22:29	43520	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2014-03-12 11:00 . 2014-03-12 11:00	51200	----a-w-	c:\windows\system32\kdbsdk64.dll
2014-03-12 10:55 . 2014-03-12 10:55	38912	----a-w-	c:\windows\SysWow64\kdbsdk32.dll
2014-03-10 17:17 . 2013-12-04 21:17	128288	----a-w-	c:\windows\system32\IObitSmartDefragExtension.dll
2014-03-04 09:17 . 2014-04-17 19:46	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-03-01 20:16 . 2013-04-20 08:59	2	--shatr-	c:\windows\winstart.bat
2014-02-07 01:23 . 2014-03-11 19:58	3156480	----a-w-	c:\windows\system32\win32k.sys
2014-02-04 02:32 . 2014-03-11 19:58	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:32 . 2014-03-11 19:58	624128	----a-w-	c:\windows\system32\qedit.dll
2014-02-04 02:04 . 2014-03-11 19:58	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-11 19:58	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2014-01-29 02:32 . 2014-03-11 19:58	484864	----a-w-	c:\windows\system32\wer.dll
2014-01-29 02:06 . 2014-03-11 19:58	381440	----a-w-	c:\windows\SysWow64\wer.dll
2014-01-28 02:32 . 2014-03-11 19:58	228864	----a-w-	c:\windows\system32\wwansvc.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-18 15:44	223432	----a-w-	c:\users\GrenSo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-18 15:44	223432	----a-w-	c:\users\GrenSo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-18 15:44	223432	----a-w-	c:\users\GrenSo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2013-10-02 1090912]
"PeerBlock"="c:\program files\PeerBlock\peerblock.exe" [2014-01-14 2513992]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2014-02-18 759496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Diamondback"="c:\program files (x86)\Razer\Diamondback\Razer\Diamondback\razerhid.exe" [2009-10-09 226816]
"Reclusa"="c:\program files (x86)\Razer\Reclusa\razerhid.exe" [2010-01-12 292352]
"adm_tray.exe"="c:\program files (x86)\Acronis\DriveMonitor\adm_tray.exe" [2011-02-24 470120]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2012-09-12 204136]
"NaturalPoint"="c:\program files (x86)\NaturalPoint\TrackIR4\TrackIR.exe" [2012-10-11 1152592]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2013-03-27 6405376]
"VC10Player"="c:\program files (x86)\Virtual CD v10\System\VC10Play.exe" [2011-10-19 411976]
"AcronisTibMounterMonitor"="c:\program files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe" [2013-01-10 1105848]
"AntiLogger"="c:\program files (x86)\AntiLogger\AntiLogger.exe" [2014-03-26 19362728]
"EMET Agent"="c:\program files (x86)\EMET 4.0\EMET_agent.exe" [2013-06-14 78496]
"KeyScrambler"="c:\program files (x86)\KeyScrambler\keyscrambler.exe" [2013-11-14 508144]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-03-12 767200]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-04-23 1825984]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2014-04-03 450560]
.
c:\users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
FastStone Capture.lnk - c:\program files (x86)\FastStone Capture\FSCapture.exe -Silent [2014-2-8 1281536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0SmartDefragBootTime.exe
.
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; [x]
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 atillk64;atillk64; [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
R3 cleanhlp;cleanhlp;c:\program files (x86)\EMSISOFT EMERGENCY KIT\RUN\cleanhlp64.sys;c:\program files (x86)\EMSISOFT EMERGENCY KIT\RUN\cleanhlp64.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x]
R3 HH10Help.sys;HH10Help.sys;c:\windows\system32\drivers\HH10Help.sys;c:\windows\SYSNATIVE\drivers\HH10Help.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MEMSWEEP2;MEMSWEEP2; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0; [x]
R3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;c:\windows\system32\DRIVERS\WN111v2w7x.sys;c:\windows\SYSNATIVE\DRIVERS\WN111v2w7x.sys [x]
R4 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [x]
R4 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [x]
R4 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [x]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R4 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe;c:\windows\SysWOW64\nlssrv32.exe [x]
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys;c:\windows\SYSNATIVE\Drivers\fsbts.sys [x]
S0 ocz10xx;ocz10xx;c:\windows\system32\DRIVERS\ocz10xx.sys;c:\windows\SYSNATIVE\DRIVERS\ocz10xx.sys [x]
S0 ocztrimfilter;OCZ PCIe SSD Trim Filter;c:\windows\system32\DRIVERS\ocztrimfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ocztrimfilter.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\windows\SYSNATIVE\DRIVERS\tib.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\DRIVERS\vidsflt.sys;c:\windows\SYSNATIVE\DRIVERS\vidsflt.sys [x]
S1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files (x86)\EMSISOFT EMERGENCY KIT\RUN\a2ddax64.sys;c:\program files (x86)\EMSISOFT EMERGENCY KIT\RUN\a2ddax64.sys [x]
S1 AntiLog32;AntiLog32;c:\windows\system32\drivers\AntiLog64.sys;c:\windows\SYSNATIVE\drivers\AntiLog64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S1 vdrv1000;vdrv1000;c:\windows\system32\DRIVERS\vdrv1000.sys;c:\windows\SYSNATIVE\DRIVERS\vdrv1000.sys [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/11/30 20:38];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 AODDriver4.3.0;AODDriver4.3.0;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 ESHASRV;ESET SHA Service;c:\program files\ESET\ESET Endpoint Antivirus\EShaSrv.exe;c:\program files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [x]
S2 iprip;RIP-Überwachung;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [x]
S2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 VC10SecS;Virtual CD v10 Management Service;c:\program files (x86)\Virtual CD v10\System\VC10SecS.exe;c:\program files (x86)\Virtual CD v10\System\VC10SecS.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 ALSysIO;ALSysIO;c:\users\GrenSo\AppData\Local\Temp\ALSysIO64.sys;c:\users\GrenSo\AppData\Local\Temp\ALSysIO64.sys [x]
S3 AmdLLD64;AMD Low Level Device Driver;c:\windows\system32\DRIVERS\AmdLLD64.sys;c:\windows\SYSNATIVE\DRIVERS\AmdLLD64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys;c:\windows\SYSNATIVE\drivers\keyscrambler.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech QuickCam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 MTKSCVAD;Ralink Virtual Audio device;c:\windows\system32\drivers\mtkvadx.sys;c:\windows\SYSNATIVE\drivers\mtkvadx.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 npusbio;npusbio;c:\windows\system32\Drivers\npusbio_x64.sys;c:\windows\SYSNATIVE\Drivers\npusbio_x64.sys [x]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys;c:\program files\PeerBlock\pbfilter.sys [x]
S3 Razerlow;Razer Pro|Solutions;c:\windows\system32\drivers\Razerlow.sys;c:\windows\SYSNATIVE\drivers\Razerlow.sys [x]
S3 RecFltr;Reclusa Keyboard;c:\windows\system32\drivers\RecFltr.sys;c:\windows\SYSNATIVE\drivers\RecFltr.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
S3 vcd10bus;Virtual CD v10 Bus Enumerator;c:\windows\system32\DRIVERS\vcd10bus.sys;c:\windows\SYSNATIVE\DRIVERS\vcd10bus.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - MBAMWEBACCESSCONTROL
*NewlyCreated* - PBFILTER
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-03-14 11:07	2471744	----a-w-	c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-03-20 10:24	667808	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-03-20 10:24	667808	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-03-20 10:24	667808	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-18 15:44	262344	----a-w-	c:\users\GrenSo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-18 15:44	262344	----a-w-	c:\users\GrenSo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-18 15:44	262344	----a-w-	c:\users\GrenSo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2013-03-27 22:53	2827832	----a-w-	c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2013-03-27 22:53	2827832	----a-w-	c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2013-03-27 22:53	2827832	----a-w-	c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Power Monitor"="c:\program files (x86)\AMD\AMD Power Monitor\AMD Power Monitor.exe" [2009-05-21 624640]
"lxcgmon.exe"="c:\program files (x86)\Lexmark 2300 Series\lxcgmon.exe" [2007-04-29 205744]
"EzPrint"="c:\program files (x86)\Lexmark 2300 Series\ezprint.exe" [2007-04-29 103344]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2013-02-15 517912]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-04-18 13667032]
"egui"="c:\program files\ESET\ESET Endpoint Antivirus\egui.exe" [2013-10-07 4148664]
"LXCGCATS"="c:\windows\system32\spool\DRIVERS\x64\3\LXCGtime.dll" [2007-02-22 28672]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -
TCP: DhcpNameServer = 192.168.66.1
FF - ProfilePath - c:\users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.winboard.org/|hxxp://www.fcenergie.de/content/home
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2014-02-25 21:43; adsremoval@adsremoval.net; c:\users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\extensions\adsremoval@adsremoval.net
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-HydraVisionDesktopManager - c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe
Wow6432Node-HKLM-Run-HydraVisionDesktopManager - c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vdrv1000]
"ImagePath"="system32\DRIVERS\vdrv1000.sys"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1996915005-1308554187-4098229939-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:9c,20,6c,08,0e,30,4b,24,1c,8c,bc,b2,b3,ce,18,09,7b,96,33,a9,26,5e,a9,
   37,8a,0e,d8,4b,ab,7c,e3,38,af,a6,08,31,97,0f,6c,33,13,9c,33,29,11,f2,a6,7c,\
"??"=hex:c4,e0,56,06,6b,cf,19,49,40,b5,75,48,46,dc,9c,42
.
[HKEY_USERS\S-1-5-21-1996915005-1308554187-4098229939-1000\Software\SecuROM\License information*]
"datasecu"=hex:9f,c1,28,1f,fa,07,79,13,d8,3d,17,5c,0e,1f,47,7a,7b,9b,f3,9c,91,
   0a,52,cf,0a,9d,f3,14,b6,8c,4f,41,6b,ca,54,0f,78,b7,b0,5b,1b,40,8b,11,2c,2c,\
"rkeysecu"=hex:4c,c4,58,99,09,8a,46,48,d1,fd,d5,26,d7,4b,06,7f
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_199_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_199_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_75_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_75_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:cd,e0,af,e6,b2,0d,09,5b,07,cf,82,1b,b4,cb,f0,46,f2,e5,e7,8f,25,
   12,cb,9a,00,7c,6d,a6,4a,50,a8,a7,a3,69,dc,d7,da,15,59,36,84,83,0f,19,08,3d,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_199_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_199_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_75_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_75_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_199.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_199.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_199.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_199.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:cd,e0,af,e6,b2,0d,09,5b,07,cf,82,1b,b4,cb,f0,46,f2,e5,e7,8f,25,
   12,cb,9a,00,7c,6d,a6,4a,50,a8,a7,a3,69,dc,d7,da,15,59,36,84,83,0f,19,08,3d,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Windows Live\Family Safety\fsssvc.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\ Malwarebytes Anti-Malware \mbam.exe
c:\program files (x86)\FastStone Capture\FSCapture.exe
c:\program files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
c:\program files (x86)\Razer\Reclusa\razertra.exe
c:\program files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
c:\program files (x86)\Razer\Diamondback\Razer\Diamondback\razerofa.exe
c:\program files (x86)\Virtual CD v10\System\VC10Tray.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
c:\program files (x86)\Razer\Diamondback\Razer\Diamondback\razertra.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-04-24  20:17:57 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-04-24 18:17
.
Vor Suchlauf: 9 Verzeichnis(se), 113.184.772.096 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 112.714.428.416 Bytes frei
.
- - End Of File - - 6D0B8A53586524156E97A24F9DCC65AC

schrauber · 25.04.2014, 18:46

Das sind normalerweise versteckte Ordner, alles ok

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

GrenSo · 25.04.2014, 20:47

Zitat:

