Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Verdacht auf einen bösen Trojaner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 16.05.2014, 15:24   #1
FunkySimonp
 
Verdacht auf einen bösen Trojaner - Standard

Verdacht auf einen bösen Trojaner



Hey Leute,
Ich habe schon seit längerer Zeit das Gefühl, mir einen Trojaner eingefangen zu haben.
Denn, vor kurzer zeit wurde mein Facebook Account gehackt dann hab ich erstmal die Email-Adresse und das Passwort geändert. Mein Virenprogramm hat bisjetzt keine Viren gefunden und ich habe heute eine Nachricht bekommen wo ich mir überlege, nun eine Anzeige zu erstatten die Nachricht sah so aus:


Hallo ..., das hier ist ein Fakeprofil, von dem Facebook auch weiß. Mein Name ist Siegfried Keller von der Kriminalpolizei in .... Wir haben extra diesen Weg gewählt dich zu kontaktieren, da wir Tätern unter 18 Jahren noch eine Chance geben. Zeigst du dich koorperativ, werden wir den Weg über die Staatsanwalt auslassen. (Name), du wirst des Warenbetrugs und des Computerbetrugs beschuldigt, auch in deinem Alter gibt es hohe Strafen dafür, welche auch bei Ersttätern mit einer Haftstrafe ohne Bewährung gehandet werden können.
Kannst du uns etwas dazu sagen?
Falls du dich weigerst, schicke ich gerne 2 Kollegen zu dir, die dir und deiner Familie unangenehme Fragen zu den Vorfällen stellen werden.

MfG
KHK Keller

Facebook Profil:https://www.facebook.com/profile.php?id=100008275650806

Ich habe NIEMALS etwas mit Computer oder Warenbetrug zutun gehabt und frage mich woher diese Nachrichten kommen. Ich finde diese Nachricht zwar lächerlich,trotzdem fühle ich mich irgendwie verfolgt also übers Internet.Ich muss dringend wissen ob ich einen Trojaner habe da mein PC auch immer am Schreiben ist. Mein Virenprogramm zeigt keine Trojaner an. Bitte sagt mir wie ich den Trojaner wegbekomme. Es hat mir vor kurzem jemand über Skype eine Java Datei geschickt die habe ich geöffnet und seitdem ist das alles so wie es jetzt gerade ist! Ich bitte wirklich dringend um Hilfe. MfG Simon

Alt 16.05.2014, 15:28   #2
M-K-D-B
/// TB-Ausbilder
 
Verdacht auf einen bösen Trojaner - Standard

Verdacht auf einen bösen Trojaner






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
    Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!





Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________


Alt 16.05.2014, 15:37   #3
FunkySimonp
 
Verdacht auf einen bösen Trojaner - Standard

Verdacht auf einen bösen Trojaner



FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-05-2014
Ran by Simon (administrator) on SIMON-PC on 16-05-2014 16:33:33
Running from C:\Users\Simon\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Systweak Inc) C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
() C:\Users\Simon\AppData\Roaming\InetStat\inetstat.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
() C:\Program Files (x86)\CPUCooL\CPUCooL.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.88\deploy\LolClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\pmbxcrnmh.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1742064 2014-03-25] (Bitdefender)
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [819984 2014-03-06] (BlueStack Systems, Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-03-19] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-03-15] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-03-19] (Bitdefender)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2014-01-24] (Microsoft Corporation)
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20728480 2014-01-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [37664 2014-03-05] (Overwolf LTD)
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [window] => "C:\Program Files (x86)\Java\jre7\bin\javaw.exe" -jar "C:\Users\Simon\AppData\Roaming\archivos java\jar.B09"
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [InetStat] => C:\Users\Simon\AppData\Roaming\InetStat\inetstat.exe [1260648 2014-04-17] ()
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-03-19] (Bitdefender)
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-03-15] (Bitdefender)
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-03-19] (Bitdefender)
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [GoogleChromeAutoLaunch_5DAEC53D8C099B1094B921010676FA41] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [icq] => C:\Users\Simon\AppData\Roaming\ICQM\icq.exe [33664344 2014-02-13] (ICQ)
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\RunOnce: [Application Restart #3] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\MountPoints2: {4ebb7fb6-83a5-11e3-8e2c-f80f4115c497} - K:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Samsung Electronics Co., Ltd.)
Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CPUCooL.lnk
ShortcutTarget: CPUCooL.lnk -> C:\Program Files (x86)\CPUCooL\CPUCooL.exe ()
Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
ShortcutTarget: Curse.lnk -> C:\Users\Simon\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{D10E3A7A-0730-4774-8825-D3595DA11AC6}: [NameServer]192.168.178.235,192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Greasemonkey - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-05-11]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-04-25]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ []
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-04-25]

Chrome: 
=======
CHR Extension: (Bitdefender Wallet) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-04-24]
CHR Extension: (SiteAdvisor) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-05-13]
CHR Extension: (Google Wallet) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-17]
CHR Extension: (AntiBrowserSpy - SocialBlocker) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohfajmmkkdjdoaoncnnbgfoomiakgbd [2014-04-17]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-04-25]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-04-25]
CHR HKLM-x32\...\Chrome\Extension: [oohfajmmkkdjdoaoncnnbgfoomiakgbd] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Chrome.crx [2014-03-21]

==================== Services (Whitelisted) =================

R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-06] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-06] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-06] (BlueStack Systems, Inc.)
S2 CPUCooLServer; C:\Program Files (x86)\CPUCooL\CooLSrv.exe [743936 2011-12-01] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199032 2010-01-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [237056 2012-04-26] (Samsung Electronics Co., Ltd.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2138936 2014-03-20] (TuneUp Software)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1523728 2014-03-24] (Bitdefender)
S2 mfecore; "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe" [X]

==================== Drivers (Whitelisted) ====================

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2013-12-02] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2013-12-02] (BitDefender)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S4 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-06] (BlueStack Systems)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)
U5 mfencbdc; C:\Windows\System32\Drivers\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2014-04-03] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)
R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
S3 PAC7302; C:\Windows\SysWOW64\DRIVERS\PAC7302.SYS [454656 2007-11-08] (PixArt Imaging Inc.)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-01-23] ()
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-02-10] (TuneUp Software)
S3 wolfkr; C:\AeriaGames\WolfTeam-DE\avital\wolfk64.sys [86352 2014-04-14] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-16 16:33 - 2014-05-16 16:33 - 02067456 _____ (Farbar) C:\Users\Simon\Downloads\FRST64.exe
2014-05-16 16:33 - 2014-05-16 16:33 - 00024857 _____ () C:\Users\Simon\Downloads\FRST.txt
2014-05-16 16:33 - 2014-05-16 16:33 - 00000000 ____D () C:\FRST
2014-05-15 21:26 - 2014-05-16 10:16 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-05-14 22:02 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 22:02 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 22:02 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 22:02 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 22:02 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 22:02 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 18:00 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 18:00 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 17:59 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 17:59 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 17:59 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 17:59 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 17:59 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 17:59 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 17:59 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 17:59 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 17:59 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 17:59 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 17:59 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 17:59 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 17:59 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 17:59 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 17:59 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 17:59 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 17:59 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 17:59 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 17:59 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 17:59 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 17:59 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 17:59 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 17:59 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 17:59 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 17:59 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 17:59 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 17:59 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 17:59 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 17:59 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 17:59 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 17:59 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 01:29 - 2014-05-13 01:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-11 18:46 - 2014-05-11 18:58 - 00230432 _____ () C:\PA7302.DAT
2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\Windows\PixArt
2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CANYON USB PC CAMERA
2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\Program Files (x86)\ANC
2014-05-11 18:41 - 2007-11-08 10:30 - 00454656 _____ (PixArt Imaging Inc.) C:\Windows\SysWOW64\Drivers\PAC7302.sys
2014-05-11 18:41 - 2007-11-08 10:29 - 00527872 _____ (PixArt Imaging Inc.) C:\Windows\system32\Drivers\PAC7302.SYS
2014-05-11 18:41 - 2007-11-02 11:07 - 00008704 _____ (PixArt Imaging Inc.) C:\Windows\system32\CoInst_071029.dll
2014-05-11 18:41 - 2007-10-30 17:48 - 00129024 _____ (PixArt Imaging Incorporation) C:\Windows\SysWOW64\SP7302.ax
2014-05-11 18:41 - 2007-03-20 16:44 - 00000566 _____ () C:\Windows\SysWOW64\SP7302.ini
2014-05-11 18:41 - 2006-10-12 11:57 - 00014336 _____ (PixArt Imaging Inc.) C:\Windows\SysWOW64\P7302USD.dll
2014-05-11 18:41 - 2004-11-22 13:37 - 00040960 _____ () C:\Windows\98Setup.exe
2014-05-11 18:41 - 2000-06-08 17:00 - 00119568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KSPRbac9.rra
2014-05-11 18:40 - 2014-05-11 18:40 - 05611298 _____ () C:\Users\Simon\Downloads\CNR-WCAM53_Drv_XPVW32.zip
2014-05-11 16:31 - 2014-05-11 16:32 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (3) (1).crx
2014-05-11 16:31 - 2014-05-11 16:31 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader (1).exe
2014-05-11 16:31 - 2014-05-11 16:31 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (3).crx
2014-05-11 16:31 - 2014-05-11 16:31 - 00143081 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0.zip
2014-05-11 16:31 - 2014-03-28 17:58 - 00155577 _____ () C:\Users\Simon\Desktop\proxtube_1.3.0.crx
2014-05-11 16:29 - 2014-05-11 16:29 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader.exe
2014-05-11 16:29 - 2014-05-11 16:29 - 00105903 _____ () C:\Users\Simon\Downloads\chrome-youtube-downloader-2.6.20.crx
2014-05-11 16:29 - 2014-05-11 16:29 - 00099158 _____ () C:\Users\Simon\Downloads\chrome-youtube-downloader-2.6.20.zip
2014-05-11 16:29 - 2013-12-25 03:36 - 00105903 _____ () C:\Users\Simon\Desktop\chrome-youtube-downloader-2.6.20.crx
2014-05-11 16:23 - 2014-05-11 16:23 - 00279792 _____ () C:\Users\Simon\Downloads\YouTube-Unblocker-055.zip
2014-05-11 16:22 - 2014-05-11 16:22 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\YouTube-Unblocker-055 - CHIP-Downloader.exe
2014-05-11 16:07 - 2014-05-11 16:18 - 230403208 _____ (COMODO) C:\Users\Simon\Downloads\cfw_installer_5732_83.exe
2014-05-11 16:07 - 2014-05-11 16:07 - 00686664 _____ ( ) C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_cfw_installer_5732_83.exe
2014-05-11 16:02 - 2014-05-11 16:02 - 07198344 _____ (Goversoft LLC) C:\Users\Simon\Downloads\privazer_free (1).exe
2014-05-11 16:02 - 2014-05-11 16:02 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Opera Software
2014-05-11 16:02 - 2014-05-11 16:02 - 00000000 ____D () C:\Users\Simon\AppData\Local\Opera Software
2014-05-11 15:57 - 2014-05-11 15:57 - 00001225 _____ () C:\Users\Simon\Desktop\Die Installation von Domingo fortsetzen.lnk
2014-05-11 15:56 - 2014-05-16 10:17 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-05-11 15:51 - 2014-05-11 15:51 - 00295232 _____ () C:\Windows\Minidump\051114-20716-01.dmp
2014-05-11 15:49 - 2014-05-11 16:03 - 00000000 ____D () C:\Program Files (x86)\PrivaZer
2014-05-11 15:48 - 2014-05-11 16:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-11 15:48 - 2014-05-11 15:48 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-05-11 15:48 - 2014-05-11 15:48 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-05-11 15:48 - 2014-05-11 15:48 - 00001137 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-05-11 15:48 - 2014-05-11 15:48 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-05-11 15:47 - 2014-05-16 15:01 - 00000276 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-05-11 15:47 - 2014-05-11 15:52 - 00000284 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-05-11 15:47 - 2014-05-11 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2014-05-11 15:47 - 2014-05-11 15:48 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Systweak
2014-05-11 15:47 - 2014-05-11 15:47 - 00003026 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2014-05-11 15:47 - 2014-05-11 15:47 - 00002870 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2014-05-11 15:47 - 2014-05-11 15:47 - 00001209 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-05-11 15:47 - 2014-05-11 15:47 - 00001058 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-05-11 15:47 - 2014-05-11 15:47 - 00000000 ____D () C:\ProgramData\Systweak
2014-05-11 15:47 - 2014-05-11 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-05-11 15:47 - 2014-05-11 15:47 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-05-11 15:47 - 2014-05-11 15:47 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-05-11 15:47 - 2014-04-25 14:49 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-05-11 15:47 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe
2014-05-11 15:34 - 2014-05-11 15:34 - 00339543 _____ () C:\Users\Simon\Downloads\Ask-Fm-Autolike.rar
2014-05-08 13:02 - 2014-05-08 13:02 - 00000000 ____D () C:\Users\Simon\AppData\Local\WarThunder
2014-05-08 13:02 - 2014-05-08 13:02 - 00000000 ____D () C:\ProgramData\WarThunder
2014-05-08 13:01 - 2014-05-08 14:39 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-05-08 13:01 - 2014-05-08 13:01 - 04124808 _____ (Gaijin Entertainment ) C:\Users\Simon\Downloads\wt_launcher_doi_1.0.1.355.exe
2014-05-08 13:01 - 2014-05-08 13:01 - 00001109 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-05-08 13:01 - 2014-05-08 13:01 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-05-08 00:32 - 2014-05-08 00:34 - 00053504 _____ () C:\Users\Simon\Downloads\bootkit_remover.zip
2014-05-06 19:21 - 2014-05-06 20:23 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\tor
2014-05-06 19:15 - 2014-05-06 19:17 - 26815695 _____ () C:\Users\Simon\Downloads\torbrowser-install-3.6_en-US.exe
2014-05-03 19:41 - 2014-05-03 19:41 - 00000000 ____D () C:\Users\Simon\AppData\Local\EdgeOfReality
2014-05-03 19:41 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-05-03 19:41 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-05-03 19:41 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-05-03 19:41 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-05-03 19:40 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-05-03 19:40 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-05-03 19:02 - 2014-05-03 19:02 - 00000219 _____ () C:\Users\Simon\Desktop\Dota 2.url
2014-05-03 18:47 - 2014-05-03 18:47 - 00000222 _____ () C:\Users\Simon\Desktop\Loadout.url
2014-05-03 18:29 - 2014-05-08 13:01 - 00000000 ____D () C:\Users\Simon\Documents\My Games
2014-05-03 18:18 - 2014-05-03 19:02 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-03 18:18 - 2014-05-03 18:18 - 00000222 _____ () C:\Users\Simon\Desktop\Epigenesis.url
2014-05-03 17:54 - 2014-05-04 13:43 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-03 17:54 - 2014-05-03 17:54 - 01141680 _____ () C:\Users\Simon\Downloads\SteamSetup.exe
2014-05-03 17:54 - 2014-05-03 17:54 - 00000971 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-05-03 17:54 - 2014-05-03 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-03 17:51 - 2014-05-03 17:51 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup (2).exe
2014-05-03 17:51 - 2014-05-03 17:51 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup (1).exe
2014-05-03 17:43 - 2014-05-03 17:44 - 00000999 _____ () C:\Users\Public\Desktop\MultIV.lnk
2014-05-03 17:43 - 2014-05-03 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultIV
2014-05-03 17:43 - 2014-05-03 17:44 - 00000000 ____D () C:\Program Files (x86)\MultIV
2014-05-03 17:43 - 2014-05-03 17:43 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\MultIV
2014-05-03 17:42 - 2014-05-03 17:42 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup.exe
2014-05-03 17:39 - 2014-05-03 17:39 - 04954736 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\WindowsUpgradeAssistant.exe
2014-05-03 17:34 - 2014-05-03 17:35 - 36965680 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\IE9-Windows7-x64-deu.exe
2014-05-03 17:01 - 2014-05-03 17:01 - 17532198 _____ () C:\Users\Simon\Downloads\1355067475iCEnhancer2_1FINAL.zip
2014-05-03 05:14 - 2014-05-03 05:14 - 97580750 _____ () C:\Users\Simon\Downloads\Seven Reel's Realistic ENB v1.5b.zip
2014-05-03 05:06 - 2014-05-03 05:06 - 19677675 _____ () C:\Users\Simon\Downloads\Fighter Jet P-996 Lazer 3.zip
2014-05-03 05:05 - 2014-05-03 05:05 - 00717632 _____ () C:\Users\Simon\Downloads\scripthookdotnet_v1.7.1.7b.zip
2014-05-03 04:52 - 2014-05-03 04:52 - 00000000 ____D () C:\Users\Simon\Desktop\Backup
2014-05-03 04:50 - 2014-05-03 04:53 - 89876480 _____ () C:\Users\Simon\Desktop\vehicles.img
2014-05-03 04:50 - 2014-05-03 04:50 - 00000000 ____D () C:\Users\Simon\Desktop\Infernus
2014-05-03 04:49 - 2014-05-03 04:49 - 00000000 ____D () C:\Users\Simon\Desktop\SparkIV
2014-05-03 04:48 - 2014-05-03 04:48 - 01540953 _____ () C:\Users\Simon\Downloads\SparkIV 0.6.6.zip
2014-05-03 04:46 - 2014-05-03 04:46 - 04695532 _____ () C:\Users\Simon\Downloads\1398374770_ageraone.rar
2014-05-03 03:32 - 2014-05-03 03:32 - 00000000 ____D () C:\Users\Simon\Documents\Games for Windows - LIVE Demos
2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-05-03 03:29 - 2014-05-03 03:29 - 00642712 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\gfwlive35setup.exe
2014-05-03 03:29 - 2014-05-03 03:29 - 00642712 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\gfwlive35setup (1).exe
2014-05-01 19:04 - 2014-05-01 19:04 - 00081626 _____ () C:\Users\Simon\Documents\Unit 1.voc
2014-05-01 19:04 - 2014-05-01 19:04 - 00081626 _____ () C:\Users\Simon\Desktop\Unit 1.voc
2014-05-01 17:09 - 2014-05-01 17:09 - 04044159 _____ () C:\Users\Simon\Downloads\1259416463_ProVehicleModv1.0.1.zip
2014-05-01 16:30 - 2014-05-01 16:30 - 00001027 _____ () C:\Users\Public\Desktop\Domingo 2.lnk
2014-05-01 16:30 - 2014-05-01 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Domingo 2
2014-05-01 16:30 - 2014-05-01 16:30 - 00000000 ____D () C:\Program Files (x86)\Domingo 2
2014-05-01 16:29 - 2014-05-01 16:29 - 04241516 _____ (Patrick Diekmann ) C:\Users\Simon\Downloads\setup.exe
2014-05-01 16:29 - 2014-05-01 16:29 - 00728032 _____ () C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_setup.exe
2014-05-01 15:56 - 2014-05-01 15:56 - 01138458 _____ () C:\Users\Simon\Downloads\1385372962_Space Shuttle.rar
2014-05-01 15:34 - 2014-05-01 15:35 - 00072097 _____ () C:\Users\Simon\Downloads\xliveless - v0.999b7 (patch 1.0.7.0. and EFLC 1.1.2.0).zip
2014-05-01 15:26 - 2014-05-01 15:26 - 02662221 _____ () C:\Users\Simon\Downloads\1310225693_Simple Native Trainer v.6.3.rar
2014-05-01 13:34 - 2014-05-01 13:34 - 00000000 ____D () C:\Users\Simon\Documents\Rockstar Games
2014-05-01 13:31 - 2014-05-01 13:31 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-05-01 13:30 - 2014-05-01 13:30 - 04776440 _____ () C:\Users\Simon\Downloads\LaunchGTAIV.zip
2014-05-01 13:25 - 2014-05-01 13:25 - 00000000 ____D () C:\Users\Simon\AppData\Local\Rockstar Games
2014-05-01 13:24 - 2014-05-01 13:24 - 00000000 __RHD () C:\Users\Simon\AppData\Roaming\SecuROM
2014-05-01 03:46 - 2014-05-01 03:53 - 20725128 _____ () C:\Users\Simon\Downloads\MMM_PT._vlad.7z
2014-05-01 01:13 - 2014-05-03 01:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-28 20:55 - 2014-04-28 20:55 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (2).crx
2014-04-28 20:53 - 2014-04-28 20:53 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (1).crx
2014-04-28 20:52 - 2014-04-28 20:52 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0.crx
2014-04-25 22:05 - 2014-04-25 22:05 - 00000000 ____D () C:\Users\Simon\AppData\Local\GGC
2014-04-25 22:03 - 2012-10-09 19:30 - 05570560 _____ (GGC) C:\Users\Simon\Desktop\Gordonsys 2.0.exe
2014-04-25 22:01 - 2014-04-25 22:03 - 05570641 _____ () C:\Users\Simon\Downloads\Gordonsys2.0.rar
2014-04-25 21:41 - 2014-04-25 21:41 - 00550296 _____ () C:\ProgramData\1398454570.bdinstall.bin
2014-04-25 21:40 - 2014-04-26 21:41 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Bitdefender
2014-04-25 21:40 - 2014-04-25 21:40 - 00002194 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2014-04-25 21:40 - 2014-04-25 21:40 - 00002075 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk
2014-04-25 21:40 - 2014-04-25 21:40 - 00000684 ____H () C:\bdr-cf01
2014-04-25 21:40 - 2014-04-25 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender
2014-04-25 21:36 - 2014-04-25 21:40 - 00253404 ____H () C:\bdr-ld01
2014-04-25 21:36 - 2014-04-25 21:40 - 00009216 ____H () C:\bdr-ld01.mbr
2014-04-25 21:36 - 2013-09-24 15:38 - 46879860 ____H () C:\bdr-im01.gz
2014-04-25 21:36 - 2013-08-23 12:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-04-25 21:36 - 2013-08-13 12:38 - 03271472 ____H () C:\bdr-bz01
2014-04-25 21:36 - 2013-08-07 12:46 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-04-25 21:34 - 2014-05-15 21:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-25 21:18 - 2014-04-25 21:18 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\MVH
2014-04-25 02:34 - 2014-04-25 02:34 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-04-25 00:53 - 2014-04-25 21:18 - 01373184 _____ () C:\Users\Simon\Desktop\MVH Loader.exe
2014-04-25 00:53 - 2014-04-25 00:53 - 01108568 _____ () C:\Users\Simon\Downloads\MVH Loader.zip
2014-04-25 00:47 - 2014-04-25 00:47 - 04106679 _____ () C:\Users\Simon\Downloads\[Abs]Loader.rar
2014-04-25 00:34 - 2014-04-25 00:34 - 00000000 ____D () C:\ProgramData\Nexon
2014-04-25 00:28 - 2014-04-25 00:41 - 00000000 ____D () C:\Users\Simon\Desktop\Combat Arms Hack
2014-04-25 00:24 - 2014-04-25 00:24 - 00001634 _____ () C:\Users\Public\Desktop\Combat Arms EU.lnk
2014-04-25 00:24 - 2014-04-25 00:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
2014-04-25 00:21 - 2014-04-25 00:40 - 00000000 ____D () C:\ProgramData\NexonEU
2014-04-25 00:21 - 2014-04-25 00:21 - 00000000 ____D () C:\Nexon
2014-04-24 23:52 - 2014-04-25 00:13 - 1967289647 _____ (Nexon) C:\Users\Simon\Desktop\Combatarms_eu.exe
2014-04-24 23:51 - 2014-04-24 23:51 - 10552296 _____ (Akamai Technologies, Inc.) C:\Users\Simon\Downloads\NexonEU_Installer.exe
2014-04-24 23:50 - 2014-04-24 23:50 - 01617203 _____ () C:\Users\Simon\Downloads\[ghbsys.net] Public-Client.zip
2014-04-24 22:10 - 2014-04-24 22:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2014-04-24 22:09 - 2014-04-24 22:09 - 00001474 _____ () C:\Users\Public\Desktop\Bloodline Champions.lnk
2014-04-24 22:09 - 2014-04-24 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodline Champions
2014-04-24 22:08 - 2014-04-24 22:08 - 00000000 ____D () C:\Program Files (x86)\Stunlock Studios
2014-04-24 22:03 - 2014-04-24 22:08 - 363876296 _____ (Stunlock Studios ) C:\Users\Simon\Downloads\bloodline-champions_25983.exe
2014-04-24 22:03 - 2014-04-24 22:03 - 01062288 _____ () C:\Users\Simon\Downloads\Bloodline-Champions-lnstall.exe
2014-04-24 19:33 - 2014-04-24 19:33 - 10768896 _____ () C:\Users\Simon\Downloads\Wolfteam INV Hack AUG 2013.exe
2014-04-24 19:25 - 2014-04-24 19:25 - 00058597 _____ () C:\Users\Simon\Downloads\Business.Card.Maker.8.0_CRK-FFF.zip
2014-04-24 19:22 - 2014-04-24 19:22 - 00077025 _____ () C:\Users\Simon\Downloads\CD244A3FE5B95DA446608BC56299A387E1A64734.torrent
2014-04-24 19:09 - 2014-03-20 14:44 - 00043320 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2014-04-24 19:09 - 2014-03-20 14:44 - 00036152 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2014-04-24 19:04 - 2014-04-24 19:04 - 00000000 ____D () C:\Users\Simon\Desktop\Programme;Spiele
2014-04-24 19:01 - 2014-04-24 19:08 - 00000000 ____D () C:\Users\Simon\Desktop\Programme
2014-04-24 19:00 - 2014-04-25 21:17 - 00000000 ____D () C:\Users\Simon\Desktop\Bilder
2014-04-24 18:59 - 2014-04-24 18:59 - 07307552 _____ () C:\Users\Simon\Downloads\bitdefender_isecurity.exe
2014-04-24 18:49 - 2014-05-01 13:11 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-04-24 18:42 - 2014-04-24 18:42 - 00002217 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2014-04-24 18:42 - 2014-04-24 18:42 - 00002209 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-04-24 18:42 - 2014-04-24 18:42 - 00002197 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TuneUp Software
2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Users\Simon\AppData\Local\TuneUp Software
2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-04-24 18:42 - 2014-03-20 14:44 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-04-24 18:42 - 2014-03-20 14:44 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-04-24 18:42 - 2014-03-20 14:44 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2014-04-24 18:41 - 2014-04-24 18:48 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-24 18:41 - 2014-04-24 18:43 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-24 18:41 - 2014-04-24 18:41 - 00074811 _____ () C:\Users\Simon\Downloads\TuneUp 2014 Keygen by Game24x.rar
2014-04-24 18:40 - 2014-04-24 18:41 - 27878824 _____ (TuneUp Software) C:\Users\Simon\Downloads\TuneUpUtilities2014_de2745-DE.exe
2014-04-24 18:32 - 2014-04-24 18:33 - 209715712 _____ () C:\Users\Simon\Desktop\Tresor.bvd
2014-04-24 17:32 - 2014-04-24 19:23 - 00000000 ____D () C:\Users\Simon\Downloads\Download.am
2014-04-24 17:32 - 2014-04-24 19:23 - 00000000 ____D () C:\Users\Simon\AppData\Local\download.am-data
2014-04-24 17:32 - 2014-04-24 17:32 - 00001053 _____ () C:\Users\Simon\Desktop\Download.am.lnk
2014-04-24 17:32 - 2014-04-24 17:32 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download.am
2014-04-24 17:31 - 2014-04-24 17:32 - 00000000 ____D () C:\Program Files (x86)\Download.am
2014-04-24 17:25 - 2014-04-24 17:25 - 13540177 _____ () C:\Users\Simon\Downloads\download.am-build233.zip
2014-04-24 17:20 - 2014-04-24 17:21 - 00000000 ____D () C:\Users\Simon\Desktop\RSDownloader
2014-04-24 17:20 - 2014-04-24 17:20 - 03028121 _____ () C:\Users\Simon\Downloads\RSD_0.61.zip
2014-04-24 17:20 - 2014-04-24 17:20 - 00000164 _____ () C:\Users\Simon\Downloads\40961pa16fh3627.rsdf
2014-04-24 17:19 - 2014-04-24 17:19 - 00000000 ____D () C:\Users\Simon\Desktop\JDownloader
2014-04-24 17:18 - 2014-04-24 17:18 - 31419822 _____ () C:\Users\Simon\Downloads\JDownloader.zip
2014-04-24 15:59 - 2014-04-24 15:59 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE (2).exe
2014-04-24 15:58 - 2014-04-24 15:58 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE.exe
2014-04-24 15:58 - 2014-04-24 15:58 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE (1).exe
2014-04-24 05:02 - 2014-04-24 05:02 - 00040805 _____ () C:\ProgramData\1398308156.bdinstall.bin
2014-04-24 04:55 - 2014-04-24 04:55 - 01147424 _____ () C:\Users\Simon\Downloads\bitdefender_antitheft.exe
2014-04-24 04:48 - 2014-04-24 04:48 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity (2).exe
2014-04-24 04:04 - 2014-04-24 04:04 - 00000000 ____D () C:\Users\Simon\AppData\Local\simon-p
2014-04-24 03:43 - 2014-04-24 03:43 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity (1).exe
2014-04-24 02:24 - 2014-04-24 02:24 - 00295296 _____ () C:\Windows\Minidump\042414-30264-01.dmp
2014-04-24 02:19 - 2014-04-24 02:19 - 00612157 _____ () C:\ProgramData\1398297261.bdinstall.bin
2014-04-24 02:19 - 2014-04-24 02:19 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-04-24 02:19 - 2014-04-24 02:19 - 00000385 _____ () C:\Users\Simon\AppData\Roaminguser_gensett.xml
2014-04-24 02:18 - 2014-04-24 02:19 - 00000000 ____D () C:\ProgramData\BDLogging
2014-04-24 02:18 - 2014-04-24 02:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-04-24 02:18 - 2009-07-15 00:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-04-24 02:17 - 2014-04-24 02:17 - 00283192 _____ (Mozilla) C:\Users\Simon\Downloads\Firefox Setup Stub 28.0 (1).exe
2014-04-24 02:17 - 2013-12-02 11:58 - 00635392 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-04-24 02:17 - 2013-12-02 11:56 - 00893440 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-04-24 02:17 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2014-04-24 02:17 - 2013-11-04 15:47 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-04-24 02:17 - 2013-02-22 18:46 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2014-04-24 02:17 - 2012-11-02 13:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-04-24 02:17 - 2012-04-17 13:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-04-24 02:17 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2014-04-24 01:54 - 2014-05-08 12:35 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\QuickScan
2014-04-24 01:54 - 2014-04-25 21:40 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-04-24 01:54 - 2014-04-24 02:57 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-04-24 01:54 - 2014-04-24 01:57 - 00000000 ____D () C:\Program Files\Bitdefender
2014-04-24 01:54 - 2013-11-04 15:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2014-04-24 01:54 - 2013-11-04 15:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2014-04-24 01:51 - 2014-04-25 21:36 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-04-24 01:51 - 2014-04-24 01:51 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity.exe
2014-04-22 22:49 - 2014-04-22 22:49 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieUserList
2014-04-22 22:49 - 2014-04-22 22:49 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieSiteList
2014-04-22 22:44 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-22 22:44 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-22 22:44 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-22 22:44 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-22 22:44 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-22 22:44 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-22 22:44 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-22 22:44 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-22 22:44 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-22 22:44 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-22 22:44 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-22 22:44 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-22 22:44 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-22 22:44 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-22 22:44 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-22 22:44 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-22 22:44 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-22 22:44 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-22 22:44 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-22 22:44 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-22 22:44 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-22 22:44 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-22 22:44 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-22 22:44 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-22 22:44 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-22 22:44 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-22 22:44 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-22 22:44 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-22 22:44 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-22 22:44 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-22 22:44 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-22 22:44 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-22 22:44 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-22 22:44 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-22 22:44 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-22 22:44 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-22 22:44 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-22 22:44 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-22 22:44 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-22 22:44 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-22 22:44 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-22 22:44 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-22 22:44 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-22 22:44 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-22 03:07 - 2014-04-22 03:07 - 00043012 _____ () C:\Users\Simon\Downloads\AimPoint.exe
2014-04-21 19:59 - 2014-05-01 00:13 - 00000000 ____D () C:\Users\Simon\AppData\Local\Thunderbird
2014-04-21 19:59 - 2014-04-21 19:59 - 21987424 _____ (Mozilla) C:\Users\Simon\Downloads\Thunderbird_Setup_de24.4.0.exe
2014-04-21 19:59 - 2014-04-21 19:59 - 00002106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-04-21 19:59 - 2014-04-21 19:59 - 00002094 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-04-21 19:59 - 2014-04-21 19:59 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Thunderbird
2014-04-20 19:07 - 2014-05-16 14:27 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 19:07 - 2014-04-20 19:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-20 19:07 - 2014-04-20 19:07 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-20 19:07 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-20 19:07 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-20 19:07 - 2014-04-20 19:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-20 19:07 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-20 19:07 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-20 19:07 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-20 14:09 - 2014-04-20 14:09 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-20 14:09 - 2014-04-20 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-18 16:00 - 2014-04-18 16:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204 (2).exe
2014-04-18 16:00 - 2014-04-18 16:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204 (1).exe
2014-04-18 16:00 - 2014-04-18 16:00 - 00016670 _____ () C:\Users\Simon\Downloads\hijackthis.log
2014-04-18 15:59 - 2014-04-18 15:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204.exe
2014-04-17 19:10 - 2014-05-03 03:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-17 19:10 - 2014-04-17 19:10 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-17 19:10 - 2014-04-17 19:10 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Mozilla
2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Users\Simon\AppData\Local\Mozilla
2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-17 19:09 - 2014-04-17 19:09 - 00283192 _____ (Mozilla) C:\Users\Simon\Downloads\Firefox Setup Stub 28.0.exe
2014-04-17 15:07 - 2014-04-18 16:00 - 00000000 ____D () C:\AdwCleaner
2014-04-17 15:07 - 2014-04-17 15:07 - 00000000 ____D () C:\Users\Simon\Downloads\AdwCleaner_TSA221R2W
2014-04-17 05:25 - 2014-04-17 05:25 - 00376264 _____ () C:\Users\Simon\Downloads\PricePeep (1).exe
2014-04-17 01:58 - 2014-04-24 03:12 - 00000000 ____D () C:\Users\Simon\AppData\Local\Genesis
2014-04-17 01:58 - 2014-04-17 01:58 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\InetStat
2014-04-17 01:58 - 2014-04-17 01:58 - 00000000 ____D () C:\Program Files (x86)\Rr Savings
2014-04-17 01:57 - 2014-04-20 19:16 - 00000000 ____D () C:\Program Files\002
2014-04-17 01:57 - 2014-04-17 01:57 - 00003162 _____ () C:\Windows\System32\Tasks\fsupdate
2014-04-16 21:52 - 2014-04-24 01:54 - 00000513 _____ () C:\Windows\wininit.ini
2014-04-16 21:50 - 2014-04-16 21:51 - 04924064 _____ (Systweak Inc ) C:\Users\Simon\Downloads\rcpsetup_2005_file.net_ab_DE-kTweak.exe

