|
Log-Analyse und Auswertung: Verdacht auf einen bösen TrojanerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
16.05.2014, 15:24 | #1 |
| Verdacht auf einen bösen Trojaner Hey Leute, Ich habe schon seit längerer Zeit das Gefühl, mir einen Trojaner eingefangen zu haben. Denn, vor kurzer zeit wurde mein Facebook Account gehackt dann hab ich erstmal die Email-Adresse und das Passwort geändert. Mein Virenprogramm hat bisjetzt keine Viren gefunden und ich habe heute eine Nachricht bekommen wo ich mir überlege, nun eine Anzeige zu erstatten die Nachricht sah so aus: Hallo ..., das hier ist ein Fakeprofil, von dem Facebook auch weiß. Mein Name ist Siegfried Keller von der Kriminalpolizei in .... Wir haben extra diesen Weg gewählt dich zu kontaktieren, da wir Tätern unter 18 Jahren noch eine Chance geben. Zeigst du dich koorperativ, werden wir den Weg über die Staatsanwalt auslassen. (Name), du wirst des Warenbetrugs und des Computerbetrugs beschuldigt, auch in deinem Alter gibt es hohe Strafen dafür, welche auch bei Ersttätern mit einer Haftstrafe ohne Bewährung gehandet werden können. Kannst du uns etwas dazu sagen? Falls du dich weigerst, schicke ich gerne 2 Kollegen zu dir, die dir und deiner Familie unangenehme Fragen zu den Vorfällen stellen werden. MfG KHK Keller Facebook Profil:https://www.facebook.com/profile.php?id=100008275650806 Ich habe NIEMALS etwas mit Computer oder Warenbetrug zutun gehabt und frage mich woher diese Nachrichten kommen. Ich finde diese Nachricht zwar lächerlich,trotzdem fühle ich mich irgendwie verfolgt also übers Internet.Ich muss dringend wissen ob ich einen Trojaner habe da mein PC auch immer am Schreiben ist. Mein Virenprogramm zeigt keine Trojaner an. Bitte sagt mir wie ich den Trojaner wegbekomme. Es hat mir vor kurzem jemand über Skype eine Java Datei geschickt die habe ich geöffnet und seitdem ist das alles so wie es jetzt gerade ist! Ich bitte wirklich dringend um Hilfe. MfG Simon |
16.05.2014, 15:28 | #2 |
/// TB-Ausbilder | Verdacht auf einen bösen TrojanerMein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags: So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
|
16.05.2014, 15:37 | #3 |
| Verdacht auf einen bösen Trojaner FRST:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-05-2014 Ran by Simon (administrator) on SIMON-PC on 16-05-2014 16:33:33 Running from C:\Users\Simon\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe (Systweak Inc) C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe (PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe (CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe () C:\Users\Simon\AppData\Roaming\InetStat\inetstat.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe () C:\Program Files (x86)\CPUCooL\CPUCooL.exe (Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe () C:\OEM\USBDECTION\USBS3S4Detection.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\LoLLauncher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.88\deploy\LolClient.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\pmbxcrnmh.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor) HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] () HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1742064 2014-03-25] (Bitdefender) HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation) HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation) HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [819984 2014-03-06] (BlueStack Systems, Inc.) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-03-19] (Bitdefender) HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-03-15] (Bitdefender) HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-03-19] (Bitdefender) HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2014-01-24] (Microsoft Corporation) HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20728480 2014-01-14] (Skype Technologies S.A.) HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [37664 2014-03-05] (Overwolf LTD) HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [window] => "C:\Program Files (x86)\Java\jre7\bin\javaw.exe" -jar "C:\Users\Simon\AppData\Roaming\archivos java\jar.B09" HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [InetStat] => C:\Users\Simon\AppData\Roaming\InetStat\inetstat.exe [1260648 2014-04-17] () HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-03-19] (Bitdefender) HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-03-15] (Bitdefender) HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-03-19] (Bitdefender) HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [GoogleChromeAutoLaunch_5DAEC53D8C099B1094B921010676FA41] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.) HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [icq] => C:\Users\Simon\AppData\Roaming\ICQM\icq.exe [33664344 2014-02-13] (ICQ) HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\RunOnce: [Application Restart #3] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.) HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\MountPoints2: {4ebb7fb6-83a5-11e3-8e2c-f80f4115c497} - K:\pushinst.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Samsung Electronics Co., Ltd.) Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CPUCooL.lnk ShortcutTarget: CPUCooL.lnk -> C:\Program Files (x86)\CPUCooL\CPUCooL.exe () Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk ShortcutTarget: Curse.lnk -> C:\Users\Simon\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\..\Interfaces\{D10E3A7A-0730-4774-8825-D3595DA11AC6}: [NameServer]192.168.178.235,192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Greasemonkey - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-05-11] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-04-25] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ [] FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-04-25] Chrome: ======= CHR Extension: (Bitdefender Wallet) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-04-24] CHR Extension: (SiteAdvisor) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-05-13] CHR Extension: (Google Wallet) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-17] CHR Extension: (AntiBrowserSpy - SocialBlocker) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohfajmmkkdjdoaoncnnbgfoomiakgbd [2014-04-17] CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-04-25] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-04-25] CHR HKLM-x32\...\Chrome\Extension: [oohfajmmkkdjdoaoncnnbgfoomiakgbd] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Chrome.crx [2014-03-21] ==================== Services (Whitelisted) ================= R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender) S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-06] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-06] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-06] (BlueStack Systems, Inc.) S2 CPUCooLServer; C:\Program Files (x86)\CPUCooL\CooLSrv.exe [743936 2011-12-01] () R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199032 2010-01-06] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.) R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.) S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation) S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD) R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender) R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [237056 2012-04-26] (Samsung Electronics Co., Ltd.) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2138936 2014-03-20] (TuneUp Software) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender) R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] () R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1523728 2014-03-24] (Bitdefender) S2 mfecore; "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe" [X] ==================== Drivers (Whitelisted) ==================== R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2013-12-02] (BitDefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2013-12-02] (BitDefender) S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin) R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC) S4 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL) S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL) R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-06] (BlueStack Systems) S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.) R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-16] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation) R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.) R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.) U3 mfeavfk01; No ImagePath R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.) R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.) U5 