Zitat von schrauber

Das sind normalerweise versteckte Ordner, alles ok

Diese Ordner finde ich schon etwas "komisch", da es ja eigentlich versteckte Systemordner von Windows sind.
Soll ich diese Ordner erst mal so belassen bzw. dessen derzeitige Einstellungen oder werde diese später wieder systemseitig in den ursprünglichen Zustand, wie sie eigentlich von Windows angelegt wurden, versetzt?
Dieses wäre mir doch sehr wichtig zu wissen und dies nicht nur wegen der im Moment geänderten Ordneransicht bzw. -Struktur.

Ach ja, was hat eigentlich dieses

Code:

ATTFilter

HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1

als "Fixlist.txt" bewirkt bzw. gemacht? Will ja schon wissen was die einzelnen Aktionen an meinem System bewirken und auch ändern.

Hier die mbam.txt:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 25.04.2014 21:07:14, SYSTEM, 790FX-PHENOM-X4, Protection, Malware Protection, Starting, 
Protection, 25.04.2014 21:07:14, SYSTEM, 790FX-PHENOM-X4, Protection, Malware Protection, Started, 
Protection, 25.04.2014 21:07:14, SYSTEM, 790FX-PHENOM-X4, Protection, Malicious Website Protection, Starting, 
Protection, 25.04.2014 21:08:40, SYSTEM, 790FX-PHENOM-X4, Protection, Malicious Website Protection, Started, 

(end)

Hier die AdwCleaner[S10].txt

Code:

ATTFilter

# AdwCleaner v3.202 - Bericht erstellt am 25/04/2014 um 21:12:44
# Aktualisiert 23/04/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : GrenSo - 790FX-PHENOM-X4
# Gestartet von : C:\Users\GrenSo\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0 (de)

[ Datei : C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\prefs.js ]


*************************

AdwCleaner[R10].txt - [1502 octets] - [25/01/2014 15:37:26]
AdwCleaner[R11].txt - [3286 octets] - [20/04/2014 19:06:02]
AdwCleaner[R12].txt - [1304 octets] - [23/04/2014 00:02:51]
AdwCleaner[R13].txt - [1355 octets] - [25/04/2014 21:11:47]
AdwCleaner[R8].txt - [1207 octets] - [24/11/2013 21:36:30]
AdwCleaner[R9].txt - [1436 octets] - [23/12/2013 15:00:32]
AdwCleaner[S10].txt - [1036 octets] - [25/04/2014 21:12:44]
AdwCleaner[S6].txt - [1268 octets] - [24/11/2013 21:40:04]
AdwCleaner[S7].txt - [1447 octets] - [23/12/2013 15:02:13]
AdwCleaner[S8].txt - [1464 octets] - [25/01/2014 15:38:08]
AdwCleaner[S9].txt - [3152 octets] - [20/04/2014 19:07:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S10].txt - [1337 octets] ##########

Hier die JRT.txt:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Ultimate x64
Ran by GrenSo on 25.04.2014 at 21:27:45,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values




~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1996915005-1308554187-4098229939-1000\Software\sweetim