==================== One Month Modified Files and Folders =======

2014-05-16 16:33 - 2014-05-16 16:33 - 02067456 _____ (Farbar) C:\Users\Simon\Downloads\FRST64.exe
2014-05-16 16:33 - 2014-05-16 16:33 - 00024857 _____ () C:\Users\Simon\Downloads\FRST.txt
2014-05-16 16:33 - 2014-05-16 16:33 - 00000000 ____D () C:\FRST
2014-05-16 16:33 - 2014-01-23 18:35 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Skype
2014-05-16 15:34 - 2014-01-22 23:03 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-16 15:01 - 2014-05-11 15:47 - 00000276 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-05-16 14:27 - 2014-04-20 19:07 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-16 10:37 - 2014-01-22 23:04 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-16 10:25 - 2014-01-22 22:01 - 01168563 _____ () C:\Windows\WindowsUpdate.log
2014-05-16 10:23 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-16 10:23 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-16 10:17 - 2014-05-11 15:56 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-05-16 10:16 - 2014-05-15 21:26 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-05-16 10:15 - 2014-01-27 20:47 - 00000000 ____D () C:\Users\Simon\AppData\Local\Overwolf
2014-05-16 10:15 - 2009-07-14 06:51 - 00072529 _____ () C:\Windows\setupact.log
2014-05-16 10:14 - 2014-01-22 23:03 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-16 10:14 - 2014-01-22 22:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-16 10:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-16 00:00 - 2014-03-31 23:30 - 00000000 ____D () C:\Users\Simon\log2s
2014-05-15 21:24 - 2014-01-22 22:54 - 00000000 ___RD () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 21:24 - 2014-01-22 22:54 - 00000000 ___RD () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 21:22 - 2014-04-25 21:34 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 22:02 - 2014-02-19 14:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:02 - 2014-01-29 19:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 22:00 - 2014-01-22 23:14 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 01:29 - 2014-05-13 01:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-11 18:58 - 2014-05-11 18:46 - 00230432 _____ () C:\PA7302.DAT
2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\Windows\PixArt
2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CANYON USB PC CAMERA
2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\Program Files (x86)\ANC
2014-05-11 18:41 - 2010-10-27 13:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-11 18:40 - 2014-05-11 18:40 - 05611298 _____ () C:\Users\Simon\Downloads\CNR-WCAM53_Drv_XPVW32.zip
2014-05-11 16:32 - 2014-05-11 16:31 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (3) (1).crx
2014-05-11 16:31 - 2014-05-11 16:31 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader (1).exe
2014-05-11 16:31 - 2014-05-11 16:31 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (3).crx
2014-05-11 16:31 - 2014-05-11 16:31 - 00143081 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0.zip
2014-05-11 16:29 - 2014-05-11 16:29 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader.exe
2014-05-11 16:29 - 2014-05-11 16:29 - 00105903 _____ () C:\Users\Simon\Downloads\chrome-youtube-downloader-2.6.20.crx
2014-05-11 16:29 - 2014-05-11 16:29 - 00099158 _____ () C:\Users\Simon\Downloads\chrome-youtube-downloader-2.6.20.zip
2014-05-11 16:23 - 2014-05-11 16:23 - 00279792 _____ () C:\Users\Simon\Downloads\YouTube-Unblocker-055.zip
2014-05-11 16:22 - 2014-05-11 16:22 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\YouTube-Unblocker-055 - CHIP-Downloader.exe
2014-05-11 16:18 - 2014-05-11 16:07 - 230403208 _____ (COMODO) C:\Users\Simon\Downloads\cfw_installer_5732_83.exe
2014-05-11 16:14 - 2014-03-21 14:43 - 00000000 ____D () C:\Users\Simon\AppData\Local\PrivaZer
2014-05-11 16:07 - 2014-05-11 16:07 - 00686664 _____ ( ) C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_cfw_installer_5732_83.exe
2014-05-11 16:05 - 2014-05-11 15:48 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-11 16:03 - 2014-05-11 15:49 - 00000000 ____D () C:\Program Files (x86)\PrivaZer
2014-05-11 16:03 - 2014-03-21 14:43 - 00001905 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk
2014-05-11 16:03 - 2014-03-21 14:43 - 00001893 _____ () C:\Users\Public\Desktop\PrivaZer.lnk
2014-05-11 16:02 - 2014-05-11 16:02 - 07198344 _____ (Goversoft LLC) C:\Users\Simon\Downloads\privazer_free (1).exe
2014-05-11 16:02 - 2014-05-11 16:02 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Opera Software
2014-05-11 16:02 - 2014-05-11 16:02 - 00000000 ____D () C:\Users\Simon\AppData\Local\Opera Software
2014-05-11 15:57 - 2014-05-11 15:57 - 00001225 _____ () C:\Users\Simon\Desktop\Die Installation von Domingo fortsetzen.lnk
2014-05-11 15:52 - 2014-05-11 15:47 - 00000284 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-05-11 15:51 - 2014-05-11 15:51 - 00295232 _____ () C:\Windows\Minidump\051114-20716-01.dmp
2014-05-11 15:51 - 2014-01-23 19:38 - 739826304 _____ () C:\Windows\MEMORY.DMP
2014-05-11 15:51 - 2014-01-23 19:38 - 00000000 ____D () C:\Windows\Minidump
2014-05-11 15:49 - 2014-05-11 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2014-05-11 15:48 - 2014-05-11 15:48 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-05-11 15:48 - 2014-05-11 15:48 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-05-11 15:48 - 2014-05-11 15:48 - 00001137 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-05-11 15:48 - 2014-05-11 15:48 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-05-11 15:48 - 2014-05-11 15:47 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Systweak
2014-05-11 15:47 - 2014-05-11 15:47 - 00003026 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2014-05-11 15:47 - 2014-05-11 15:47 - 00002870 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2014-05-11 15:47 - 2014-05-11 15:47 - 00001209 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-05-11 15:47 - 2014-05-11 15:47 - 00001058 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-05-11 15:47 - 2014-05-11 15:47 - 00000000 ____D () C:\ProgramData\Systweak
2014-05-11 15:47 - 2014-05-11 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-05-11 15:47 - 2014-05-11 15:47 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-05-11 15:47 - 2014-05-11 15:47 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-05-11 15:47 - 2014-03-21 14:42 - 07202440 _____ (Goversoft LLC) C:\Users\Simon\Downloads\privazer_free.exe
2014-05-11 15:34 - 2014-05-11 15:34 - 00339543 _____ () C:\Users\Simon\Downloads\Ask-Fm-Autolike.rar
2014-05-11 12:18 - 2014-01-22 21:56 - 00239658 _____ () C:\Windows\PFRO.log
2014-05-09 08:14 - 2014-05-14 17:59 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 17:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-09 03:01 - 2014-01-27 20:47 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TS3Client
2014-05-08 17:29 - 2014-01-22 23:03 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 17:29 - 2014-01-22 23:03 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 14:39 - 2014-05-08 13:01 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-05-08 14:39 - 2014-01-22 23:17 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-05-08 13:02 - 2014-05-08 13:02 - 00000000 ____D () C:\Users\Simon\AppData\Local\WarThunder
2014-05-08 13:02 - 2014-05-08 13:02 - 00000000 ____D () C:\ProgramData\WarThunder
2014-05-08 13:01 - 2014-05-08 13:01 - 04124808 _____ (Gaijin Entertainment ) C:\Users\Simon\Downloads\wt_launcher_doi_1.0.1.355.exe
2014-05-08 13:01 - 2014-05-08 13:01 - 00001109 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-05-08 13:01 - 2014-05-08 13:01 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-05-08 13:01 - 2014-05-03 18:29 - 00000000 ____D () C:\Users\Simon\Documents\My Games
2014-05-08 12:35 - 2014-04-24 01:54 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\QuickScan
2014-05-08 00:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-05-08 00:34 - 2014-05-08 00:32 - 00053504 _____ () C:\Users\Simon\Downloads\bootkit_remover.zip
2014-05-06 20:23 - 2014-05-06 19:21 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\tor
2014-05-06 19:17 - 2014-05-06 19:15 - 26815695 _____ () C:\Users\Simon\Downloads\torbrowser-install-3.6_en-US.exe
2014-05-06 06:40 - 2014-05-14 22:02 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 22:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 22:02 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 22:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 22:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 22:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 13:43 - 2014-05-03 17:54 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-03 19:41 - 2014-05-03 19:41 - 00000000 ____D () C:\Users\Simon\AppData\Local\EdgeOfReality
2014-05-03 19:40 - 2014-01-22 22:27 - 00028868 _____ () C:\Windows\DirectX.log
2014-05-03 19:02 - 2014-05-03 19:02 - 00000219 _____ () C:\Users\Simon\Desktop\Dota 2.url
2014-05-03 19:02 - 2014-05-03 18:18 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-03 18:47 - 2014-05-03 18:47 - 00000222 _____ () C:\Users\Simon\Desktop\Loadout.url
2014-05-03 18:18 - 2014-05-03 18:18 - 00000222 _____ () C:\Users\Simon\Desktop\Epigenesis.url
2014-05-03 17:54 - 2014-05-03 17:54 - 01141680 _____ () C:\Users\Simon\Downloads\SteamSetup.exe
2014-05-03 17:54 - 2014-05-03 17:54 - 00000971 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-05-03 17:54 - 2014-05-03 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-03 17:51 - 2014-05-03 17:51 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup (2).exe
2014-05-03 17:51 - 2014-05-03 17:51 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup (1).exe
2014-05-03 17:44 - 2014-05-03 17:43 - 00000999 _____ () C:\Users\Public\Desktop\MultIV.lnk
2014-05-03 17:44 - 2014-05-03 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultIV
2014-05-03 17:44 - 2014-05-03 17:43 - 00000000 ____D () C:\Program Files (x86)\MultIV
2014-05-03 17:43 - 2014-05-03 17:43 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\MultIV
2014-05-03 17:42 - 2014-05-03 17:42 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup.exe
2014-05-03 17:39 - 2014-05-03 17:39 - 04954736 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\WindowsUpgradeAssistant.exe
2014-05-03 17:35 - 2014-05-03 17:34 - 36965680 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\IE9-Windows7-x64-deu.exe
2014-05-03 17:35 - 2014-01-24 00:08 - 00005990 _____ () C:\Windows\IE9_main.log
2014-05-03 17:01 - 2014-05-03 17:01 - 17532198 _____ () C:\Users\Simon\Downloads\1355067475iCEnhancer2_1FINAL.zip
2014-05-03 05:14 - 2014-05-03 05:14 - 97580750 _____ () C:\Users\Simon\Downloads\Seven Reel's Realistic ENB v1.5b.zip
2014-05-03 05:06 - 2014-05-03 05:06 - 19677675 _____ () C:\Users\Simon\Downloads\Fighter Jet P-996 Lazer 3.zip
2014-05-03 05:05 - 2014-05-03 05:05 - 00717632 _____ () C:\Users\Simon\Downloads\scripthookdotnet_v1.7.1.7b.zip
2014-05-03 04:53 - 2014-05-03 04:50 - 89876480 _____ () C:\Users\Simon\Desktop\vehicles.img
2014-05-03 04:52 - 2014-05-03 04:52 - 00000000 ____D () C:\Users\Simon\Desktop\Backup
2014-05-03 04:50 - 2014-05-03 04:50 - 00000000 ____D () C:\Users\Simon\Desktop\Infernus
2014-05-03 04:49 - 2014-05-03 04:49 - 00000000 ____D () C:\Users\Simon\Desktop\SparkIV
2014-05-03 04:48 - 2014-05-03 04:48 - 01540953 _____ () C:\Users\Simon\Downloads\SparkIV 0.6.6.zip
2014-05-03 04:46 - 2014-05-03 04:46 - 04695532 _____ () C:\Users\Simon\Downloads\1398374770_ageraone.rar
2014-05-03 03:32 - 2014-05-03 03:32 - 00000000 ____D () C:\Users\Simon\Documents\Games for Windows - LIVE Demos
2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-05-03 03:30 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-03 03:29 - 2014-05-03 03:29 - 00642712 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\gfwlive35setup.exe
2014-05-03 03:29 - 2014-05-03 03:29 - 00642712 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\gfwlive35setup (1).exe
2014-05-03 03:19 - 2014-04-11 14:06 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-03 03:19 - 2014-04-11 14:06 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-03 03:17 - 2014-04-17 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-03 01:35 - 2014-05-01 01:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-05-01 19:04 - 2014-05-01 19:04 - 00081626 _____ () C:\Users\Simon\Documents\Unit 1.voc
2014-05-01 19:04 - 2014-05-01 19:04 - 00081626 _____ () C:\Users\Simon\Desktop\Unit 1.voc
2014-05-01 17:09 - 2014-05-01 17:09 - 04044159 _____ () C:\Users\Simon\Downloads\1259416463_ProVehicleModv1.0.1.zip
2014-05-01 16:30 - 2014-05-01 16:30 - 00001027 _____ () C:\Users\Public\Desktop\Domingo 2.lnk
2014-05-01 16:30 - 2014-05-01 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Domingo 2
2014-05-01 16:30 - 2014-05-01 16:30 - 00000000 ____D () C:\Program Files (x86)\Domingo 2
2014-05-01 16:29 - 2014-05-01 16:29 - 04241516 _____ (Patrick Diekmann ) C:\Users\Simon\Downloads\setup.exe
2014-05-01 16:29 - 2014-05-01 16:29 - 00728032 _____ () C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_setup.exe
2014-05-01 15:56 - 2014-05-01 15:56 - 01138458 _____ () C:\Users\Simon\Downloads\1385372962_Space Shuttle.rar
2014-05-01 15:35 - 2014-05-01 15:34 - 00072097 _____ () C:\Users\Simon\Downloads\xliveless - v0.999b7 (patch 1.0.7.0. and EFLC 1.1.2.0).zip
2014-05-01 15:26 - 2014-05-01 15:26 - 02662221 _____ () C:\Users\Simon\Downloads\1310225693_Simple Native Trainer v.6.3.rar
2014-05-01 13:34 - 2014-05-01 13:34 - 00000000 ____D () C:\Users\Simon\Documents\Rockstar Games
2014-05-01 13:31 - 2014-05-01 13:31 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-05-01 13:30 - 2014-05-01 13:30 - 04776440 _____ () C:\Users\Simon\Downloads\LaunchGTAIV.zip
2014-05-01 13:25 - 2014-05-01 13:25 - 00000000 ____D () C:\Users\Simon\AppData\Local\Rockstar Games
2014-05-01 13:24 - 2014-05-01 13:24 - 00000000 __RHD () C:\Users\Simon\AppData\Roaming\SecuROM
2014-05-01 13:11 - 2014-04-24 18:49 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-05-01 03:53 - 2014-05-01 03:46 - 20725128 _____ () C:\Users\Simon\Downloads\MMM_PT._vlad.7z
2014-05-01 00:13 - 2014-04-21 19:59 - 00000000 ____D () C:\Users\Simon\AppData\Local\Thunderbird
2014-04-28 20:55 - 2014-04-28 20:55 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (2).crx
2014-04-28 20:53 - 2014-04-28 20:53 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (1).crx
2014-04-28 20:52 - 2014-04-28 20:52 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0.crx
2014-04-27 02:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\addins
2014-04-26 21:41 - 2014-04-25 21:40 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Bitdefender
2014-04-25 22:05 - 2014-04-25 22:05 - 00000000 ____D () C:\Users\Simon\AppData\Local\GGC
2014-04-25 22:03 - 2014-04-25 22:01 - 05570641 _____ () C:\Users\Simon\Downloads\Gordonsys2.0.rar
2014-04-25 21:41 - 2014-04-25 21:41 - 00550296 _____ () C:\ProgramData\1398454570.bdinstall.bin
2014-04-25 21:40 - 2014-04-25 21:40 - 00002194 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2014-04-25 21:40 - 2014-04-25 21:40 - 00002075 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk
2014-04-25 21:40 - 2014-04-25 21:40 - 00000684 ____H () C:\bdr-cf01
2014-04-25 21:40 - 2014-04-25 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender
2014-04-25 21:40 - 2014-04-25 21:36 - 00253404 ____H () C:\bdr-ld01
2014-04-25 21:40 - 2014-04-25 21:36 - 00009216 ____H () C:\bdr-ld01.mbr
2014-04-25 21:40 - 2014-04-24 01:54 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-04-25 21:36 - 2014-04-24 01:51 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-04-25 21:18 - 2014-04-25 21:18 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\MVH
2014-04-25 21:18 - 2014-04-25 00:53 - 01373184 _____ () C:\Users\Simon\Desktop\MVH Loader.exe
2014-04-25 21:17 - 2014-04-24 19:00 - 00000000 ____D () C:\Users\Simon\Desktop\Bilder
2014-04-25 19:35 - 2014-01-22 22:53 - 00000000 ____D () C:\Users\Simon\AppData\Local\VirtualStore
2014-04-25 14:49 - 2014-05-11 15:47 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-04-25 02:34 - 2014-04-25 02:34 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-04-25 00:53 - 2014-04-25 00:53 - 01108568 _____ () C:\Users\Simon\Downloads\MVH Loader.zip
2014-04-25 00:47 - 2014-04-25 00:47 - 04106679 _____ () C:\Users\Simon\Downloads\[Abs]Loader.rar
2014-04-25 00:41 - 2014-04-25 00:28 - 00000000 ____D () C:\Users\Simon\Desktop\Combat Arms Hack
2014-04-25 00:40 - 2014-04-25 00:21 - 00000000 ____D () C:\ProgramData\NexonEU
2014-04-25 00:34 - 2014-04-25 00:34 - 00000000 ____D () C:\ProgramData\Nexon
2014-04-25 00:24 - 2014-04-25 00:24 - 00001634 _____ () C:\Users\Public\Desktop\Combat Arms EU.lnk
2014-04-25 00:24 - 2014-04-25 00:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
2014-04-25 00:21 - 2014-04-25 00:21 - 00000000 ____D () C:\Nexon
2014-04-25 00:13 - 2014-04-24 23:52 - 1967289647 _____ (Nexon) C:\Users\Simon\Desktop\Combatarms_eu.exe
2014-04-24 23:51 - 2014-04-24 23:51 - 10552296 _____ (Akamai Technologies, Inc.) C:\Users\Simon\Downloads\NexonEU_Installer.exe
2014-04-24 23:51 - 2014-04-14 21:03 - 00000000 ____D () C:\Users\Simon\AppData\Local\Akamai
2014-04-24 23:50 - 2014-04-24 23:50 - 01617203 _____ () C:\Users\Simon\Downloads\[ghbsys.net] Public-Client.zip
2014-04-24 22:10 - 2014-04-24 22:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2014-04-24 22:09 - 2014-04-24 22:09 - 00001474 _____ () C:\Users\Public\Desktop\Bloodline Champions.lnk
2014-04-24 22:09 - 2014-04-24 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodline Champions
2014-04-24 22:08 - 2014-04-24 22:08 - 00000000 ____D () C:\Program Files (x86)\Stunlock Studios
2014-04-24 22:08 - 2014-04-24 22:03 - 363876296 _____ (Stunlock Studios ) C:\Users\Simon\Downloads\bloodline-champions_25983.exe
2014-04-24 22:03 - 2014-04-24 22:03 - 01062288 _____ () C:\Users\Simon\Downloads\Bloodline-Champions-lnstall.exe
2014-04-24 19:35 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-04-24 19:33 - 2014-04-24 19:33 - 10768896 _____ () C:\Users\Simon\Downloads\Wolfteam INV Hack AUG 2013.exe
2014-04-24 19:25 - 2014-04-24 19:25 - 00058597 _____ () C:\Users\Simon\Downloads\Business.Card.Maker.8.0_CRK-FFF.zip
2014-04-24 19:23 - 2014-04-24 17:32 - 00000000 ____D () C:\Users\Simon\Downloads\Download.am
2014-04-24 19:23 - 2014-04-24 17:32 - 00000000 ____D () C:\Users\Simon\AppData\Local\download.am-data
2014-04-24 19:22 - 2014-04-24 19:22 - 00077025 _____ () C:\Users\Simon\Downloads\CD244A3FE5B95DA446608BC56299A387E1A64734.torrent
2014-04-24 19:08 - 2014-04-24 19:01 - 00000000 ____D () C:\Users\Simon\Desktop\Programme
2014-04-24 19:04 - 2014-04-24 19:04 - 00000000 ____D () C:\Users\Simon\Desktop\Programme;Spiele
2014-04-24 18:59 - 2014-04-24 18:59 - 07307552 _____ () C:\Users\Simon\Downloads\bitdefender_isecurity.exe
2014-04-24 18:48 - 2014-04-24 18:41 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-24 18:43 - 2014-04-24 18:41 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-24 18:42 - 2014-04-24 18:42 - 00002217 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2014-04-24 18:42 - 2014-04-24 18:42 - 00002209 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-04-24 18:42 - 2014-04-24 18:42 - 00002197 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TuneUp Software
2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Users\Simon\AppData\Local\TuneUp Software
2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-04-24 18:41 - 2014-04-24 18:41 - 00074811 _____ () C:\Users\Simon\Downloads\TuneUp 2014 Keygen by Game24x.rar
2014-04-24 18:41 - 2014-04-24 18:40 - 27878824 _____ (TuneUp Software) C:\Users\Simon\Downloads\TuneUpUtilities2014_de2745-DE.exe
2014-04-24 18:33 - 2014-04-24 18:32 - 209715712 _____ () C:\Users\Simon\Desktop\Tresor.bvd
2014-04-24 17:32 - 2014-04-24 17:32 - 00001053 _____ () C:\Users\Simon\Desktop\Download.am.lnk
2014-04-24 17:32 - 2014-04-24 17:32 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download.am
2014-04-24 17:32 - 2014-04-24 17:31 - 00000000 ____D () C:\Program Files (x86)\Download.am
2014-04-24 17:25 - 2014-04-24 17:25 - 13540177 _____ () C:\Users\Simon\Downloads\download.am-build233.zip
2014-04-24 17:21 - 2014-04-24 17:20 - 00000000 ____D () C:\Users\Simon\Desktop\RSDownloader
2014-04-24 17:20 - 2014-04-24 17:20 - 03028121 _____ () C:\Users\Simon\Downloads\RSD_0.61.zip
2014-04-24 17:20 - 2014-04-24 17:20 - 00000164 _____ () C:\Users\Simon\Downloads\40961pa16fh3627.rsdf
2014-04-24 17:19 - 2014-04-24 17:19 - 00000000 ____D () C:\Users\Simon\Desktop\JDownloader
2014-04-24 17:18 - 2014-04-24 17:18 - 31419822 _____ () C:\Users\Simon\Downloads\JDownloader.zip
2014-04-24 16:03 - 2014-03-08 18:51 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Curse Client
2014-04-24 15:59 - 2014-04-24 15:59 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE (2).exe
2014-04-24 15:58 - 2014-04-24 15:58 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE.exe
2014-04-24 15:58 - 2014-04-24 15:58 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE (1).exe
2014-04-24 05:02 - 2014-04-24 05:02 - 00040805 _____ () C:\ProgramData\1398308156.bdinstall.bin
2014-04-24 04:55 - 2014-04-24 04:55 - 01147424 _____ () C:\Users\Simon\Downloads\bitdefender_antitheft.exe
2014-04-24 04:48 - 2014-04-24 04:48 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity (2).exe
2014-04-24 04:18 - 2014-04-14 13:33 - 00000000 ____D () C:\Users\Simon\Desktop\PBdownforce
2014-04-24 04:04 - 2014-04-24 04:04 - 00000000 ____D () C:\Users\Simon\AppData\Local\simon-p
2014-04-24 03:43 - 2014-04-24 03:43 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity (1).exe
2014-04-24 03:12 - 2014-04-17 01:58 - 00000000 ____D () C:\Users\Simon\AppData\Local\Genesis
2014-04-24 02:57 - 2014-04-24 01:54 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-04-24 02:24 - 2014-04-24 02:24 - 00295296 _____ () C:\Windows\Minidump\042414-30264-01.dmp
2014-04-24 02:24 - 2014-02-04 22:14 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-04-24 02:19 - 2014-04-24 02:19 - 00612157 _____ () C:\ProgramData\1398297261.bdinstall.bin
2014-04-24 02:19 - 2014-04-24 02:19 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-04-24 02:19 - 2014-04-24 02:19 - 00000385 _____ () C:\Users\Simon\AppData\Roaminguser_gensett.xml
2014-04-24 02:19 - 2014-04-24 02:18 - 00000000 ____D () C:\ProgramData\BDLogging
2014-04-24 02:18 - 2014-04-24 02:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-04-24 02:17 - 2014-04-24 02:17 - 00283192 _____ (Mozilla) C:\Users\Simon\Downloads\Firefox Setup Stub 28.0 (1).exe
2014-04-24 01:57 - 2014-04-24 01:54 - 00000000 ____D () C:\Program Files\Bitdefender
2014-04-24 01:54 - 2014-04-16 21:52 - 00000513 _____ () C:\Windows\wininit.ini
2014-04-24 01:53 - 2014-02-04 22:14 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-24 01:51 - 2014-04-24 01:51 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity.exe
2014-04-23 22:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-22 22:49 - 2014-04-22 22:49 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieUserList
2014-04-22 22:49 - 2014-04-22 22:49 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieSiteList
2014-04-22 22:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-22 03:07 - 2014-04-22 03:07 - 00043012 _____ () C:\Users\Simon\Downloads\AimPoint.exe
2014-04-21 19:59 - 2014-04-21 19:59 - 21987424 _____ (Mozilla) C:\Users\Simon\Downloads\Thunderbird_Setup_de24.4.0.exe
2014-04-21 19:59 - 2014-04-21 19:59 - 00002106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-04-21 19:59 - 2014-04-21 19:59 - 00002094 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-04-21 19:59 - 2014-04-21 19:59 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Thunderbird
2014-04-20 19:16 - 2014-04-17 01:57 - 00000000 ____D () C:\Program Files\002
2014-04-20 19:16 - 2010-10-27 13:16 - 00000000 ____D () C:\Windows\oem
2014-04-20 19:07 - 2014-04-20 19:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-20 19:07 - 2014-04-20 19:07 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-20 19:07 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-20 19:07 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-20 19:07 - 2014-04-20 19:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-20 14:09 - 2014-04-20 14:09 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-20 14:09 - 2014-04-20 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-20 14:09 - 2014-03-16 21:41 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-20 14:09 - 2014-03-16 21:40 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-19 19:18 - 2014-02-15 14:30 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\.purple
2014-04-18 16:00 - 2014-04-18 16:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204 (2).exe
2014-04-18 16:00 - 2014-04-18 16:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204 (1).exe
2014-04-18 16:00 - 2014-04-18 16:00 - 00016670 _____ () C:\Users\Simon\Downloads\hijackthis.log
2014-04-18 16:00 - 2014-04-17 15:07 - 00000000 ____D () C:\AdwCleaner
2014-04-18 15:59 - 2014-04-18 15:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204.exe
2014-04-17 19:10 - 2014-04-17 19:10 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-17 19:10 - 2014-04-17 19:10 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Mozilla
2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Users\Simon\AppData\Local\Mozilla
2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-17 19:09 - 2014-04-17 19:09 - 00283192 _____ (Mozilla) C:\Users\Simon\Downloads\Firefox Setup Stub 28.0.exe
2014-04-17 15:08 - 2014-01-22 23:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-17 15:08 - 2014-01-22 22:54 - 00000999 _____ () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-17 15:08 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-17 15:07 - 2014-04-17 15:07 - 00000000 ____D () C:\Users\Simon\Downloads\AdwCleaner_TSA221R2W
2014-04-17 05:25 - 2014-04-17 05:25 - 00376264 _____ () C:\Users\Simon\Downloads\PricePeep (1).exe
2014-04-17 01:58 - 2014-04-17 01:58 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\InetStat
2014-04-17 01:58 - 2014-04-17 01:58 - 00000000 ____D () C:\Program Files (x86)\Rr Savings
2014-04-17 01:57 - 2014-04-17 01:57 - 00003162 _____ () C:\Windows\System32\Tasks\fsupdate
2014-04-16 21:51 - 2014-04-16 21:50 - 04924064 _____ (Systweak Inc ) C:\Users\Simon\Downloads\rcpsetup_2005_file.net_ab_DE-kTweak.exe
2014-04-16 13:41 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-16 00:26 - 2014-03-31 23:24 - 00000000 _RSHD () C:\Users\Simon\.IMbLDhAuwE