mfencbdc; C:\Windows\System32\Drivers\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.) S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2014-04-03] (McAfee, Inc.) R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.) R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] () R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.) S3 PAC7302; C:\Windows\SysWOW64\DRIVERS\PAC7302.SYS [454656 2007-11-08] (PixArt Imaging Inc.) S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-01-23] () R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-02-10] (TuneUp Software) S3 wolfkr; C:\AeriaGames\WolfTeam-DE\avital\wolfk64.sys [86352 2014-04-14] () S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-16 16:33 - 2014-05-16 16:33 - 02067456 _____ (Farbar) C:\Users\Simon\Downloads\FRST64.exe 2014-05-16 16:33 - 2014-05-16 16:33 - 00024857 _____ () C:\Users\Simon\Downloads\FRST.txt 2014-05-16 16:33 - 2014-05-16 16:33 - 00000000 ____D () C:\FRST 2014-05-15 21:26 - 2014-05-16 10:16 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup 2014-05-14 22:02 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-14 22:02 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-14 22:02 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-14 22:02 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-14 22:02 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-14 22:02 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-14 18:00 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-14 18:00 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-14 17:59 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-14 17:59 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-14 17:59 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-14 17:59 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-14 17:59 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-14 17:59 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-14 17:59 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-14 17:59 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-14 17:59 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-14 17:59 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-05-14 17:59 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-05-14 17:59 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-14 17:59 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-14 17:59 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-14 17:59 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-14 17:59 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-14 17:59 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-14 17:59 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-14 17:59 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-14 17:59 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-14 17:59 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-14 17:59 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-14 17:59 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-14 17:59 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-14 17:59 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-14 17:59 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-14 17:59 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-14 17:59 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-05-14 17:59 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-05-14 17:59 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-05-14 17:59 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-05-13 01:29 - 2014-05-13 01:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2014-05-11 18:46 - 2014-05-11 18:58 - 00230432 _____ () C:\PA7302.DAT 2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\Windows\PixArt 2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CANYON USB PC CAMERA 2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\Program Files (x86)\ANC 2014-05-11 18:41 - 2007-11-08 10:30 - 00454656 _____ (PixArt Imaging Inc.) C:\Windows\SysWOW64\Drivers\PAC7302.sys 2014-05-11 18:41 - 2007-11-08 10:29 - 00527872 _____ (PixArt Imaging Inc.) C:\Windows\system32\Drivers\PAC7302.SYS 2014-05-11 18:41 - 2007-11-02 11:07 - 00008704 _____ (PixArt Imaging Inc.) C:\Windows\system32\CoInst_071029.dll 2014-05-11 18:41 - 2007-10-30 17:48 - 00129024 _____ (PixArt Imaging Incorporation) C:\Windows\SysWOW64\SP7302.ax 2014-05-11 18:41 - 2007-03-20 16:44 - 00000566 _____ () C:\Windows\SysWOW64\SP7302.ini 2014-05-11 18:41 - 2006-10-12 11:57 - 00014336 _____ (PixArt Imaging Inc.) C:\Windows\SysWOW64\P7302USD.dll 2014-05-11 18:41 - 2004-11-22 13:37 - 00040960 _____ () C:\Windows\98Setup.exe 2014-05-11 18:41 - 2000-06-08 17:00 - 00119568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KSPRbac9.rra 2014-05-11 18:40 - 2014-05-11 18:40 - 05611298 _____ () C:\Users\Simon\Downloads\CNR-WCAM53_Drv_XPVW32.zip 2014-05-11 16:31 - 2014-05-11 16:32 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (3) (1).crx 2014-05-11 16:31 - 2014-05-11 16:31 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader (1).exe 2014-05-11 16:31 - 2014-05-11 16:31 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (3).crx 2014-05-11 16:31 - 2014-05-11 16:31 - 00143081 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0.zip 2014-05-11 16:31 - 2014-03-28 17:58 - 00155577 _____ () C:\Users\Simon\Desktop\proxtube_1.3.0.crx 2014-05-11 16:29 - 2014-05-11 16:29 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader.exe 2014-05-11 16:29 - 2014-05-11 16:29 - 00105903 _____ () C:\Users\Simon\Downloads\chrome-youtube-downloader-2.6.20.crx 2014-05-11 16:29 - 2014-05-11 16:29 - 00099158 _____ () C:\Users\Simon\Downloads\chrome-youtube-downloader-2.6.20.zip 2014-05-11 16:29 - 2013-12-25 03:36 - 00105903 _____ () C:\Users\Simon\Desktop\chrome-youtube-downloader-2.6.20.crx 2014-05-11 16:23 - 2014-05-11 16:23 - 00279792 _____ () C:\Users\Simon\Downloads\YouTube-Unblocker-055.zip 2014-05-11 16:22 - 2014-05-11 16:22 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\YouTube-Unblocker-055 - CHIP-Downloader.exe 2014-05-11 16:07 - 2014-05-11 16:18 - 230403208 _____ (COMODO) C:\Users\Simon\Downloads\cfw_installer_5732_83.exe 2014-05-11 16:07 - 2014-05-11 16:07 - 00686664 _____ ( ) C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_cfw_installer_5732_83.exe 2014-05-11 16:02 - 2014-05-11 16:02 - 07198344 _____ (Goversoft LLC) C:\Users\Simon\Downloads\privazer_free (1).exe 2014-05-11 16:02 - 2014-05-11 16:02 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Opera Software 2014-05-11 16:02 - 2014-05-11 16:02 - 00000000 ____D () C:\Users\Simon\AppData\Local\Opera Software 2014-05-11 15:57 - 2014-05-11 15:57 - 00001225 _____ () C:\Users\Simon\Desktop\Die Installation von Domingo fortsetzen.lnk 2014-05-11 15:56 - 2014-05-16 10:17 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro 2014-05-11 15:51 - 2014-05-11 15:51 - 00295232 _____ () C:\Windows\Minidump\051114-20716-01.dmp 2014-05-11 15:49 - 2014-05-11 16:03 - 00000000 ____D () C:\Program Files (x86)\PrivaZer 2014-05-11 15:48 - 2014-05-11 16:05 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-05-11 15:48 - 2014-05-11 15:48 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7 2014-05-11 15:48 - 2014-05-11 15:48 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6 2014-05-11 15:48 - 2014-05-11 15:48 - 00001137 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-05-11 15:48 - 2014-05-11 15:48 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-05-11 15:47 - 2014-05-16 15:01 - 00000276 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job 2014-05-11 15:47 - 2014-05-11 15:52 - 00000284 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job 2014-05-11 15:47 - 2014-05-11 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro 2014-05-11 15:47 - 2014-05-11 15:48 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Systweak 2014-05-11 15:47 - 2014-05-11 15:47 - 00003026 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES 2014-05-11 15:47 - 2014-05-11 15:47 - 00002870 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT 2014-05-11 15:47 - 2014-05-11 15:47 - 00001209 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk 2014-05-11 15:47 - 2014-05-11 15:47 - 00001058 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk 2014-05-11 15:47 - 2014-05-11 15:47 - 00000000 ____D () C:\ProgramData\Systweak 2014-05-11 15:47 - 2014-05-11 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector 2014-05-11 15:47 - 2014-05-11 15:47 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro 2014-05-11 15:47 - 2014-05-11 15:47 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector 2014-05-11 15:47 - 2014-04-25 14:49 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe 2014-05-11 15:47 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe 2014-05-11 15:34 - 2014-05-11 15:34 - 00339543 _____ () C:\Users\Simon\Downloads\Ask-Fm-Autolike.rar 2014-05-08 13:02 - 2014-05-08 13:02 - 00000000 ____D () C:\Users\Simon\AppData\Local\WarThunder 2014-05-08 