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\GrenSo\appdata\local\{0F992F05-6D5C-41D8-91AD-84F1FE59C333}
Successfully deleted: [Empty Folder] C:\Users\GrenSo\appdata\local\{5642CFB7-BA72-494C-B84F-E26845717F93}
Successfully deleted: [Empty Folder] C:\Users\GrenSo\appdata\local\{83D5A4DE-5F7D-44E0-9BCD-1405A9052D3D}
Successfully deleted: [Empty Folder] C:\Users\GrenSo\appdata\local\{878D3B68-6A83-4FC2-B9BD-B82C3423C11B}
Successfully deleted: [Empty Folder] C:\Users\GrenSo\appdata\local\{B709E822-AD99-4E49-B6DF-765F3B476E34}
Successfully deleted: [Empty Folder] C:\Users\GrenSo\appdata\local\{D0842B03-A28D-4AFE-B050-6B2E80640E51}
Successfully deleted: [Empty Folder] C:\Users\GrenSo\appdata\local\{D57DAD67-764A-414E-A301-5CA75346760D}



~~~ FireFox

Emptied folder: C:\Users\GrenSo\AppData\Roaming\mozilla\firefox\profiles\0rm2ca40.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.04.2014 at 21:37:44,86
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Und zu guter Letzt die neue FRST.txt:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2014
Ran by GrenSo (administrator) on 790FX-PHENOM-X4 on 25-04-2014 21:40:47
Running from C:\Users\GrenSo\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
( ) C:\Windows\system32\lxcgcoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files (x86)\AMD\AMD Power Monitor\AMD Power Monitor.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 2300 Series\lxcgmon.exe
(Lexmark International Inc.) C:\Program Files (x86)\Lexmark 2300 Series\ezprint.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(PeerBlock, LLC) C:\Program Files\PeerBlock\peerblock.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(FastStone Soft) C:\Program Files (x86)\FastStone Capture\FSCapture.exe
() C:\Program Files (x86)\Razer\Diamondback\Razer\Diamondback\razerhid.exe
(Razer USA Ltd.) C:\Program Files (x86)\Razer\Reclusa\razerhid.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\NaturalPoint\TrackIR4\TrackIR.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
() C:\Program Files (x86)\Razer\Reclusa\razertra.exe
(Zemana Ltd.) C:\Program Files (x86)\AntiLogger\AntiLogger.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Core Temp\Core Temp.exe
(Binarysense) C:\Program Files (x86)\SSDlife\ssdlife.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 4.0\EMET_Agent.exe
() C:\Program Files (x86)\Razer\Diamondback\Razer\Diamondback\razertra.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10Tray.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Diamondback\Razer\Diamondback\razerofa.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_199.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_199.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Power Monitor] => C:\Program Files (x86)\AMD\AMD Power Monitor\AMD Power Monitor.exe [624640 2009-05-21] ()
HKLM\...\Run: [lxcgmon.exe] => C:\Program Files (x86)\Lexmark 2300 Series\lxcgmon.exe [205744 2007-04-29] (Lexmark International, Inc.)
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark 2300 Series\ezprint.exe [103344 2007-04-29] (Lexmark International Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [517912 2013-02-15] (Acronis)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-18] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [4148664 2013-10-07] (ESET)
HKLM\...\Run: [LXCGCATS] => C:\Windows\system32\spool\DRIVERS\x64\3\LXCGtime.dll [28672 2007-02-22] ()
HKLM-x32\...\Run: [Diamondback] => C:\Program Files (x86)\Razer\Diamondback\Razer\Diamondback\razerhid.exe [226816 2009-10-09] ()
HKLM-x32\...\Run: [Reclusa] => C:\Program Files (x86)\Razer\Reclusa\razerhid.exe [292352 2010-01-12] (Razer USA Ltd.)
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470120 2011-02-24] ()
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [NaturalPoint] => C:\Program Files (x86)\NaturalPoint\TrackIR4\TrackIR.exe [1152592 2012-10-11] ()
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-28] (Acronis)
HKLM-x32\...\Run: [VC10Player] => C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe [411976 2011-10-19] (H+H Software GmbH)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [AntiLogger] => C:\Program Files (x86)\AntiLogger\AntiLogger.exe [19362728 2014-03-26] (Zemana Ltd.)
HKLM-x32\...\Run: [EMET Agent] => C:\Program Files (x86)\EMET 4.0\EMET_agent.exe [78496 2013-06-14] (Microsoft Corporation)
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [508144 2013-11-14] (QFX Software Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-03-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1825984 2014-04-24] (Valve Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM\...\Policies\Explorer: [CDRAutoRun] 0
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC)
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [761864 2014-04-16] (Sandboxie Holdings, LLC)
Startup: C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk
ShortcutTarget: FastStone Capture.lnk -> C:\Program Files (x86)\FastStone Capture\FSCapture.exe (FastStone Soft)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/de-de/default.aspx
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xACD295AE5894CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: livecall - No CLSID Value - 
Handler: msnim - No CLSID Value - 
Handler-x32: livecall - No CLSID Value - 
Handler-x32: msnim - No CLSID Value - 
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.66.1

FireFox:
========
FF ProfilePath: C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default
FF NewTab: google.de
FF Homepage: hxxp://www.winboard.org/|hxxp://www.fcenergie.de/content/home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_199.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_199.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.5.2 - C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll No File
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Roomy Bookmarks Toolbar - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\ALone-live@ya.ru [2014-04-18]
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\de_DE@dicts.j3e.de [2014-04-18]
FF Extension: United States English Spellchecker - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\en-US@dictionaries.addons.mozilla.org [2014-04-18]
FF Extension: MinimizeToTray revived (MinTrayR) - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\mintrayr@tn123.ath.cx [2014-04-18]
FF Extension: Forecastfox - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2014-04-18]
FF Extension: FoxClocks - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1} [2014-04-18]
FF Extension: about:addons Launcher - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\aboutaddons@about-addons-launcher.org.xpi [2014-04-18]
FF Extension: Locationbar² - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\locationbar2@design-noir.de.xpi [2014-04-18]
FF Extension: Long URL Please Mod - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\longurlplease@tseng.xpi [2014-04-18]
FF Extension: Secure Login - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\secureLogin@blueimp.net.xpi [2014-04-18]
FF Extension: Slim Add-ons Manager - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\slimaddonmanager@opendfki.de.xpi [2014-04-18]
FF Extension: Tab Scope - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\tabscope@xuldev.org.xpi [2014-04-18]
FF Extension: Flagfox - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-04-18]
FF Extension: NoScript - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-04-18]
FF Extension: Tab Mix Plus - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-04-18]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
FF Extension: ESET Endpoint Security Extension - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2014-04-18]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
FF Extension: ESET Endpoint Security Extension - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2014-04-18]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-03-12] (Advanced Micro Devices, Inc.)
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
S3 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
S4 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [85104 2012-09-18] ()
S4 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [78352 2012-09-19] (CyberLink)
S4 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [295440 2012-09-19] (CyberLink)
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [42048 2013-10-07] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1025584 2013-10-07] (ESET)
R2 ESHASRV; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [191368 2013-10-07] (ESET)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-02-28] (Futuremark)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-14] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2153792 2014-03-14] (IObit)
R2 lxcg_device; C:\Windows\system32\lxcgcoms.exe [566704 2007-04-29] ( )
R2 lxcg_device; C:\Windows\SysWOW64\lxcgcoms.exe [537520 2007-04-29] ( )
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S4 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [189960 2014-04-16] (Sandboxie Holdings, LLC)
S4 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
S4 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
R2 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [144712 2011-10-19] (H+H Software GmbH)
S2 PnkBstrA; No ImagePath
S2 PnkBstrB; No ImagePath

==================== Drivers (Whitelisted) ====================

R1 A2DDA; C:\PROGRAM FILES (X86)\EMSISOFT EMERGENCY KIT\RUN\a2ddax64.sys [26176 2013-08-20] (Emsisoft GmbH)
R1 AntiLog32; C:\Windows\system32\drivers\AntiLog64.sys [49752 2014-04-18] (Zemana Ltd.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
S3 atillk64; No ImagePath
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-10-03] ()
S3 cleanhlp; C:\PROGRAM FILES (X86)\EMSISOFT EMERGENCY KIT\RUN\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [219184 2013-10-25] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [185224 2013-09-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [155896 2013-09-09] (ESET)
S3 ENTECH; C:\Windows\SysWow64\Drivers\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [147096 2013-09-09] (ESET)
S1 ESProtectionDriver; No ImagePath
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [422400 2012-03-16] (Huawei Technologies Co., Ltd.)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-02-06] ()
S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [227840 2012-03-16] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31136 2013-10-16] (REALiX(tm))
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [222200 2013-05-31] (QFX Software Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-10-03] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 MEMSWEEP2; No ImagePath
R3 MTKSCVAD; C:\Windows\System32\drivers\mtkvadx.sys [44544 2012-07-16] (Ralink Technology, Corp.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 npusbio; C:\Windows\System32\Drivers\npusbio_x64.sys [38400 2012-07-10] ()
R0 ocz10xx; C:\Windows\System32\DRIVERS\ocz10xx.sys [75056 2014-03-07] (OCZ Storage Solutions)
R0 ocztrimfilter; C:\Windows\System32\DRIVERS\ocztrimfilter.sys [18400 2014-03-07] (OCZ Storage Solutions)
R3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()
R3 Razerlow; C:\Windows\System32\drivers\Razerlow.sys [11136 2013-11-05] (Razer (Asia-Pacific) Pte Ltd)
R3 RecFltr; C:\Windows\System32\drivers\RecFltr.sys [44800 2010-01-04] (Razer USA Ltd.)
S3 SANDRA; No ImagePath
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202248 2014-04-16] (Sandboxie Holdings, LLC)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-04-06] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-04-06] (Acronis)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106256 2013-02-20] (Oracle Corporation)
R1 vdrv1000; C:\Windows\System32\DRIVERS\vdrv1000.sys [223256 2011-04-19] (H+H Software GmbH)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-04-06] (Acronis International GmbH)
S3 WinRing0_1_2_0; No ImagePath
S3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [767488 2009-10-21] (Atheros Communications, Inc.)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [146928 2012-09-19] (CyberLink Corp.)
R3 ALSysIO; \??\C:\Users\GrenSo\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-25 21:40 - 2014-04-25 21:40 - 00005374 _____ () C:\Users\GrenSo\Desktop\FRST.txt
2014-04-25 21:37 - 2014-04-25 21:37 - 00001720 _____ () C:\Users\GrenSo\Desktop\JRT.txt