Some content of TEMP:
====================
C:\Users\Simon\AppData\Local\Temp\AskFmApi.exe
C:\Users\Simon\AppData\Local\Temp\drm_dyndata_7380015.dll
C:\Users\Simon\AppData\Local\Temp\ICReinstall_COMPUTER_BILD-Download-Manager_fuer_setup.exe
C:\Users\Simon\AppData\Local\Temp\JNativeHook_1010585539620646518.dll
C:\Users\Simon\AppData\Local\Temp\JNativeHook_2463213317395202958.dll
C:\Users\Simon\AppData\Local\Temp\JNativeHook_3349987008083522072.dll
C:\Users\Simon\AppData\Local\Temp\JNativeHook_4697151084216426821.dll
C:\Users\Simon\AppData\Local\Temp\JNativeHook_4752302052903291192.dll
C:\Users\Simon\AppData\Local\Temp\JNativeHook_4805760147115222786.dll
C:\Users\Simon\AppData\Local\Temp\JNativeHook_5009065584628265166.dll
C:\Users\Simon\AppData\Local\Temp\JNativeHook_590635129596865176.dll
C:\Users\Simon\AppData\Local\Temp\JNativeHook_6614085503958555007.dll
C:\Users\Simon\AppData\Local\Temp\JNativeHook_6885165834752642353.dll
C:\Users\Simon\AppData\Local\Temp\JNativeHook_8043159873189132644.dll
C:\Users\Simon\AppData\Local\Temp\JNativeHook_8204638230892071985.dll
C:\Users\Simon\AppData\Local\Temp\JNativeHook_8876634897088988853.dll
C:\Users\Simon\AppData\Local\Temp\JNativeHook_9187723041974552115.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-14 17:59] - [2014-03-04 11:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-09 13:35

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 16.05.2014, 15:38   #4
FunkySimonp
 
Verdacht auf einen bösen Trojaner - Standard

Verdacht auf einen bösen Trojaner



Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2014
Ran by Simon at 2014-05-16 16:34:13
Running from C:\Users\Simon\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 5.1.8507 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 5.1.8507 - CyberLink Corp.) Hidden
Acer Arcade Movie (x32 Version: 9.0.7201 - CyberLink Corp.) Hidden
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3015 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1) (Version: 6.1.0.9 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0318.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.13491 - Systweak Software) <==== ATTENTION
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Airport Mania First Flight (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}) (Version:  - Oberon Media)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
Another Life Client 1.52 (HKLM-x32\...\{D4E82BDF-6252-4761-A020-37DBC34C7617}}_is1) (Version: 1.52 - Tim Witschel Serververmietung)
AnotherLife Client Version 1.4 (HKLM-x32\...\{1B305614-536F-47B0-917D-140C1D2477BA}}_is1) (Version: 1.4 - Tim Witschel Serververmietung)
AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 141 - Abelssoft)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Attack Surface Analyzer (HKLM\...\{2710505A-D198-4906-8767-F869909D9FA6}) (Version: 5.3.0.0 - Microsoft Corporation)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.27.0.1146 - Bitdefender)
Bloodline Champions (HKLM-x32\...\{81E58F0A-E24E-4132-98C2-6BA39899692E}_is1) (Version: 2.4.1.0 - Stunlock Studios)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3066 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{8789EB72-635E-4A91-95DB-3FC11CBE7725}) (Version: 0.8.7.3066 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
CANYON USB PC CAMERA (HKLM-x32\...\{A59AB961-BE82-41E0-B0FB-648DFA6DDEA4}) (Version: 1.0.20 - ANC)
Cobra 11 - Highway Nights Demo (remove only) (HKLM-x32\...\HighwayNights Demo) (Version:  - )
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
CPUCooL (remove only) (HKLM-x32\...\CPUCooL) (Version:  - )
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Domingo 2 Version 2.6.1. (HKLM-x32\...\{FB326C8F-DA81-4764-B994-6D3D6C4796A9}_is1) (Version:  - Patrick Diekmann)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Download.am (HKLM-x32\...\Download.am) (Version:  - )
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
Epigenesis (HKLM-x32\...\Steam App 244590) (Version:  - Dead Shark Triplepunch) <==== ATTENTION
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Genesis (HKCU\...\genesis) (Version:  - ) <==== ATTENTION
GEONExT 1.74 (HKLM-x32\...\GEONExT_is1) (Version: 1.74 - GEONExT Group)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3013 - Acer Incorporated)
ICQ 8.2 (build 6901) (HKCU\...\ICQ) (Version: 8.2.6901.0 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
InetStat (HKCU\...\InetStat) (Version: 0.3 - InetStat)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Loong Dragonblood (HKLM-x32\...\{BAE0CFD0-1598-4BC4-9AB3-BD2CF575EED9}) (Version: 2.5.12 - gamigo)
MAGIX Web Designer 9 Premium (HKLM\...\MX.{B497E1E1-E2E9-4B93-B242-86087EDEDF92}) (Version: 9.0.1.27343 - MAGIX AG)
MAGIX Web Designer 9 Premium (Version: 9.0.1.27343 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
MediaEspresso (x32 Version: 5.1.1116_32498 - CyberLink Corp.) Hidden
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MKLOL (HKCU\...\MKLOL) (Version:  - )
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MultIV (HKLM-x32\...\{D0CA9142-4127-40FF-B3C1-B2C089B745A2}_is1) (Version: 0.2 - MultIV Team)
MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.27.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.16.0.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.37.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA 3D Vision Controller-Treiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 332.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Opera Stable 21.0.1432.57 (HKLM-x32\...\Opera 21.0.1432.57) (Version: 21.0.1432.57 - Opera Software ASA)
Overwolf (HKLM-x32\...\{FB83467F-D8EB-43E6-8B3D-860B045C1C52}) (Version: 0.51.325 - Overwolf)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
phpDesigner 8 version 8.1.2 (HKLM-x32\...\phpDesigner8_is1) (Version:  - MPSOFTWARE)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
pidgin-otr 4.0.0-1 (HKLM-x32\...\pidgin-otr) (Version: 4.0.0-1 - Cypherpunks CA)
Poker Pop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}) (Version:  - Oberon Media)
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 2.19.0.0 - Goversoft LLC)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
RegClean-Pro (HKLM-x32\...\RegClean-Pro_is1) (Version: 6.21 - Systweak Inc)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.20.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.20.0 - Renesas Electronics Corporation) Hidden
RrSavings (x32 Version: 1.0.0.0 - RrSavings) Hidden <==== ATTENTION
Samsung CLX-3300 Series (HKLM-x32\...\Samsung CLX-3300 Series) (Version: 1.01 (01.05.2012) - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.02.09 (25.04.2012) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.45.02(01.05.2012) - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.06.24 (25.04.2012) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00.04 - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.00.18.04 - Samsung Electronics Co., Ltd.) Hidden
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
simplitec simplicheck (HKLM-x32\...\{183D780B-28F9-41BA-A2CB-605F324A5781}) (Version: 1.3.10.0 - simplitec GmbH)
Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version:  - Oberon Media)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.275 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
War Thunder Launcher 1.0.1.355 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WolfTeam-DE (HKLM-x32\...\WolfTeam-DE) (Version:  - )

==================== Restore Points  =========================

11-05-2014 13:58:15 RegClean Pro So, Mai 11, 14  15:58
11-05-2014 16:40:47 Installiert CANYON USB PC CAMERA
11-05-2014 16:41:17 Gerätetreiber-Paketinstallation: VGA SoC PC-Camera provider Bildverarbeitungsgeräte
12-05-2014 23:33:11 RegClean Pro Di, Mai 13, 14  01:33
14-05-2014 19:59:23 Windows Update
16-05-2014 08:30:02 RegClean Pro Fr, Mai 16, 14  10:30

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-03-21 14:56 - 00000895 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.google-analytics.com
127.0.0.1 google-analytics.com


==================== Scheduled Tasks (whitelisted) =============

Task: {0D7608FD-DBC5-47E6-A8FB-5554041EBA93} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {1086B9DD-4C9F-4E2F-A37E-8E541943544B} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-04-25] (Systweak Inc) <==== ATTENTION
Task: {1578F21F-DB6C-49B1-B9AE-D20AFBC1D83D} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-04-25] (Systweak Inc) <==== ATTENTION
Task: {1FF09EAB-1B3A-4E4C-81F2-86843C9A3667} - System32\Tasks\AntiBrowserSpy - BrowserMask => C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2014-01-13] ()
Task: {2A032745-2D20-450E-87A0-638DF39EC962} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2010-08-19] (Acer)
Task: {46012232-7C26-470E-BB9B-9F4A570F6484} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22] (Google Inc.)
Task: {4625DB89-D0C3-4CCE-A1EB-F1A0E9702F54} - System32\Tasks\Opera D6 => C:\Program Files (x86)\Opera\launcher.exe [2014-04-30] (Opera Software)
Task: {7793B38D-D00A-4BA2-A836-CE7611EF8D2C} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-04-25] (Systweak Inc) <==== ATTENTION
Task: {7A3CB029-11C4-40C8-83D5-C93DE8959402} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7C7EF8CA-1D7B-4342-B2B1-95EA79E7B96E} - System32\Tasks\AcerArcadeDeluxe => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe [2011-01-07] (Acer Incorporated)
Task: {7DDC0322-429D-4048-86B4-C5A0CB1FFAB3} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-03-20] (TuneUp Software)
Task: {92F6A158-B868-4D71-9124-C0E0B04D4D51} - System32\Tasks\Opera D7 => C:\Program Files (x86)\Opera\launcher.exe [2014-04-30] (Opera Software)
Task: {E0E342D7-A3D5-4D1D-92A2-9DCCFD2FF50C} - System32\Tasks\fsupdate => C:\Program
Task: {E45A60B7-1372-49AC-B36B-B964D515BD14} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2014-04-08] (Systweak) <==== ATTENTION
Task: {F36DEA01-83A9-4ED8-B6C7-A491822E21B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22] (Google Inc.)
Task: {F87DED90-640F-440C-9EC4-218364591BD2} - System32\Tasks\ArcadeDeluxeAgentTS => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2011-01-07] (CyberLink Corp.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-04-24 02:17 - 2013-06-19 11:45 - 00265080 ____N () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2014-04-25 21:40 - 2014-03-27 19:18 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2014-04-25 21:40 - 2011-11-14 19:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
2014-04-25 21:40 - 2014-03-27 19:18 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
2014-04-25 21:40 - 2014-03-25 10:53 - 00771328 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttpbr.mdl
2014-04-25 21:40 - 2014-03-25 10:53 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttpdsp.mdl
2014-04-25 21:40 - 2014-03-25 10:53 - 02593416 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttpph.mdl
2014-04-25 21:40 - 2014-03-25 10:53 - 01317216 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttprbl.mdl
2014-02-16 19:50 - 2013-12-19 20:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-29 19:14 - 2012-01-09 13:47 - 00034304 _____ () C:\Windows\System32\sst7clm.dll
2014-01-29 19:14 - 2012-04-26 08:34 - 01186304 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sst7cdu.dll
2014-03-21 14:42 - 2014-01-13 10:45 - 00823424 _____ () C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
2014-03-21 14:42 - 2014-01-13 10:45 - 00055936 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbSettings.dll
2014-03-21 14:42 - 2014-01-13 10:45 - 00861312 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyResources.dll
2014-03-21 14:42 - 2014-01-13 10:45 - 01340032 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyLibrary.dll
2014-03-21 14:42 - 2014-01-13 10:44 - 01401472 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbGui.dll
2014-03-21 14:42 - 2014-01-13 10:45 - 00016000 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbProcessManager.dll
2012-02-20 23:23 - 2012-02-20 23:23 - 00456704 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-02-20 23:23 - 2012-02-20 23:23 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2014-04-17 01:58 - 2014-04-17 01:57 - 01260648 _____ () C:\Users\Simon\AppData\Roaming\InetStat\inetstat.exe
2011-12-04 17:28 - 2011-12-04 17:28 - 01725952 _____ () C:\Program Files (x86)\CPUCooL\CPUCooL.exe
2014-03-20 14:44 - 2014-03-20 14:44 - 00675640 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2009-12-14 04:19 - 2009-12-09 11:24 - 00076320 _____ () C:\OEM\USBDECTION\USBS3S4Detection.exe
2014-04-24 02:17 - 2013-03-25 15:16 - 01117920 ____N () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll
2014-01-22 23:07 - 2013-03-01 14:13 - 01300816 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2014-01-22 23:07 - 2014-05-08 14:22 - 05424120 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\LoLLauncher.exe
2014-01-22 23:04 - 2013-07-13 17:35 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.88\deploy\LolClient.exe
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-11 15:47 - 2012-07-25 12:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll
2014-05-11 15:47 - 2014-04-08 12:04 - 01730928 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll
2014-03-05 20:30 - 2014-03-05 20:30 - 00025600 _____ () C:\Program Files (x86)\Overwolf\CoreAudioApi.dll
2014-04-24 02:17 - 2014-03-15 00:05 - 00204280 ____N () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2014-04-25 15:30 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-25 15:30 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-25 15:30 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-25 15:30 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-25 15:30 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-25 15:30 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-02-19 15:35 - 2014-02-19 15:35 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll
2010-10-27 13:00 - 2010-09-13 19:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-25 15:30 - 2014-04-24 02:33 - 13692232 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
2014-01-22 23:07 - 2014-05-08 14:22 - 01531384 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\RiotLauncher.dll
2014-01-22 23:04 - 2013-07-13 17:35 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.88\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2014-05-01 01:13 - 2014-05-01 01:13 - 03019888 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-05-01 01:13 - 2014-05-01 01:13 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-05-01 01:13 - 2014-05-01 01:13 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Simon\Downloads\bitdefender_antitheft.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\bitdefender_isecurity.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\bitdefender_tsecurity (1).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\bitdefender_tsecurity (2).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\cfw_installer_5732_83.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader (1).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_cfw_installer_5732_83.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_setup.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\gfwlive35setup (1).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\gfwlive35setup.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\IE9-Windows7-x64-deu.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\multiv_setup (1).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\multiv_setup (2).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\multiv_setup.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\privazer_free (1).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\SteamSetup.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\SystemCheck_deDE (1).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\SystemCheck_deDE (2).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\SystemCheck_deDE.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\TuneUpUtilities2014_de2745-DE.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\WindowsUpgradeAssistant.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\Wolfteam INV Hack AUG 2013.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\wt_launcher_doi_1.0.1.355.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\YouTube-Unblocker-055 - CHIP-Downloader.exe:BDU

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: McAfee Inc. mfeapfk
Description: McAfee Inc. mfeapfk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: mfeapfk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/16/2014 10:16:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CooLSrv.exe, Version: 0.0.0.0, Zeitstempel: 0x4ed0cb16
Name des fehlerhaften Moduls: CooLSrv.exe, Version: 0.0.0.0, Zeitstempel: 0x4ed0cb16
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001ec91
ID des fehlerhaften Prozesses: 0x89c
Startzeit der fehlerhaften Anwendung: 0xCooLSrv.exe0
Pfad der fehlerhaften Anwendung: CooLSrv.exe1
Pfad des fehlerhaften Moduls: CooLSrv.exe2
Berichtskennung: CooLSrv.exe3

Error: (05/16/2014 10:15:51 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Bitdefender antivirus HV.sys loaded ---> System.ComponentModel.Win32Exception: Unzulässige Funktion
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/16/2014 10:15:46 AM) (Source: McLogEvent) (EventID: 5022) (User: NT-AUTORITÄT)
Description: Initialisierung des MCSCAN32-Moduls ist fehlgeschlagen.
Das Modul hat folgenden Fehler ausgegeben: 1

Error: (05/15/2014 09:41:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm RegCleanPro.exe, Version 6.21.65.2903 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 6b4

Startzeit: 01cf70735bfb9a34

Endzeit: 20

Anwendungspfad: C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe

Berichts-ID: dae43554-dc68-11e3-bcce-bc0543069a9f

Error: (05/15/2014 09:25:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CooLSrv.exe, Version: 0.0.0.0, Zeitstempel: 0x4ed0cb16
Name des fehlerhaften Moduls: CooLSrv.exe, Version: 0.0.0.0, Zeitstempel: 0x4ed0cb16
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001ec91
ID des fehlerhaften Prozesses: 0x8d8
Startzeit der fehlerhaften Anwendung: 0xCooLSrv.exe0
Pfad der fehlerhaften Anwendung: CooLSrv.exe1
Pfad des fehlerhaften Moduls: CooLSrv.exe2
Berichtskennung: CooLSrv.exe3

Error: (05/15/2014 09:24:23 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Bitdefender antivirus HV.sys loaded ---> System.ComponentModel.Win32Exception: Unzulässige Funktion
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/15/2014 09:24:21 PM) (Source: McLogEvent) (EventID: 5022) (User: NT-AUTORITÄT)
Description: Initialisierung des MCSCAN32-Moduls ist fehlgeschlagen.
Das Modul hat folgenden Fehler ausgegeben: 1

Error: (05/14/2014 08:13:24 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/14/2014 05:45:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CooLSrv.exe, Version: 0.0.0.0, Zeitstempel: 0x4ed0cb16
Name des fehlerhaften Moduls: CooLSrv.exe, Version: 0.0.0.0, Zeitstempel: 0x4ed0cb16
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001ec91
ID des fehlerhaften Prozesses: 0xbbc
Startzeit der fehlerhaften Anwendung: 0xCooLSrv.exe0
Pfad der fehlerhaften Anwendung: CooLSrv.exe1
Pfad des fehlerhaften Moduls: CooLSrv.exe2
Berichtskennung: CooLSrv.exe3

Error: (05/14/2014 05:45:25 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Bitdefender antivirus HV.sys loaded ---> System.ComponentModel.Win32Exception: Unzulässige Funktion
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (05/16/2014 10:16:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CPUCooLServer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/16/2014 10:15:51 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (05/16/2014 10:15:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Anti-Malware Core" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/16/2014 10:14:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1243

Error: (05/15/2014 09:25:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CPUCooLServer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/15/2014 09:24:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (05/15/2014 09:24:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Anti-Malware Core" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/15/2014 09:24:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1243

Error: (05/14/2014 05:45:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CPUCooLServer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/14/2014 05:45:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-04-14 21:31:48.346
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQ566.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-14 21:31:48.251
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQ566.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-14 21:31:26.499
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQAFF6.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-14 21:31:26.413
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQAFF6.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-14 13:34:16.090
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQ86FA.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-14 13:34:15.988
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQ86FA.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 65%
Total physical RAM: 8174 MB
Available physical RAM: 2809.2 MB
Total Pagefile: 16346.18 MB
Available Pagefile: 9897.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:456.95 GB) (Free:336.84 GB) NTFS
Drive d: (DATA) (Fixed) (Total:457.46 GB) (Free:307 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: FEB9136C)
Partition 1: (Not Active) - (Size=17 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=457 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=457 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 16.05.2014, 15:45   #5
M-K-D-B
/// TB-Ausbilder
 
Verdacht auf einen bösen Trojaner - Standard

Verdacht auf einen bösen Trojaner



Zitat:
Running from C:\Users\Simon\Downloads
du solltest doch FRST vom Desktop ausführen... bitte darauf achten.
selbiges gilt für ComboFix.