13:02 - 2014-05-08 13:02 - 00000000 ____D () C:\ProgramData\WarThunder 2014-05-08 13:01 - 2014-05-08 14:39 - 00000000 ____D () C:\Program Files (x86)\WarThunder 2014-05-08 13:01 - 2014-05-08 13:01 - 04124808 _____ (Gaijin Entertainment ) C:\Users\Simon\Downloads\wt_launcher_doi_1.0.1.355.exe 2014-05-08 13:01 - 2014-05-08 13:01 - 00001109 _____ () C:\Users\Public\Desktop\WarThunder.lnk 2014-05-08 13:01 - 2014-05-08 13:01 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder 2014-05-08 00:32 - 2014-05-08 00:34 - 00053504 _____ () C:\Users\Simon\Downloads\bootkit_remover.zip 2014-05-06 19:21 - 2014-05-06 20:23 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\tor 2014-05-06 19:15 - 2014-05-06 19:17 - 26815695 _____ () C:\Users\Simon\Downloads\torbrowser-install-3.6_en-US.exe 2014-05-03 19:41 - 2014-05-03 19:41 - 00000000 ____D () C:\Users\Simon\AppData\Local\EdgeOfReality 2014-05-03 19:41 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2014-05-03 19:41 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2014-05-03 19:41 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2014-05-03 19:41 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2014-05-03 19:40 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2014-05-03 19:40 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll 2014-05-03 19:02 - 2014-05-03 19:02 - 00000219 _____ () C:\Users\Simon\Desktop\Dota 2.url 2014-05-03 18:47 - 2014-05-03 18:47 - 00000222 _____ () C:\Users\Simon\Desktop\Loadout.url 2014-05-03 18:29 - 2014-05-08 13:01 - 00000000 ____D () C:\Users\Simon\Documents\My Games 2014-05-03 18:18 - 2014-05-03 19:02 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-05-03 18:18 - 2014-05-03 18:18 - 00000222 _____ () C:\Users\Simon\Desktop\Epigenesis.url 2014-05-03 17:54 - 2014-05-04 13:43 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-05-03 17:54 - 2014-05-03 17:54 - 01141680 _____ () C:\Users\Simon\Downloads\SteamSetup.exe 2014-05-03 17:54 - 2014-05-03 17:54 - 00000971 _____ () C:\Users\Public\Desktop\Steam.lnk 2014-05-03 17:54 - 2014-05-03 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-05-03 17:51 - 2014-05-03 17:51 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup (2).exe 2014-05-03 17:51 - 2014-05-03 17:51 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup (1).exe 2014-05-03 17:43 - 2014-05-03 17:44 - 00000999 _____ () C:\Users\Public\Desktop\MultIV.lnk 2014-05-03 17:43 - 2014-05-03 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultIV 2014-05-03 17:43 - 2014-05-03 17:44 - 00000000 ____D () C:\Program Files (x86)\MultIV 2014-05-03 17:43 - 2014-05-03 17:43 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\MultIV 2014-05-03 17:42 - 2014-05-03 17:42 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup.exe 2014-05-03 17:39 - 2014-05-03 17:39 - 04954736 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\WindowsUpgradeAssistant.exe 2014-05-03 17:34 - 2014-05-03 17:35 - 36965680 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\IE9-Windows7-x64-deu.exe 2014-05-03 17:01 - 2014-05-03 17:01 - 17532198 _____ () C:\Users\Simon\Downloads\1355067475iCEnhancer2_1FINAL.zip 2014-05-03 05:14 - 2014-05-03 05:14 - 97580750 _____ () C:\Users\Simon\Downloads\Seven Reel's Realistic ENB v1.5b.zip 2014-05-03 05:06 - 2014-05-03 05:06 - 19677675 _____ () C:\Users\Simon\Downloads\Fighter Jet P-996 Lazer 3.zip 2014-05-03 05:05 - 2014-05-03 05:05 - 00717632 _____ () C:\Users\Simon\Downloads\scripthookdotnet_v1.7.1.7b.zip 2014-05-03 04:52 - 2014-05-03 04:52 - 00000000 ____D () C:\Users\Simon\Desktop\Backup 2014-05-03 04:50 - 2014-05-03 04:53 - 89876480 _____ () C:\Users\Simon\Desktop\vehicles.img 2014-05-03 04:50 - 2014-05-03 04:50 - 00000000 ____D () C:\Users\Simon\Desktop\Infernus 2014-05-03 04:49 - 2014-05-03 04:49 - 00000000 ____D () C:\Users\Simon\Desktop\SparkIV 2014-05-03 04:48 - 2014-05-03 04:48 - 01540953 _____ () C:\Users\Simon\Downloads\SparkIV 0.6.6.zip 2014-05-03 04:46 - 2014-05-03 04:46 - 04695532 _____ () C:\Users\Simon\Downloads\1398374770_ageraone.rar 2014-05-03 03:32 - 2014-05-03 03:32 - 00000000 ____D () C:\Users\Simon\Documents\Games for Windows - LIVE Demos 2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\Windows\SysWOW64\xlive 2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace 2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2014-05-03 03:29 - 2014-05-03 03:29 - 00642712 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\gfwlive35setup.exe 2014-05-03 03:29 - 2014-05-03 03:29 - 00642712 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\gfwlive35setup (1).exe 2014-05-01 19:04 - 2014-05-01 19:04 - 00081626 _____ () C:\Users\Simon\Documents\Unit 1.voc 2014-05-01 19:04 - 2014-05-01 19:04 - 00081626 _____ () C:\Users\Simon\Desktop\Unit 1.voc 2014-05-01 17:09 - 2014-05-01 17:09 - 04044159 _____ () C:\Users\Simon\Downloads\1259416463_ProVehicleModv1.0.1.zip 2014-05-01 16:30 - 2014-05-01 16:30 - 00001027 _____ () C:\Users\Public\Desktop\Domingo 2.lnk 2014-05-01 16:30 - 2014-05-01 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Domingo 2 2014-05-01 16:30 - 2014-05-01 16:30 - 00000000 ____D () C:\Program Files (x86)\Domingo 2 2014-05-01 16:29 - 2014-05-01 16:29 - 04241516 _____ (Patrick Diekmann ) C:\Users\Simon\Downloads\setup.exe 2014-05-01 16:29 - 2014-05-01 16:29 - 00728032 _____ () C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_setup.exe 2014-05-01 15:56 - 2014-05-01 15:56 - 01138458 _____ () C:\Users\Simon\Downloads\1385372962_Space Shuttle.rar 2014-05-01 15:34 - 2014-05-01 15:35 - 00072097 _____ () C:\Users\Simon\Downloads\xliveless - v0.999b7 (patch 1.0.7.0. and EFLC 1.1.2.0).zip 2014-05-01 15:26 - 2014-05-01 15:26 - 02662221 _____ () C:\Users\Simon\Downloads\1310225693_Simple Native Trainer v.6.3.rar 2014-05-01 13:34 - 2014-05-01 13:34 - 00000000 ____D () C:\Users\Simon\Documents\Rockstar Games 2014-05-01 13:31 - 2014-05-01 13:31 - 00000000 __SHD () C:\ProgramData\SecuROM 2014-05-01 13:30 - 2014-05-01 13:30 - 04776440 _____ () C:\Users\Simon\Downloads\LaunchGTAIV.zip 2014-05-01 13:25 - 2014-05-01 13:25 - 00000000 ____D () C:\Users\Simon\AppData\Local\Rockstar Games 2014-05-01 13:24 - 2014-05-01 13:24 - 00000000 __RHD () C:\Users\Simon\AppData\Roaming\SecuROM 2014-05-01 03:46 - 2014-05-01 03:53 - 20725128 _____ () C:\Users\Simon\Downloads\MMM_PT._vlad.7z 2014-05-01 01:13 - 2014-05-03 01:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-04-28 20:55 - 2014-04-28 20:55 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (2).crx 2014-04-28 20:53 - 2014-04-28 20:53 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (1).crx 2014-04-28 20:52 - 2014-04-28 20:52 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0.crx 2014-04-25 22:05 - 2014-04-25 22:05 - 00000000 ____D () C:\Users\Simon\AppData\Local\GGC 2014-04-25 22:03 - 2012-10-09 19:30 - 05570560 _____ (GGC) C:\Users\Simon\Desktop\Gordonsys 2.0.exe 2014-04-25 22:01 - 2014-04-25 22:03 - 05570641 _____ () C:\Users\Simon\Downloads\Gordonsys2.0.rar 2014-04-25 21:41 - 2014-04-25 21:41 - 00550296 _____ () C:\ProgramData\1398454570.bdinstall.bin 2014-04-25 21:40 - 2014-04-26 21:41 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Bitdefender 2014-04-25 21:40 - 2014-04-25 21:40 - 00002194 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk 2014-04-25 21:40 - 2014-04-25 21:40 - 00002075 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk 2014-04-25 21:40 - 2014-04-25 21:40 - 00000684 ____H () C:\bdr-cf01 2014-04-25 21:40 - 2014-04-25 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2014-04-25 21:36 - 2014-04-25 21:40 - 00253404 ____H () C:\bdr-ld01 2014-04-25 21:36 - 2014-04-25 21:40 - 00009216 ____H () C:\bdr-ld01.mbr 2014-04-25 21:36 - 2013-09-24 15:38 - 46879860 ____H () C:\bdr-im01.gz 2014-04-25 21:36 - 2013-08-23 12:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys 2014-04-25 21:36 - 2013-08-13 12:38 - 03271472 ____H () C:\bdr-bz01 2014-04-25 21:36 - 2013-08-07 12:46 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys 2014-04-25 21:34 - 2014-05-15 21:22 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-04-25 21:18 - 2014-04-25 21:18 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\MVH 2014-04-25 02:34 - 2014-04-25 02:34 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2014-04-25 00:53 - 2014-04-25 21:18 - 01373184 _____ () C:\Users\Simon\Desktop\MVH Loader.exe 2014-04-25 00:53 - 2014-04-25 00:53 - 01108568 _____ () C:\Users\Simon\Downloads\MVH Loader.zip 2014-04-25 00:47 - 2014-04-25 00:47 - 04106679 _____ () C:\Users\Simon\Downloads\[Abs]Loader.rar 2014-04-25 00:34 - 2014-04-25 00:34 - 00000000 ____D () C:\ProgramData\Nexon 2014-04-25 00:28 - 2014-04-25 00:41 - 00000000 ____D () C:\Users\Simon\Desktop\Combat Arms Hack 2014-04-25 00:24 - 2014-04-25 00:24 - 00001634 _____ () C:\Users\Public\Desktop\Combat Arms EU.lnk 2014-04-25 00:24 - 2014-04-25 00:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon 2014-04-25 00:21 - 2014-04-25 00:40 - 00000000 ____D () C:\ProgramData\NexonEU 2014-04-25 00:21 - 2014-04-25 00:21 - 00000000 ____D () C:\Nexon 2014-04-24 23:52 - 2014-04-25 00:13 - 1967289647 _____ (Nexon) C:\Users\Simon\Desktop\Combatarms_eu.exe 2014-04-24 23:51 - 2014-04-24 23:51 - 10552296 _____ (Akamai Technologies, Inc.) C:\Users\Simon\Downloads\NexonEU_Installer.exe 2014-04-24 23:50 - 2014-04-24 23:50 - 01617203 _____ () C:\Users\Simon\Downloads\[ghbsys.net] Public-Client.zip 2014-04-24 22:10 - 2014-04-24 22:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA 2014-04-24 22:09 - 2014-04-24 22:09 - 00001474 _____ () C:\Users\Public\Desktop\Bloodline Champions.lnk 2014-04-24 22:09 - 2014-04-24 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodline Champions 2014-04-24 22:08 - 2014-04-24 22:08 - 00000000 ____D () C:\Program Files (x86)\Stunlock Studios 2014-04-24 22:03 - 2014-04-24 22:08 - 363876296 _____ (Stunlock Studios ) C:\Users\Simon\Downloads\bloodline-champions_25983.exe 2014-04-24 22:03 - 2014-04-24 22:03 - 01062288 _____ () C:\Users\Simon\Downloads\Bloodline-Champions-lnstall.exe 2014-04-24 19:33 - 2014-04-24 19:33 - 10768896 _____ () C:\Users\Simon\Downloads\Wolfteam INV Hack AUG 2013.exe 2014-04-24 19:25 - 2014-04-24 19:25 - 00058597 _____ () C:\Users\Simon\Downloads\Business.Card.Maker.8.0_CRK-FFF.zip 2014-04-24 19:22 - 2014-04-24 19:22 - 00077025 _____ () C:\Users\Simon\Downloads\CD244A3FE5B95DA446608BC56299A387E1A64734.torrent 2014-04-24 19:09 - 2014-03-20 14:44 - 00043320 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll 2014-04-24 19:09 - 2014-03-20 14:44 - 00036152 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll 2014-04-24 19:04 - 2014-04-24 19:04 - 00000000 ____D () C:\Users\Simon\Desktop\Programme;Spiele 2014-04-24 19:01 - 2014-04-24 19:08 - 00000000 ____D () C:\Users\Simon\Desktop\Programme 2014-04-24 19:00 - 2014-04-25 21:17 - 00000000 ____D () C:\Users\Simon\Desktop\Bilder 2014-04-24 18:59 - 2014-04-24 18:59 - 07307552 _____ () C:\Users\Simon\Downloads\bitdefender_isecurity.exe 2014-04-24 18:49 - 2014-05-01 13:11 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler 2014-04-24 18:42 - 2014-04-24 18:42 - 00002217 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk 2014-04-24 18:42 - 2014-04-24 18:42 - 00002209 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk 2014-04-24 18:42 - 2014-04-24 18:42 - 00002197 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk 2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TuneUp Software 2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Users\Simon\AppData\Local\TuneUp Software 2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014 2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014 2014-04-24 18:42 - 2014-03-20 14:44 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe 2014-04-24 18:42 - 2014-03-20 14:44 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll 2014-04-24 18:42 - 2014-03-20 14:44 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll 2014-04-24 18:41 - 2014-04-24 18:48 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-04-24 18:41 - 2014-04-24 18:43 - 00000000 ____D () C:\ProgramData\TuneUp Software 2014-04-24 18:41 - 2014-04-24 18:41 - 00074811 _____ () C:\Users\Simon\Downloads\TuneUp 2014 Keygen by Game24x.rar 2014-04-24 18:40 - 2014-04-24 18:41 - 27878824 _____ (TuneUp Software) C:\Users\Simon\Downloads\TuneUpUtilities2014_de2745-DE.exe 2014-04-24 18:32 - 2014-04-24 18:33 - 209715712 _____ () C:\Users\Simon\Desktop\Tresor.bvd 2014-04-24 17:32 - 2014-04-24 19:23 - 00000000 ____D () C:\Users\Simon\Downloads\Download.am 2014-04-24 17:32 - 2014-04-24 19:23 - 00000000 ____D () C:\Users\Simon\AppData\Local\download.am-data 2014-04-24 17:32 - 2014-04-24 17:32 - 00001053 _____ () C:\Users\Simon\Desktop\Download.am.lnk 2014-04-24 17:32 - 2014-04-24 17:32 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download.am 2014-04-24 17:31 - 2014-04-24 17:32 - 00000000 ____D () C:\Program Files (x86)\Download.am 2014-04-24 17:25 - 2014-04-24 17:25 - 13540177 _____ () C:\Users\Simon\Downloads\download.am-build233.zip 2014-04-24 17:20 - 2014-04-24 17:21 - 00000000 ____D () C:\Users\Simon\Desktop\RSDownloader 2014-04-24 17:20 - 2014-04-24 17:20 - 03028121 _____ () C:\Users\Simon\Downloads\RSD_0.61.zip 2014-04-24 17:20 - 2014-04-24 17:20 - 00000164 _____ () C:\Users\Simon\Downloads\40961pa16fh3627.rsdf 2014-04-24 17:19 - 2014-04-24 17:19 - 00000000 ____D () C:\Users\Simon\Desktop\JDownloader 2014-04-24 17:18 - 2014-04-24 17:18 - 31419822 _____ () C:\Users\Simon\Downloads\JDownloader.zip 2014-04-24 15:59 - 2014-04-24 15:59 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE (2).exe 2014-04-24 15:58 - 2014-04-24 15:58 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE.exe 2014-04-24 15:58 - 2014-04-24 15:58 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE (1).exe 2014-04-24 05:02 - 2014-04-24 05:02 - 00040805 _____ () C:\ProgramData\1398308156.bdinstall.bin 2014-04-24 04:55 - 2014-04-24 04:55 - 01147424 _____ () C:\Users\Simon\Downloads\bitdefender_antitheft.exe 2014-04-24 04:48 - 2014-04-24 04:48 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity (2).exe 2014-04-24 04:04 - 2014-04-24 04:04 - 00000000 ____D () C:\Users\Simon\AppData\Local\simon-p 2014-04-24 03:43 - 2014-04-24 03:43 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity (1).exe 2014-04-24 02:24 - 2014-04-24 02:24 - 00295296 _____ () C:\Windows\Minidump\042414-30264-01.dmp 2014-04-24 02:19 - 2014-04-24 02:19 - 00612157 _____ () C:\ProgramData\1398297261.bdinstall.bin 2014-04-24 02:19 - 2014-04-24 02:19 - 00000385 _____ () C:\Windows\system32\user_gensett.xml 2014-04-24 02:19 - 2014-04-24 02:19 - 00000385 _____ () C:\Users\Simon\AppData\Roaminguser_gensett.xml 2014-04-24 02:18 - 2014-04-24 02:19 - 00000000 ____D () C:\ProgramData\BDLogging 2014-04-24 02:18 - 2014-04-24 02:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf 2014-04-24 02:18 - 2009-07-15 00:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll 2014-04-24 02:17 - 2014-04-24 02:17 - 00283192 _____ (Mozilla) C:\Users\Simon\Downloads\Firefox Setup Stub 28.0 (1).exe 2014-04-24 02:17 - 2013-12-02 11:58 - 00635392 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys 2014-04-24 02:17 - 2013-12-02 11:56 - 00893440 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys 2014-04-24 02:17 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys 2014-04-24 02:17 - 2013-11-04 15:47 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll 2014-04-24 02:17 - 2013-02-22 18:46 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys 2014-04-24 02:17 - 2012-11-02 13:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys 2014-04-24 02:17 - 2012-04-17 13:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys 2014-04-24 02:17 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll 2014-04-24 01:54 - 2014-05-08 12:35 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\QuickScan 2014-04-24 01:54 - 2014-04-25 21:40 - 00000000 ____D () C:\ProgramData\Bitdefender 2014-04-24 01:54 - 2014-04-24 02:57 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll 2014-04-24 01:54 - 2014-04-24 01:57 - 00000000 ____D () C:\Program Files\Bitdefender 2014-04-24 01:54 - 2013-11-04 15:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll 2014-04-24 01:54 - 2013-11-04 15:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll 2014-04-24 01:51 - 2014-04-25 21:36 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender 2014-04-24 01:51 - 2014-04-24 01:51 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity.exe 2014-04-22 22:49 - 2014-04-22 22:49 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieUserList 2014-04-22 22:49 - 2014-04-22 22:49 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieSiteList 2014-04-22 22:44 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-22 22:44 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-22 22:44 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-22 22:44 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-22 22:44 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-22 22:44 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-22 22:44 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-22 22:44 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-22 22:44 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-22 22:44 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-22 22:44 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-22 22:44 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-04-22 22:44 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-22 22:44 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-22 22:44 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-22 22:44 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-04-22 22:44 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-04-22 