2014-04-25 21:17 - 2014-04-25 21:17 - 00000000 ____D () C:\Windows\ERUNT
2014-04-25 21:15 - 2014-04-25 21:15 - 00001418 _____ () C:\Users\GrenSo\Desktop\AdwCleaner[S10].txt
2014-04-25 21:09 - 2014-04-25 21:09 - 00000486 _____ () C:\Users\GrenSo\Desktop\mbam.txt
2014-04-25 19:51 - 2014-04-25 19:51 - 01016261 _____ (Thisisu) C:\Users\GrenSo\Desktop\JRT.exe
2014-04-25 00:49 - 2014-04-25 00:49 - 00000000 _____ () C:\Windows\SysWOW64\FAP50E4.tmp
2014-04-25 00:48 - 2014-04-25 00:48 - 00000000 _____ () C:\Windows\SysWOW64\FAPB99.tmp
2014-04-25 00:46 - 2014-04-25 00:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP49DE.tmp
2014-04-25 00:34 - 2014-04-25 00:34 - 00000000 _____ () C:\Windows\SysWOW64\FAP3B4C.tmp
2014-04-25 00:29 - 2014-04-25 00:29 - 00000000 _____ () C:\Windows\SysWOW64\FAPD68F.tmp
2014-04-25 00:29 - 2014-04-25 00:29 - 00000000 _____ () C:\Windows\SysWOW64\FAPC435.tmp
2014-04-25 00:29 - 2014-04-25 00:29 - 00000000 _____ () C:\Windows\SysWOW64\FAPB796.tmp
2014-04-25 00:29 - 2014-04-25 00:29 - 00000000 _____ () C:\Windows\SysWOW64\FAP7D04.tmp
2014-04-25 00:27 - 2014-04-25 00:27 - 00000000 _____ () C:\Windows\SysWOW64\FAPBDB9.tmp
2014-04-25 00:27 - 2014-04-25 00:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP7D1F.tmp
2014-04-25 00:17 - 2014-04-25 00:17 - 00000000 _____ () C:\Windows\SysWOW64\FAP69EB.tmp
2014-04-25 00:11 - 2014-04-25 00:11 - 00000000 ____D () C:\Users\GrenSo\AppData\Local\CrashRpt
2014-04-24 20:40 - 2014-04-24 20:40 - 00000000 ____D () C:\Users\GrenSo\Desktop\ComboFix
2014-04-24 20:18 - 2014-04-24 20:18 - 00047211 _____ () C:\ComboFix.txt
2014-04-24 19:48 - 2014-04-24 20:18 - 00000000 ____D () C:\Qoobox
2014-04-24 19:48 - 2014-04-24 20:18 - 00000000 ____D () C:\ComboFix
2014-04-24 19:48 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-24 19:48 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-24 19:48 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-24 19:48 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-24 19:48 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-24 19:48 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-24 19:48 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-24 19:48 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-24 19:47 - 2014-04-24 20:13 - 00000000 ____D () C:\Windows\erdnt
2014-04-24 19:44 - 2014-04-24 19:44 - 05196870 ____R (Swearware) C:\Users\GrenSo\Desktop\ComboFix.exe
2014-04-24 19:44 - 2014-04-24 19:44 - 00000000 ____D () C:\Users\GrenSo\Desktop\FRST
2014-04-23 23:58 - 2014-04-24 20:12 - 00001844 _____ () C:\Windows\PFRO.log
2014-04-23 19:26 - 2014-04-25 21:40 - 00000000 ____D () C:\FRST
2014-04-23 19:24 - 2014-04-24 19:42 - 02061824 _____ (Farbar) C:\Users\GrenSo\Desktop\FRST64.exe
2014-04-23 18:57 - 2014-04-23 18:57 - 00000000 ____D () C:\Program Files (x86)\TP-LINK
2014-04-23 07:54 - 2014-04-25 21:27 - 00000728 _____ () C:\Windows\setupact.log
2014-04-23 07:54 - 2014-04-23 07:54 - 05153400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-23 07:54 - 2014-04-23 07:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-23 01:17 - 2014-04-23 01:17 - 00146320 _____ () C:\Users\GrenSo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-22 23:36 - 2014-04-22 23:36 - 00000000 _____ () C:\Users\GrenSo\defogger_reenable
2014-04-22 23:04 - 2014-04-22 23:04 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-04-22 23:04 - 2014-04-22 23:04 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Apple Computer
2014-04-22 23:01 - 2014-04-22 23:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-22 23:01 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-22 23:01 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-21 20:07 - 2014-04-21 19:57 - 00002122 _____ () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Endpoint Antivirus.lnk
2014-04-18 21:08 - 2014-04-18 21:08 - 00000000 ____D () C:\ProgramData\ESET
2014-04-18 21:08 - 2014-04-18 21:08 - 00000000 ____D () C:\Program Files\ESET
2014-04-18 20:41 - 2014-04-18 20:41 - 00000000 __SHD () C:\Users\GrenSo\AppData\Local\EmieUserList
2014-04-18 20:41 - 2014-04-18 20:41 - 00000000 __SHD () C:\Users\GrenSo\AppData\Local\EmieSiteList
2014-04-18 19:18 - 2014-04-18 19:18 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-04-18 19:18 - 2014-04-18 19:18 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-04-18 19:04 - 2014-04-18 19:04 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 02037336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 01033304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-04-18 19:04 - 2014-04-18 19:04 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-04-18 17:44 - 2014-04-18 17:44 - 00002181 _____ () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-04-18 17:39 - 2014-03-25 15:27 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-04-18 17:39 - 2014-03-25 15:24 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-04-18 17:35 - 2014-04-18 17:35 - 00000000 __HDC () C:\ProgramData\{727C5CC8-3A5E-4517-BA8B-35A93F9B2EBD}
2014-04-18 17:28 - 2014-04-18 17:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-18 17:28 - 2014-04-18 17:28 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-18 17:28 - 2014-04-18 17:28 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-18 17:28 - 2014-04-18 17:28 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-18 16:51 - 2014-04-18 16:48 - 00000513 _____ () C:\Users\GrenSo\Documents\indexfile.txt
2014-04-17 21:52 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-17 21:52 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-17 21:52 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-17 21:52 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-17 21:52 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-17 21:52 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-17 21:52 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-17 21:52 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-17 21:52 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-17 21:52 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-17 21:52 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-17 21:52 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-17 21:52 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-17 21:52 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-17 21:52 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-17 21:52 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-17 21:52 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-17 21:52 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-17 21:52 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-17 21:52 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-17 21:52 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-17 21:52 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-17 21:52 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-17 21:52 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-17 21:52 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-17 21:52 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-17 21:52 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-17 21:52 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-17 21:52 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-17 21:52 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-17 21:52 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-17 21:52 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-17 21:52 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-17 21:52 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-17 21:52 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-17 21:52 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-17 21:52 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-17 21:52 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-17 21:52 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-17 21:52 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-17 21:52 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-17 21:52 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-17 21:52 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-17 21:52 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-17 21:52 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-17 21:52 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-17 21:52 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-17 21:52 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-17 21:46 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-17 21:46 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-17 21:46 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-17 21:46 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-17 21:46 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-17 21:46 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-17 21:46 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-17 21:46 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-17 21:46 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-17 21:46 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-17 21:46 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-17 21:38 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-17 21:38 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-17 21:38 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-17 21:38 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-17 21:38 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-17 21:38 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-16 05:02 - 2014-04-16 05:02 - 00354656 _____ (DivX, Inc.) C:\Windows\SysWOW64\DivXControlPanelApplet.cpl
2014-03-30 18:28 - 2014-03-07 16:38 - 00132608 _____ (OCZ Storage Solutions) C:\Windows\system32\OczTrimCoinstaller.dll
2014-03-30 18:28 - 2014-03-07 16:38 - 00075056 _____ (OCZ Storage Solutions) C:\Windows\system32\Drivers\ocz10xx.sys
2014-03-30 18:28 - 2014-03-07 16:38 - 00018400 _____ (OCZ Storage Solutions) C:\Windows\system32\Drivers\ocztrimfilter.sys

==================== One Month Modified Files and Folders =======

2014-04-25 21:41 - 2014-04-25 21:40 - 00026396 _____ () C:\Users\GrenSo\Desktop\FRST.txt
2014-04-25 21:40 - 2014-04-23 19:26 - 00000000 ____D () C:\FRST
2014-04-25 21:37 - 2014-04-25 21:37 - 00001720 _____ () C:\Users\GrenSo\Desktop\JRT.txt
2014-04-25 21:37 - 2009-07-14 19:58 - 00786872 _____ () C:\Windows\system32\perfh007.dat
2014-04-25 21:37 - 2009-07-14 19:58 - 00181826 _____ () C:\Windows\system32\perfc007.dat
2014-04-25 21:37 - 2009-07-14 07:13 - 01837466 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-25 21:35 - 2009-07-14 06:45 - 00015120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-25 21:35 - 2009-07-14 06:45 - 00015120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-25 21:34 - 2012-09-16 19:50 - 00000000 ____D () C:\Program Files (x86)\SRWare Iron
2014-04-25 21:29 - 2013-10-15 19:15 - 00048949 _____ () C:\Users\GrenSo\IP_Log_Data.js
2014-04-25 21:28 - 2014-02-09 20:32 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-25 21:28 - 2012-09-16 23:01 - 00000000 ____D () C:\Program Files\PeerBlock
2014-04-25 21:27 - 2014-04-23 07:54 - 00000728 _____ () C:\Windows\setupact.log
2014-04-25 21:27 - 2013-03-06 20:38 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-25 21:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-25 21:25 - 2014-01-07 20:47 - 01873690 _____ () C:\Windows\WindowsUpdate.log
2014-04-25 21:25 - 2013-03-04 09:36 - 00000026 _____ () C:\Users\GrenSo\AppData\Roaming\Network Meter_Usage.ini
2014-04-25 21:17 - 2014-04-25 21:17 - 00000000 ____D () C:\Windows\ERUNT
2014-04-25 21:15 - 2014-04-25 21:15 - 00001418 _____ () C:\Users\GrenSo\Desktop\AdwCleaner[S10].txt
2014-04-25 21:12 - 2013-11-24 21:36 - 00000000 ____D () C:\AdwCleaner
2014-04-25 21:11 - 2013-09-25 18:55 - 00000000 ____D () C:\Program Files (x86)\AdwCleaner
2014-04-25 21:09 - 2014-04-25 21:09 - 00000486 _____ () C:\Users\GrenSo\Desktop\mbam.txt
2014-04-25 21:00 - 2013-03-04 09:00 - 00115679 _____ () C:\Users\GrenSo\Network_Meter_Data.js
2014-04-25 19:51 - 2014-04-25 19:51 - 01016261 _____ (Thisisu) C:\Users\GrenSo\Desktop\JRT.exe
2014-04-25 19:24 - 2013-03-23 22:12 - 00000000 ____D () C:\Program Files\McAfee AVERT Stinger
2014-04-25 00:53 - 2012-09-17 08:12 - 00000000 ____D () C:\Users\GrenSo\SecurityScans
2014-04-25 00:49 - 2014-04-25 00:49 - 00000000 _____ () C:\Windows\SysWOW64\FAP50E4.tmp