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.



Alt 16.05.2014, 17:11   #6
FunkySimonp
 
Verdacht auf einen bösen Trojaner - Standard

Verdacht auf einen bösen Trojaner



Hey sorry, dass ich es vom Download Ordner gestartet habe. Ist es schlimm ? Soll ich es nochmal machen vom Desktop ?

Combofix Log:

Code:
ATTFilter
ComboFix 14-05-16.01 - Simon 16.05.2014  17:51:06.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8174.3410 [GMT 2:00]
ausgeführt von:: C:\Users\Simon\Desktop\ComboFix.exe
AV: Bitdefender Antivirus *Disabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
FW: Bitdefender Firewall *Disabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
SP: Bitdefender Spyware-Schutz *Disabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))


C:\ProgramData\1398297261.bdinstall.bin
C:\ProgramData\1398308156.bdinstall.bin
C:\ProgramData\1398454570.bdinstall.bin
C:\Windows\wininit.ini
D:\install.exe


(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ACEDRV11
-------\Service_acedrv11


(((((((((((((((((((((((   Dateien erstellt von 2014-04-16 bis 2014-05-16  ))))))))))))))))))))))))))))))


2014-05-16 15:57:01 . 2014-05-16 15:57:01	--------	d-----w-	C:\Users\Default\AppData\Local\temp
2014-05-16 14:33:31 . 2014-05-16 14:34:49	--------	d-----w-	C:\FRST
2014-05-14 20:02:42 . 2014-05-06 04:40:42	23544320	----a-w-	C:\Windows\system32\mshtml.dll
2014-05-14 20:02:42 . 2014-05-06 04:17:53	2724864	----a-w-	C:\Windows\system32\mshtml.tlb
2014-05-14 20:02:42 . 2014-05-06 03:00:47	84992	----a-w-	C:\Windows\system32\mshtmled.dll
2014-05-14 20:02:41 . 2014-05-06 03:07:39	2724864	----a-w-	C:\Windows\SysWow64\mshtml.tlb
2014-05-14 16:00:05 . 2014-03-25 02:43:12	14175744	----a-w-	C:\Windows\system32\shell32.dll
2014-05-12 23:29:32 . 2014-05-12 23:29:32	119512	----a-w-	C:\Windows\system32\drivers\48230029.sys
2014-05-11 16:41:05 . 2007-11-08 08:29:22	527872	----a-w-	C:\Windows\system32\drivers\PAC7302.SYS
2014-05-11 16:41:05 . 2007-11-02 09:07:28	8704	----a-w-	C:\Windows\system32\CoInst_071029.dll
2014-05-11 16:41:05 . 2000-06-08 15:00:00	119568	----a-w-	C:\Windows\SysWow64\KSPRbac9.rra
2014-05-11 16:41:04 . 2004-11-22 11:37:38	40960	----a-w-	C:\Windows\98Setup.exe
2014-05-11 16:41:03 . 2014-05-11 16:41:03	--------	d-----w-	C:\Program Files (x86)\ANC
2014-05-11 16:41:03 . 2007-10-30 15:48:42	129024	----a-w-	C:\Windows\SysWow64\SP7302.ax
2014-05-11 16:41:02 . 2014-05-11 16:41:05	--------	d-----w-	C:\Program Files (x86)\Common Files\PAC7302
2014-05-11 16:41:02 . 2014-05-11 16:41:02	--------	d-----w-	C:\Windows\PixArt
2014-05-11 16:41:02 . 2007-11-08 08:30:08	454656	----a-w-	C:\Windows\SysWow64\drivers\PAC7302.sys
2014-05-11 16:41:02 . 2006-10-12 09:57:32	14336	----a-w-	C:\Windows\SysWow64\P7302USD.dll
2014-05-11 14:02:16 . 2014-05-11 14:02:16	--------	d-----w-	C:\Users\Simon\AppData\Local\Opera Software
2014-05-11 14:02:13 . 2014-05-11 14:02:13	--------	d-----w-	C:\Users\Simon\AppData\Roaming\Opera Software
2014-05-11 13:49:41 . 2014-05-11 14:03:31	--------	d-----w-	C:\Program Files (x86)\PrivaZer
2014-05-11 13:48:49 . 2014-05-11 14:05:48	--------	d-----w-	C:\Program Files (x86)\Opera
2014-05-11 13:47:58 . 2014-05-11 13:47:58	--------	d-----w-	C:\ProgramData\Systweak
2014-05-11 13:47:57 . 2014-05-11 13:47:59	--------	d-----w-	C:\Program Files (x86)\Advanced System Protector
2014-05-11 13:47:57 . 2012-07-25 10:03:10	16896	----a-w-	C:\Windows\system32\sasnative64.exe
2014-05-11 13:47:45 . 2014-05-11 13:48:00	--------	d-----w-	C:\Users\Simon\AppData\Roaming\Systweak
2014-05-11 13:47:44 . 2014-04-25 12:49:06	20312	----a-w-	C:\Windows\system32\roboot64.exe
2014-05-11 13:47:42 . 2014-05-11 13:47:44	--------	d-----w-	C:\Program Files (x86)\RegClean Pro
2014-05-08 11:02:02 . 2014-05-08 11:02:02	--------	d-----w-	C:\Users\Simon\AppData\Local\WarThunder
2014-05-08 11:02:02 . 2014-05-08 11:02:02	--------	d-----w-	C:\ProgramData\WarThunder
2014-05-08 11:01:41 . 2014-05-08 12:39:44	--------	d-----w-	C:\Program Files (x86)\WarThunder
2014-05-06 17:21:48 . 2014-05-06 18:23:35	--------	d-----w-	C:\Users\Simon\AppData\Roaming\tor
2014-05-03 17:41:32 . 2014-05-03 17:41:32	--------	d-----w-	C:\Users\Simon\AppData\Local\EdgeOfReality
2014-05-03 17:41:04 . 2008-10-15 04:22:52	519000	----a-w-	C:\Windows\system32\d3dx10_40.dll
2014-05-03 17:41:04 . 2008-10-15 04:22:52	452440	----a-w-	C:\Windows\SysWow64\d3dx10_40.dll
2014-05-03 17:41:04 . 2008-10-15 04:22:52	2605920	----a-w-	C:\Windows\system32\D3DCompiler_40.dll
2014-05-03 17:41:04 . 2008-10-15 04:22:52	2036576	----a-w-	C:\Windows\SysWow64\D3DCompiler_40.dll
2014-05-03 17:40:57 . 2008-10-15 04:22:52	5631312	----a-w-	C:\Windows\system32\D3DX9_40.dll
2014-05-03 17:40:57 . 2008-10-15 04:22:52	4379984	----a-w-	C:\Windows\SysWow64\D3DX9_40.dll
2014-05-03 15:54:40 . 2014-05-03 15:56:32	--------	d-----w-	C:\Program Files (x86)\Common Files\Steam
2014-05-03 15:54:39 . 2014-05-04 11:43:24	--------	d-----w-	C:\Program Files (x86)\Steam
2014-05-03 15:43:53 . 2014-05-03 15:43:53	--------	d-----w-	C:\Users\Simon\AppData\Roaming\MultIV
2014-05-03 15:43:13 . 2014-05-03 15:44:28	--------	d-----w-	C:\Program Files (x86)\MultIV
2014-05-03 01:30:36 . 2014-05-03 01:30:36	--------	d-----w-	C:\Windows\SysWow64\xlive
2014-05-03 01:30:26 . 2014-05-03 01:30:36	--------	d-----w-	C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-05-01 14:30:26 . 2014-05-01 14:30:26	--------	d-----w-	C:\Program Files (x86)\Domingo 2
2014-05-01 11:31:53 . 2014-05-01 11:31:53	--------	d-sh--w-	C:\ProgramData\SecuROM
2014-05-01 11:25:53 . 2014-05-01 11:25:57	--------	d-----w-	C:\Users\Simon\AppData\Local\Rockstar Games
2014-05-01 11:24:18 . 2014-05-01 11:24:19	--------	d--h--r-	C:\Users\Simon\AppData\Roaming\SecuROM
2014-04-30 23:13:52 . 2014-05-02 23:35:58	--------	d-----w-	C:\Program Files (x86)\Mozilla Thunderbird
2014-04-25 20:05:16 . 2014-04-25 20:05:16	--------	d-----w-	C:\Users\Simon\AppData\Local\GGC
2014-04-25 19:40:26 . 2014-04-26 19:41:31	--------	d-----w-	C:\Users\Simon\AppData\Roaming\Bitdefender
2014-04-25 19:36:50 . 2013-08-13 10:38:37	3271472	---ha-w-	C:\bdr-bz01
2014-04-25 19:36:43 . 2013-08-07 10:46:28	389240	----a-w-	C:\Windows\system32\drivers\trufos.sys
2014-04-25 19:36:42 . 2013-08-23 10:48:49	150256	----a-w-	C:\Windows\system32\drivers\gzflt.sys
2014-04-25 19:34:39 . 2014-05-15 19:22:10	--------	d-s---w-	C:\Windows\system32\CompatTel
2014-04-25 19:18:09 . 2014-04-25 19:18:09	--------	d-----w-	C:\Users\Simon\AppData\Roaming\MVH
2014-04-24 22:34:57 . 2014-04-24 22:34:57	--------	d-----w-	C:\ProgramData\Nexon
2014-04-24 22:21:45 . 2014-04-24 22:21:45	--------	d-----w-	C:\Nexon
2014-04-24 20:10:34 . 2014-04-24 20:10:34	--------	d-----w-	C:\Program Files (x86)\Microsoft XNA
2014-04-24 20:08:36 . 2014-04-24 20:08:36	--------	d-----w-	C:\Program Files (x86)\Stunlock Studios
2014-04-24 17:09:59 . 2014-03-20 12:44:20	43320	----a-w-	C:\Windows\system32\uxtuneup.dll
2014-04-24 17:09:59 . 2014-03-20 12:44:20	36152	----a-w-	C:\Windows\SysWow64\uxtuneup.dll
2014-04-24 16:42:44 . 2014-03-20 12:44:28	40760	----a-w-	C:\Windows\system32\TURegOpt.exe
2014-04-24 16:42:36 . 2014-03-20 12:44:20	29496	----a-w-	C:\Windows\system32\authuitu.dll
2014-04-24 16:42:33 . 2014-03-20 12:44:20	25400	----a-w-	C:\Windows\SysWow64\authuitu.dll
2014-04-24 16:42:21 . 2014-04-24 16:42:21	--------	d-----w-	C:\Users\Simon\AppData\Roaming\TuneUp Software
2014-04-24 16:42:21 . 2014-04-24 16:42:21	--------	d-----w-	C:\Users\Simon\AppData\Local\TuneUp Software
2014-04-24 16:42:17 . 2014-04-24 16:42:30	--------	d-----w-	C:\Program Files (x86)\TuneUp Utilities 2014
2014-04-24 16:41:45 . 2014-04-24 16:43:22	--------	d-----w-	C:\ProgramData\TuneUp Software
2014-04-24 16:41:35 . 2014-04-24 16:48:49	--------	d-sh--w-	C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-24 16:41:34 . 2014-04-24 16:41:34	--------	d--h--w-	C:\ProgramData\Common Files
2014-04-24 15:32:21 . 2014-04-24 17:23:01	--------	d-----w-	C:\Users\Simon\AppData\Local\download.am-data
2014-04-24 15:31:59 . 2014-04-24 15:32:14	--------	d-----w-	C:\Program Files (x86)\Download.am
2014-04-24 02:04:20 . 2014-04-24 02:04:20	--------	d-----w-	C:\Users\Simon\AppData\Local\simon-p
2014-04-24 00:18:03 . 2009-07-14 22:21:12	1721576	----a-w-	C:\Windows\system32\WdfCoInstaller01009.dll
2014-04-24 00:18:00 . 2014-04-24 00:19:08	--------	d-----w-	C:\ProgramData\BDLogging
2014-04-24 00:17:53 . 2012-04-17 11:34:26	76944	----a-w-	C:\Windows\system32\drivers\bdvedisk.sys
2014-04-24 00:17:47 . 2013-11-04 13:47:36	82824	----a-w-	C:\Windows\system32\drivers\bdsandbox.sys
2014-04-24 00:17:47 . 2013-11-04 13:47:08	74512	----a-w-	C:\Windows\SysWow64\bdsandboxuiskin32.dll
2014-04-24 00:17:47 . 2013-02-22 16:46:52	93600	----a-w-	C:\Windows\system32\drivers\BdfNdisf6.sys
2014-04-24 00:17:47 . 2007-04-11 08:11:20	511328	----a-w-	C:\Windows\capicom.dll
2014-04-24 00:17:45 . 2013-12-02 09:58:48	635392	----a-w-	C:\Windows\system32\drivers\avckf.sys
2014-04-24 00:17:45 . 2013-12-02 09:56:50	893440	----a-w-	C:\Windows\system32\drivers\avc3.sys
2014-04-24 00:17:45 . 2012-11-02 11:17:46	261056	----a-w-	C:\Windows\system32\drivers\avchv.sys
2014-04-23 23:54:31 . 2014-04-25 19:40:47	--------	d-----w-	C:\ProgramData\Bitdefender
2014-04-23 23:54:31 . 2014-04-24 00:57:08	74512	----a-w-	C:\Windows\system32\bdsandboxuiskin32.dll
2014-04-23 23:54:31 . 2014-04-23 23:57:41	--------	d-----w-	C:\Program Files\Bitdefender
2014-04-23 23:54:31 . 2013-11-04 13:47:10	84848	----a-w-	C:\Windows\system32\BDSandBoxUISkin.dll
2014-04-23 23:54:31 . 2013-11-04 13:46:57	34384	----a-w-	C:\Windows\system32\BDSandBoxUH.dll
2014-04-23 23:54:21 . 2014-05-08 10:35:15	--------	d-----w-	C:\Users\Simon\AppData\Roaming\QuickScan
2014-04-23 23:51:59 . 2014-04-25 19:36:43	--------	d-----w-	C:\Program Files\Common Files\Bitdefender
2014-04-23 23:51:47 . 2014-04-23 23:51:47	--------	d-----w-	C:\Program Files (x86)\Common Files\Bitdefender
2014-04-22 20:49:56 . 2014-04-22 20:49:56	--------	d-sh--w-	C:\Users\Simon\AppData\Local\EmieUserList
2014-04-22 20:49:56 . 2014-04-22 20:49:56	--------	d-sh--w-	C:\Users\Simon\AppData\Local\EmieSiteList
2014-04-21 17:59:58 . 2014-04-30 22:13:49	--------	d-----w-	C:\Users\Simon\AppData\Local\Thunderbird
2014-04-21 17:59:58 . 2014-04-21 17:59:58	--------	d-----w-	C:\Users\Simon\AppData\Roaming\Thunderbird
2014-04-20 17:07:47 . 2014-05-16 16:02:17	119512	----a-w-	C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-04-20 17:07:37 . 2014-04-03 07:51:04	88280	----a-w-	C:\Windows\system32\drivers\mbamchameleon.sys
2014-04-20 17:07:36 . 2014-04-20 17:07:38	--------	d-----w-	C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-20 17:07:36 . 2014-04-20 17:07:36	--------	d-----w-	C:\ProgramData\Malwarebytes
2014-04-20 17:07:36 . 2014-04-03 07:51:16	63192	----a-w-	C:\Windows\system32\drivers\mwac.sys
2014-04-20 17:07:36 . 2014-04-03 07:50:58	25816	----a-w-	C:\Windows\system32\drivers\mbam.sys
2014-04-17 17:10:19 . 2014-04-17 17:10:28	--------	d-----w-	C:\Users\Simon\AppData\Local\Mozilla
2014-04-17 17:10:12 . 2014-05-03 01:17:28	--------	d-----w-	C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-17 13:07:53 . 2014-04-18 14:00:07	--------	d-----w-	C:\AdwCleaner
2014-04-16 23:58:34 . 2014-04-16 23:58:34	--------	d-----w-	C:\Program Files (x86)\Rr Savings
2014-04-16 23:58:04 . 2014-04-16 23:59:07	--------	d-----w-	C:\temp
2014-04-16 23:58:04 . 2014-04-16 23:58:04	--------	d-----w-	C:\Users\Simon\AppData\Roaming\InetStat
2014-04-16 23:58:00 . 2014-04-24 01:12:09	--------	d-----w-	C:\Users\Simon\AppData\Local\Genesis
2014-04-16 23:57:33 . 2014-04-20 17:16:35	--------	d-----w-	C:\Program Files\002
.


((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

2014-05-14 20:00:36 . 2014-01-22 21:14:41	93223848	----a-w-	C:\Windows\system32\MRT.exe
2014-05-03 01:19:34 . 2014-04-11 12:06:39	70832	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-03 01:19:34 . 2014-04-11 12:06:39	692400	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-14 18:13:43 . 2014-03-16 19:41:31	96168	----a-w-	C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-03 19:18:58 . 2007-04-27 08:43:58	120200	----a-w-	C:\Windows\SysWow64\DLLDEV32i.dll
2014-04-03 19:03:34 . 2010-01-06 01:04:02	106112	----a-w-	C:\Windows\system32\drivers\mferkdet.sys
2014-04-01 17:41:35 . 2014-04-01 17:41:35	1236816	----a-w-	C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-03-31 20:46:48 . 2014-03-31 20:46:48	130712	----a-w-	C:\Windows\SysWow64\MSSTDFMT.DLL
2014-03-31 20:46:48 . 2014-03-31 20:46:48	1070232	----a-w-	C:\Windows\SysWow64\MSCOMCTL.OCX
2014-03-17 08:16:10 . 2014-04-03 19:14:57	10521840	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CF0952C6-2699-480D-BE05-CCC2C2BF3E79}\mpengine.dll
2014-03-04 14:35:23 . 2014-03-11 14:32:13	1885472	----a-w-	C:\Windows\system32\nvdispco6433523.dll
2014-03-04 14:35:23 . 2014-03-11 14:32:13	1516488	----a-w-	C:\Windows\system32\nvdispgenco6433523.dll
2014-03-04 09:44:21 . 2014-04-09 11:49:33	362496	----a-w-	C:\Windows\system32\wow64win.dll
2014-03-04 09:44:21 . 2014-04-09 11:49:33	243712	----a-w-	C:\Windows\system32\wow64.dll
2014-03-04 09:44:21 . 2014-04-09 11:49:33	13312	----a-w-	C:\Windows\system32\wow64cpu.dll
2014-03-04 09:44:03 . 2014-04-09 11:49:33	16384	----a-w-	C:\Windows\system32\ntvdm64.dll
2014-03-04 09:44:00 . 2014-04-09 11:49:33	1163264	----a-w-	C:\Windows\system32\kernel32.dll
2014-03-04 09:17:19 . 2014-04-09 11:49:33	14336	----a-w-	C:\Windows\SysWow64\ntvdm64.dll
2014-03-04 09:17:05 . 2014-04-09 11:49:33	44032	----a-w-	C:\Windows\apppatch\acwow64.dll
2014-03-04 09:16:54 . 2014-04-09 11:49:33	25600	----a-w-	C:\Windows\SysWow64\setup16.exe
2014-03-04 09:16:18 . 2014-04-09 11:49:33	5120	----a-w-	C:\Windows\SysWow64\wow32.dll
2014-03-04 08:09:30 . 2014-04-09 11:49:33	7680	----a-w-	C:\Windows\SysWow64\instnm.exe
2014-03-04 08:09:29 . 2014-04-09 11:49:33	2048	----a-w-	C:\Windows\SysWow64\user.exe


((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))


*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:40:28	120176	----a-w-	C:\Program Files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe" [2014-01-14 17:47:54 20728480]
"Overwolf"="C:\Program Files (x86)\Overwolf\Overwolf.exe" [2014-03-05 18:29:24 37664]
"window"="C:\Program Files (x86)\Java\jre7\bin\javaw.exe" [2014-04-14 18:05:06 175528]
"InetStat"="C:\Users\Simon\AppData\Roaming\InetStat\inetstat.exe" [2014-04-16 23:57:26 1260648]
"Bitdefender-Geldbörse-Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" [2014-03-18 22:06:55 567888]
"Bitdefender-Geldbörse"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" [2014-03-14 22:24:33 1001536]
"Bitdefender-Geldbörse-Anwendungs-Agent"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [2014-03-18 22:04:16 614232]
"GoogleChromeAutoLaunch_5DAEC53D8C099B1094B921010676FA41"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2014-05-07 23:29:35 841032]
"icq"="C:\Users\Simon\AppData\Roaming\ICQM\icq.exe" [2014-02-13 14:18:56 33664344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 02:59:08 337264]
"EgisTecPMMUpdate"="C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 05:11:56 407920]
"Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 22:33:10 1155928]
"AVMWlanClient"="C:\Program Files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 01:00:00 2105344]
"BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe" [2014-03-06 11:49:20 819984]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender-Geldbörse-Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" [2014-03-18 22:06:55 567888]
"Bitdefender-Geldbörse"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" [2014-03-14 22:24:33 1001536]
"Bitdefender-Geldbörse-Anwendungs-Agent"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [2014-03-18 22:04:16 614232]

C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CPUCooL.lnk - C:\Program Files (x86)\CPUCooL\CPUCooL.exe 1 [2011-12-4 1725952]
Curse.lnk - C:\Users\Simon\AppData\Roaming\Curse Client\Bin\Curse.exe /startup [2014-3-7 8528136]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Samsung Network PC Fax.lnk - C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe [2014-1-29 273408]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"Aeria Ignite"="C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
"ArcadeMovieService"="C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe"
"EgisUpdate"="C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
"Download.am"=C:\Program Files (x86)\Download.am\download.am.exe --no-browser --disable-splash
"Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
"MDS_Menu"="C:\Program Files (x86)\Acer Arcade Deluxe\MediaEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaEspresso\6.1"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