22:44 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-22 22:44 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-22 22:44 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-22 22:44 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-04-22 22:44 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-04-22 22:44 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-04-22 22:44 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-04-22 22:44 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-22 22:44 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-04-22 22:44 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-04-22 22:44 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-04-22 22:44 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-04-22 22:44 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-22 22:44 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-22 22:44 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-22 22:44 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-04-22 22:44 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-04-22 22:44 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-22 22:44 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-04-22 22:44 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-04-22 22:44 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-04-22 22:44 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-22 22:44 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-22 22:44 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-22 22:44 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-04-22 22:44 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-04-22 22:44 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-04-22 03:07 - 2014-04-22 03:07 - 00043012 _____ () C:\Users\Simon\Downloads\AimPoint.exe 2014-04-21 19:59 - 2014-05-01 00:13 - 00000000 ____D () C:\Users\Simon\AppData\Local\Thunderbird 2014-04-21 19:59 - 2014-04-21 19:59 - 21987424 _____ (Mozilla) C:\Users\Simon\Downloads\Thunderbird_Setup_de24.4.0.exe 2014-04-21 19:59 - 2014-04-21 19:59 - 00002106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2014-04-21 19:59 - 2014-04-21 19:59 - 00002094 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2014-04-21 19:59 - 2014-04-21 19:59 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Thunderbird 2014-04-20 19:07 - 2014-05-16 14:27 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-20 19:07 - 2014-04-20 19:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-20 19:07 - 2014-04-20 19:07 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-20 19:07 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-04-20 19:07 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-20 19:07 - 2014-04-20 19:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-20 19:07 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-20 19:07 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-20 19:07 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-04-20 14:09 - 2014-04-20 14:09 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-04-20 14:09 - 2014-04-20 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-18 16:00 - 2014-04-18 16:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204 (2).exe 2014-04-18 16:00 - 2014-04-18 16:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204 (1).exe 2014-04-18 16:00 - 2014-04-18 16:00 - 00016670 _____ () C:\Users\Simon\Downloads\hijackthis.log 2014-04-18 15:59 - 2014-04-18 15:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204.exe 2014-04-17 19:10 - 2014-05-03 03:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-17 19:10 - 2014-04-17 19:10 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-17 19:10 - 2014-04-17 19:10 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Mozilla 2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Users\Simon\AppData\Local\Mozilla 2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\ProgramData\Mozilla 2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-17 19:09 - 2014-04-17 19:09 - 00283192 _____ (Mozilla) C:\Users\Simon\Downloads\Firefox Setup Stub 28.0.exe 2014-04-17 15:07 - 2014-04-18 16:00 - 00000000 ____D () C:\AdwCleaner 2014-04-17 15:07 - 2014-04-17 15:07 - 00000000 ____D () C:\Users\Simon\Downloads\AdwCleaner_TSA221R2W 2014-04-17 05:25 - 2014-04-17 05:25 - 00376264 _____ () C:\Users\Simon\Downloads\PricePeep (1).exe 2014-04-17 01:58 - 2014-04-24 03:12 - 00000000 ____D () C:\Users\Simon\AppData\Local\Genesis 2014-04-17 01:58 - 2014-04-17 01:58 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\InetStat 2014-04-17 01:58 - 2014-04-17 01:58 - 00000000 ____D () C:\Program Files (x86)\Rr Savings 2014-04-17 01:57 - 2014-04-20 19:16 - 00000000 ____D () C:\Program Files\002 2014-04-17 01:57 - 2014-04-17 01:57 - 00003162 _____ () C:\Windows\System32\Tasks\fsupdate 2014-04-16 21:52 - 2014-04-24 01:54 - 00000513 _____ () C:\Windows\wininit.ini 2014-04-16 21:50 - 2014-04-16 21:51 - 04924064 _____ (Systweak Inc ) C:\Users\Simon\Downloads\rcpsetup_2005_file.net_ab_DE-kTweak.exe ==================== One Month Modified Files and Folders ======= 2014-05-16 16:33 - 2014-05-16 16:33 - 02067456 _____ (Farbar) C:\Users\Simon\Downloads\FRST64.exe 2014-05-16 16:33 - 2014-05-16 16:33 - 00024857 _____ () C:\Users\Simon\Downloads\FRST.txt 2014-05-16 16:33 - 2014-05-16 16:33 - 00000000 ____D () C:\FRST 2014-05-16 16:33 - 2014-01-23 18:35 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Skype 2014-05-16 15:34 - 2014-01-22 23:03 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-16 15:01 - 2014-05-11 15:47 - 00000276 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job 2014-05-16 14:27 - 2014-04-20 19:07 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-16 10:37 - 2014-01-22 23:04 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-05-16 10:25 - 2014-01-22 22:01 - 01168563 _____ () C:\Windows\WindowsUpdate.log 2014-05-16 10:23 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-16 10:23 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-16 10:17 - 2014-05-11 15:56 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro 2014-05-16 10:16 - 2014-05-15 21:26 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup 2014-05-16 10:15 - 2014-01-27 20:47 - 00000000 ____D () C:\Users\Simon\AppData\Local\Overwolf 2014-05-16 10:15 - 2009-07-14 06:51 - 00072529 _____ () C:\Windows\setupact.log 2014-05-16 10:14 - 2014-01-22 23:03 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-16 10:14 - 2014-01-22 22:05 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-05-16 10:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-16 00:00 - 2014-03-31 23:30 - 00000000 ____D () C:\Users\Simon\log2s 2014-05-15 21:24 - 2014-01-22 22:54 - 00000000 ___RD () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-15 21:24 - 2014-01-22 22:54 - 00000000 ___RD () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-15 21:22 - 2014-04-25 21:34 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-14 22:02 - 2014-02-19 14:48 - 00000000 ____D () C:\Windows\system32\MRT 2014-05-14 22:02 - 2014-01-29 19:01 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-05-14 22:00 - 2014-01-22 23:14 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-05-13 01:29 - 2014-05-13 01:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2014-05-11 18:58 - 2014-05-11 18:46 - 00230432 _____ () C:\PA7302.DAT 2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\Windows\PixArt 2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CANYON USB PC CAMERA 2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\Program Files (x86)\ANC 2014-05-11 18:41 - 2010-10-27 13:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-05-11 18:40 - 2014-05-11 18:40 - 05611298 _____ () C:\Users\Simon\Downloads\CNR-WCAM53_Drv_XPVW32.zip 2014-05-11 16:32 - 2014-05-11 16:31 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (3) (1).crx 2014-05-11 16:31 - 2014-05-11 16:31 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader (1).exe 2014-05-11 16:31 - 2014-05-11 16:31 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (3).crx 2014-05-11 16:31 - 2014-05-11 16:31 - 00143081 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0.zip 2014-05-11 16:29 - 2014-05-11 16:29 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader.exe 2014-05-11 16:29 - 2014-05-11 16:29 - 00105903 _____ () C:\Users\Simon\Downloads\chrome-youtube-downloader-2.6.20.crx 2014-05-11 16:29 - 2014-05-11 16:29 - 00099158 _____ () C:\Users\Simon\Downloads\chrome-youtube-downloader-2.6.20.zip 2014-05-11 16:23 - 2014-05-11 16:23 - 00279792 _____ () C:\Users\Simon\Downloads\YouTube-Unblocker-055.zip 2014-05-11 16:22 - 2014-05-11 16:22 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\YouTube-Unblocker-055 - CHIP-Downloader.exe 2014-05-11 16:18 - 2014-05-11 16:07 - 230403208 _____ (COMODO) C:\Users\Simon\Downloads\cfw_installer_5732_83.exe 