2014-04-25 00:48 - 2014-04-25 00:48 - 00000000 _____ () C:\Windows\SysWOW64\FAPB99.tmp
2014-04-25 00:46 - 2014-04-25 00:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP49DE.tmp
2014-04-25 00:34 - 2014-04-25 00:34 - 00000000 _____ () C:\Windows\SysWOW64\FAP3B4C.tmp
2014-04-25 00:29 - 2014-04-25 00:29 - 00000000 _____ () C:\Windows\SysWOW64\FAPD68F.tmp
2014-04-25 00:29 - 2014-04-25 00:29 - 00000000 _____ () C:\Windows\SysWOW64\FAPC435.tmp
2014-04-25 00:29 - 2014-04-25 00:29 - 00000000 _____ () C:\Windows\SysWOW64\FAPB796.tmp
2014-04-25 00:29 - 2014-04-25 00:29 - 00000000 _____ () C:\Windows\SysWOW64\FAP7D04.tmp
2014-04-25 00:27 - 2014-04-25 00:27 - 00000000 _____ () C:\Windows\SysWOW64\FAPBDB9.tmp
2014-04-25 00:27 - 2014-04-25 00:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP7D1F.tmp
2014-04-25 00:17 - 2014-04-25 00:17 - 00000000 _____ () C:\Windows\SysWOW64\FAP69EB.tmp
2014-04-25 00:11 - 2014-04-25 00:11 - 00000000 ____D () C:\Users\GrenSo\AppData\Local\CrashRpt
2014-04-25 00:11 - 2011-01-01 15:00 - 00000000 ____D () C:\Users\GrenSo\Documents\My Games
2014-04-24 23:30 - 2012-09-16 23:06 - 00000000 ____D () C:\Program Files\Paint.NET
2014-04-24 23:19 - 2013-11-05 00:56 - 00000000 ____D () C:\ProgramData\ProductData
2014-04-24 20:40 - 2014-04-24 20:40 - 00000000 ____D () C:\Users\GrenSo\Desktop\ComboFix
2014-04-24 20:18 - 2014-04-24 20:18 - 00047211 _____ () C:\ComboFix.txt
2014-04-24 20:18 - 2014-04-24 19:48 - 00000000 ____D () C:\Qoobox
2014-04-24 20:18 - 2014-04-24 19:48 - 00000000 ____D () C:\ComboFix
2014-04-24 20:13 - 2014-04-24 19:47 - 00000000 ____D () C:\Windows\erdnt
2014-04-24 20:12 - 2014-04-23 23:58 - 00001844 _____ () C:\Windows\PFRO.log
2014-04-24 20:12 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-24 19:44 - 2014-04-24 19:44 - 05196870 ____R (Swearware) C:\Users\GrenSo\Desktop\ComboFix.exe
2014-04-24 19:44 - 2014-04-24 19:44 - 00000000 ____D () C:\Users\GrenSo\Desktop\FRST
2014-04-24 19:42 - 2014-04-23 19:24 - 02061824 _____ (Farbar) C:\Users\GrenSo\Desktop\FRST64.exe
2014-04-24 19:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-24 18:59 - 2012-09-16 22:32 - 00000000 ____D () C:\ProgramData\DivX
2014-04-24 18:58 - 2012-09-16 22:33 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-04-24 18:56 - 2012-09-16 22:22 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-24 00:26 - 2012-09-17 01:59 - 00000000 ____D () C:\Program Files (x86)\AIDA64 Extreme Edition
2014-04-24 00:23 - 2013-04-06 15:44 - 00000000 ____D () C:\Program Files (x86)\Rufus
2014-04-23 23:58 - 2012-09-16 19:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-23 23:58 - 2012-09-16 18:15 - 00000000 ____D () C:\Program Files\WinRAR
2014-04-23 23:09 - 2014-02-07 14:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-23 20:42 - 2012-09-28 18:47 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hardware
2014-04-23 20:37 - 2012-09-16 21:04 - 00000000 ____D () C:\Program Files\Lx_cats
2014-04-23 18:57 - 2014-04-23 18:57 - 00000000 ____D () C:\Program Files (x86)\TP-LINK
2014-04-23 07:54 - 2014-04-23 07:54 - 05153400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-23 07:54 - 2014-04-23 07:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-23 01:17 - 2014-04-23 01:17 - 00146320 _____ () C:\Users\GrenSo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-23 00:00 - 2012-10-19 19:07 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-04-22 23:58 - 2012-09-28 18:47 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System
2014-04-22 23:36 - 2014-04-22 23:36 - 00000000 _____ () C:\Users\GrenSo\defogger_reenable
2014-04-22 23:36 - 2012-09-16 17:23 - 00000000 ____D () C:\Users\GrenSo
2014-04-22 23:25 - 2012-11-20 20:09 - 00000000 ____D () C:\Program Files (x86)\AnvilBenchmark
2014-04-22 23:04 - 2014-04-22 23:04 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-04-22 23:04 - 2014-04-22 23:04 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Apple Computer
2014-04-22 23:01 - 2014-04-22 23:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-21 20:56 - 2012-09-16 19:00 - 00000000 ____D () C:\Users\GrenSo\AppData\Local\Adobe
2014-04-21 20:09 - 2012-09-19 21:14 - 00000000 ____D () C:\Program Files (x86)\XMedia Recode
2014-04-21 19:57 - 2014-04-21 20:07 - 00002122 _____ () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Endpoint Antivirus.lnk
2014-04-21 19:47 - 2014-01-17 19:50 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\ProductData
2014-04-21 19:47 - 2013-10-06 20:30 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\vlc
2014-04-21 19:47 - 2013-09-27 20:00 - 00000000 ____D () C:\Program Files (x86)\AntiLogger
2014-04-21 19:47 - 2013-02-08 20:15 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\QFX Software
2014-04-21 19:47 - 2013-02-08 20:15 - 00000000 ____D () C:\ProgramData\QFX Software
2014-04-21 19:47 - 2013-01-11 23:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-21 19:47 - 2012-09-16 19:49 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\TeraCopy
2014-04-21 19:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-18 21:08 - 2014-04-18 21:08 - 00000000 ____D () C:\ProgramData\ESET
2014-04-18 21:08 - 2014-04-18 21:08 - 00000000 ____D () C:\Program Files\ESET
2014-04-18 20:47 - 2012-09-16 18:22 - 00000000 ____D () C:\ProgramData\Razer
2014-04-18 20:46 - 2012-09-18 21:49 - 00000000 ____D () C:\Program Files (x86)\Alternative Flash Player Auto-Updater
2014-04-18 20:41 - 2014-04-18 20:41 - 00000000 __SHD () C:\Users\GrenSo\AppData\Local\EmieUserList
2014-04-18 20:41 - 2014-04-18 20:41 - 00000000 __SHD () C:\Users\GrenSo\AppData\Local\EmieSiteList
2014-04-18 20:18 - 2012-09-16 18:58 - 00001485 _____ () C:\Users\GrenSo\AppData\Roaming\Network Meter_Settings.ini
2014-04-18 19:18 - 2014-04-18 19:18 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-04-18 19:18 - 2014-04-18 19:18 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-04-18 19:18 - 2012-09-16 18:17 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-04-18 19:05 - 2013-11-12 23:10 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-04-18 19:04 - 2014-04-18 19:04 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-04-18 19:04 - 2014-04-18 19:04 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 02037336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 01033304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-04-18 19:04 - 2014-04-18 19:04 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-04-18 19:01 - 2012-11-23 21:14 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\TeamViewer
2014-04-18 19:01 - 2012-09-28 19:09 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Editoren
2014-04-18 19:01 - 2012-09-28 18:47 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bildbearbeitung
2014-04-18 19:01 - 2012-09-28 18:46 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download
2014-04-18 19:01 - 2012-09-19 21:26 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3D Animation
2014-04-18 17:57 - 2012-09-16 20:26 - 00000000 ____D () C:\Users\GrenSo\.VirtualBox
2014-04-18 17:50 - 2012-10-14 12:42 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2014-04-18 17:44 - 2014-04-18 17:44 - 00002181 _____ () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-04-18 17:42 - 2013-02-12 19:48 - 00000000 ____D () C:\Program Files\FreeFixer
2014-04-18 17:41 - 2012-12-27 15:43 - 00000000 ____D () C:\ProgramData\IObit
2014-04-18 17:37 - 2013-10-18 11:59 - 00000000 ____D () C:\Program Files\Wireshark
2014-04-18 17:37 - 2012-09-16 17:23 - 00000000 ___RD () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-18 17:35 - 2014-04-18 17:35 - 00000000 __HDC () C:\ProgramData\{727C5CC8-3A5E-4517-BA8B-35A93F9B2EBD}
2014-04-18 17:35 - 2013-09-27 20:00 - 00049752 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\AntiLog64.sys
2014-04-18 17:33 - 2014-03-20 00:05 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-18 17:33 - 2014-01-15 01:54 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-18 17:33 - 2014-01-15 01:54 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-18 17:33 - 2014-01-15 01:54 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-18 17:32 - 2012-09-24 11:09 - 00000000 ____D () C:\Program Files\Adobe
2014-04-18 17:29 - 2013-09-13 20:07 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-18 17:29 - 2013-03-05 09:11 - 00000000 ____D () C:\Program Files\Java
2014-04-18 17:29 - 2013-01-14 01:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-18 17:28 - 2014-04-18 17:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-18 17:28 - 2014-04-18 17:28 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-18 17:28 - 2014-04-18 17:28 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-18 17:28 - 2014-04-18 17:28 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-18 17:26 - 2012-09-16 22:57 - 00000000 ____D () C:\Program Files (x86)\EditPlus 3
2014-04-18 17:23 - 2014-01-10 19:54 - 00000000 ____D () C:\Program Files (x86)\AppRemover
2014-04-18 17:22 - 2013-04-20 10:58 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
2014-04-18 17:20 - 2012-09-26 20:50 - 00000000 ____D () C:\Program Files\Network Scanner
2014-04-18 17:18 - 2012-09-24 11:09 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-04-18 17:18 - 2012-09-17 20:02 - 00000000 ____D () C:\Program Files (x86)\Passbild-Generator
2014-04-18 17:17 - 2012-09-16 23:05 - 00000000 ____D () C:\Program Files (x86)\XnView
2014-04-18 17:15 - 2013-07-02 20:48 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-18 17:15 - 2012-09-16 19:00 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-18 17:15 - 2012-09-16 18:35 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Adobe
2014-04-18 17:14 - 2013-11-03 12:34 - 00000000 ____D () C:\Program Files\CrystalDiskInfo
2014-04-18 17:13 - 2013-03-09 15:59 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-18 17:13 - 2013-03-09 15:59 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-18 16:48 - 2014-04-18 16:51 - 00000513 _____ () C:\Users\GrenSo\Documents\indexfile.txt
2014-04-17 22:47 - 2013-05-24 20:01 - 00000000 ____D () C:\ProgramData\Vodafone
2014-04-17 22:32 - 2014-02-09 20:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-17 22:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-17 21:52 - 2013-07-09 20:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-17 21:46 - 2012-09-16 20:01 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-17 21:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-16 05:02 - 2014-04-16 05:02 - 00354656 _____ (DivX, Inc.) C:\Windows\SysWOW64\DivXControlPanelApplet.cpl
2014-04-14 04:24 - 2014-04-22 23:01 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-04-22 23:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-03 09:51 - 2014-02-09 20:32 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-02-09 20:32 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2012-09-17 19:04 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Files to move or delete:
====================
C:\Users\GrenSo\IP_Log_Data.js
C:\Users\GrenSo\Network_Meter_Data.js


Some content of TEMP:
====================
C:\Users\GrenSo\AppData\Local\Temp\NEventMessages.dll
C:\Users\GrenSo\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\GrenSo\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-24 00:15

==================== End Of Log ============================

--- --- ---

schrauber · 26.04.2014, 15:51

Ne Policy zurück gesetzt die Original so nicht gesetzt ist. In dem Fall im Rechtsklickmenü.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

GrenSo · 27.04.2014, 15:18

Hier die Logdatei vom Eset Online Scanner:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=dfeadaa9f9b9b342a785bbdc631f03eb
# engine=18048
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-27 01:38:22
# local_time=2014-04-27 03:38:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 9387467 150235752 0 0
# scanned=825042
# found=1
# cleaned=0
# scan_time=12755
# nod_component=V3 Build:0x30000000
sh=8B6CF89BDE25F47D67A3CB2E90524F02576E4365 ft=1 fh=c6b823c50b63b9f4 vn="Variante von Win32/Packed.VMProtect.AAA Trojaner" ac=I fn="E:\Adventure\Sleeping Dogs\buddha.dll"

Was den Fund von ESET betrifft, so handelt es sich dabei um einen NoCD-Patch für ein Spielt, welches ich im Original besitze - damit keine Fragen aufkommen - aber nicht die Lust hab immer die DVD einzulegen.

Hier die vom SecurityCheck:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.82  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