R2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;C:\Program Files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [x]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x]
R3 avckf;avckf;C:\Windows\system32\DRIVERS\avckf.sys;C:\Windows\SYSNATIVE\DRIVERS\avckf.sys [x]
R3 avmeject;AVM Eject;C:\Windows\system32\drivers\avmeject.sys;C:\Windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 BDSandBox;BDSandBox;C:\Windows\system32\drivers\bdsandbox.sys;C:\Windows\SYSNATIVE\drivers\bdsandbox.sys [x]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys;C:\Windows\SYSNATIVE\drivers\cfwids.sys [x]
R3 EagleX64;EagleX64;C:\Windows\system32\drivers\EagleX64.sys;C:\Windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\system32\drivers\HipShieldK.sys;C:\Windows\SYSNATIVE\drivers\HipShieldK.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\system32\IEEtwCollector.exe;C:\Windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 mfencrk;McAfee Inc. mfencrk;C:\Windows\system32\DRIVERS\mfencrk.sys;C:\Windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys;C:\Windows\SYSNATIVE\drivers\mferkdet.sys [x]
R3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]
R3 OverwolfUpdaterService;Overwolf Updater Service;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys;C:\Windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 wolfkr;wolfkr;C:\AeriaGames\WolfTeam-DE\avital\wolfk64.sys;C:\AeriaGames\WolfTeam-DE\avital\wolfk64.sys [x]
R4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe;C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [x]
R4 bdfwfpf_pc;bdfwfpf_pc;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 avc3;avc3;C:\Windows\system32\DRIVERS\avc3.sys;C:\Windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 gzflt;gzflt;C:\Windows\system32\DRIVERS\gzflt.sys;C:\Windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x]
S1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]
S1 BDVEDISK;BDVEDISK;C:\Windows\system32\DRIVERS\bdvedisk.sys;C:\Windows\SYSNATIVE\DRIVERS\bdvedisk.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys;C:\Windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys;C:\Windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys;C:\Windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe;C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [x]
S2 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys;C:\Windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe;C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [x]
S2 Samsung Network Fax Server;Samsung Network Fax Server;C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe;C:\Windows\SYSNATIVE\spool\drivers\x64\3\NetFaxServer64.exe [x]
S2 SSPORT;SSPORT;C:\Windows\system32\Drivers\SSPORT.sys;C:\Windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [x]
S2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe;C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [x]
S2 USBS3S4Detection;USBS3S4Detection;C:\OEM\USBDECTION\USBS3S4Detection.exe;C:\OEM\USBDECTION\USBS3S4Detection.exe [x]
S3 avchv;avchv Function Driver;C:\Windows\system32\DRIVERS\avchv.sys;C:\Windows\SYSNATIVE\DRIVERS\avchv.sys [x]
S3 fwlanusbn;FRITZ!WLAN N;C:\Windows\system32\DRIVERS\fwlanusbn.sys;C:\Windows\SYSNATIVE\DRIVERS\fwlanusbn.sys [x]
S3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys;C:\Windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\MBAMSwissArmy.sys;C:\Windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\system32\drivers\mwac.sys;C:\Windows\SYSNATIVE\drivers\mwac.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys;C:\Windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys;C:\Windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys;C:\Windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\system32\drivers\nvvad64v.sys;C:\Windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]


--- Andere Dienste/Treiber im Speicher ---

*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - MBAMWEBACCESSCONTROL
*NewlyCreated* - WS2IFSL
*Deregistered* - mfeavfk01

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-16 08:36:34	1077576	----a-w-	C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe

Inhalt des "geplante Tasks" Ordners

2014-05-16 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22 21:03:28 . 2014-01-22 21:03:26]

2014-05-16 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22 21:03:28 . 2014-01-22 21:03:26]

2014-05-16 C:\Windows\Tasks\RegClean Pro_DEFAULT.job
- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-05-11 13:47:42 . 2014-04-25 12:49:02]

2014-05-11 C:\Windows\Tasks\RegClean Pro_UPDATES.job
- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-05-11 13:47:42 . 2014-04-25 12:49:02]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:42:12	137584	----a-w-	C:\Program Files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
@="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"
[HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
2013-07-08 12:59:21	206352	------w-	C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxshell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
@="{342DAA0B-D796-460D-8566-901E08A1CCAD}"
[HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
2013-07-08 12:59:21	206352	------w-	C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxshell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
@="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"
[HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
2013-07-08 12:59:21	206352	------w-	C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxshell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
@="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"
[HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
2013-07-08 12:59:21	206352	------w-	C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxshell.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-03 08:17:38 11464296]
"CDAServer"="C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe" [2012-02-20 21:23:34 456704]
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 09:32:47 2234144]
"ShadowPlay"="C:\Windows\system32\nvspcap64.dll" [2014-02-05 09:30:41 1179576]
"Bdagent"="C:\Program Files\Bitdefender\Bitdefender\bdagent.exe" [2014-03-25 19:40:11 1742064]
"PAC7302_Monitor"="C:\Windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 09:01:16 319488]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp

------- Zusätzlicher Suchlauf -------

uStart Page = about:blank
uLocal Page = C:\Windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = C:\Windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Nach Microsoft E&xel exportieren - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: aeriagames.com
TCP: Interfaces\{D10E3A7A-0730-4774-8825-D3595DA11AC6}: NameServer = 192.168.178.235,192.168.178.1
FF - ProfilePath - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default\

- - - - Entfernte verwaiste Registrierungseinträge - - - -

Toolbar-Locked - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - C:\Windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-genesis - c:\users\simon\appdata\local\genesis\genesis.exe
         

Alt 17.05.2014, 09:24   #7
M-K-D-B
/// TB-Ausbilder
 
Verdacht auf einen bösen Trojaner - Standard

Verdacht auf einen bösen Trojaner



Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.






Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 4
Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann.
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.
  • Starte Zoek.exe mit einem Doppelklick.
  • Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.
  • Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
    Code:
    ATTFilter
    iedefaults;
    resetIEproxy;
    FFdefaults;
    CHRdefaults;
    emptyclsid;
    autoclean;
             
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich Notepad mit der Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:\ .
  • Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken).





Schritt 5
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von JRT,
  • die Logdatei von MBAM,
  • die Logdatei von Zoek,
  • die beiden neuen Logdateien von FRST.

Alt 17.05.2014, 12:25   #8
FunkySimonp
 
Verdacht auf einen bösen Trojaner - Standard

Verdacht auf einen bösen Trojaner



Adw Cleaner:
Code:
ATTFilter
# AdwCleaner v3.208 - Bericht erstellt am 17/05/2014 um 12:07:55
# Aktualisiert 11/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Simon - SIMON-PC
# Gestartet von : C:\Users\Simon\Desktop\adwcleaner_3.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Ordner Gelöscht : C:\Program Files (x86)\Advanced System Protector
Ordner Gelöscht : C:\Program Files (x86)\RegClean Pro
Ordner Gelöscht : C:\Program Files (x86)\Rr Savings
Ordner Gelöscht : C:\Program Files\002
Ordner Gelöscht : C:\Users\Simon\AppData\Local\Genesis
Ordner Gelöscht : C:\Users\Simon\AppData\Roaming\Systweak
Datei Gelöscht : C:\Users\Public\Desktop\Advanced System Protector.lnk
Datei Gelöscht : C:\Users\Public\Desktop\RegClean Pro.lnk
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage
Datei Gelöscht : C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal
Datei Gelöscht : C:\Windows\System32\Tasks\Advanced System Protector_startup
Datei Gelöscht : C:\Windows\System32\Tasks\RegClean Pro
Datei Gelöscht : C:\Windows\Tasks\RegClean Pro_DEFAULT.job
Datei Gelöscht : C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
Datei Gelöscht : C:\Windows\Tasks\RegClean Pro_UPDATES.job
Datei Gelöscht : C:\Windows\System32\Tasks\RegClean Pro_UPDATES

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3566FB70-E722-4182-8266-815EAE862998}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean-Pro_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\07BF6653227E2814286618E5EA689289
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\07BF6653227E2814286618E5EA689289

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default\prefs.js ]


-\\ Google Chrome v34.0.1847.137

[ Datei : C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://www.qone8.com/web/?type=dspp&ts=1397737782&from=smt&uid=ST31000524AS_9VPCK3Z0XXXX9VPCK3Z0&q={searchTerms}
Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [9889 octets] - [17/04/2014 15:07:55]
AdwCleaner[R1].txt - [1547 octets] - [17/04/2014 17:44:17]
AdwCleaner[R2].txt - [1036 octets] - [17/04/2014 17:47:19]
AdwCleaner[R3].txt - [1289 octets] - [18/04/2014 15:58:58]
AdwCleaner[R4].txt - [4320 octets] - [17/05/2014 12:07:24]
AdwCleaner[S0].txt - [7061 octets] - [17/04/2014 15:08:19]
AdwCleaner[S1].txt - [1397 octets] - [17/04/2014 17:44:49]
AdwCleaner[S2].txt - [971 octets] - [17/04/2014 17:49:35]
AdwCleaner[S3].txt - [1351 octets] - [18/04/2014 16:00:04]
AdwCleaner[S4].txt - [4036 octets] - [17/05/2014 12:07:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [4096 octets] ##########
         
mbam:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 17.05.2014
Suchlauf-Zeit: 12:41:23
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.05.17.05
Rootkit Datenbank: v2014.03.27.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Simon

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 276835
Verstrichene Zeit: 7 Min, 59 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 3
PUP.Optional.Verti, C:\Users\Simon\Downloads\PricePeep.exe, In Quarantäne, [dd9c1e34aecd1323d1211e21f60e36ca], 
PUP.Optional.Superfish.A, C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, In Quarantäne, [0376b999cfac63d3a3dc7f04d52df50b], 
PUP.Optional.Superfish.A, C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, In Quarantäne, [e2977bd784f702349ee12e556b9739c7], 

Physische Sektoren: 0
(No malicious items detected)


(end)
         
zoek results:

Code:
ATTFilter
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Simon on 17.05.2014 at 12:48:05,78.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Simon\Desktop\zoek.com [Scan all users] [Script inserted] 

==== System Restore Info ======================

17.05.2014 12:49:15 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3809745895-3397772576-1149702982-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-3809745895-3397772576-1149702982-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-3809745895-3397772576-1149702982-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-3809745895-3397772576-1149702982-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default\prefs.js:

Added to C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Simon\AppData\Roaming\Thunderbird\Profiles\k7qwhxlh.default\prefs.js:

Added to C:\Users\Simon\AppData\Roaming\Thunderbird\Profiles\k7qwhxlh.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted
C:\PROGRA~3\OberonGameConsole deleted
C:\Windows\SysNative\sasnative64.exe deleted
C:\Users\Simon\Downloads\rcpsetup_2005_file.net_ab_DE-kTweak.exe deleted
C:\Users\Simon\Desktop\chrome-youtube-downloader-2.6.20.crx deleted
"C:\PROGRA~2\AntiBrowserSpy\AbBugReporter.dll" deleted
"C:\PROGRA~2\AntiBrowserSpy\AbCommons.dll" deleted
"C:\PROGRA~2\AntiBrowserSpy\AbFlexTrans.dll" deleted
"C:\PROGRA~2\AntiBrowserSpy\AbGui.dll" deleted
"C:\PROGRA~2\AntiBrowserSpy\AbProcessManager.dll" deleted
"C:\PROGRA~2\AntiBrowserSpy\AbSettings.dll" deleted
"C:\PROGRA~2\AntiBrowserSpy\AbSettingsKeeper.dll" not deleted
"C:\PROGRA~2\AntiBrowserSpy\AntiBrowserSpyLibrary.dll" deleted
"C:\PROGRA~2\AntiBrowserSpy\AntiBrowserSpyResources.dll" deleted
"C:\PROGRA~2\AntiBrowserSpy\BrowserMask.exe" deleted
"C:\PROGRA~2\AntiBrowserSpy\Hardcodet.Wpf.TaskbarNotification.dll" deleted
"C:\PROGRA~2\AntiBrowserSpy\log4net.dll" deleted
"C:\PROGRA~2\AntiBrowserSpy\XDMessaging.dll" deleted
"C:\PROGRA~2\AntiBrowserSpy\XDMessaging.Transport.IOStream.dll" deleted
"C:\Users\Simon\AppData\Roaming\MultIV" deleted
"C:\PROGRA~2\AntiBrowserSpy" not deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"ffpwdman@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman" [27.03.2014 19:26]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default
F2CD1D7524F8E15AAC55568B9F72DE5B	- C:\ProgramData\NexonEU\NGM\npNxGameEU.dll -	Nexon Game Controller


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ccahoghmggldkcdjiebjkidpfongdfbl - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx[03.03.2014 13:59]
fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[]
oohfajmmkkdjdoaoncnnbgfoomiakgbd - C:\Program Files (x86)\AntiBrowserSpy\Addons\Chrome.crx[]

Bitdefender Wallet - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl
SiteAdvisor - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho

==== Chrome Fix ======================

C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_artikel.softonic.de_0.localstorage deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_artikel.softonic.de_0.localstorage-journal deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vocup.softonic.de_0.localstorage deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vocup.softonic.de_0.localstorage-journal deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_windows-keyfinder.softonic.de_0.localstorage deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_windows-keyfinder.softonic.de_0.localstorage-journal deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohfajmmkkdjdoaoncnnbgfoomiakgbd deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="<local>"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\oohfajmmkkdjdoaoncnnbgfoomiakgbd deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\27DFQ9ZP will be deleted at reboot
C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73I92H91 will be deleted at reboot
C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9YR3W56 will be deleted at reboot
C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWBCI32B will be deleted at reboot
C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCRZS6RI will be deleted at reboot
C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7UKZUFG will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Simon\AppData\Local\Mozilla\Firefox\Profiles\ngqpozn3.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1195 folders=153 58724563 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\Simon\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Simon\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\AntiBrowserSpy\AbSettingsKeeper.dll"  not found
"C:\PROGRA~2\AntiBrowserSpy"  not found
"C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\27DFQ9ZP" not found
"C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73I92H91" not found
"C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9YR3W56" not found
"C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWBCI32B" not found
"C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCRZS6RI" not found
"C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7UKZUFG" not found

==== EOF on 17.05.2014 at 13:14:24,76 ======================
         
JRT.txt:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Simon on 17.05.2014 at 12:20:46,97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.05.2014 at 12:30:52,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-05-2014
Ran by Simon (administrator) on SIMON-PC on 17-05-2014 13:17:49
Running from C:\Users\Simon\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\javaw.exe
() C:\Users\Simon\AppData\Roaming\InetStat\inetstat.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\pmbxcrnmh.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1742064 2014-03-25] (Bitdefender)
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [819984 2014-03-06] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-03-19] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-03-15] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-03-19] (Bitdefender)
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20728480 2014-01-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [37664 2014-03-05] (Overwolf LTD)
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [window] => "C:\Program Files (x86)\Java\jre7\bin\javaw.exe" -jar "C:\Users\Simon\AppData\Roaming\archivos java\jar.B09"
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [InetStat] => C:\Users\Simon\AppData\Roaming\InetStat\inetstat.exe [1260648 2014-04-17] ()
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-03-19] (Bitdefender)
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-03-15] (Bitdefender)
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-03-19] (Bitdefender)
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [GoogleChromeAutoLaunch_5DAEC53D8C099B1094B921010676FA41] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-05-08] (Google Inc.)
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [icq] => C:\Users\Simon\AppData\Roaming\ICQM\icq.exe [33664344 2014-02-13] (ICQ)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Samsung Electronics Co., Ltd.)
Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CPUCooL.lnk
ShortcutTarget: CPUCooL.lnk -> C:\Program Files (x86)\CPUCooL\CPUCooL.exe ()
Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
ShortcutTarget: Curse.lnk -> C:\Users\Simon\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)

==================== Internet (Whitelisted) ====================

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\..\Interfaces\{D10E3A7A-0730-4774-8825-D3595DA11AC6}: [NameServer]192.168.178.235,192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Greasemonkey - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-05-11]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-04-25]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ []
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-04-25]

Chrome: 
=======
CHR Extension: (Bitdefender Wallet) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-04-24]
CHR Extension: (Google Wallet) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-17]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-04-25]