2014-05-11 16:14 - 2014-03-21 14:43 - 00000000 ____D () C:\Users\Simon\AppData\Local\PrivaZer 2014-05-11 16:07 - 2014-05-11 16:07 - 00686664 _____ ( ) C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_cfw_installer_5732_83.exe 2014-05-11 16:05 - 2014-05-11 15:48 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-05-11 16:03 - 2014-05-11 15:49 - 00000000 ____D () C:\Program Files (x86)\PrivaZer 2014-05-11 16:03 - 2014-03-21 14:43 - 00001905 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk 2014-05-11 16:03 - 2014-03-21 14:43 - 00001893 _____ () C:\Users\Public\Desktop\PrivaZer.lnk 2014-05-11 16:02 - 2014-05-11 16:02 - 07198344 _____ (Goversoft LLC) C:\Users\Simon\Downloads\privazer_free (1).exe 2014-05-11 16:02 - 2014-05-11 16:02 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Opera Software 2014-05-11 16:02 - 2014-05-11 16:02 - 00000000 ____D () C:\Users\Simon\AppData\Local\Opera Software 2014-05-11 15:57 - 2014-05-11 15:57 - 00001225 _____ () C:\Users\Simon\Desktop\Die Installation von Domingo fortsetzen.lnk 2014-05-11 15:52 - 2014-05-11 15:47 - 00000284 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job 2014-05-11 15:51 - 2014-05-11 15:51 - 00295232 _____ () C:\Windows\Minidump\051114-20716-01.dmp 2014-05-11 15:51 - 2014-01-23 19:38 - 739826304 _____ () C:\Windows\MEMORY.DMP 2014-05-11 15:51 - 2014-01-23 19:38 - 00000000 ____D () C:\Windows\Minidump 2014-05-11 15:49 - 2014-05-11 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro 2014-05-11 15:48 - 2014-05-11 15:48 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7 2014-05-11 15:48 - 2014-05-11 15:48 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6 2014-05-11 15:48 - 2014-05-11 15:48 - 00001137 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-05-11 15:48 - 2014-05-11 15:48 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-05-11 15:48 - 2014-05-11 15:47 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Systweak 2014-05-11 15:47 - 2014-05-11 15:47 - 00003026 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES 2014-05-11 15:47 - 2014-05-11 15:47 - 00002870 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT 2014-05-11 15:47 - 2014-05-11 15:47 - 00001209 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk 2014-05-11 15:47 - 2014-05-11 15:47 - 00001058 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk 2014-05-11 15:47 - 2014-05-11 15:47 - 00000000 ____D () C:\ProgramData\Systweak 2014-05-11 15:47 - 2014-05-11 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector 2014-05-11 15:47 - 2014-05-11 15:47 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro 2014-05-11 15:47 - 2014-05-11 15:47 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector 2014-05-11 15:47 - 2014-03-21 14:42 - 07202440 _____ (Goversoft LLC) C:\Users\Simon\Downloads\privazer_free.exe 2014-05-11 15:34 - 2014-05-11 15:34 - 00339543 _____ () C:\Users\Simon\Downloads\Ask-Fm-Autolike.rar 2014-05-11 12:18 - 2014-01-22 21:56 - 00239658 _____ () C:\Windows\PFRO.log 2014-05-09 08:14 - 2014-05-14 17:59 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-09 08:11 - 2014-05-14 17:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-09 03:01 - 2014-01-27 20:47 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TS3Client 2014-05-08 17:29 - 2014-01-22 23:03 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-05-08 17:29 - 2014-01-22 23:03 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-08 14:39 - 2014-05-08 13:01 - 00000000 ____D () C:\Program Files (x86)\WarThunder 2014-05-08 14:39 - 2014-01-22 23:17 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-05-08 13:02 - 2014-05-08 13:02 - 00000000 ____D () C:\Users\Simon\AppData\Local\WarThunder 2014-05-08 13:02 - 2014-05-08 13:02 - 00000000 ____D () C:\ProgramData\WarThunder 2014-05-08 13:01 - 2014-05-08 13:01 - 04124808 _____ (Gaijin Entertainment ) C:\Users\Simon\Downloads\wt_launcher_doi_1.0.1.355.exe 2014-05-08 13:01 - 2014-05-08 13:01 - 00001109 _____ () C:\Users\Public\Desktop\WarThunder.lnk 2014-05-08 13:01 - 2014-05-08 13:01 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder 2014-05-08 13:01 - 2014-05-03 18:29 - 00000000 ____D () C:\Users\Simon\Documents\My Games 2014-05-08 12:35 - 2014-04-24 01:54 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\QuickScan 2014-05-08 00:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system 2014-05-08 00:34 - 2014-05-08 00:32 - 00053504 _____ () C:\Users\Simon\Downloads\bootkit_remover.zip 2014-05-06 20:23 - 2014-05-06 19:21 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\tor 2014-05-06 19:17 - 2014-05-06 19:15 - 26815695 _____ () C:\Users\Simon\Downloads\torbrowser-install-3.6_en-US.exe 2014-05-06 06:40 - 2014-05-14 22:02 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-06 06:17 - 2014-05-14 22:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-06 05:25 - 2014-05-14 22:02 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-06 05:07 - 2014-05-14 22:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-06 05:00 - 2014-05-14 22:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-06 04:10 - 2014-05-14 22:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-04 13:43 - 2014-05-03 17:54 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-05-03 19:41 - 2014-05-03 19:41 - 00000000 ____D () C:\Users\Simon\AppData\Local\EdgeOfReality 2014-05-03 19:40 - 2014-01-22 22:27 - 00028868 _____ () C:\Windows\DirectX.log 2014-05-03 19:02 - 2014-05-03 19:02 - 00000219 _____ () C:\Users\Simon\Desktop\Dota 2.url 2014-05-03 19:02 - 2014-05-03 18:18 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-05-03 18:47 - 2014-05-03 18:47 - 00000222 _____ () C:\Users\Simon\Desktop\Loadout.url 2014-05-03 18:18 - 2014-05-03 18:18 - 00000222 _____ () C:\Users\Simon\Desktop\Epigenesis.url 2014-05-03 17:54 - 2014-05-03 17:54 - 01141680 _____ () C:\Users\Simon\Downloads\SteamSetup.exe 2014-05-03 17:54 - 2014-05-03 17:54 - 00000971 _____ () C:\Users\Public\Desktop\Steam.lnk 2014-05-03 17:54 - 2014-05-03 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-05-03 17:51 - 2014-05-03 17:51 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup (2).exe 2014-05-03 17:51 - 2014-05-03 17:51 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup (1).exe 2014-05-03 17:44 - 2014-05-03 17:43 - 00000999 _____ () C:\Users\Public\Desktop\MultIV.lnk 2014-05-03 17:44 - 2014-05-03 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultIV 2014-05-03 17:44 - 2014-05-03 17:43 - 00000000 ____D () C:\Program Files (x86)\MultIV 2014-05-03 17:43 - 2014-05-03 17:43 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\MultIV 2014-05-03 17:42 - 2014-05-03 17:42 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup.exe 2014-05-03 17:39 - 2014-05-03 17:39 - 04954736 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\WindowsUpgradeAssistant.exe 2014-05-03 17:35 - 2014-05-03 17:34 - 36965680 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\IE9-Windows7-x64-deu.exe 2014-05-03 17:35 - 2014-01-24 00:08 - 00005990 _____ () C:\Windows\IE9_main.log 2014-05-03 17:01 - 2014-05-03 17:01 - 17532198 _____ () C:\Users\Simon\Downloads\1355067475iCEnhancer2_1FINAL.zip 2014-05-03 05:14 - 2014-05-03 05:14 - 97580750 _____ () C:\Users\Simon\Downloads\Seven Reel's Realistic ENB v1.5b.zip 2014-05-03 05:06 - 2014-05-03 05:06 - 19677675 _____ () C:\Users\Simon\Downloads\Fighter Jet P-996 Lazer 3.zip 2014-05-03 05:05 - 2014-05-03 05:05 - 00717632 _____ () C:\Users\Simon\Downloads\scripthookdotnet_v1.7.1.7b.zip 2014-05-03 04:53 - 2014-05-03 04:50 - 89876480 _____ () C:\Users\Simon\Desktop\vehicles.img 2014-05-03 04:52 - 2014-05-03 04:52 - 00000000 ____D () C:\Users\Simon\Desktop\Backup 2014-05-03 04:50 - 2014-05-03 04:50 - 00000000 ____D () C:\Users\Simon\Desktop\Infernus 2014-05-03 04:49 - 2014-05-03 04:49 - 00000000 ____D () C:\Users\Simon\Desktop\SparkIV 2014-05-03 04:48 - 2014-05-03 04:48 - 01540953 _____ () C:\Users\Simon\Downloads\SparkIV 0.6.6.zip 2014-05-03 04:46 - 2014-05-03 04:46 - 04695532 _____ () C:\Users\Simon\Downloads\1398374770_ageraone.rar 2014-05-03 03:32 - 2014-05-03 03:32 - 00000000 ____D () C:\Users\Simon\Documents\Games for Windows - LIVE Demos 2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\Windows\SysWOW64\xlive 2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace 2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2014-05-03 03:30 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-05-03 03:29 - 2014-05-03 03:29 - 00642712 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\gfwlive35setup.exe 2014-05-03 03:29 - 2014-05-03 03:29 - 00642712 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\gfwlive35setup (1).exe 2014-05-03 03:19 - 2014-04-11 14:06 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-03 03:19 - 2014-04-11 14:06 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-03 03:17 - 2014-04-17 