ESET Endpoint Antivirus 5.0   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 55  
 Java 8 Update 5  
 Adobe Flash Player 13.0.0.199  
 Adobe Reader XI  
 Mozilla Firefox (29.0) 
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
 ESET ESET Endpoint Antivirus EShaSrv.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Und hier die aktuelle FRST.txt:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2014
Ran by GrenSo (administrator) on 790FX-PHENOM-X4 on 27-04-2014 16:04:27
Running from C:\Users\GrenSo\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
( ) C:\Windows\system32\lxcgcoms.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
() C:\Program Files (x86)\AMD\AMD Power Monitor\AMD Power Monitor.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 2300 Series\lxcgmon.exe
(Lexmark International Inc.) C:\Program Files (x86)\Lexmark 2300 Series\ezprint.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(PeerBlock, LLC) C:\Program Files\PeerBlock\peerblock.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(FastStone Soft) C:\Program Files (x86)\FastStone Capture\FSCapture.exe
() C:\Program Files (x86)\Razer\Diamondback\Razer\Diamondback\razerhid.exe
(Razer USA Ltd.) C:\Program Files (x86)\Razer\Reclusa\razerhid.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\NaturalPoint\TrackIR4\TrackIR.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
() C:\Program Files (x86)\Razer\Reclusa\razertra.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Core Temp\Core Temp.exe
(Binarysense) C:\Program Files (x86)\SSDlife\ssdlife.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 4.0\EMET_Agent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Razer\Diamondback\Razer\Diamondback\razertra.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10Tray.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Diamondback\Razer\Diamondback\razerofa.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Power Monitor] => C:\Program Files (x86)\AMD\AMD Power Monitor\AMD Power Monitor.exe [624640 2009-05-21] ()
HKLM\...\Run: [lxcgmon.exe] => C:\Program Files (x86)\Lexmark 2300 Series\lxcgmon.exe [205744 2007-04-29] (Lexmark International, Inc.)
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark 2300 Series\ezprint.exe [103344 2007-04-29] (Lexmark International Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [517912 2013-02-15] (Acronis)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-18] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [4148664 2013-10-07] (ESET)
HKLM\...\Run: [LXCGCATS] => C:\Windows\system32\spool\DRIVERS\x64\3\LXCGtime.dll [28672 2007-02-22] ()
HKLM-x32\...\Run: [Diamondback] => C:\Program Files (x86)\Razer\Diamondback\Razer\Diamondback\razerhid.exe [226816 2009-10-09] ()
HKLM-x32\...\Run: [Reclusa] => C:\Program Files (x86)\Razer\Reclusa\razerhid.exe [292352 2010-01-12] (Razer USA Ltd.)
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470120 2011-02-24] ()
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [NaturalPoint] => C:\Program Files (x86)\NaturalPoint\TrackIR4\TrackIR.exe [1152592 2012-10-11] ()
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-28] (Acronis)
HKLM-x32\...\Run: [VC10Player] => C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe [411976 2011-10-19] (H+H Software GmbH)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [AntiLogger] => C:\Program Files (x86)\AntiLogger\AntiLogger.exe [19362728 2014-03-26] (Zemana Ltd.)
HKLM-x32\...\Run: [EMET Agent] => C:\Program Files (x86)\EMET 4.0\EMET_agent.exe [78496 2013-06-14] (Microsoft Corporation)
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [508144 2013-11-14] (QFX Software Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-03-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1825984 2014-04-24] (Valve Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM\...\Policies\Explorer: [CDRAutoRun] 0
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC)
HKU\S-1-5-21-1996915005-1308554187-4098229939-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [761864 2014-04-16] (Sandboxie Holdings, LLC)
Startup: C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk
ShortcutTarget: FastStone Capture.lnk -> C:\Program Files (x86)\FastStone Capture\FSCapture.exe (FastStone Soft)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/de-de/default.aspx
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xACD295AE5894CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: livecall - No CLSID Value - 
Handler: msnim - No CLSID Value - 
Handler-x32: livecall - No CLSID Value - 
Handler-x32: msnim - No CLSID Value - 
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.66.1

FireFox:
========
FF ProfilePath: C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default
FF NewTab: google.de
FF Homepage: hxxp://www.winboard.org/|hxxp://www.fcenergie.de/content/home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_199.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_199.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.5.2 - C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll No File
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Roomy Bookmarks Toolbar - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\ALone-live@ya.ru [2014-04-18]
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\de_DE@dicts.j3e.de [2014-04-18]
FF Extension: United States English Spellchecker - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\en-US@dictionaries.addons.mozilla.org [2014-04-18]
FF Extension: MinimizeToTray revived (MinTrayR) - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\mintrayr@tn123.ath.cx [2014-04-18]
FF Extension: Forecastfox - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2014-04-18]
FF Extension: FoxClocks - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1} [2014-04-18]
FF Extension: about:addons Launcher - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\aboutaddons@about-addons-launcher.org.xpi [2014-04-18]
FF Extension: Locationbar² - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\locationbar2@design-noir.de.xpi [2014-04-18]
FF Extension: Long URL Please Mod - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\longurlplease@tseng.xpi [2014-04-18]
FF Extension: Secure Login - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\secureLogin@blueimp.net.xpi [2014-04-18]
FF Extension: Slim Add-ons Manager - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\slimaddonmanager@opendfki.de.xpi [2014-04-18]
FF Extension: Tab Scope - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\tabscope@xuldev.org.xpi [2014-04-18]
FF Extension: Flagfox - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-04-18]
FF Extension: NoScript - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-04-18]
FF Extension: Tab Mix Plus - C:\Users\GrenSo\AppData\Roaming\Mozilla\Firefox\Profiles\0rm2ca40.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-04-18]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
FF Extension: ESET Endpoint Security Extension - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2014-04-18]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
FF Extension: ESET Endpoint Security Extension - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2014-04-18]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-03-12] (Advanced Micro Devices, Inc.)
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
S3 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
S4 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [85104 2012-09-18] ()
S4 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [78352 2012-09-19] (CyberLink)
S4 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [295440 2012-09-19] (CyberLink)
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [42048 2013-10-07] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1025584 2013-10-07] (ESET)
R2 ESHASRV; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [191368 2013-10-07] (ESET)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-02-28] (Futuremark)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-14] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2153792 2014-03-14] (IObit)
R2 lxcg_device; C:\Windows\system32\lxcgcoms.exe [566704 2007-04-29] ( )
R2 lxcg_device; C:\Windows\SysWOW64\lxcgcoms.exe [537520 2007-04-29] ( )
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-04-18] (Malwarebytes Corporation)
S4 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [189960 2014-04-16] (Sandboxie Holdings, LLC)
S4 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
S4 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
R2 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [144712 2011-10-19] (H+H Software GmbH)
S2 PnkBstrA; No ImagePath
S2 PnkBstrB; No ImagePath

==================== Drivers (Whitelisted) ====================

R1 A2DDA; C:\PROGRAM FILES (X86)\EMSISOFT EMERGENCY KIT\RUN\a2ddax64.sys [26176 2013-08-20] (Emsisoft GmbH)
R1 AntiLog32; C:\Windows\system32\drivers\AntiLog64.sys [49752 2014-04-18] (Zemana Ltd.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
S3 atillk64; No ImagePath
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-10-03] ()
S3 cleanhlp; C:\PROGRAM FILES (X86)\EMSISOFT EMERGENCY KIT\RUN\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [219184 2013-10-25] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [185224 2013-09-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [155896 2013-09-09] (ESET)
S3 ENTECH; C:\Windows\SysWow64\Drivers\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [147096 2013-09-09] (ESET)
S1 ESProtectionDriver; No ImagePath
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [422400 2012-03-16] (Huawei Technologies Co., Ltd.)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-02-06] ()
S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [227840 2012-03-16] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31136 2013-10-16] (REALiX(tm))
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [222200 2013-05-31] (QFX Software Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-10-03] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-04-18] (Malwarebytes Corporation)
S3 MEMSWEEP2; No ImagePath
R3 MTKSCVAD; C:\Windows\System32\drivers\mtkvadx.sys [44544 2012-07-16] (Ralink Technology, Corp.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 npusbio; C:\Windows\System32\Drivers\npusbio_x64.sys [38400 2012-07-10] ()
R0 ocz10xx; C:\Windows\System32\DRIVERS\ocz10xx.sys [75056 2014-03-07] (OCZ Storage Solutions)
R0 ocztrimfilter; C:\Windows\System32\DRIVERS\ocztrimfilter.sys [18400 2014-03-07] (OCZ Storage Solutions)
R3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()
R3 Razerlow; C:\Windows\System32\drivers\Razerlow.sys [11136 2013-11-05] (Razer (Asia-Pacific) Pte Ltd)
R3 RecFltr; C:\Windows\System32\drivers\RecFltr.sys [44800 2010-01-04] (Razer USA Ltd.)
S3 SANDRA; No ImagePath
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202248 2014-04-16] (Sandboxie Holdings, LLC)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-04-06] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-04-06] (Acronis)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106256 2013-02-20] (Oracle Corporation)
R1 vdrv1000; C:\Windows\System32\DRIVERS\vdrv1000.sys [223256 2011-04-19] (H+H Software GmbH)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-04-06] (Acronis International GmbH)
S3 WinRing0_1_2_0; No ImagePath
S3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [767488 2009-10-21] (Atheros Communications, Inc.)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [146928 2012-09-19] (CyberLink Corp.)
R3 ALSysIO; \??\C:\Users\GrenSo\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-27 16:04 - 2014-04-27 16:04 - 00004688 _____ () C:\Users\GrenSo\Desktop\FRST.txt
2014-04-27 16:01 - 2014-04-27 16:01 - 00000864 _____ () C:\Users\GrenSo\Desktop\checkup.txt
2014-04-26 18:03 - 2014-04-26 18:03 - 00855379 _____ () C:\Users\GrenSo\Desktop\SecurityCheck.exe
2014-04-25 21:59 - 2014-04-25 21:59 - 00000000 ____D () C:\Users\GrenSo\Desktop\JRT
2014-04-25 21:17 - 2014-04-25 21:17 - 00000000 ____D () C:\Windows\ERUNT
2014-04-25 21:09 - 2014-04-25 21:09 - 00000486 _____ () C:\Users\GrenSo\Desktop\mbam.txt
2014-04-25 19:51 - 2014-04-25 19:51 - 01016261 _____ (Thisisu) C:\Users\GrenSo\Desktop\JRT.exe
2014-04-25 00:49 - 2014-04-25 00:49 - 00000000 _____ () C:\Windows\SysWOW64\FAP50E4.tmp
2014-04-25 00:48 - 2014-04-25 00:48 - 00000000 _____ () C:\Windows\SysWOW64\FAPB99.tmp