==================== Services (Whitelisted) =================

R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-06] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-06] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-06] (BlueStack Systems, Inc.)
S2 CPUCooLServer; C:\Program Files (x86)\CPUCooL\CooLSrv.exe [743936 2011-12-01] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199032 2010-01-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [237056 2012-04-26] (Samsung Electronics Co., Ltd.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2138936 2014-03-20] (TuneUp Software)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1523728 2014-03-24] (Bitdefender)
S2 mfecore; "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe" [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2013-12-02] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2013-12-02] (BitDefender)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S4 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-06] (BlueStack Systems)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)
U5 mfencbdc; C:\Windows\System32\Drivers\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2014-04-03] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)
R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
S3 PAC7302; C:\Windows\SysWOW64\DRIVERS\PAC7302.SYS [454656 2007-11-08] (PixArt Imaging Inc.)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-01-23] ()
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-02-10] (TuneUp Software)
S3 wolfkr; C:\AeriaGames\WolfTeam-DE\avital\wolfk64.sys [86352 2014-04-14] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-17 13:17 - 2014-05-17 13:18 - 00022699 _____ () C:\Users\Simon\Desktop\FRST.txt
2014-05-17 13:15 - 2014-05-17 13:15 - 00013047 _____ () C:\Users\Simon\Desktop\zoek-results.txt
2014-05-17 13:11 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-17 12:48 - 2014-05-17 13:14 - 00013047 _____ () C:\zoek-results.log
2014-05-17 12:48 - 2014-05-17 13:07 - 00000000 ____D () C:\zoek_backup
2014-05-17 12:48 - 2014-05-17 12:48 - 00000000 ____D () C:\Users\Simon\Desktop\zoek
2014-05-17 12:48 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Simon\Desktop\zoek.scr
2014-05-17 12:48 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Simon\Desktop\zoek.pif
2014-05-17 12:48 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Simon\Desktop\zoek.com
2014-05-17 12:47 - 2014-05-17 12:47 - 04235514 _____ () C:\Users\Simon\Downloads\zoek.rar
2014-05-17 12:42 - 2014-05-17 12:42 - 00001620 _____ () C:\Users\Simon\Desktop\mbam.txt
2014-05-17 12:31 - 2014-05-17 12:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-17 12:30 - 2014-05-17 12:30 - 00000759 _____ () C:\Users\Simon\Desktop\JRT.txt
2014-05-17 12:20 - 2014-05-17 12:20 - 01016261 _____ (Thisisu) C:\Users\Simon\Desktop\JRT.exe
2014-05-17 12:20 - 2014-05-17 12:20 - 00000000 ____D () C:\Windows\ERUNT
2014-05-17 12:18 - 2014-05-17 12:18 - 00004180 _____ () C:\Users\Simon\Desktop\AdwCleaner[S4].txt
2014-05-17 12:07 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-17 12:06 - 2014-05-17 12:06 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\Program Files\iTunes
2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\Program Files\iPod
2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-17 12:02 - 2014-05-17 12:02 - 01325827 _____ () C:\Users\Simon\Desktop\adwcleaner_3.208.exe
2014-05-16 18:09 - 2014-05-16 18:09 - 00038341 _____ () C:\ComboFix.txt
2014-05-16 17:49 - 2014-05-16 18:09 - 00000000 ____D () C:\ComboFix
2014-05-16 17:49 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-16 17:49 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-16 17:49 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-16 17:49 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-16 17:49 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-16 17:49 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-16 17:49 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-16 17:49 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-16 17:48 - 2014-05-16 18:09 - 00000000 ____D () C:\Qoobox
2014-05-16 17:48 - 2014-05-16 18:08 - 00000000 ____D () C:\Windows\erdnt
2014-05-16 17:09 - 2014-05-16 17:09 - 05200990 ____R (Swearware) C:\Users\Simon\Desktop\ComboFix.exe
2014-05-16 16:34 - 2014-05-16 16:34 - 00049056 _____ () C:\Users\Simon\Downloads\Addition.txt
2014-05-16 16:33 - 2014-05-17 13:17 - 00000000 ____D () C:\FRST
2014-05-16 16:33 - 2014-05-16 16:34 - 00097162 _____ () C:\Users\Simon\Downloads\FRST.txt
2014-05-16 16:33 - 2014-05-16 16:33 - 02067456 _____ (Farbar) C:\Users\Simon\Desktop\FRST64.exe
2014-05-14 22:02 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 22:02 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 22:02 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 22:02 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 22:02 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 22:02 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 18:00 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 18:00 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 17:59 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 17:59 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 17:59 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 17:59 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 17:59 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 17:59 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 17:59 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 17:59 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 17:59 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 17:59 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 17:59 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 17:59 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 17:59 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 17:59 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 17:59 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 17:59 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 17:59 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 17:59 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 17:59 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 17:59 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 17:59 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 17:59 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 17:59 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 17:59 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 17:59 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 17:59 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 17:59 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 17:59 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 17:59 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 17:59 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 17:59 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 17:59 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 01:29 - 2014-05-13 01:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-11 18:46 - 2014-05-11 18:58 - 00230432 _____ () C:\PA7302.DAT
2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\Windows\PixArt
2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CANYON USB PC CAMERA
2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\Program Files (x86)\ANC
2014-05-11 18:41 - 2007-11-08 10:30 - 00454656 _____ (PixArt Imaging Inc.) C:\Windows\SysWOW64\Drivers\PAC7302.sys
2014-05-11 18:41 - 2007-11-08 10:29 - 00527872 _____ (PixArt Imaging Inc.) C:\Windows\system32\Drivers\PAC7302.SYS
2014-05-11 18:41 - 2007-11-02 11:07 - 00008704 _____ (PixArt Imaging Inc.) C:\Windows\system32\CoInst_071029.dll
2014-05-11 18:41 - 2007-10-30 17:48 - 00129024 _____ (PixArt Imaging Incorporation) C:\Windows\SysWOW64\SP7302.ax
2014-05-11 18:41 - 2007-03-20 16:44 - 00000566 _____ () C:\Windows\SysWOW64\SP7302.ini
2014-05-11 18:41 - 2006-10-12 11:57 - 00014336 _____ (PixArt Imaging Inc.) C:\Windows\SysWOW64\P7302USD.dll
2014-05-11 18:41 - 2004-11-22 13:37 - 00040960 _____ () C:\Windows\98Setup.exe
2014-05-11 18:41 - 2000-06-08 17:00 - 00119568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KSPRbac9.rra
2014-05-11 18:40 - 2014-05-11 18:40 - 05611298 _____ () C:\Users\Simon\Downloads\CNR-WCAM53_Drv_XPVW32.zip
2014-05-11 16:31 - 2014-05-11 16:32 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (3) (1).crx
2014-05-11 16:31 - 2014-05-11 16:31 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader (1).exe
2014-05-11 16:31 - 2014-05-11 16:31 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (3).crx
2014-05-11 16:31 - 2014-05-11 16:31 - 00143081 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0.zip
2014-05-11 16:31 - 2014-03-28 17:58 - 00155577 _____ () C:\Users\Simon\Desktop\proxtube_1.3.0.crx
2014-05-11 16:29 - 2014-05-11 16:29 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader.exe
2014-05-11 16:29 - 2014-05-11 16:29 - 00105903 _____ () C:\Users\Simon\Downloads\chrome-youtube-downloader-2.6.20.crx
2014-05-11 16:29 - 2014-05-11 16:29 - 00099158 _____ () C:\Users\Simon\Downloads\chrome-youtube-downloader-2.6.20.zip
2014-05-11 16:23 - 2014-05-11 16:23 - 00279792 _____ () C:\Users\Simon\Downloads\YouTube-Unblocker-055.zip
2014-05-11 16:22 - 2014-05-11 16:22 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\YouTube-Unblocker-055 - CHIP-Downloader.exe
2014-05-11 16:07 - 2014-05-11 16:18 - 230403208 _____ (COMODO) C:\Users\Simon\Downloads\cfw_installer_5732_83.exe
2014-05-11 16:07 - 2014-05-11 16:07 - 00686664 _____ ( ) C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_cfw_installer_5732_83.exe
2014-05-11 16:02 - 2014-05-11 16:02 - 07198344 _____ (Goversoft LLC) C:\Users\Simon\Downloads\privazer_free (1).exe
2014-05-11 16:02 - 2014-05-11 16:02 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Opera Software
2014-05-11 16:02 - 2014-05-11 16:02 - 00000000 ____D () C:\Users\Simon\AppData\Local\Opera Software
2014-05-11 15:51 - 2014-05-11 15:51 - 00295232 _____ () C:\Windows\Minidump\051114-20716-01.dmp
2014-05-11 15:49 - 2014-05-11 16:03 - 00000000 ____D () C:\Program Files (x86)\PrivaZer
2014-05-11 15:48 - 2014-05-11 16:05 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-11 15:48 - 2014-05-11 15:48 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-05-11 15:48 - 2014-05-11 15:48 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-05-11 15:48 - 2014-05-11 15:48 - 00001137 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-05-11 15:48 - 2014-05-11 15:48 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-05-11 15:34 - 2014-05-11 15:34 - 00339543 _____ () C:\Users\Simon\Downloads\Ask-Fm-Autolike.rar
2014-05-08 13:02 - 2014-05-08 13:02 - 00000000 ____D () C:\Users\Simon\AppData\Local\WarThunder
2014-05-08 13:02 - 2014-05-08 13:02 - 00000000 ____D () C:\ProgramData\WarThunder
2014-05-08 13:01 - 2014-05-08 14:39 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-05-08 13:01 - 2014-05-08 13:01 - 04124808 _____ (Gaijin Entertainment ) C:\Users\Simon\Downloads\wt_launcher_doi_1.0.1.355.exe
2014-05-08 13:01 - 2014-05-08 13:01 - 00001109 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-05-08 13:01 - 2014-05-08 13:01 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-05-08 00:32 - 2014-05-08 00:34 - 00053504 _____ () C:\Users\Simon\Downloads\bootkit_remover.zip
2014-05-06 19:21 - 2014-05-06 20:23 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\tor
2014-05-06 19:15 - 2014-05-06 19:17 - 26815695 _____ () C:\Users\Simon\Downloads\torbrowser-install-3.6_en-US.exe
2014-05-03 19:41 - 2014-05-03 19:41 - 00000000 ____D () C:\Users\Simon\AppData\Local\EdgeOfReality
2014-05-03 19:41 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-05-03 19:41 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-05-03 19:41 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-05-03 19:41 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-05-03 19:40 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-05-03 19:40 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-05-03 19:02 - 2014-05-03 19:02 - 00000219 _____ () C:\Users\Simon\Desktop\Dota 2.url
2014-05-03 18:47 - 2014-05-03 18:47 - 00000222 _____ () C:\Users\Simon\Desktop\Loadout.url
2014-05-03 18:29 - 2014-05-08 13:01 - 00000000 ____D () C:\Users\Simon\Documents\My Games
2014-05-03 18:18 - 2014-05-03 19:02 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-03 18:18 - 2014-05-03 18:18 - 00000222 _____ () C:\Users\Simon\Desktop\Epigenesis.url
2014-05-03 17:54 - 2014-05-04 13:43 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-03 17:54 - 2014-05-03 17:54 - 01141680 _____ () C:\Users\Simon\Downloads\SteamSetup.exe
2014-05-03 17:54 - 2014-05-03 17:54 - 00000971 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-05-03 17:54 - 2014-05-03 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-03 17:51 - 2014-05-03 17:51 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup (2).exe
2014-05-03 17:51 - 2014-05-03 17:51 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup (1).exe
2014-05-03 17:43 - 2014-05-03 17:44 - 00000999 _____ () C:\Users\Public\Desktop\MultIV.lnk
2014-05-03 17:43 - 2014-05-03 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultIV
2014-05-03 17:43 - 2014-05-03 17:44 - 00000000 ____D () C:\Program Files (x86)\MultIV
2014-05-03 17:42 - 2014-05-03 17:42 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup.exe
2014-05-03 17:39 - 2014-05-03 17:39 - 04954736 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\WindowsUpgradeAssistant.exe
2014-05-03 17:34 - 2014-05-03 17:35 - 36965680 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\IE9-Windows7-x64-deu.exe
2014-05-03 17:01 - 2014-05-03 17:01 - 17532198 _____ () C:\Users\Simon\Downloads\1355067475iCEnhancer2_1FINAL.zip
2014-05-03 05:14 - 2014-05-03 05:14 - 97580750 _____ () C:\Users\Simon\Downloads\Seven Reel's Realistic ENB v1.5b.zip
2014-05-03 05:06 - 2014-05-03 05:06 - 19677675 _____ () C:\Users\Simon\Downloads\Fighter Jet P-996 Lazer 3.zip
2014-05-03 05:05 - 2014-05-03 05:05 - 00717632 _____ () C:\Users\Simon\Downloads\scripthookdotnet_v1.7.1.7b.zip
2014-05-03 04:52 - 2014-05-03 04:52 - 00000000 ____D () C:\Users\Simon\Desktop\Backup
2014-05-03 04:50 - 2014-05-03 04:53 - 89876480 _____ () C:\Users\Simon\Desktop\vehicles.img
2014-05-03 04:50 - 2014-05-03 04:50 - 00000000 ____D () C:\Users\Simon\Desktop\Infernus
2014-05-03 04:49 - 2014-05-03 04:49 - 00000000 ____D () C:\Users\Simon\Desktop\SparkIV
2014-05-03 04:48 - 2014-05-03 04:48 - 01540953 _____ () C:\Users\Simon\Downloads\SparkIV 0.6.6.zip
2014-05-03 04:46 - 2014-05-03 04:46 - 04695532 _____ () C:\Users\Simon\Downloads\1398374770_ageraone.rar
2014-05-03 03:32 - 2014-05-03 03:32 - 00000000 ____D () C:\Users\Simon\Documents\Games for Windows - LIVE Demos
2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-05-03 03:29 - 2014-05-03 03:29 - 00642712 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\gfwlive35setup.exe
2014-05-03 03:29 - 2014-05-03 03:29 - 00642712 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\gfwlive35setup (1).exe
2014-05-01 19:04 - 2014-05-01 19:04 - 00081626 _____ () C:\Users\Simon\Documents\Unit 1.voc
2014-05-01 19:04 - 2014-05-01 19:04 - 00081626 _____ () C:\Users\Simon\Desktop\Unit 1.voc
2014-05-01 17:09 - 2014-05-01 17:09 - 04044159 _____ () C:\Users\Simon\Downloads\1259416463_ProVehicleModv1.0.1.zip
2014-05-01 16:30 - 2014-05-01 16:30 - 00001027 _____ () C:\Users\Public\Desktop\Domingo 2.lnk
2014-05-01 16:30 - 2014-05-01 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Domingo 2
2014-05-01 16:30 - 2014-05-01 16:30 - 00000000 ____D () C:\Program Files (x86)\Domingo 2
2014-05-01 16:29 - 2014-05-01 16:29 - 04241516 _____ (Patrick Diekmann ) C:\Users\Simon\Downloads\setup.exe
2014-05-01 16:29 - 2014-05-01 16:29 - 00728032 _____ () C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_setup.exe
2014-05-01 15:56 - 2014-05-01 15:56 - 01138458 _____ () C:\Users\Simon\Downloads\1385372962_Space Shuttle.rar
2014-05-01 15:34 - 2014-05-01 15:35 - 00072097 _____ () C:\Users\Simon\Downloads\xliveless - v0.999b7 (patch 1.0.7.0. and EFLC 1.1.2.0).zip
2014-05-01 15:26 - 2014-05-01 15:26 - 02662221 _____ () C:\Users\Simon\Downloads\1310225693_Simple Native Trainer v.6.3.rar
2014-05-01 13:34 - 2014-05-01 13:34 - 00000000 ____D () C:\Users\Simon\Documents\Rockstar Games
2014-05-01 13:31 - 2014-05-01 13:31 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-05-01 13:30 - 2014-05-01 13:30 - 04776440 _____ () C:\Users\Simon\Downloads\LaunchGTAIV.zip
2014-05-01 13:25 - 2014-05-01 13:25 - 00000000 ____D () C:\Users\Simon\AppData\Local\Rockstar Games
2014-05-01 13:24 - 2014-05-01 13:24 - 00000000 __RHD () C:\Users\Simon\AppData\Roaming\SecuROM
2014-05-01 03:46 - 2014-05-01 03:53 - 20725128 _____ () C:\Users\Simon\Downloads\MMM_PT._vlad.7z
2014-05-01 01:13 - 2014-05-03 01:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-28 20:55 - 2014-04-28 20:55 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (2).crx
2014-04-28 20:53 - 2014-04-28 20:53 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (1).crx
2014-04-28 20:52 - 2014-04-28 20:52 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0.crx
2014-04-25 22:05 - 2014-04-25 22:05 - 00000000 ____D () C:\Users\Simon\AppData\Local\GGC
2014-04-25 22:03 - 2012-10-09 19:30 - 05570560 _____ (GGC) C:\Users\Simon\Desktop\Gordonsys 2.0.exe
2014-04-25 22:01 - 2014-04-25 22:03 - 05570641 _____ () C:\Users\Simon\Downloads\Gordonsys2.0.rar
2014-04-25 21:40 - 2014-04-26 21:41 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Bitdefender
2014-04-25 21:40 - 2014-04-25 21:40 - 00002194 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2014-04-25 21:40 - 2014-04-25 21:40 - 00002075 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk
2014-04-25 21:40 - 2014-04-25 21:40 - 00000684 ____H () C:\bdr-cf01
2014-04-25 21:40 - 2014-04-25 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender
2014-04-25 21:36 - 2014-04-25 21:40 - 00253404 ____H () C:\bdr-ld01
2014-04-25 21:36 - 2014-04-25 21:40 - 00009216 ____H () C:\bdr-ld01.mbr
2014-04-25 21:36 - 2013-09-24 15:38 - 46879860 ____H () C:\bdr-im01.gz
2014-04-25 21:36 - 2013-08-23 12:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-04-25 21:36 - 2013-08-13 12:38 - 03271472 ____H () C:\bdr-bz01
2014-04-25 21:36 - 2013-08-07 12:46 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-04-25 21:34 - 2014-05-15 21:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-25 21:18 - 2014-04-25 21:18 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\MVH
2014-04-25 02:34 - 2014-04-25 02:34 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-04-25 00:53 - 2014-04-25 21:18 - 01373184 _____ () C:\Users\Simon\Desktop\MVH Loader.exe
2014-04-25 00:53 - 2014-04-25 00:53 - 01108568 _____ () C:\Users\Simon\Downloads\MVH Loader.zip
2014-04-25 00:47 - 2014-04-25 00:47 - 04106679 _____ () C:\Users\Simon\Downloads\[Abs]Loader.rar
2014-04-25 00:34 - 2014-04-25 00:34 - 00000000 ____D () C:\ProgramData\Nexon
2014-04-25 00:28 - 2014-04-25 00:41 - 00000000 ____D () C:\Users\Simon\Desktop\Combat Arms Hack
2014-04-25 00:24 - 2014-04-25 00:24 - 00001634 _____ () C:\Users\Public\Desktop\Combat Arms EU.lnk
2014-04-25 00:24 - 2014-04-25 00:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
2014-04-25 00:21 - 2014-04-25 00:40 - 00000000 ____D () C:\ProgramData\NexonEU
2014-04-25 00:21 - 2014-04-25 00:21 - 00000000 ____D () C:\Nexon
2014-04-24 23:52 - 2014-04-25 00:13 - 1967289647 _____ (Nexon) C:\Users\Simon\Desktop\Combatarms_eu.exe
2014-04-24 23:51 - 2014-04-24 23:51 - 10552296 _____ (Akamai Technologies, Inc.) C:\Users\Simon\Downloads\NexonEU_Installer.exe
2014-04-24 23:50 - 2014-04-24 23:50 - 01617203 _____ () C:\Users\Simon\Downloads\[ghbsys.net] Public-Client.zip
2014-04-24 22:10 - 2014-04-24 22:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2014-04-24 22:09 - 2014-04-24 22:09 - 00001474 _____ () C:\Users\Public\Desktop\Bloodline Champions.lnk
2014-04-24 22:09 - 2014-04-24 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodline Champions
2014-04-24 22:08 - 2014-04-24 22:08 - 00000000 ____D () C:\Program Files (x86)\Stunlock Studios
2014-04-24 22:03 - 2014-04-24 22:08 - 363876296 _____ (Stunlock Studios ) C:\Users\Simon\Downloads\bloodline-champions_25983.exe
2014-04-24 22:03 - 2014-04-24 22:03 - 01062288 _____ () C:\Users\Simon\Downloads\Bloodline-Champions-lnstall.exe
2014-04-24 19:33 - 2014-04-24 19:33 - 10768896 _____ () C:\Users\Simon\Downloads\Wolfteam INV Hack AUG 2013.exe
2014-04-24 19:25 - 2014-04-24 19:25 - 00058597 _____ () C:\Users\Simon\Downloads\Business.Card.Maker.8.0_CRK-FFF.zip
2014-04-24 19:22 - 2014-04-24 19:22 - 00077025 _____ () C:\Users\Simon\Downloads\CD244A3FE5B95DA446608BC56299A387E1A64734.torrent
2014-04-24 19:09 - 2014-03-20 14:44 - 00043320 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2014-04-24 19:09 - 2014-03-20 14:44 - 00036152 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2014-04-24 19:04 - 2014-04-24 19:04 - 00000000 ____D () C:\Users\Simon\Desktop\Programme;Spiele
2014-04-24 19:01 - 2014-04-24 19:08 - 00000000 ____D () C:\Users\Simon\Desktop\Programme
2014-04-24 19:00 - 2014-04-25 21:17 - 00000000 ____D () C:\Users\Simon\Desktop\Bilder
2014-04-24 18:59 - 2014-04-24 18:59 - 07307552 _____ () C:\Users\Simon\Downloads\bitdefender_isecurity.exe
2014-04-24 18:49 - 2014-05-01 13:11 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-04-24 18:42 - 2014-04-24 18:42 - 00002217 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2014-04-24 18:42 - 2014-04-24 18:42 - 00002209 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-04-24 18:42 - 2014-04-24 18:42 - 00002197 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TuneUp Software
2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Users\Simon\AppData\Local\TuneUp Software
2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-04-24 18:42 - 2014-03-20 14:44 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-04-24 18:42 - 2014-03-20 14:44 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-04-24 18:42 - 2014-03-20 14:44 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2014-04-24 18:41 - 2014-04-24 18:43 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-24 18:41 - 2014-04-24 18:41 - 00074811 _____ () C:\Users\Simon\Downloads\TuneUp 2014 Keygen by Game24x.rar
2014-04-24 18:40 - 2014-04-24 18:41 - 27878824 _____ (TuneUp Software) C:\Users\Simon\Downloads\TuneUpUtilities2014_de2745-DE.exe
2014-04-24 18:32 - 2014-04-24 18:33 - 209715712 _____ () C:\Users\Simon\Desktop\Tresor.bvd
2014-04-24 17:32 - 2014-04-24 19:23 - 00000000 ____D () C:\Users\Simon\Downloads\Download.am
2014-04-24 17:32 - 2014-04-24 19:23 - 00000000 ____D () C:\Users\Simon\AppData\Local\download.am-data
2014-04-24 17:32 - 2014-04-24 17:32 - 00001053 _____ () C:\Users\Simon\Desktop\Download.am.lnk
2014-04-24 17:32 - 2014-04-24 17:32 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download.am
2014-04-24 17:31 - 2014-04-24 17:32 - 00000000 ____D () C:\Program Files (x86)\Download.am
2014-04-24 17:25 - 2014-04-24 17:25 - 13540177 _____ () C:\Users\Simon\Downloads\download.am-build233.zip
2014-04-24 17:20 - 2014-04-24 17:21 - 00000000 ____D () C:\Users\Simon\Desktop\RSDownloader
2014-04-24 17:20 - 2014-04-24 17:20 - 03028121 _____ () C:\Users\Simon\Downloads\RSD_0.61.zip
2014-04-24 17:20 - 2014-04-24 17:20 - 00000164 _____ () C:\Users\Simon\Downloads\40961pa16fh3627.rsdf
2014-04-24 17:19 - 2014-04-24 17:19 - 00000000 ____D () C:\Users\Simon\Desktop\JDownloader
2014-04-24 17:18 - 2014-04-24 17:18 - 31419822 _____ () C:\Users\Simon\Downloads\JDownloader.zip
2014-04-24 15:59 - 2014-04-24 15:59 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE (2).exe
2014-04-24 15:58 - 2014-04-24 15:58 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE.exe
2014-04-24 15:58 - 2014-04-24 15:58 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE (1).exe
2014-04-24 04:55 - 2014-04-24 04:55 - 01147424 _____ () C:\Users\Simon\Downloads\bitdefender_antitheft.exe
2014-04-24 04:48 - 2014-04-24 04:48 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity (2).exe
2014-04-24 04:04 - 2014-04-24 04:04 - 00000000 ____D () C:\Users\Simon\AppData\Local\simon-p
2014-04-24 03:43 - 2014-04-24 03:43 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity (1).exe
2014-04-24 02:24 - 2014-04-24 02:24 - 00295296 _____ () C:\Windows\Minidump\042414-30264-01.dmp
2014-04-24 02:19 - 2014-04-24 02:19 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-04-24 02:19 - 2014-04-24 02:19 - 00000385 _____ () C:\Users\Simon\AppData\Roaminguser_gensett.xml
2014-04-24 02:18 - 2014-04-24 02:19 - 00000000 ____D () C:\ProgramData\BDLogging
2014-04-24 02:18 - 2014-04-24 02:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-04-24 02:18 - 2009-07-15 00:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-04-24 02:17 - 2014-04-24 02:17 - 00283192 _____ (Mozilla) C:\Users\Simon\Downloads\Firefox Setup Stub 28.0 (1).exe
2014-04-24 02:17 - 2013-12-02 11:58 - 00635392 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-04-24 02:17 - 2013-12-02 11:56 - 00893440 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-04-24 02:17 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2014-04-24 02:17 - 2013-11-04 15:47 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-04-24 02:17 - 2013-02-22 18:46 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2014-04-24 02:17 - 2012-11-02 13:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-04-24 02:17 - 2012-04-17 13:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-04-24 02:17 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2014-04-24 01:54 - 2014-05-08 12:35 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\QuickScan
2014-04-24 01:54 - 2014-04-25 21:40 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-04-24 01:54 - 2014-04-24 02:57 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-04-24 01:54 - 2014-04-24 01:57 - 00000000 ____D () C:\Program Files\Bitdefender
2014-04-24 01:54 - 2013-11-04 15:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2014-04-24 01:54 - 2013-11-04 15:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2014-04-24 01:51 - 2014-04-25 21:36 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-04-24 01:51 - 2014-04-24 01:51 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity.exe
2014-04-22 22:49 - 2014-04-22 22:49 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieUserList
2014-04-22 22:49 - 2014-04-22 22:49 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieSiteList
2014-04-22 22:44 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-22 22:44 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-22 22:44 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-22 22:44 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-22 22:44 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-22 22:44 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-22 22:44 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-22 22:44 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-22 22:44 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-22 22:44 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-22 22:44 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-22 22:44 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-22 22:44 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-22 22:44 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-22 22:44 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-22 22:44 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-22 22:44 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-22 22:44 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-22 22:44 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-22 22:44 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-22 22:44 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-22 22:44 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-22 22:44 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-22 22:44 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-22 22:44 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-22 22:44 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-22 22:44 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-22 22:44 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-22 22:44 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-22 22:44 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-22 22:44 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-22 22:44 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-22 22:44 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-22 22:44 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-22 22:44 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-22 22:44 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-22 22:44 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-22 22:44 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-22 22:44 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-22 22:44 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-22 22:44 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-22 22:44 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-22 22:44 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-22 22:44 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-22 03:07 - 2014-04-22 03:07 - 00043012 _____ () C:\Users\Simon\Downloads\AimPoint.exe
2014-04-21 19:59 - 2014-05-01 00:13 - 00000000 ____D () C:\Users\Simon\AppData\Local\Thunderbird
2014-04-21 19:59 - 2014-04-21 19:59 - 21987424 _____ (Mozilla) C:\Users\Simon\Downloads\Thunderbird_Setup_de24.4.0.exe
2014-04-21 19:59 - 2014-04-21 19:59 - 00002106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-04-21 19:59 - 2014-04-21 19:59 - 00002094 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-04-21 19:59 - 2014-04-21 19:59 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Thunderbird
2014-04-20 19:07 - 2014-05-17 13:14 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 19:07 - 2014-05-17 12:32 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-20 19:07 - 2014-05-17 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-20 19:07 - 2014-05-17 12:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-20 19:07 - 2014-04-20 19:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-20 19:07 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-20 19:07 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-20 19:07 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-20 19:07 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-20 14:09 - 2014-04-20 14:09 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-20 14:09 - 2014-04-20 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-18 16:00 - 2014-04-18 16:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204 (2).exe
2014-04-18 16:00 - 2014-04-18 16:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204 (1).exe
2014-04-18 16:00 - 2014-04-18 16:00 - 00016670 _____ () C:\Users\Simon\Downloads\hijackthis.log
2014-04-18 15:59 - 2014-04-18 15:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204.exe
2014-04-17 19:10 - 2014-05-03 03:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-17 19:10 - 2014-04-17 19:10 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-17 19:10 - 2014-04-17 19:10 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Mozilla
2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Users\Simon\AppData\Local\Mozilla
2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-17 19:09 - 2014-04-17 19:09 - 00283192 _____ (Mozilla) C:\Users\Simon\Downloads\Firefox Setup Stub 28.0.exe
2014-04-17 15:07 - 2014-05-17 12:08 - 00000000 ____D () C:\AdwCleaner
2014-04-17 15:07 - 2014-04-17 15:07 - 00000000 ____D () C:\Users\Simon\Downloads\AdwCleaner_TSA221R2W
2014-04-17 01:58 - 2014-04-17 01:58 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\InetStat
2014-04-17 01:57 - 2014-04-17 01:57 - 00003162 _____ () C:\Windows\System32\Tasks\fsupdate