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-05-03 01:35 - 2014-05-01 01:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-05-01 19:04 - 2014-05-01 19:04 - 00081626 _____ () C:\Users\Simon\Documents\Unit 1.voc 2014-05-01 19:04 - 2014-05-01 19:04 - 00081626 _____ () C:\Users\Simon\Desktop\Unit 1.voc 2014-05-01 17:09 - 2014-05-01 17:09 - 04044159 _____ () C:\Users\Simon\Downloads\1259416463_ProVehicleModv1.0.1.zip 2014-05-01 16:30 - 2014-05-01 16:30 - 00001027 _____ () C:\Users\Public\Desktop\Domingo 2.lnk 2014-05-01 16:30 - 2014-05-01 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Domingo 2 2014-05-01 16:30 - 2014-05-01 16:30 - 00000000 ____D () C:\Program Files (x86)\Domingo 2 2014-05-01 16:29 - 2014-05-01 16:29 - 04241516 _____ (Patrick Diekmann ) C:\Users\Simon\Downloads\setup.exe 2014-05-01 16:29 - 2014-05-01 16:29 - 00728032 _____ () C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_setup.exe 2014-05-01 15:56 - 2014-05-01 15:56 - 01138458 _____ () C:\Users\Simon\Downloads\1385372962_Space Shuttle.rar 2014-05-01 15:35 - 2014-05-01 15:34 - 00072097 _____ () C:\Users\Simon\Downloads\xliveless - v0.999b7 (patch 1.0.7.0. and EFLC 1.1.2.0).zip 2014-05-01 15:26 - 2014-05-01 15:26 - 02662221 _____ () C:\Users\Simon\Downloads\1310225693_Simple Native Trainer v.6.3.rar 2014-05-01 13:34 - 2014-05-01 13:34 - 00000000 ____D () C:\Users\Simon\Documents\Rockstar Games 2014-05-01 13:31 - 2014-05-01 13:31 - 00000000 __SHD () C:\ProgramData\SecuROM 2014-05-01 13:30 - 2014-05-01 13:30 - 04776440 _____ () C:\Users\Simon\Downloads\LaunchGTAIV.zip 2014-05-01 13:25 - 2014-05-01 13:25 - 00000000 ____D () C:\Users\Simon\AppData\Local\Rockstar Games 2014-05-01 13:24 - 2014-05-01 13:24 - 00000000 __RHD () C:\Users\Simon\AppData\Roaming\SecuROM 2014-05-01 13:11 - 2014-04-24 18:49 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler 2014-05-01 03:53 - 2014-05-01 03:46 - 20725128 _____ () C:\Users\Simon\Downloads\MMM_PT._vlad.7z 2014-05-01 00:13 - 2014-04-21 19:59 - 00000000 ____D () C:\Users\Simon\AppData\Local\Thunderbird 2014-04-28 20:55 - 2014-04-28 20:55 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (2).crx 2014-04-28 20:53 - 2014-04-28 20:53 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (1).crx 2014-04-28 20:52 - 2014-04-28 20:52 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0.crx 2014-04-27 02:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\addins 2014-04-26 21:41 - 2014-04-25 21:40 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Bitdefender 2014-04-25 22:05 - 2014-04-25 22:05 - 00000000 ____D () C:\Users\Simon\AppData\Local\GGC 2014-04-25 22:03 - 2014-04-25 22:01 - 05570641 _____ () C:\Users\Simon\Downloads\Gordonsys2.0.rar 2014-04-25 21:41 - 2014-04-25 21:41 - 00550296 _____ () C:\ProgramData\1398454570.bdinstall.bin 2014-04-25 21:40 - 2014-04-25 21:40 - 00002194 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk 2014-04-25 21:40 - 2014-04-25 21:40 - 00002075 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk 2014-04-25 21:40 - 2014-04-25 21:40 - 00000684 ____H () C:\bdr-cf01 2014-04-25 21:40 - 2014-04-25 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2014-04-25 21:40 - 2014-04-25 21:36 - 00253404 ____H () C:\bdr-ld01 2014-04-25 21:40 - 2014-04-25 21:36 - 00009216 ____H () C:\bdr-ld01.mbr 2014-04-25 21:40 - 2014-04-24 01:54 - 00000000 ____D () C:\ProgramData\Bitdefender 2014-04-25 21:36 - 2014-04-24 01:51 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender 2014-04-25 21:18 - 2014-04-25 21:18 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\MVH 2014-04-25 21:18 - 2014-04-25 00:53 - 01373184 _____ () C:\Users\Simon\Desktop\MVH Loader.exe 2014-04-25 21:17 - 2014-04-24 19:00 - 00000000 ____D () C:\Users\Simon\Desktop\Bilder 2014-04-25 19:35 - 2014-01-22 22:53 - 00000000 ____D () C:\Users\Simon\AppData\Local\VirtualStore 2014-04-25 14:49 - 2014-05-11 15:47 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe 2014-04-25 02:34 - 2014-04-25 02:34 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2014-04-25 00:53 - 2014-04-25 00:53 - 01108568 _____ () C:\Users\Simon\Downloads\MVH Loader.zip 2014-04-25 00:47 - 2014-04-25 00:47 - 04106679 _____ () C:\Users\Simon\Downloads\[Abs]Loader.rar 2014-04-25 00:41 - 2014-04-25 00:28 - 00000000 ____D () C:\Users\Simon\Desktop\Combat Arms Hack 2014-04-25 00:40 - 2014-04-25 00:21 - 00000000 ____D () C:\ProgramData\NexonEU 2014-04-25 00:34 - 2014-04-25 00:34 - 00000000 ____D () C:\ProgramData\Nexon 2014-04-25 00:24 - 2014-04-25 00:24 - 00001634 _____ () C:\Users\Public\Desktop\Combat Arms EU.lnk 2014-04-25 00:24 - 2014-04-25 00:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon 2014-04-25 00:21 - 2014-04-25 00:21 - 00000000 ____D () C:\Nexon 2014-04-25 00:13 - 2014-04-24 23:52 - 1967289647 _____ (Nexon) C:\Users\Simon\Desktop\Combatarms_eu.exe 2014-04-24 23:51 - 2014-04-24 23:51 - 10552296 _____ (Akamai Technologies, Inc.) C:\Users\Simon\Downloads\NexonEU_Installer.exe 2014-04-24 23:51 - 2014-04-14 21:03 - 00000000 ____D () C:\Users\Simon\AppData\Local\Akamai 2014-04-24 23:50 - 2014-04-24 23:50 - 01617203 _____ () C:\Users\Simon\Downloads\[ghbsys.net] Public-Client.zip 2014-04-24 22:10 - 2014-04-24 22:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA 2014-04-24 22:09 - 2014-04-24 22:09 - 00001474 _____ () C:\Users\Public\Desktop\Bloodline Champions.lnk 2014-04-24 22:09 - 2014-04-24 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodline Champions 2014-04-24 22:08 - 2014-04-24 22:08 - 00000000 ____D () C:\Program Files (x86)\Stunlock Studios 2014-04-24 22:08 - 2014-04-24 22:03 - 363876296 _____ (Stunlock Studios ) C:\Users\Simon\Downloads\bloodline-champions_25983.exe 2014-04-24 22:03 - 2014-04-24 22:03 - 01062288 _____ () C:\Users\Simon\Downloads\Bloodline-Champions-lnstall.exe 2014-04-24 19:35 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Offline Web Pages 2014-04-24 19:33 - 2014-04-24 19:33 - 10768896 _____ () C:\Users\Simon\Downloads\Wolfteam INV Hack AUG 2013.exe 2014-04-24 19:25 - 2014-04-24 19:25 - 00058597 _____ () C:\Users\Simon\Downloads\Business.Card.Maker.8.0_CRK-FFF.zip 2014-04-24 19:23 - 2014-04-24 17:32 - 00000000 ____D () C:\Users\Simon\Downloads\Download.am 2014-04-24 19:23 - 2014-04-24 17:32 - 00000000 ____D () C:\Users\Simon\AppData\Local\download.am-data 2014-04-24 19:22 - 2014-04-24 19:22 - 00077025 _____ () C:\Users\Simon\Downloads\CD244A3FE5B95DA446608BC56299A387E1A64734.torrent 2014-04-24 19:08 - 2014-04-24 19:01 - 00000000 ____D () C:\Users\Simon\Desktop\Programme 2014-04-24 19:04 - 2014-04-24 19:04 - 00000000 ____D () C:\Users\Simon\Desktop\Programme;Spiele 2014-04-24 18:59 - 2014-04-24 18:59 - 07307552 _____ () C:\Users\Simon\Downloads\bitdefender_isecurity.exe 2014-04-24 18:48 - 2014-04-24 18:41 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-04-24 18:43 - 2014-04-24 18:41 - 00000000 ____D () C:\ProgramData\TuneUp Software 2014-04-24 18:42 - 2014-04-24 18:42 - 00002217 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk 2014-04-24 18:42 - 2014-04-24 18:42 - 00002209 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk 2014-04-24 18:42 - 2014-04-24 18:42 - 00002197 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk 2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TuneUp Software 2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Users\Simon\AppData\Local\TuneUp Software 2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014 2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014 2014-04-24 18:41 - 2014-04-24 18:41 - 00074811 _____ () C:\Users\Simon\Downloads\TuneUp 2014 Keygen by Game24x.rar 2014-04-24 18:41 - 2014-04-24 18:40 - 27878824 _____ (TuneUp Software) C:\Users\Simon\Downloads\TuneUpUtilities2014_de2745-DE.exe 2014-04-24 18:33 - 2014-04-24 18:32 - 209715712 _____ () C:\Users\Simon\Desktop\Tresor.bvd 2014-04-24 17:32 - 2014-04-24 17:32 - 00001053 _____ () C:\Users\Simon\Desktop\Download.am.lnk 2014-04-24 17:32 - 2014-04-24 17:32 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download.am 2014-04-24 17:32 - 2014-04-24 17:31 - 00000000 ____D () C:\Program Files (x86)\Download.am 2014-04-24 17:25 - 2014-04-24 17:25 - 13540177 _____ () C:\Users\Simon\Downloads\download.am-build233.zip 2014-04-24 17:21 - 2014-04-24 17:20 - 00000000 ____D () C:\Users\Simon\Desktop\RSDownloader 2014-04-24 17:20 - 2014-04-24 17:20 - 03028121 _____ () C:\Users\Simon\Downloads\RSD_0.61.zip 2014-04-24 17:20 - 2014-04-24 17:20 - 00000164 _____ () C:\Users\Simon\Downloads\40961pa16fh3627.rsdf 2014-04-24 17:19 - 2014-04-24 17:19 - 00000000 ____D () C:\Users\Simon\Desktop\JDownloader 2014-04-24 17:18 - 2014-04-24 17:18 - 31419822 _____ () C:\Users\Simon\Downloads\JDownloader.zip 2014-04-24 16:03 - 2014-03-08 18:51 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Curse Client 2014-04-24 15:59 - 2014-04-24 15:59 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE (2).exe 2014-04-24 