2014-04-25 00:46 - 2014-04-25 00:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP49DE.tmp
2014-04-25 00:34 - 2014-04-25 00:34 - 00000000 _____ () C:\Windows\SysWOW64\FAP3B4C.tmp
2014-04-25 00:29 - 2014-04-25 00:29 - 00000000 _____ () C:\Windows\SysWOW64\FAPD68F.tmp
2014-04-25 00:29 - 2014-04-25 00:29 - 00000000 _____ () C:\Windows\SysWOW64\FAPC435.tmp
2014-04-25 00:29 - 2014-04-25 00:29 - 00000000 _____ () C:\Windows\SysWOW64\FAPB796.tmp
2014-04-25 00:29 - 2014-04-25 00:29 - 00000000 _____ () C:\Windows\SysWOW64\FAP7D04.tmp
2014-04-25 00:27 - 2014-04-25 00:27 - 00000000 _____ () C:\Windows\SysWOW64\FAPBDB9.tmp
2014-04-25 00:27 - 2014-04-25 00:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP7D1F.tmp
2014-04-25 00:17 - 2014-04-25 00:17 - 00000000 _____ () C:\Windows\SysWOW64\FAP69EB.tmp
2014-04-25 00:11 - 2014-04-25 00:11 - 00000000 ____D () C:\Users\GrenSo\AppData\Local\CrashRpt
2014-04-24 20:40 - 2014-04-24 20:40 - 00000000 ____D () C:\Users\GrenSo\Desktop\ComboFix
2014-04-24 20:18 - 2014-04-24 20:18 - 00047211 _____ () C:\ComboFix.txt
2014-04-24 19:48 - 2014-04-24 20:18 - 00000000 ____D () C:\Qoobox
2014-04-24 19:48 - 2014-04-24 20:18 - 00000000 ____D () C:\ComboFix
2014-04-24 19:48 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-24 19:48 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-24 19:48 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-24 19:48 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-24 19:48 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-24 19:48 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-24 19:48 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-24 19:48 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-24 19:47 - 2014-04-24 20:13 - 00000000 ____D () C:\Windows\erdnt
2014-04-24 19:44 - 2014-04-26 18:04 - 00000000 ____D () C:\Users\GrenSo\Desktop\FRST
2014-04-24 19:44 - 2014-04-24 19:44 - 05196870 ____R (Swearware) C:\Users\GrenSo\Desktop\ComboFix.exe
2014-04-23 23:58 - 2014-04-24 20:12 - 00001844 _____ () C:\Windows\PFRO.log
2014-04-23 19:26 - 2014-04-27 16:04 - 00000000 ____D () C:\FRST
2014-04-23 19:24 - 2014-04-24 19:42 - 02061824 _____ (Farbar) C:\Users\GrenSo\Desktop\FRST64.exe
2014-04-23 18:57 - 2014-04-23 18:57 - 00000000 ____D () C:\Program Files (x86)\TP-LINK
2014-04-23 07:54 - 2014-04-27 11:50 - 00000896 _____ () C:\Windows\setupact.log
2014-04-23 07:54 - 2014-04-23 07:54 - 05153400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-23 07:54 - 2014-04-23 07:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-23 01:17 - 2014-04-23 01:17 - 00146320 _____ () C:\Users\GrenSo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-22 23:36 - 2014-04-22 23:36 - 00000000 _____ () C:\Users\GrenSo\defogger_reenable
2014-04-22 23:04 - 2014-04-22 23:04 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-04-22 23:04 - 2014-04-22 23:04 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Apple Computer
2014-04-22 23:01 - 2014-04-22 23:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-22 23:01 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-22 23:01 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-21 20:07 - 2014-04-21 19:57 - 00002122 _____ () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Endpoint Antivirus.lnk
2014-04-18 21:08 - 2014-04-18 21:08 - 00000000 ____D () C:\ProgramData\ESET
2014-04-18 21:08 - 2014-04-18 21:08 - 00000000 ____D () C:\Program Files\ESET
2014-04-18 20:41 - 2014-04-18 20:41 - 00000000 __SHD () C:\Users\GrenSo\AppData\Local\EmieUserList
2014-04-18 20:41 - 2014-04-18 20:41 - 00000000 __SHD () C:\Users\GrenSo\AppData\Local\EmieSiteList
2014-04-18 19:18 - 2014-04-18 19:18 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-04-18 19:18 - 2014-04-18 19:18 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-04-18 19:04 - 2014-04-18 19:04 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 02037336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 01033304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-04-18 19:04 - 2014-04-18 19:04 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-04-18 17:44 - 2014-04-18 17:44 - 00002181 _____ () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-04-18 17:39 - 2014-03-25 15:27 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-04-18 17:39 - 2014-03-25 15:24 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-04-18 17:35 - 2014-04-18 17:35 - 00000000 __HDC () C:\ProgramData\{727C5CC8-3A5E-4517-BA8B-35A93F9B2EBD}
2014-04-18 17:28 - 2014-04-18 17:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-18 17:28 - 2014-04-18 17:28 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-18 17:28 - 2014-04-18 17:28 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-18 17:28 - 2014-04-18 17:28 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-18 16:51 - 2014-04-18 16:48 - 00000513 _____ () C:\Users\GrenSo\Documents\indexfile.txt
2014-04-17 21:52 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-17 21:52 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-17 21:52 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-17 21:52 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-17 21:52 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-17 21:52 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-17 21:52 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-17 21:52 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-17 21:52 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-17 21:52 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-17 21:52 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-17 21:52 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-17 21:52 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-17 21:52 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-17 21:52 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-17 21:52 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-17 21:52 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-17 21:52 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-17 21:52 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-17 21:52 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-17 21:52 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-17 21:52 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-17 21:52 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-17 21:52 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-17 21:52 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-17 21:52 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-17 21:52 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-17 21:52 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-17 21:52 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-17 21:52 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-17 21:52 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-17 21:52 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-17 21:52 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-17 21:52 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-17 21:52 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-17 21:52 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-17 21:52 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-17 21:52 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-17 21:52 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-17 21:52 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-17 21:52 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-17 21:52 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-17 21:52 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-17 21:52 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-17 21:52 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-17 21:52 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-17 21:52 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-17 21:52 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-17 21:46 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-17 21:46 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-17 21:46 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-17 21:46 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-17 21:46 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-17 21:46 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-17 21:46 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-17 21:46 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-17 21:46 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-17 21:46 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-17 21:46 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-17 21:38 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-17 21:38 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-17 21:38 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-17 21:38 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-17 21:38 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-17 21:38 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-16 05:02 - 2014-04-16 05:02 - 00354656 _____ (DivX, Inc.) C:\Windows\SysWOW64\DivXControlPanelApplet.cpl
2014-03-30 18:28 - 2014-03-07 16:38 - 00132608 _____ (OCZ Storage Solutions) C:\Windows\system32\OczTrimCoinstaller.dll
2014-03-30 18:28 - 2014-03-07 16:38 - 00075056 _____ (OCZ Storage Solutions) C:\Windows\system32\Drivers\ocz10xx.sys
2014-03-30 18:28 - 2014-03-07 16:38 - 00018400 _____ (OCZ Storage Solutions) C:\Windows\system32\Drivers\ocztrimfilter.sys

==================== One Month Modified Files and Folders =======

2014-04-27 16:04 - 2014-04-27 16:04 - 00025598 _____ () C:\Users\GrenSo\Desktop\FRST.txt
2014-04-27 16:04 - 2014-04-23 19:26 - 00000000 ____D () C:\FRST
2014-04-27 16:01 - 2014-04-27 16:01 - 00000864 _____ () C:\Users\GrenSo\Desktop\checkup.txt
2014-04-27 16:00 - 2013-03-04 09:00 - 00116083 _____ () C:\Users\GrenSo\Network_Meter_Data.js
2014-04-27 12:00 - 2009-07-14 19:58 - 00786872 _____ () C:\Windows\system32\perfh007.dat
2014-04-27 12:00 - 2009-07-14 19:58 - 00181826 _____ () C:\Windows\system32\perfc007.dat
2014-04-27 12:00 - 2009-07-14 07:13 - 01837466 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-27 11:58 - 2009-07-14 06:45 - 00015120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-27 11:58 - 2009-07-14 06:45 - 00015120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-27 11:52 - 2014-01-07 20:47 - 01962957 _____ () C:\Windows\WindowsUpdate.log
2014-04-27 11:52 - 2013-10-15 19:15 - 00049219 _____ () C:\Users\GrenSo\IP_Log_Data.js
2014-04-27 11:51 - 2014-02-09 20:32 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-27 11:51 - 2012-09-16 23:01 - 00000000 ____D () C:\Program Files\PeerBlock
2014-04-27 11:50 - 2014-04-23 07:54 - 00000896 _____ () C:\Windows\setupact.log
2014-04-27 11:50 - 2013-03-06 20:38 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-27 11:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-26 20:22 - 2013-03-04 09:36 - 00000026 _____ () C:\Users\GrenSo\AppData\Roaming\Network Meter_Usage.ini
2014-04-26 18:04 - 2014-04-24 19:44 - 00000000 ____D () C:\Users\GrenSo\Desktop\FRST
2014-04-26 18:03 - 2014-04-26 18:03 - 00855379 _____ () C:\Users\GrenSo\Desktop\SecurityCheck.exe
2014-04-26 10:31 - 2014-02-09 20:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-25 21:59 - 2014-04-25 21:59 - 00000000 ____D () C:\Users\GrenSo\Desktop\JRT
2014-04-25 21:34 - 2012-09-16 19:50 - 00000000 ____D () C:\Program Files (x86)\SRWare Iron
2014-04-25 21:17 - 2014-04-25 21:17 - 00000000 ____D () C:\Windows\ERUNT
2014-04-25 21:12 - 2013-11-24 21:36 - 00000000 ____D () C:\AdwCleaner
2014-04-25 21:11 - 2013-09-25 18:55 - 00000000 ____D () C:\Program Files (x86)\AdwCleaner
2014-04-25 21:09 - 2014-04-25 21:09 - 00000486 _____ () C:\Users\GrenSo\Desktop\mbam.txt
2014-04-25 19:51 - 2014-04-25 19:51 - 01016261 _____ (Thisisu) C:\Users\GrenSo\Desktop\JRT.exe
2014-04-25 19:24 - 2013-03-23 22:12 - 00000000 ____D () C:\Program Files\McAfee AVERT Stinger
2014-04-25 00:53 - 2012-09-17 08:12 - 00000000 ____D () C:\Users\GrenSo\SecurityScans
2014-04-25 00:49 - 2014-04-25 00:49 - 00000000 _____ () C:\Windows\SysWOW64\FAP50E4.tmp
2014-04-25 00:48 - 2014-04-25 00:48 - 00000000 _____ () C:\Windows\SysWOW64\FAPB99.tmp
2014-04-25 00:46 - 2014-04-25 00:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP49DE.tmp
2014-04-25 00:34 - 2014-04-25 00:34 - 00000000 _____ () C:\Windows\SysWOW64\FAP3B4C.tmp
2014-04-25 00:29 - 2014-04-25 00:29 - 00000000 _____ () C:\Windows\SysWOW64\FAPD68F.tmp