==================== One Month Modified Files and Folders =======

2014-05-17 13:18 - 2014-05-17 13:17 - 00022699 _____ () C:\Users\Simon\Desktop\FRST.txt
2014-05-17 13:17 - 2014-05-16 16:33 - 00000000 ____D () C:\FRST
2014-05-17 13:17 - 2014-01-22 22:01 - 01212270 _____ () C:\Windows\WindowsUpdate.log
2014-05-17 13:16 - 2014-01-23 18:35 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Skype
2014-05-17 13:15 - 2014-05-17 13:15 - 00013047 _____ () C:\Users\Simon\Desktop\zoek-results.txt
2014-05-17 13:14 - 2014-05-17 12:48 - 00013047 _____ () C:\zoek-results.log
2014-05-17 13:14 - 2014-04-20 19:07 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-17 13:14 - 2014-01-27 20:47 - 00000000 ____D () C:\Users\Simon\AppData\Local\Overwolf
2014-05-17 13:13 - 2014-01-22 23:03 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-17 13:13 - 2014-01-22 22:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-17 13:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-17 13:13 - 2009-07-14 06:51 - 00073201 _____ () C:\Windows\setupact.log
2014-05-17 13:12 - 2014-01-22 22:27 - 00000000 ____D () C:\Windows\de
2014-05-17 13:12 - 2014-01-22 21:56 - 00242430 _____ () C:\Windows\PFRO.log
2014-05-17 13:07 - 2014-05-17 12:48 - 00000000 ____D () C:\zoek_backup
2014-05-17 12:48 - 2014-05-17 12:48 - 00000000 ____D () C:\Users\Simon\Desktop\zoek
2014-05-17 12:47 - 2014-05-17 12:47 - 04235514 _____ () C:\Users\Simon\Downloads\zoek.rar
2014-05-17 12:42 - 2014-05-17 12:42 - 00001620 _____ () C:\Users\Simon\Desktop\mbam.txt
2014-05-17 12:34 - 2014-01-22 23:03 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-17 12:32 - 2014-05-17 12:31 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-17 12:32 - 2014-04-20 19:07 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-17 12:32 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-17 12:32 - 2014-04-20 19:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-17 12:30 - 2014-05-17 12:30 - 00000759 _____ () C:\Users\Simon\Desktop\JRT.txt
2014-05-17 12:23 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-17 12:23 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-17 12:20 - 2014-05-17 12:20 - 01016261 _____ (Thisisu) C:\Users\Simon\Desktop\JRT.exe
2014-05-17 12:20 - 2014-05-17 12:20 - 00000000 ____D () C:\Windows\ERUNT
2014-05-17 12:18 - 2014-05-17 12:18 - 00004180 _____ () C:\Users\Simon\Desktop\AdwCleaner[S4].txt
2014-05-17 12:08 - 2014-04-17 15:07 - 00000000 ____D () C:\AdwCleaner
2014-05-17 12:06 - 2014-05-17 12:06 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\Program Files\iTunes
2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\Program Files\iPod
2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-17 12:02 - 2014-05-17 12:02 - 01325827 _____ () C:\Users\Simon\Desktop\adwcleaner_3.208.exe
2014-05-17 00:03 - 2014-03-31 23:30 - 00000000 ____D () C:\Users\Simon\log2s
2014-05-16 18:09 - 2014-05-16 18:09 - 00038341 _____ () C:\ComboFix.txt
2014-05-16 18:09 - 2014-05-16 17:49 - 00000000 ____D () C:\ComboFix
2014-05-16 18:09 - 2014-05-16 17:48 - 00000000 ____D () C:\Qoobox
2014-05-16 18:09 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-16 18:08 - 2014-05-16 17:48 - 00000000 ____D () C:\Windows\erdnt
2014-05-16 18:02 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-16 17:57 - 2009-07-14 04:34 - 73662464 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-05-16 17:57 - 2009-07-14 04:34 - 25952256 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-05-16 17:57 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-05-16 17:57 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-05-16 17:57 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-05-16 17:09 - 2014-05-16 17:09 - 05200990 ____R (Swearware) C:\Users\Simon\Desktop\ComboFix.exe
2014-05-16 16:34 - 2014-05-16 16:34 - 00049056 _____ () C:\Users\Simon\Downloads\Addition.txt
2014-05-16 16:34 - 2014-05-16 16:33 - 00097162 _____ () C:\Users\Simon\Downloads\FRST.txt
2014-05-16 16:33 - 2014-05-16 16:33 - 02067456 _____ (Farbar) C:\Users\Simon\Desktop\FRST64.exe
2014-05-16 10:37 - 2014-01-22 23:04 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-15 21:24 - 2014-01-22 22:54 - 00000000 ___RD () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 21:24 - 2014-01-22 22:54 - 00000000 ___RD () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 21:22 - 2014-04-25 21:34 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 22:02 - 2014-02-19 14:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:02 - 2014-01-29 19:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 22:00 - 2014-01-22 23:14 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 01:29 - 2014-05-13 01:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-11 18:58 - 2014-05-11 18:46 - 00230432 _____ () C:\PA7302.DAT
2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\Windows\PixArt
2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CANYON USB PC CAMERA
2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\Program Files (x86)\ANC
2014-05-11 18:41 - 2010-10-27 13:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-11 18:40 - 2014-05-11 18:40 - 05611298 _____ () C:\Users\Simon\Downloads\CNR-WCAM53_Drv_XPVW32.zip
2014-05-11 16:32 - 2014-05-11 16:31 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (3) (1).crx
2014-05-11 16:31 - 2014-05-11 16:31 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader (1).exe
2014-05-11 16:31 - 2014-05-11 16:31 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (3).crx
2014-05-11 16:31 - 2014-05-11 16:31 - 00143081 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0.zip
2014-05-11 16:29 - 2014-05-11 16:29 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader.exe
2014-05-11 16:29 - 2014-05-11 16:29 - 00105903 _____ () C:\Users\Simon\Downloads\chrome-youtube-downloader-2.6.20.crx
2014-05-11 16:29 - 2014-05-11 16:29 - 00099158 _____ () C:\Users\Simon\Downloads\chrome-youtube-downloader-2.6.20.zip
2014-05-11 16:23 - 2014-05-11 16:23 - 00279792 _____ () C:\Users\Simon\Downloads\YouTube-Unblocker-055.zip
2014-05-11 16:22 - 2014-05-11 16:22 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\YouTube-Unblocker-055 - CHIP-Downloader.exe
2014-05-11 16:18 - 2014-05-11 16:07 - 230403208 _____ (COMODO) C:\Users\Simon\Downloads\cfw_installer_5732_83.exe
2014-05-11 16:14 - 2014-03-21 14:43 - 00000000 ____D () C:\Users\Simon\AppData\Local\PrivaZer
2014-05-11 16:07 - 2014-05-11 16:07 - 00686664 _____ ( ) C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_cfw_installer_5732_83.exe
2014-05-11 16:05 - 2014-05-11 15:48 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-11 16:03 - 2014-05-11 15:49 - 00000000 ____D () C:\Program Files (x86)\PrivaZer
2014-05-11 16:03 - 2014-03-21 14:43 - 00001905 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk
2014-05-11 16:03 - 2014-03-21 14:43 - 00001893 _____ () C:\Users\Public\Desktop\PrivaZer.lnk
2014-05-11 16:02 - 2014-05-11 16:02 - 07198344 _____ (Goversoft LLC) C:\Users\Simon\Downloads\privazer_free (1).exe
2014-05-11 16:02 - 2014-05-11 16:02 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Opera Software
2014-05-11 16:02 - 2014-05-11 16:02 - 00000000 ____D () C:\Users\Simon\AppData\Local\Opera Software
2014-05-11 15:51 - 2014-05-11 15:51 - 00295232 _____ () C:\Windows\Minidump\051114-20716-01.dmp
2014-05-11 15:51 - 2014-01-23 19:38 - 739826304 _____ () C:\Windows\MEMORY.DMP
2014-05-11 15:51 - 2014-01-23 19:38 - 00000000 ____D () C:\Windows\Minidump
2014-05-11 15:48 - 2014-05-11 15:48 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7
2014-05-11 15:48 - 2014-05-11 15:48 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6
2014-05-11 15:48 - 2014-05-11 15:48 - 00001137 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-05-11 15:48 - 2014-05-11 15:48 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-05-11 15:47 - 2014-03-21 14:42 - 07202440 _____ (Goversoft LLC) C:\Users\Simon\Downloads\privazer_free.exe
2014-05-11 15:34 - 2014-05-11 15:34 - 00339543 _____ () C:\Users\Simon\Downloads\Ask-Fm-Autolike.rar
2014-05-09 08:14 - 2014-05-14 17:59 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 17:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-09 03:01 - 2014-01-27 20:47 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TS3Client
2014-05-08 17:29 - 2014-01-22 23:03 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 17:29 - 2014-01-22 23:03 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 14:39 - 2014-05-08 13:01 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-05-08 14:39 - 2014-01-22 23:17 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-05-08 13:02 - 2014-05-08 13:02 - 00000000 ____D () C:\Users\Simon\AppData\Local\WarThunder
2014-05-08 13:02 - 2014-05-08 13:02 - 00000000 ____D () C:\ProgramData\WarThunder
2014-05-08 13:01 - 2014-05-08 13:01 - 04124808 _____ (Gaijin Entertainment ) C:\Users\Simon\Downloads\wt_launcher_doi_1.0.1.355.exe
2014-05-08 13:01 - 2014-05-08 13:01 - 00001109 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-05-08 13:01 - 2014-05-08 13:01 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-05-08 13:01 - 2014-05-03 18:29 - 00000000 ____D () C:\Users\Simon\Documents\My Games
2014-05-08 12:35 - 2014-04-24 01:54 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\QuickScan
2014-05-08 00:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-05-08 00:34 - 2014-05-08 00:32 - 00053504 _____ () C:\Users\Simon\Downloads\bootkit_remover.zip
2014-05-06 20:23 - 2014-05-06 19:21 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\tor
2014-05-06 19:17 - 2014-05-06 19:15 - 26815695 _____ () C:\Users\Simon\Downloads\torbrowser-install-3.6_en-US.exe
2014-05-06 06:40 - 2014-05-14 22:02 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 22:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 22:02 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 22:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 22:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 22:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 13:43 - 2014-05-03 17:54 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-03 19:41 - 2014-05-03 19:41 - 00000000 ____D () C:\Users\Simon\AppData\Local\EdgeOfReality
2014-05-03 19:40 - 2014-01-22 22:27 - 00028868 _____ () C:\Windows\DirectX.log
2014-05-03 19:02 - 2014-05-03 19:02 - 00000219 _____ () C:\Users\Simon\Desktop\Dota 2.url
2014-05-03 19:02 - 2014-05-03 18:18 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-03 18:47 - 2014-05-03 18:47 - 00000222 _____ () C:\Users\Simon\Desktop\Loadout.url
2014-05-03 18:18 - 2014-05-03 18:18 - 00000222 _____ () C:\Users\Simon\Desktop\Epigenesis.url
2014-05-03 17:54 - 2014-05-03 17:54 - 01141680 _____ () C:\Users\Simon\Downloads\SteamSetup.exe
2014-05-03 17:54 - 2014-05-03 17:54 - 00000971 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-05-03 17:54 - 2014-05-03 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-03 17:51 - 2014-05-03 17:51 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup (2).exe
2014-05-03 17:51 - 2014-05-03 17:51 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup (1).exe
2014-05-03 17:44 - 2014-05-03 17:43 - 00000999 _____ () C:\Users\Public\Desktop\MultIV.lnk
2014-05-03 17:44 - 2014-05-03 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultIV
2014-05-03 17:44 - 2014-05-03 17:43 - 00000000 ____D () C:\Program Files (x86)\MultIV
2014-05-03 17:42 - 2014-05-03 17:42 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup.exe
2014-05-03 17:39 - 2014-05-03 17:39 - 04954736 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\WindowsUpgradeAssistant.exe
2014-05-03 17:35 - 2014-05-03 17:34 - 36965680 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\IE9-Windows7-x64-deu.exe
2014-05-03 17:35 - 2014-01-24 00:08 - 00005990 _____ () C:\Windows\IE9_main.log
2014-05-03 17:01 - 2014-05-03 17:01 - 17532198 _____ () C:\Users\Simon\Downloads\1355067475iCEnhancer2_1FINAL.zip
2014-05-03 05:14 - 2014-05-03 05:14 - 97580750 _____ () C:\Users\Simon\Downloads\Seven Reel's Realistic ENB v1.5b.zip
2014-05-03 05:06 - 2014-05-03 05:06 - 19677675 _____ () C:\Users\Simon\Downloads\Fighter Jet P-996 Lazer 3.zip
2014-05-03 05:05 - 2014-05-03 05:05 - 00717632 _____ () C:\Users\Simon\Downloads\scripthookdotnet_v1.7.1.7b.zip
2014-05-03 04:53 - 2014-05-03 04:50 - 89876480 _____ () C:\Users\Simon\Desktop\vehicles.img
2014-05-03 04:52 - 2014-05-03 04:52 - 00000000 ____D () C:\Users\Simon\Desktop\Backup
2014-05-03 04:50 - 2014-05-03 04:50 - 00000000 ____D () C:\Users\Simon\Desktop\Infernus
2014-05-03 04:49 - 2014-05-03 04:49 - 00000000 ____D () C:\Users\Simon\Desktop\SparkIV
2014-05-03 04:48 - 2014-05-03 04:48 - 01540953 _____ () C:\Users\Simon\Downloads\SparkIV 0.6.6.zip
2014-05-03 04:46 - 2014-05-03 04:46 - 04695532 _____ () C:\Users\Simon\Downloads\1398374770_ageraone.rar
2014-05-03 03:32 - 2014-05-03 03:32 - 00000000 ____D () C:\Users\Simon\Documents\Games for Windows - LIVE Demos
2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-05-03 03:30 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-03 03:29 - 2014-05-03 03:29 - 00642712 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\gfwlive35setup.exe
2014-05-03 03:29 - 2014-05-03 03:29 - 00642712 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\gfwlive35setup (1).exe
2014-05-03 03:19 - 2014-04-11 14:06 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-03 03:19 - 2014-04-11 14:06 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-03 03:17 - 2014-04-17 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-03 01:35 - 2014-05-01 01:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-05-01 19:04 - 2014-05-01 19:04 - 00081626 _____ () C:\Users\Simon\Documents\Unit 1.voc
2014-05-01 19:04 - 2014-05-01 19:04 - 00081626 _____ () C:\Users\Simon\Desktop\Unit 1.voc
2014-05-01 17:09 - 2014-05-01 17:09 - 04044159 _____ () C:\Users\Simon\Downloads\1259416463_ProVehicleModv1.0.1.zip
2014-05-01 16:30 - 2014-05-01 16:30 - 00001027 _____ () C:\Users\Public\Desktop\Domingo 2.lnk
2014-05-01 16:30 - 2014-05-01 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Domingo 2
2014-05-01 16:30 - 2014-05-01 16:30 - 00000000 ____D () C:\Program Files (x86)\Domingo 2
2014-05-01 16:29 - 2014-05-01 16:29 - 04241516 _____ (Patrick Diekmann ) C:\Users\Simon\Downloads\setup.exe
2014-05-01 16:29 - 2014-05-01 16:29 - 00728032 _____ () C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_setup.exe
2014-05-01 15:56 - 2014-05-01 15:56 - 01138458 _____ () C:\Users\Simon\Downloads\1385372962_Space Shuttle.rar
2014-05-01 15:35 - 2014-05-01 15:34 - 00072097 _____ () C:\Users\Simon\Downloads\xliveless - v0.999b7 (patch 1.0.7.0. and EFLC 1.1.2.0).zip
2014-05-01 15:26 - 2014-05-01 15:26 - 02662221 _____ () C:\Users\Simon\Downloads\1310225693_Simple Native Trainer v.6.3.rar
2014-05-01 13:34 - 2014-05-01 13:34 - 00000000 ____D () C:\Users\Simon\Documents\Rockstar Games
2014-05-01 13:31 - 2014-05-01 13:31 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-05-01 13:30 - 2014-05-01 13:30 - 04776440 _____ () C:\Users\Simon\Downloads\LaunchGTAIV.zip
2014-05-01 13:25 - 2014-05-01 13:25 - 00000000 ____D () C:\Users\Simon\AppData\Local\Rockstar Games
2014-05-01 13:24 - 2014-05-01 13:24 - 00000000 __RHD () C:\Users\Simon\AppData\Roaming\SecuROM
2014-05-01 13:11 - 2014-04-24 18:49 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-05-01 03:53 - 2014-05-01 03:46 - 20725128 _____ () C:\Users\Simon\Downloads\MMM_PT._vlad.7z
2014-05-01 00:13 - 2014-04-21 19:59 - 00000000 ____D () C:\Users\Simon\AppData\Local\Thunderbird
2014-04-28 20:55 - 2014-04-28 20:55 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (2).crx
2014-04-28 20:53 - 2014-04-28 20:53 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (1).crx
2014-04-28 20:52 - 2014-04-28 20:52 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0.crx
2014-04-27 02:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\addins
2014-04-26 21:41 - 2014-04-25 21:40 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Bitdefender
2014-04-25 22:05 - 2014-04-25 22:05 - 00000000 ____D () C:\Users\Simon\AppData\Local\GGC
2014-04-25 22:03 - 2014-04-25 22:01 - 05570641 _____ () C:\Users\Simon\Downloads\Gordonsys2.0.rar
2014-04-25 21:40 - 2014-04-25 21:40 - 00002194 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2014-04-25 21:40 - 2014-04-25 21:40 - 00002075 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk
2014-04-25 21:40 - 2014-04-25 21:40 - 00000684 ____H () C:\bdr-cf01
2014-04-25 21:40 - 2014-04-25 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender
2014-04-25 21:40 - 2014-04-25 21:36 - 00253404 ____H () C:\bdr-ld01
2014-04-25 21:40 - 2014-04-25 21:36 - 00009216 ____H () C:\bdr-ld01.mbr
2014-04-25 21:40 - 2014-04-24 01:54 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-04-25 21:36 - 2014-04-24 01:51 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-04-25 21:18 - 2014-04-25 21:18 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\MVH
2014-04-25 21:18 - 2014-04-25 00:53 - 01373184 _____ () C:\Users\Simon\Desktop\MVH Loader.exe
2014-04-25 21:17 - 2014-04-24 19:00 - 00000000 ____D () C:\Users\Simon\Desktop\Bilder
2014-04-25 19:35 - 2014-01-22 22:53 - 00000000 ____D () C:\Users\Simon\AppData\Local\VirtualStore
2014-04-25 02:34 - 2014-04-25 02:34 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-04-25 00:53 - 2014-04-25 00:53 - 01108568 _____ () C:\Users\Simon\Downloads\MVH Loader.zip
2014-04-25 00:47 - 2014-04-25 00:47 - 04106679 _____ () C:\Users\Simon\Downloads\[Abs]Loader.rar
2014-04-25 00:41 - 2014-04-25 00:28 - 00000000 ____D () C:\Users\Simon\Desktop\Combat Arms Hack
2014-04-25 00:40 - 2014-04-25 00:21 - 00000000 ____D () C:\ProgramData\NexonEU
2014-04-25 00:34 - 2014-04-25 00:34 - 00000000 ____D () C:\ProgramData\Nexon
2014-04-25 00:24 - 2014-04-25 00:24 - 00001634 _____ () C:\Users\Public\Desktop\Combat Arms EU.lnk
2014-04-25 00:24 - 2014-04-25 00:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
2014-04-25 00:21 - 2014-04-25 00:21 - 00000000 ____D () C:\Nexon
2014-04-25 00:13 - 2014-04-24 23:52 - 1967289647 _____ (Nexon) C:\Users\Simon\Desktop\Combatarms_eu.exe
2014-04-24 23:51 - 2014-04-24 23:51 - 10552296 _____ (Akamai Technologies, Inc.) C:\Users\Simon\Downloads\NexonEU_Installer.exe
2014-04-24 23:51 - 2014-04-14 21:03 - 00000000 ____D () C:\Users\Simon\AppData\Local\Akamai
2014-04-24 23:50 - 2014-04-24 23:50 - 01617203 _____ () C:\Users\Simon\Downloads\[ghbsys.net] Public-Client.zip
2014-04-24 22:10 - 2014-04-24 22:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2014-04-24 22:09 - 2014-04-24 22:09 - 00001474 _____ () C:\Users\Public\Desktop\Bloodline Champions.lnk
2014-04-24 22:09 - 2014-04-24 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodline Champions
2014-04-24 22:08 - 2014-04-24 22:08 - 00000000 ____D () C:\Program Files (x86)\Stunlock Studios
2014-04-24 22:08 - 2014-04-24 22:03 - 363876296 _____ (Stunlock Studios ) C:\Users\Simon\Downloads\bloodline-champions_25983.exe
2014-04-24 22:03 - 2014-04-24 22:03 - 01062288 _____ () C:\Users\Simon\Downloads\Bloodline-Champions-lnstall.exe
2014-04-24 19:35 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-04-24 19:33 - 2014-04-24 19:33 - 10768896 _____ () C:\Users\Simon\Downloads\Wolfteam INV Hack AUG 2013.exe
2014-04-24 19:25 - 2014-04-24 19:25 - 00058597 _____ () C:\Users\Simon\Downloads\Business.Card.Maker.8.0_CRK-FFF.zip
2014-04-24 19:23 - 2014-04-24 17:32 - 00000000 ____D () C:\Users\Simon\Downloads\Download.am
2014-04-24 19:23 - 2014-04-24 17:32 - 00000000 ____D () C:\Users\Simon\AppData\Local\download.am-data
2014-04-24 19:22 - 2014-04-24 19:22 - 00077025 _____ () C:\Users\Simon\Downloads\CD244A3FE5B95DA446608BC56299A387E1A64734.torrent
2014-04-24 19:08 - 2014-04-24 19:01 - 00000000 ____D () C:\Users\Simon\Desktop\Programme
2014-04-24 19:04 - 2014-04-24 19:04 - 00000000 ____D () C:\Users\Simon\Desktop\Programme;Spiele
2014-04-24 18:59 - 2014-04-24 18:59 - 07307552 _____ () C:\Users\Simon\Downloads\bitdefender_isecurity.exe
2014-04-24 18:43 - 2014-04-24 18:41 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-24 18:42 - 2014-04-24 18:42 - 00002217 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2014-04-24 18:42 - 2014-04-24 18:42 - 00002209 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-04-24 18:42 - 2014-04-24 18:42 - 00002197 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TuneUp Software
2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Users\Simon\AppData\Local\TuneUp Software
2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-04-24 18:41 - 2014-04-24 18:41 - 00074811 _____ () C:\Users\Simon\Downloads\TuneUp 2014 Keygen by Game24x.rar
2014-04-24 18:41 - 2014-04-24 18:40 - 27878824 _____ (TuneUp Software) C:\Users\Simon\Downloads\TuneUpUtilities2014_de2745-DE.exe
2014-04-24 18:33 - 2014-04-24 18:32 - 209715712 _____ () C:\Users\Simon\Desktop\Tresor.bvd
2014-04-24 17:32 - 2014-04-24 17:32 - 00001053 _____ () C:\Users\Simon\Desktop\Download.am.lnk
2014-04-24 17:32 - 2014-04-24 17:32 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download.am
2014-04-24 17:32 - 2014-04-24 17:31 - 00000000 ____D () C:\Program Files (x86)\Download.am
2014-04-24 17:25 - 2014-04-24 17:25 - 13540177 _____ () C:\Users\Simon\Downloads\download.am-build233.zip
2014-04-24 17:21 - 2014-04-24 17:20 - 00000000 ____D () C:\Users\Simon\Desktop\RSDownloader
2014-04-24 17:20 - 2014-04-24 17:20 - 03028121 _____ () C:\Users\Simon\Downloads\RSD_0.61.zip
2014-04-24 17:20 - 2014-04-24 17:20 - 00000164 _____ () C:\Users\Simon\Downloads\40961pa16fh3627.rsdf
2014-04-24 17:19 - 2014-04-24 17:19 - 00000000 ____D () C:\Users\Simon\Desktop\JDownloader
2014-04-24 17:18 - 2014-04-24 17:18 - 31419822 _____ () C:\Users\Simon\Downloads\JDownloader.zip
2014-04-24 16:03 - 2014-03-08 18:51 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Curse Client
2014-04-24 15:59 - 2014-04-24 15:59 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE (2).exe
2014-04-24 15:58 - 2014-04-24 15:58 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE.exe
2014-04-24 15:58 - 2014-04-24 15:58 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE (1).exe
2014-04-24 04:55 - 2014-04-24 04:55 - 01147424 _____ () C:\Users\Simon\Downloads\bitdefender_antitheft.exe
2014-04-24 04:48 - 2014-04-24 04:48 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity (2).exe
2014-04-24 04:18 - 2014-04-14 13:33 - 00000000 ____D () C:\Users\Simon\Desktop\PBdownforce
2014-04-24 04:04 - 2014-04-24 04:04 - 00000000 ____D () C:\Users\Simon\AppData\Local\simon-p
2014-04-24 03:43 - 2014-04-24 03:43 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity (1).exe
2014-04-24 02:57 - 2014-04-24 01:54 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-04-24 02:24 - 2014-04-24 02:24 - 00295296 _____ () C:\Windows\Minidump\042414-30264-01.dmp
2014-04-24 02:24 - 2014-02-04 22:14 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-04-24 02:19 - 2014-04-24 02:19 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-04-24 02:19 - 2014-04-24 02:19 - 00000385 _____ () C:\Users\Simon\AppData\Roaminguser_gensett.xml
2014-04-24 02:19 - 2014-04-24 02:18 - 00000000 ____D () C:\ProgramData\BDLogging
2014-04-24 02:18 - 2014-04-24 02:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-04-24 02:17 - 2014-04-24 02:17 - 00283192 _____ (Mozilla) C:\Users\Simon\Downloads\Firefox Setup Stub 28.0 (1).exe
2014-04-24 01:57 - 2014-04-24 01:54 - 00000000 ____D () C:\Program Files\Bitdefender
2014-04-24 01:53 - 2014-02-04 22:14 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-24 01:51 - 2014-04-24 01:51 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity.exe
2014-04-23 22:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-22 22:49 - 2014-04-22 22:49 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieUserList
2014-04-22 22:49 - 2014-04-22 22:49 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieSiteList
2014-04-22 22:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-22 03:07 - 2014-04-22 03:07 - 00043012 _____ () C:\Users\Simon\Downloads\AimPoint.exe
2014-04-21 19:59 - 2014-04-21 19:59 - 21987424 _____ (Mozilla) C:\Users\Simon\Downloads\Thunderbird_Setup_de24.4.0.exe
2014-04-21 19:59 - 2014-04-21 19:59 - 00002106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-04-21 19:59 - 2014-04-21 19:59 - 00002094 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-04-21 19:59 - 2014-04-21 19:59 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Thunderbird
2014-04-20 19:16 - 2010-10-27 13:16 - 00000000 ____D () C:\Windows\oem
2014-04-20 19:07 - 2014-04-20 19:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-20 19:07 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-20 14:09 - 2014-04-20 14:09 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-20 14:09 - 2014-04-20 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-20 14:09 - 2014-03-16 21:41 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-20 14:09 - 2014-03-16 21:40 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-19 19:18 - 2014-02-15 14:30 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\.purple
2014-04-18 16:00 - 2014-04-18 16:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204 (2).exe
2014-04-18 16:00 - 2014-04-18 16:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204 (1).exe
2014-04-18 16:00 - 2014-04-18 16:00 - 00016670 _____ () C:\Users\Simon\Downloads\hijackthis.log
2014-04-18 15:59 - 2014-04-18 15:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204.exe
2014-04-17 19:10 - 2014-04-17 19:10 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-17 19:10 - 2014-04-17 19:10 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Mozilla
2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Users\Simon\AppData\Local\Mozilla
2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-17 19:09 - 2014-04-17 19:09 - 00283192 _____ (Mozilla) C:\Users\Simon\Downloads\Firefox Setup Stub 28.0.exe
2014-04-17 15:08 - 2014-01-22 23:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-17 15:08 - 2014-01-22 22:54 - 00000999 _____ () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-17 15:08 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-17 15:07 - 2014-04-17 15:07 - 00000000 ____D () C:\Users\Simon\Downloads\AdwCleaner_TSA221R2W
2014-04-17 01:58 - 2014-04-17 01:58 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\InetStat
2014-04-17 01:57 - 2014-04-17 01:57 - 00003162 _____ () C:\Windows\System32\Tasks\fsupdate

Some content of TEMP:
====================
C:\Users\Simon\AppData\Local\Temp\JNativeHook_5684379255690441288.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-14 17:59] - [2014-03-04 11:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-09 13:35

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 17.05.2014, 12:26   #9
FunkySimonp
 
Verdacht auf einen bösen Trojaner - Standard

Verdacht auf einen bösen Trojaner



Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2014
Ran by Simon at 2014-05-17 13:18:31
Running from C:\Users\Simon\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Disabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 5.1.8507 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 5.1.8507 - CyberLink Corp.) Hidden
Acer Arcade Movie (x32 Version: 9.0.7201 - CyberLink Corp.) Hidden
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3015 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1) (Version: 6.1.0.9 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0318.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Airport Mania First Flight (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}) (Version:  - Oberon Media)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
Another Life Client 1.52 (HKLM-x32\...\{D4E82BDF-6252-4761-A020-37DBC34C7617}}_is1) (Version: 1.52 - Tim Witschel Serververmietung)
AnotherLife Client Version 1.4 (HKLM-x32\...\{1B305614-536F-47B0-917D-140C1D2477BA}}_is1) (Version: 1.4 - Tim Witschel Serververmietung)
AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 141 - Abelssoft)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Attack Surface Analyzer (HKLM\...\{2710505A-D198-4906-8767-F869909D9FA6}) (Version: 5.3.0.0 - Microsoft Corporation)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.27.0.1146 - Bitdefender)
Bloodline Champions (HKLM-x32\...\{81E58F0A-E24E-4132-98C2-6BA39899692E}_is1) (Version: 2.4.1.0 - Stunlock Studios)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3066 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{8789EB72-635E-4A91-95DB-3FC11CBE7725}) (Version: 0.8.7.3066 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
CANYON USB PC CAMERA (HKLM-x32\...\{A59AB961-BE82-41E0-B0FB-648DFA6DDEA4}) (Version: 1.0.20 - ANC)
Cobra 11 - Highway Nights Demo (remove only) (HKLM-x32\...\HighwayNights Demo) (Version:  - )
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
CPUCooL (remove only) (HKLM-x32\...\CPUCooL) (Version:  - )
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Domingo 2 Version 2.6.1. (HKLM-x32\...\{FB326C8F-DA81-4764-B994-6D3D6C4796A9}_is1) (Version:  - Patrick Diekmann)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Download.am (HKLM-x32\...\Download.am) (Version:  - )
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
Epigenesis (HKLM-x32\...\Steam App 244590) (Version:  - Dead Shark Triplepunch) <==== ATTENTION
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GEONExT 1.74 (HKLM-x32\...\GEONExT_is1) (Version: 1.74 - GEONExT Group)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3013 - Acer Incorporated)
ICQ 8.2 (build 6901) (HKCU\...\ICQ) (Version: 8.2.6901.0 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
InetStat (HKCU\...\InetStat) (Version: 0.3 - InetStat)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Loong Dragonblood (HKLM-x32\...\{BAE0CFD0-1598-4BC4-9AB3-BD2CF575EED9}) (Version: 2.5.12 - gamigo)
MAGIX Web Designer 9 Premium (HKLM\...\MX.{B497E1E1-E2E9-4B93-B242-86087EDEDF92}) (Version: 9.0.1.27343 - MAGIX AG)
MAGIX Web Designer 9 Premium (Version: 9.0.1.27343 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
MediaEspresso (x32 Version: 5.1.1116_32498 - CyberLink Corp.) Hidden
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MKLOL (HKCU\...\MKLOL) (Version:  - )
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MultIV (HKLM-x32\...\{D0CA9142-4127-40FF-B3C1-B2C089B745A2}_is1) (Version: 0.2 - MultIV Team)
MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.27.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.16.0.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.37.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA 3D Vision Controller-Treiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 332.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Opera Stable 21.0.1432.57 (HKLM-x32\...\Opera 21.0.1432.57) (Version: 21.0.1432.57 - Opera Software ASA)
Overwolf (HKLM-x32\...\{FB83467F-D8EB-43E6-8B3D-860B045C1C52}) (Version: 0.51.325 - Overwolf)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
phpDesigner 8 version 8.1.2 (HKLM-x32\...\phpDesigner8_is1) (Version:  - MPSOFTWARE)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
pidgin-otr 4.0.0-1 (HKLM-x32\...\pidgin-otr) (Version: 4.0.0-1 - Cypherpunks CA)
Poker Pop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}) (Version:  - Oberon Media)
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 2.19.0.0 - Goversoft LLC)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.20.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.20.0 - Renesas Electronics Corporation) Hidden
Samsung CLX-3300 Series (HKLM-x32\...\Samsung CLX-3300 Series) (Version: 1.01 (01.05.2012) - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.02.09 (25.04.2012) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.45.02(01.05.2012) - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.06.24 (25.04.2012) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00.04 - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.00.18.04 - Samsung Electronics Co., Ltd.) Hidden
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
simplitec simplicheck (HKLM-x32\...\{183D780B-28F9-41BA-A2CB-605F324A5781}) (Version: 1.3.10.0 - simplitec GmbH)
Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version:  - Oberon Media)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.275 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
War Thunder Launcher 1.0.1.355 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WolfTeam-DE (HKLM-x32\...\WolfTeam-DE) (Version:  - )

==================== Restore Points  =========================

11-05-2014 13:58:15 RegClean Pro So, Mai 11, 14  15:58
11-05-2014 16:40:47 Installiert CANYON USB PC CAMERA
11-05-2014 16:41:17 Gerätetreiber-Paketinstallation: VGA SoC PC-Camera provider Bildverarbeitungsgeräte
12-05-2014 23:33:11 RegClean Pro Di, Mai 13, 14  01:33
14-05-2014 19:59:23 Windows Update
16-05-2014 08:30:02 RegClean Pro Fr, Mai 16, 14  10:30
17-05-2014 10:48:59 zoek.exe restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-05-16 18:02 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0D7608FD-DBC5-47E6-A8FB-5554041EBA93} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {1578F21F-DB6C-49B1-B9AE-D20AFBC1D83D} - \RegClean Pro_UPDATES No Task File <==== ATTENTION
Task: {1FF09EAB-1B3A-4E4C-81F2-86843C9A3667} - System32\Tasks\AntiBrowserSpy - BrowserMask => C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
Task: {2A032745-2D20-450E-87A0-638DF39EC962} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2010-08-19] (Acer)
Task: {46012232-7C26-470E-BB9B-9F4A570F6484} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22] (Google Inc.)
Task: {4625DB89-D0C3-4CCE-A1EB-F1A0E9702F54} - System32\Tasks\Opera D6 => C:\Program Files (x86)\Opera\launcher.exe [2014-04-30] (Opera Software)
Task: {638C1CFD-1280-4BDC-9ACB-C6ABB1AF06BF} - \Advanced System Protector_startup No Task File <==== ATTENTION
Task: {7793B38D-D00A-4BA2-A836-CE7611EF8D2C} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION
Task: {7A3CB029-11C4-40C8-83D5-C93DE8959402} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7C7EF8CA-1D7B-4342-B2B1-95EA79E7B96E} - System32\Tasks\AcerArcadeDeluxe => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe [2011-01-07] (Acer Incorporated)
Task: {7DDC0322-429D-4048-86B4-C5A0CB1FFAB3} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-03-20] (TuneUp Software)
Task: {7F4FECF9-D90F-412D-B936-24812D315AFC} - \RegClean Pro No Task File <==== ATTENTION
Task: {92F6A158-B868-4D71-9124-C0E0B04D4D51} - System32\Tasks\Opera D7 => C:\Program Files (x86)\Opera\launcher.exe [2014-04-30] (Opera Software)
Task: {E0E342D7-A3D5-4D1D-92A2-9DCCFD2FF50C} - System32\Tasks\fsupdate => C:\Program
Task: {F36DEA01-83A9-4ED8-B6C7-A491822E21B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22] (Google Inc.)
Task: {F87DED90-640F-440C-9EC4-218364591BD2} - System32\Tasks\ArcadeDeluxeAgentTS => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2011-01-07] (CyberLink Corp.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-04-24 02:17 - 2013-06-19 11:45 - 00265080 ____N () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2014-04-25 21:40 - 2014-03-27 19:18 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2014-04-25 21:40 - 2011-11-14 19:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
2014-04-25 21:40 - 2014-03-27 19:18 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
2014-04-25 21:40 - 2014-03-25 10:53 - 00771328 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttpbr.mdl
2014-04-25 21:40 - 2014-03-25 10:53 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttpdsp.mdl
2014-04-25 21:40 - 2014-03-25 10:53 - 02593416 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttpph.mdl
2014-04-25 21:40 - 2014-03-25 10:53 - 01317216 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttprbl.mdl
2014-02-16 19:50 - 2013-12-19 20:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-29 19:14 - 2012-01-09 13:47 - 00034304 _____ () C:\Windows\System32\sst7clm.dll
2014-01-29 19:14 - 2012-04-26 08:34 - 01186304 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sst7cdu.dll
2014-03-20 14:44 - 2014-03-20 14:44 - 00675640 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2009-12-14 04:19 - 2009-12-09 11:24 - 00076320 _____ () C:\OEM\USBDECTION\USBS3S4Detection.exe
2014-04-24 02:17 - 2013-03-25 15:16 - 01117920 ____N () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll
2012-02-20 23:23 - 2012-02-20 23:23 - 00456704 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-02-20 23:23 - 2012-02-20 23:23 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2014-04-17 01:58 - 2014-04-17 01:57 - 01260648 _____ () C:\Users\Simon\AppData\Roaming\InetStat\inetstat.exe
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-05 20:30 - 2014-03-05 20:30 - 00025600 _____ () C:\Program Files (x86)\Overwolf\CoreAudioApi.dll
2014-05-17 13:14 - 2014-05-17 13:14 - 00056335 _____ () C:\Users\Simon\AppData\Local\Temp\JNativeHook_5684379255690441288.dll
2014-04-24 02:17 - 2014-03-15 00:05 - 00204280 ____N () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2014-02-19 15:35 - 2014-02-19 15:35 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll
2010-10-27 13:00 - 2010-09-13 19:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-05-16 10:37 - 2014-05-08 01:29 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll
2014-05-16 10:37 - 2014-05-08 01:29 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll
2014-05-16 10:37 - 2014-05-08 01:29 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll
2014-05-16 10:37 - 2014-05-08 01:29 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll
2014-05-16 10:37 - 2014-05-08 01:29 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll
2014-05-16 10:37 - 2014-05-08 01:29 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll
2014-05-16 10:37 - 2014-05-08 01:29 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Simon\Desktop\adwcleaner_3.208.exe:BDU
AlternateDataStreams: C:\Users\Simon\Desktop\JRT.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\bitdefender_antitheft.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\bitdefender_isecurity.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\bitdefender_tsecurity (1).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\bitdefender_tsecurity (2).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\cfw_installer_5732_83.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader (1).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_cfw_installer_5732_83.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_setup.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\gfwlive35setup (1).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\gfwlive35setup.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\IE9-Windows7-x64-deu.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\mbam-setup-2.0.1.1004 (1).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\multiv_setup (1).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\multiv_setup (2).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\multiv_setup.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\privazer_free (1).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\SteamSetup.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\SystemCheck_deDE (1).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\SystemCheck_deDE (2).exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\SystemCheck_deDE.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\TuneUpUtilities2014_de2745-DE.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\WindowsUpgradeAssistant.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\Wolfteam INV Hack AUG 2013.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\wt_launcher_doi_1.0.1.355.exe:BDU
AlternateDataStreams: C:\Users\Simon\Downloads\YouTube-Unblocker-055 - CHIP-Downloader.exe:BDU

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: McAfee Inc. mfeapfk
Description: McAfee Inc. mfeapfk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: mfeapfk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/17/2014 01:15:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CooLSrv.exe, Version: 0.0.0.0, Zeitstempel: 0x4ed0cb16
Name des fehlerhaften Moduls: CooLSrv.exe, Version: 0.0.0.0, Zeitstempel: 0x4ed0cb16
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001ec91
ID des fehlerhaften Prozesses: 0xbbc
Startzeit der fehlerhaften Anwendung: 0xCooLSrv.exe0
Pfad der fehlerhaften Anwendung: CooLSrv.exe1
Pfad des fehlerhaften Moduls: CooLSrv.exe2
Berichtskennung: CooLSrv.exe3

Error: (05/17/2014 01:13:52 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Bitdefender antivirus HV.sys loaded ---> System.ComponentModel.Win32Exception: Unzulässige Funktion
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/17/2014 01:13:49 PM) (Source: McLogEvent) (EventID: 5022) (User: NT-AUTORITÄT)
Description: Initialisierung des MCSCAN32-Moduls ist fehlgeschlagen.
Das Modul hat folgenden Fehler ausgegeben: 1

Error: (05/17/2014 01:12:11 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]


System errors:
=============
Error: (05/17/2014 01:15:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CPUCooLServer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/17/2014 01:13:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (05/17/2014 01:13:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Anti-Malware Core" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/17/2014 01:13:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1243

Error: (05/17/2014 01:12:07 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (05/17/2014 01:04:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/17/2014 01:04:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/17/2014 01:04:42 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/17/2014 01:04:41 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/17/2014 01:04:40 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-05-16 17:56:41.121
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-16 17:56:41.052
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-14 21:31:48.346
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQ566.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-14 21:31:48.251
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQ566.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-14 21:31:26.499
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQAFF6.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-14 21:31:26.413
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQAFF6.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-14 13:34:16.090
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQ86FA.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-14 13:34:15.988
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQ86FA.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 43%
Total physical RAM: 8174 MB
Available physical RAM: 4657.09 MB
Total Pagefile: 16346.18 MB
Available Pagefile: 12541.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:456.95 GB) (Free:335.97 GB) NTFS
Drive d: (DATA) (Fixed) (Total:457.46 GB) (Free:307.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: FEB9136C)
Partition 1: (Not Active) - (Size=17 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=457 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=457 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 17.05.2014, 19:32   #10
M-K-D-B
/// TB-Ausbilder
 
Verdacht auf einen bösen Trojaner - Standard

Verdacht auf einen bösen Trojaner



Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    ATTFilter
    :folderfind
    Epigenesis
    InetStat
    
    :regfind
    Epigenesis
    InetStat
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.


Alt 18.05.2014, 19:39   #11
FunkySimonp
 
Verdacht auf einen bösen Trojaner - Standard

Verdacht auf einen bösen Trojaner



Hey,
Ich habe es 2 mal gemacht und 2 mal einen Bluescreen bekommen. Dies ist das Ergebnis:

Code:
ATTFilter
SystemLook 30.07.11 by jpshortstuff
Log created at 20:30 on 18/05/2014 by Simon
Administrator - Elevation successful

========== folderfind ==========

Searching for "Epigenesis"
C:\Program Files (x86)\Steam\SteamApps\common\Epigenesis	d------	[16:18 03/05/2014]

Searching for "InetStat"
         

Alt 19.05.2014, 11:17   #12
M-K-D-B
/// TB-Ausbilder
 
Verdacht auf einen bösen Trojaner - Standard

Verdacht auf einen bösen Trojaner



Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 3 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [InetStat] => C:\Users\Simon\AppData\Roaming\InetStat\inetstat.exe [1260648 2014-04-17] ()
C:\Users\Simon\AppData\Roaming\InetStat
Task: {1578F21F-DB6C-49B1-B9AE-D20AFBC1D83D} - \RegClean Pro_UPDATES No Task File <==== ATTENTION
Task: {638C1CFD-1280-4BDC-9ACB-C6ABB1AF06BF} - \Advanced System Protector_startup No Task File <==== ATTENTION
Task: {7793B38D-D00A-4BA2-A836-CE7611EF8D2C} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION
Task: {7F4FECF9-D90F-412D-B936-24812D315AFC} - \RegClean Pro No Task File <==== ATTENTION
Task: {E0E342D7-A3D5-4D1D-92A2-9DCCFD2FF50C} - System32\Tasks\fsupdate => 
C:\Program Files (x86)\Flowsurf
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 3
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von FRST,
  • die Logdatei von ESET,
  • die Logdatei von SecurityCheck.

Alt 20.05.2014, 04:39   #13
FunkySimonp
 
Verdacht auf einen bösen Trojaner - Standard

Verdacht auf einen bösen Trojaner



Hey eine frage wieso musste ich den Haken wegmachen ? Er hat 21 Bedrohungen gefunden und jetzt kann ich sie nicht löschen. Aber okey hier die Logdateien

Fixlog:
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-05-2014
Ran by Simon at 2014-05-19 20:00:56 Run:1
Running from C:\Users\Simon\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [InetStat] => C:\Users\Simon\AppData\Roaming\InetStat\inetstat.exe [1260648 2014-04-17] ()
C:\Users\Simon\AppData\Roaming\InetStat
Task: {1578F21F-DB6C-49B1-B9AE-D20AFBC1D83D} - \RegClean Pro_UPDATES No Task File <==== ATTENTION
Task: {638C1CFD-1280-4BDC-9ACB-C6ABB1AF06BF} - \Advanced System Protector_startup No Task File <==== ATTENTION
Task: {7793B38D-D00A-4BA2-A836-CE7611EF8D2C} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION
Task: {7F4FECF9-D90F-412D-B936-24812D315AFC} - \RegClean Pro No Task File <==== ATTENTION
Task: {E0E342D7-A3D5-4D1D-92A2-9DCCFD2FF50C} - System32\Tasks\fsupdate => 
C:\Program Files (x86)\Flowsurf
end
*****************

HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\Software\Microsoft\Windows\CurrentVersion\Run\\InetStat => Value deleted successfully.
C:\Users\Simon\AppData\Roaming\InetStat => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1578F21F-DB6C-49B1-B9AE-D20AFBC1D83D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1578F21F-DB6C-49B1-B9AE-D20AFBC1D83D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_UPDATES => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{638C1CFD-1280-4BDC-9ACB-C6ABB1AF06BF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{638C1CFD-1280-4BDC-9ACB-C6ABB1AF06BF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced System Protector_startup => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7793B38D-D00A-4BA2-A836-CE7611EF8D2C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7793B38D-D00A-4BA2-A836-CE7611EF8D2C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_DEFAULT => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7F4FECF9-D90F-412D-B936-24812D315AFC} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F4FECF9-D90F-412D-B936-24812D315AFC} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E0E342D7-A3D5-4D1D-92A2-9DCCFD2FF50C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0E342D7-A3D5-4D1D-92A2-9DCCFD2FF50C} => Key deleted successfully.
C:\Windows\System32\Tasks\fsupdate => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\fsupdate => => Key not found.
"C:\Program Files (x86)\Flowsurf" => File/Directory not found.

==== End of Fixlog ====
         
Checkup.txt:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.82  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Bitdefender Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 TuneUp Utilities 2014   
 TuneUp Utilities 2014 (de-DE)  
 TuneUp Utilities 2014   
 Java 7 Update 55  
 Adobe Reader 9 Adobe Reader out of Date! 
 Mozilla Firefox (28.0) 
 Mozilla Thunderbird (24.5.0) 
 Google Chrome 34.0.1847.131  
 Google Chrome 34.0.1847.137  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Bitdefender Bitdefender bdagent.exe  
 Bitdefender Bitdefender pmbxag.exe  
 Bitdefender Bitdefender antispam32 bdapppassmgr.exe 
 Bitdefender Bitdefender seccenter.exe  
 Bitdefender Bitdefender Antispam32 pmbxcrnmh.exe 
 Google Chrome Application OnlineScannerApp.exe -?- 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
ESET log:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=aeb928ee12e13f439c4319ad1226fb5a
# engine=18324
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-19 10:49:01
# local_time=2014-05-20 12:49:01 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 3987244 152169591 0 0
# scanned=271487
# found=25
# cleaned=0
# scan_time=16605
sh=F01B2664D8FF5A98DF177B7A4407065C32D124EF ft=1 fh=c71c0011fee765ee vn="Variante von Win32/Toolbar.BitCocktail.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\v-bates\ExtensionUpdaterService.exe.vir"
sh=D5D448655516475521ED05DA392C0B22E89CABD5 ft=1 fh=30880a3d9465871e vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe.vir"
sh=0875B17C39CA91D4FACFE06BE9CFB7BD2AE287AB ft=1 fh=a08cff209f918acd vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AspManager.exe.vir"
sh=1199BAB9CA3F35EC1E50A3B25674FCD022446C14 ft=1 fh=7a085a94c75bd2f2 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\filetypehelper.exe.vir"
sh=993414D548BA0A93771FEA63B0B3E0F2105C356D ft=1 fh=8ed1e18223898060 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\scandll.dll.vir"
sh=972AF4C0312608024BA34674A454DE7909FC1235 ft=1 fh=9742522cc36ca56a vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir"
sh=8028172BC9A513432367160F74EC1C23222443D0 ft=1 fh=ab7fcbf3131dcbc5 vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir"
sh=8A800850A8A6D6AEF40429A65E9A44F7CD63DEC1 ft=1 fh=d30edf88f42df73c vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterfacef32.dll.vir"
sh=A0ECEA090A2C9C1811A8D603493AAF0EC1C1FBEB ft=1 fh=928bded3cf6339db vn="Win32/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir"
sh=70B73E61B07B2857680F3558A3D9D069D8E58589 ft=1 fh=6a8606388ada4aa5 vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir"
sh=9DC7FF01B4DE1EB1F6FEF0AB10600CF9860DF306 ft=0 fh=0000000000000000 vn="Variante von Java/Adwind.G Trojaner" ac=I fn="C:\Users\Simon\AppData\Roaming\archivos java\jar.B09"
sh=9DC7FF01B4DE1EB1F6FEF0AB10600CF9860DF306 ft=0 fh=0000000000000000 vn="Variante von Java/Adwind.G Trojaner" ac=I fn="C:\Users\Simon\Documents\CyberLink\LocalStorage_V2\Misc\server.jar"
sh=CBFE35420659E5A2A2BD258AD898FC4D6E40C848 ft=1 fh=68dd0032f97fb48a vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\Alarm-fr-Cobra-11---Highway-Nights-Setup.exe"
sh=7E8006960221F200032F2901727E2CD3ACF1C7B3 ft=1 fh=25ca9dc4fa885ec8 vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\Bloodline-Champions-lnstall.exe"
sh=A617268E0C7BF9261A354340857D138BF644F341 ft=1 fh=0a25c70a13d6d444 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader (1).exe"
sh=7DDA48DBCFC826A1A42E316F79F76563730CB75F ft=1 fh=c89342640b14bba9 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader.exe"
sh=59A35D0B4035EC1E7EFA6D0545DF5D67F006B793 ft=1 fh=c71c0011a7df4c29 vn="Variante von Win32/InstallCore.OO evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_cfw_installer_5732_83.exe"
sh=85DD0BAB2110A4229E232C0C08D7A1350BF1A856 ft=1 fh=c71c001110b3f691 vn="Variante von Win32/Injected.F Trojaner" ac=I fn="C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_privazer_free.exe"
sh=E7EE0DBBDBA0C713CBB47C7C7FDA795F8E0E28B7 ft=1 fh=c71c0011e48792bc vn="Win32/InstallCore.MF evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_setup.exe"
sh=6E8E245DA2AFD0D5A7C8517FE6B1855740E73CBE ft=1 fh=f46531ff5f1543fa vn="Win32/OutBrowse.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\SoundCloudDownloader.exe"
sh=35D484133B28BEF475E47C49B46EF8F7F7188894 ft=1 fh=6a0acec5a4802429 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\YouTube-Unblocker-055 - CHIP-Downloader.exe"
sh=F84EEB885B5A4137F14A57CDE24ECA4E81D38B41 ft=1 fh=2b25765c6b25d38b vn="Win32/Systweak.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Simon_Downloads_rcpsetup_2005_file.net_ab_DE-kTweak.exe.vir"
sh=B68FB7A8DED6645815A22E0EFDDD3FBEFBA03A20 ft=1 fh=f9740609da47dd36 vn="Variante von Win32/GameModding.A evtl. unerwünschte Anwendung" ac=I fn="D:\Backup PC\Rockstar Games\Grand Theft Auto San Andreas mit Mods\www.GameModding.net\Uninstall(BF injection)8882-caterham-csr-260-gtasa.exe"
sh=9A59F7965332C796F1E7587F889ECA9C1E1AAD3D ft=1 fh=79849f1b3e9243f5 vn="Win32/InstallMonetizer.AN evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Magic Views  .exe"
sh=F0BF10E830C53884820D41B451A251FC00333719 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.AA evtl. unerwünschte Anwendung" ac=I fn="D:\SIMON-PC\Backup Set 2013-05-10 215344\Backup Files 2013-05-10 215344\Backup files 46.zip"
         

Alt 20.05.2014, 16:04   #14
M-K-D-B
/// TB-Ausbilder
 
Verdacht auf einen bösen Trojaner - Standard

Verdacht auf einen bösen Trojaner



Zitat:
Zitat von FunkySimonp Beitrag anzeigen
Hey eine frage wieso musste ich den Haken wegmachen ? Er hat 21 Bedrohungen gefunden und jetzt kann ich sie nicht löschen.
Weil die meisten Funde von ESET bereits von einem unserer Tools entfernt und in die Qurantäne gepackt wurden... ESET würde jetzt die Funde von einer Qurantäne in die eigene verschieben... absolut sinnfrei... wenn neue Funde auftauchen, bereinigen wir die schon, keine Sorge.
Zum anderen... was ist, wenn ESET eine Datei fälschlicherweise löscht, die absolut legitim ist? Was dann? Dann wird rumgeheult und geschimpft....







Reste entfernen
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
C:\Users\Simon\AppData\Roaming\archivos java\jar.B09
C:\Users\Simon\Documents\CyberLink\LocalStorage_V2\Misc\server.jar
C:\Users\Simon\Downloads\Alarm-fr-Cobra-11---Highway-Nights-Setup.exe
C:\Users\Simon\Downloads\Bloodline-Champions-lnstall.exe
C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader*.exe
C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_cfw_installer_5732_83.exe
C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_privazer_free.exe
C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_setup.exe
C:\Users\Simon\Downloads\SoundCloudDownloader.exe
C:\Users\Simon\Downloads\YouTube-Unblocker-055 - CHIP-Downloader.exe
D:\Downloads\Magic Views  .exe
D:\SIMON-PC\Backup Set 2013-05-10 215344\Backup Files 2013-05-10 215344\Backup files 46.zip
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.










Wenn du keine Probleme mehr hast, dann sind wir hier fertig. Deine Logdateien sind sauber.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.




Schritt 1
Du verwendest veraltete Software auf deinem Rechner, was ein Sicherheitsrisiko darstellt. Daher solltest du veraltete Software deinstallieren und anschließend die aktuellste Version installieren.
Folge dem Pfad Start > Systemsteuerung > Sofware / Programme deinstallieren.
Deinstalliere die folgenden Programme von deinem Rechner:
  • Adobe Reader 9
Starte deinen Rechner nach der Deinstallation neu auf.
Downloade und installiere dir bitte nun:Starte deinen Rechner nach der Installation neu auf.





Schritt 2
Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.







Schritt 3
Abschließend habe ich noch ein paar Tipps zur Absicherung deines Systems.


Ich kann gar nicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti-Viren-Programm und zusätzlicher Schutz
  • Gehe sicher, dass du immer nur eine Anti-Viren Software installiert hast und dass diese auch up to date ist!
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lasse es einmal in der Woche laufen. Die Kaufversion bietet zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • AdwCleaner
    Dieses Tool erkennt eine Vielzahl von Werbeprogrammen (Adware) und unerwümschten Programmen (PUPs).
    Starte das Tool einmal die Woche und lass es laufen. Sollte eine neue Version verfügbar sein, so wird dies angezeigt und du kannst dir die neueste Version direkt von der Herstellerseite auf den Desktop herunterladen.
  • SpywareBlaster
    Eine kurze Einführung findest du Hier


Alternative Browser
Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Mozilla Firefox
  • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
  • NoScript
    Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt, wenn Du es bestätigst.
  • AdblockPlus
    Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzuzufügen reicht und dieser wird nicht mehr geladen.
    Es spart außerdem Downloadkapazität.


Performance
  • Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
  • Halte dich fern von Registry Cleanern.
    Diese Schaden deinem System mehr als dass sie helfen. Hier ein englischer Link:
    Miekemoes Blogspot ( MVP )


Was du vermeiden solltest:
  • Klicke nicht auf alles, nur weil es dich dazu auffordert und schön bunt ist.
  • Verwende keine P2P oder Filesharing Software (Emule, uTorrent,..).
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie z.B. deinFoto.jpg.exe.
  • Lade keine Software von Softonic oder Chip herunter, da diese Installer oft mit Adware oder unerünschter Software versehen sind!



Nun bleibt mir nur noch dir viel Spaß beim sicheren Surfen zu wünschen... ... und vielleicht möchtest du ja das Trojaner-Board unterstützen?

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Alt 20.05.2014, 16:34   #15
FunkySimonp
 
Verdacht auf einen bösen Trojaner - Standard

Verdacht auf einen bösen Trojaner



Hey jetzt wollte ich mich mal für die Hilfe sehr bedanken und danke dass du dir so viel Zeit für mich genommen hast. Eine Frage habe ich noch: Hatte ich einen bösartigen Trojaner auf meinem Pc?
Ansonsten wünsche ich dir noch viel Spass weiterhin . MfG

Antwort

Themen zu Verdacht auf einen bösen Trojaner
account, alter, anzeige, datei, dringend, eingefangen, facebook gehackt, frage, fragen, gehackt, gen, heute, hilfe bei trojaner, hohe, interne, jahre, java, keine viren, leute, nachricht, nachrichten, niemals, passwort, programm, trojaner, verdacht, wirklich, übers




Ähnliche Themen: Verdacht auf einen bösen Trojaner


  1. Verdacht auf einen Virus
    Log-Analyse und Auswertung - 15.07.2015 (7)
  2. Verdacht auf einen Trojaner auf den iPhone 5
    Smartphone, Tablet & Handy Security - 12.06.2015 (1)
  3. Regelmäßige Bluescreens und der Verdacht durch Rougekiller auf einen IRP Hook Rootkit
    Log-Analyse und Auswertung - 05.04.2015 (21)
  4. Windows 7 PC startet nicht mehr richtig verdacht auf einen Virus was tun?
    Plagegeister aller Art und deren Bekämpfung - 15.12.2014 (5)
  5. Verdacht auf einen verseuchten PC
    Log-Analyse und Auswertung - 28.07.2013 (7)
  6. Rechnung Zip und verdacht auf einen Trojana
    Plagegeister aller Art und deren Bekämpfung - 19.05.2013 (9)
  7. Verdacht auf einen Virus
    Log-Analyse und Auswertung - 05.11.2012 (13)
  8. Android 4.2 warnt vor bösen Apps und teuren SMS
    Nachrichten - 05.11.2012 (0)
  9. Komisches Programm - Hab Verdacht auf einen Keylogger.
    Plagegeister aller Art und deren Bekämpfung - 12.04.2010 (10)
  10. Verdacht auf Virus(hatte vor 2 Wochen einen Trojaner)
    Mülltonne - 23.11.2008 (0)
  11. Bildschirmfehler mit verdacht auf einen Störenfried.
    Log-Analyse und Auswertung - 12.09.2008 (0)
  12. Verdacht auf einen Keylogger
    Log-Analyse und Auswertung - 05.09.2008 (1)
  13. Habe den Verdacht - einen e-MAil-Virus zu haben
    Log-Analyse und Auswertung - 31.03.2008 (2)
  14. Habe Verdacht auf einen Trojaner..ich bitte um Euer Rat
    Log-Analyse und Auswertung - 30.01.2008 (12)
  15. Hey leute ich habe den verdacht einen keylogger auf meinen rechner zu haben
    Log-Analyse und Auswertung - 12.07.2007 (8)
  16. probleme mit bösen registry einträgen! Wie bekomme ich das weg?
    Plagegeister aller Art und deren Bekämpfung - 10.08.2005 (13)
  17. Bin neu und werde von bösen geistern gejagt
    Log-Analyse und Auswertung - 04.03.2005 (8)

Zum Thema Verdacht auf einen bösen Trojaner - Hey Leute, Ich habe schon seit längerer Zeit das Gefühl, mir einen Trojaner eingefangen zu haben. Denn, vor kurzer zeit wurde mein Facebook Account gehackt dann hab ich erstmal die - Verdacht auf einen bösen Trojaner...
Archiv
Du betrachtest: Verdacht auf einen bösen Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.