2014-04-25 00:29 - 2014-04-25 00:29 - 00000000 _____ () C:\Windows\SysWOW64\FAPC435.tmp
2014-04-25 00:29 - 2014-04-25 00:29 - 00000000 _____ () C:\Windows\SysWOW64\FAPB796.tmp
2014-04-25 00:29 - 2014-04-25 00:29 - 00000000 _____ () C:\Windows\SysWOW64\FAP7D04.tmp
2014-04-25 00:27 - 2014-04-25 00:27 - 00000000 _____ () C:\Windows\SysWOW64\FAPBDB9.tmp
2014-04-25 00:27 - 2014-04-25 00:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP7D1F.tmp
2014-04-25 00:17 - 2014-04-25 00:17 - 00000000 _____ () C:\Windows\SysWOW64\FAP69EB.tmp
2014-04-25 00:11 - 2014-04-25 00:11 - 00000000 ____D () C:\Users\GrenSo\AppData\Local\CrashRpt
2014-04-25 00:11 - 2011-01-01 15:00 - 00000000 ____D () C:\Users\GrenSo\Documents\My Games
2014-04-24 23:30 - 2012-09-16 23:06 - 00000000 ____D () C:\Program Files\Paint.NET
2014-04-24 23:19 - 2013-11-05 00:56 - 00000000 ____D () C:\ProgramData\ProductData
2014-04-24 20:40 - 2014-04-24 20:40 - 00000000 ____D () C:\Users\GrenSo\Desktop\ComboFix
2014-04-24 20:18 - 2014-04-24 20:18 - 00047211 _____ () C:\ComboFix.txt
2014-04-24 20:18 - 2014-04-24 19:48 - 00000000 ____D () C:\Qoobox
2014-04-24 20:18 - 2014-04-24 19:48 - 00000000 ____D () C:\ComboFix
2014-04-24 20:13 - 2014-04-24 19:47 - 00000000 ____D () C:\Windows\erdnt
2014-04-24 20:12 - 2014-04-23 23:58 - 00001844 _____ () C:\Windows\PFRO.log
2014-04-24 20:12 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-24 19:44 - 2014-04-24 19:44 - 05196870 ____R (Swearware) C:\Users\GrenSo\Desktop\ComboFix.exe
2014-04-24 19:42 - 2014-04-23 19:24 - 02061824 _____ (Farbar) C:\Users\GrenSo\Desktop\FRST64.exe
2014-04-24 19:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-24 18:59 - 2012-09-16 22:32 - 00000000 ____D () C:\ProgramData\DivX
2014-04-24 18:58 - 2012-09-16 22:33 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-04-24 18:56 - 2012-09-16 22:22 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-24 00:26 - 2012-09-17 01:59 - 00000000 ____D () C:\Program Files (x86)\AIDA64 Extreme Edition
2014-04-24 00:23 - 2013-04-06 15:44 - 00000000 ____D () C:\Program Files (x86)\Rufus
2014-04-23 23:58 - 2012-09-16 19:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-23 23:58 - 2012-09-16 18:15 - 00000000 ____D () C:\Program Files\WinRAR
2014-04-23 23:09 - 2014-02-07 14:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-23 20:42 - 2012-09-28 18:47 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hardware
2014-04-23 20:37 - 2012-09-16 21:04 - 00000000 ____D () C:\Program Files\Lx_cats
2014-04-23 18:57 - 2014-04-23 18:57 - 00000000 ____D () C:\Program Files (x86)\TP-LINK
2014-04-23 07:54 - 2014-04-23 07:54 - 05153400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-23 07:54 - 2014-04-23 07:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-23 01:17 - 2014-04-23 01:17 - 00146320 _____ () C:\Users\GrenSo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-23 00:00 - 2012-10-19 19:07 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-04-22 23:58 - 2012-09-28 18:47 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System
2014-04-22 23:36 - 2014-04-22 23:36 - 00000000 _____ () C:\Users\GrenSo\defogger_reenable
2014-04-22 23:36 - 2012-09-16 17:23 - 00000000 ____D () C:\Users\GrenSo
2014-04-22 23:25 - 2012-11-20 20:09 - 00000000 ____D () C:\Program Files (x86)\AnvilBenchmark
2014-04-22 23:04 - 2014-04-22 23:04 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-04-22 23:04 - 2014-04-22 23:04 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Apple Computer
2014-04-22 23:01 - 2014-04-22 23:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-21 20:56 - 2012-09-16 19:00 - 00000000 ____D () C:\Users\GrenSo\AppData\Local\Adobe
2014-04-21 20:09 - 2012-09-19 21:14 - 00000000 ____D () C:\Program Files (x86)\XMedia Recode
2014-04-21 19:57 - 2014-04-21 20:07 - 00002122 _____ () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Endpoint Antivirus.lnk
2014-04-21 19:47 - 2014-01-17 19:50 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\ProductData
2014-04-21 19:47 - 2013-10-06 20:30 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\vlc
2014-04-21 19:47 - 2013-09-27 20:00 - 00000000 ____D () C:\Program Files (x86)\AntiLogger
2014-04-21 19:47 - 2013-02-08 20:15 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\QFX Software
2014-04-21 19:47 - 2013-02-08 20:15 - 00000000 ____D () C:\ProgramData\QFX Software
2014-04-21 19:47 - 2013-01-11 23:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-21 19:47 - 2012-09-16 19:49 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\TeraCopy
2014-04-21 19:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-18 21:08 - 2014-04-18 21:08 - 00000000 ____D () C:\ProgramData\ESET
2014-04-18 21:08 - 2014-04-18 21:08 - 00000000 ____D () C:\Program Files\ESET
2014-04-18 20:47 - 2012-09-16 18:22 - 00000000 ____D () C:\ProgramData\Razer
2014-04-18 20:46 - 2012-09-18 21:49 - 00000000 ____D () C:\Program Files (x86)\Alternative Flash Player Auto-Updater
2014-04-18 20:41 - 2014-04-18 20:41 - 00000000 __SHD () C:\Users\GrenSo\AppData\Local\EmieUserList
2014-04-18 20:41 - 2014-04-18 20:41 - 00000000 __SHD () C:\Users\GrenSo\AppData\Local\EmieSiteList
2014-04-18 20:18 - 2012-09-16 18:58 - 00001485 _____ () C:\Users\GrenSo\AppData\Roaming\Network Meter_Settings.ini
2014-04-18 19:18 - 2014-04-18 19:18 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-04-18 19:18 - 2014-04-18 19:18 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-04-18 19:18 - 2012-09-16 18:17 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-04-18 19:05 - 2013-11-12 23:10 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-04-18 19:04 - 2014-04-18 19:04 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-04-18 19:04 - 2014-04-18 19:04 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 02037336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 01033304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-04-18 19:04 - 2014-04-18 19:04 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-04-18 19:04 - 2014-04-18 19:04 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-04-18 19:01 - 2012-11-23 21:14 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\TeamViewer
2014-04-18 19:01 - 2012-09-28 19:09 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Editoren
2014-04-18 19:01 - 2012-09-28 18:47 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bildbearbeitung
2014-04-18 19:01 - 2012-09-28 18:46 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download
2014-04-18 19:01 - 2012-09-19 21:26 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3D Animation
2014-04-18 17:57 - 2012-09-16 20:26 - 00000000 ____D () C:\Users\GrenSo\.VirtualBox
2014-04-18 17:50 - 2012-10-14 12:42 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2014-04-18 17:44 - 2014-04-18 17:44 - 00002181 _____ () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-04-18 17:42 - 2013-02-12 19:48 - 00000000 ____D () C:\Program Files\FreeFixer
2014-04-18 17:41 - 2012-12-27 15:43 - 00000000 ____D () C:\ProgramData\IObit
2014-04-18 17:37 - 2013-10-18 11:59 - 00000000 ____D () C:\Program Files\Wireshark
2014-04-18 17:37 - 2012-09-16 17:23 - 00000000 ___RD () C:\Users\GrenSo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-18 17:35 - 2014-04-18 17:35 - 00000000 __HDC () C:\ProgramData\{727C5CC8-3A5E-4517-BA8B-35A93F9B2EBD}
2014-04-18 17:35 - 2013-09-27 20:00 - 00049752 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\AntiLog64.sys
2014-04-18 17:33 - 2014-03-20 00:05 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-18 17:33 - 2014-01-15 01:54 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-18 17:33 - 2014-01-15 01:54 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-18 17:33 - 2014-01-15 01:54 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-18 17:32 - 2012-09-24 11:09 - 00000000 ____D () C:\Program Files\Adobe
2014-04-18 17:29 - 2013-09-13 20:07 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-18 17:29 - 2013-03-05 09:11 - 00000000 ____D () C:\Program Files\Java
2014-04-18 17:29 - 2013-01-14 01:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-18 17:28 - 2014-04-18 17:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-18 17:28 - 2014-04-18 17:28 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-18 17:28 - 2014-04-18 17:28 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-18 17:28 - 2014-04-18 17:28 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-18 17:26 - 2012-09-16 22:57 - 00000000 ____D () C:\Program Files (x86)\EditPlus 3
2014-04-18 17:23 - 2014-01-10 19:54 - 00000000 ____D () C:\Program Files (x86)\AppRemover
2014-04-18 17:22 - 2013-04-20 10:58 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
2014-04-18 17:20 - 2012-09-26 20:50 - 00000000 ____D () C:\Program Files\Network Scanner
2014-04-18 17:18 - 2012-09-24 11:09 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-04-18 17:18 - 2012-09-17 20:02 - 00000000 ____D () C:\Program Files (x86)\Passbild-Generator
2014-04-18 17:17 - 2012-09-16 23:05 - 00000000 ____D () C:\Program Files (x86)\XnView
2014-04-18 17:15 - 2013-07-02 20:48 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-18 17:15 - 2012-09-16 19:00 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-18 17:15 - 2012-09-16 18:35 - 00000000 ____D () C:\Users\GrenSo\AppData\Roaming\Adobe
2014-04-18 17:14 - 2013-11-03 12:34 - 00000000 ____D () C:\Program Files\CrystalDiskInfo
2014-04-18 17:13 - 2013-03-09 15:59 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-18 17:13 - 2013-03-09 15:59 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-18 16:48 - 2014-04-18 16:51 - 00000513 _____ () C:\Users\GrenSo\Documents\indexfile.txt
2014-04-18 14:03 - 2014-02-09 20:32 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-18 14:03 - 2014-02-09 20:32 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-18 14:03 - 2012-09-17 19:04 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-17 22:47 - 2013-05-24 20:01 - 00000000 ____D () C:\ProgramData\Vodafone
2014-04-17 22:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-17 21:52 - 2013-07-09 20:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-17 21:46 - 2012-09-16 20:01 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-17 21:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-16 05:02 - 2014-04-16 05:02 - 00354656 _____ (DivX, Inc.) C:\Windows\SysWOW64\DivXControlPanelApplet.cpl
2014-04-14 04:24 - 2014-04-22 23:01 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-04-22 23:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

Files to move or delete:
====================
C:\Users\GrenSo\IP_Log_Data.js
C:\Users\GrenSo\Network_Meter_Data.js


Some content of TEMP:
====================
C:\Users\GrenSo\AppData\Local\Temp\NEventMessages.dll
C:\Users\GrenSo\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\GrenSo\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-24 00:15

==================== End Of Log ============================

--- --- ---

Derzeit hab ich mit dem Aufruf von Webseite keine Probleme mehr bzw. hab bisher nicht wieder dieses ungewöhnliche Verhalten feststellen können.

schrauber · 28.04.2014, 08:43

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

GrenSo · 28.04.2014, 11:49

Bevor ich dies alles durchführe, hab ich noch die Frage was mit den Systemordnern ist, die seit der Ausführung von "Combofix" ersichtlich sind und daher wohl dessen Attribute geändert wurden? Sind diese nach der Deinstallation von "Combofix" wieder in Ihrem Ursprungszustand oder werden diese so bleiben, wie Sie jetzt sind (siehe Post 7)?

GrenSo · 28.04.2014, 18:37

Hab jetzt Deine letzten Schritte durchgeführt und augenscheinlich sind alle von Dir genannten Scanner wieder vom System entfernt, jedoch sieht z.B. meine C-Partition durch die nun sichtbaren Systemorder (siehe Anhang für Beispiel C und E-Partition/Festplatte) noch sehr ungewohnt aus. An Hand der Ordneroptionen sind derzeit versteckte und auch Systemordner ausgeblendet aber sie sind ja dennoch zu sehen und dies ist von Windoof aus ja nicht normal.
Wie bekomme ich nun deren Attribute, welche anscheinend durch die Nutzung von Combofix geändert wurden, in dessen ursprünglichen Zustand zurück?

schrauber · 29.04.2014, 17:14

Zitat:

An Hand der Ordneroptionen sind derzeit versteckte und auch Systemordner ausgeblendet

sicher?

unregelmäßige aber stätige Ladefehler von Webseiten

Plagegeister aller Art und deren Bekämpfung: unregelmäßige aber stätige Ladefehler von Webseiten