15:58 - 2014-04-24 15:58 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE.exe 2014-04-24 15:58 - 2014-04-24 15:58 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE (1).exe 2014-04-24 05:02 - 2014-04-24 05:02 - 00040805 _____ () C:\ProgramData\1398308156.bdinstall.bin 2014-04-24 04:55 - 2014-04-24 04:55 - 01147424 _____ () C:\Users\Simon\Downloads\bitdefender_antitheft.exe 2014-04-24 04:48 - 2014-04-24 04:48 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity (2).exe 2014-04-24 04:18 - 2014-04-14 13:33 - 00000000 ____D () C:\Users\Simon\Desktop\PBdownforce 2014-04-24 04:04 - 2014-04-24 04:04 - 00000000 ____D () C:\Users\Simon\AppData\Local\simon-p 2014-04-24 03:43 - 2014-04-24 03:43 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity (1).exe 2014-04-24 03:12 - 2014-04-17 01:58 - 00000000 ____D () C:\Users\Simon\AppData\Local\Genesis 2014-04-24 02:57 - 2014-04-24 01:54 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll 2014-04-24 02:24 - 2014-04-24 02:24 - 00295296 _____ () C:\Windows\Minidump\042414-30264-01.dmp 2014-04-24 02:24 - 2014-02-04 22:14 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-04-24 02:19 - 2014-04-24 02:19 - 00612157 _____ () C:\ProgramData\1398297261.bdinstall.bin 2014-04-24 02:19 - 2014-04-24 02:19 - 00000385 _____ () C:\Windows\system32\user_gensett.xml 2014-04-24 02:19 - 2014-04-24 02:19 - 00000385 _____ () C:\Users\Simon\AppData\Roaminguser_gensett.xml 2014-04-24 02:19 - 2014-04-24 02:18 - 00000000 ____D () C:\ProgramData\BDLogging 2014-04-24 02:18 - 2014-04-24 02:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf 2014-04-24 02:17 - 2014-04-24 02:17 - 00283192 _____ (Mozilla) C:\Users\Simon\Downloads\Firefox Setup Stub 28.0 (1).exe 2014-04-24 01:57 - 2014-04-24 01:54 - 00000000 ____D () C:\Program Files\Bitdefender 2014-04-24 01:54 - 2014-04-16 21:52 - 00000513 _____ () C:\Windows\wininit.ini 2014-04-24 01:53 - 2014-02-04 22:14 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-04-24 01:51 - 2014-04-24 01:51 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity.exe 2014-04-23 22:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-04-22 22:49 - 2014-04-22 22:49 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieUserList 2014-04-22 22:49 - 2014-04-22 22:49 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieSiteList 2014-04-22 22:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-04-22 03:07 - 2014-04-22 03:07 - 00043012 _____ () C:\Users\Simon\Downloads\AimPoint.exe 2014-04-21 19:59 - 2014-04-21 19:59 - 21987424 _____ (Mozilla) C:\Users\Simon\Downloads\Thunderbird_Setup_de24.4.0.exe 2014-04-21 19:59 - 2014-04-21 19:59 - 00002106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2014-04-21 19:59 - 2014-04-21 19:59 - 00002094 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2014-04-21 19:59 - 2014-04-21 19:59 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Thunderbird 2014-04-20 19:16 - 2014-04-17 01:57 - 00000000 ____D () C:\Program Files\002 2014-04-20 19:16 - 2010-10-27 13:16 - 00000000 ____D () C:\Windows\oem 2014-04-20 19:07 - 2014-04-20 19:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-20 19:07 - 2014-04-20 19:07 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-20 19:07 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-04-20 19:07 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-20 19:07 - 2014-04-20 19:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-20 14:09 - 2014-04-20 14:09 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-04-20 14:09 - 2014-04-20 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-20 14:09 - 2014-03-16 21:41 - 00000000 ____D () C:\Program Files (x86)\Java 2014-04-20 14:09 - 2014-03-16 21:40 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-19 19:18 - 2014-02-15 14:30 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\.purple 2014-04-18 16:00 - 2014-04-18 16:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204 (2).exe 2014-04-18 16:00 - 2014-04-18 16:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204 (1).exe 2014-04-18 16:00 - 2014-04-18 16:00 - 00016670 _____ () C:\Users\Simon\Downloads\hijackthis.log 2014-04-18 16:00 - 2014-04-17 15:07 - 00000000 ____D () C:\AdwCleaner 2014-04-18 15:59 - 2014-04-18 15:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204.exe 2014-04-17 19:10 - 2014-04-17 19:10 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-17 19:10 - 2014-04-17 19:10 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Mozilla 2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Users\Simon\AppData\Local\Mozilla 2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\ProgramData\Mozilla 2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-17 19:09 - 2014-04-17 19:09 - 00283192 _____ (Mozilla) C:\Users\Simon\Downloads\Firefox Setup Stub 28.0.exe 2014-04-17 15:08 - 2014-01-22 23:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-04-17 15:08 - 2014-01-22 22:54 - 00000999 _____ () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-17 15:08 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-17 15:07 - 2014-04-17 15:07 - 00000000 ____D () C:\Users\Simon\Downloads\AdwCleaner_TSA221R2W 2014-04-17 05:25 - 2014-04-17 05:25 - 00376264 _____ () C:\Users\Simon\Downloads\PricePeep (1).exe 2014-04-17 01:58 - 2014-04-17 01:58 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\InetStat 2014-04-17 01:58 - 2014-04-17 01:58 - 00000000 ____D () C:\Program Files (x86)\Rr Savings 2014-04-17 01:57 - 2014-04-17 01:57 - 00003162 _____ () C:\Windows\System32\Tasks\fsupdate 2014-04-16 21:51 - 2014-04-16 21:50 - 04924064 _____ (Systweak Inc ) C:\Users\Simon\Downloads\rcpsetup_2005_file.net_ab_DE-kTweak.exe 2014-04-16 13:41 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-04-16 00:26 - 2014-03-31 23:24 - 00000000 _RSHD () C:\Users\Simon\.IMbLDhAuwE Some content of TEMP: ==================== C:\Users\Simon\AppData\Local\Temp\AskFmApi.exe C:\Users\Simon\AppData\Local\Temp\drm_dyndata_7380015.dll C:\Users\Simon\AppData\Local\Temp\ICReinstall_COMPUTER_BILD-Download-Manager_fuer_setup.exe C:\Users\Simon\AppData\Local\Temp\JNativeHook_1010585539620646518.dll C:\Users\Simon\AppData\Local\Temp\JNativeHook_2463213317395202958.dll C:\Users\Simon\AppData\Local\Temp\JNativeHook_3349987008083522072.dll C:\Users\Simon\AppData\Local\Temp\JNativeHook_4697151084216426821.dll C:\Users\Simon\AppData\Local\Temp\JNativeHook_4752302052903291192.dll C:\Users\Simon\AppData\Local\Temp\JNativeHook_4805760147115222786.dll C:\Users\Simon\AppData\Local\Temp\JNativeHook_5009065584628265166.dll C:\Users\Simon\AppData\Local\Temp\JNativeHook_590635129596865176.dll C:\Users\Simon\AppData\Local\Temp\JNativeHook_6614085503958555007.dll C:\Users\Simon\AppData\Local\Temp\JNativeHook_6885165834752642353.dll C:\Users\Simon\AppData\Local\Temp\JNativeHook_8043159873189132644.dll C:\Users\Simon\AppData\Local\Temp\JNativeHook_8204638230892071985.dll C:\Users\Simon\AppData\Local\Temp\JNativeHook_8876634897088988853.dll C:\Users\Simon\AppData\Local\Temp\JNativeHook_9187723041974552115.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe [2014-05-14 17:59] - [2014-03-04 11:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-09 13:35 ==================== End Of Log ============================ |
16.05.2014, 15:38 | #4 |
| Verdacht auf einen bösen Trojaner Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2014 Ran by Simon at 2014-05-16 16:34:13 Running from C:\Users\Simon\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D} AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46} ==================== Installed Programs ====================== Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 5.1.8507 - CyberLink Corp.) Acer Arcade Deluxe (x32 Version: 5.1.8507 - CyberLink Corp.) Hidden Acer Arcade Movie (x32 Version: 9.0.7201 - CyberLink Corp.) Hidden Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3015 - Acer Incorporated) Acer GameZone Console (HKLM-x32\...\{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1) (Version: 6.1.0.9 - Oberon Media, Inc.) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0318.2010 - Acer Incorporated) Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.) Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated) Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated) Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.13491 - Systweak Software) <==== ATTENTION Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment) Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden Airport Mania First Flight (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}) (Version: - Oberon Media) Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc) Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media) Another Life Client 1.52 (HKLM-x32\...\{D4E82BDF-6252-4761-A020-37DBC34C7617}}_is1) (Version: 1.52 - Tim Witschel Serververmietung) AnotherLife Client Version 1.4 (HKLM-x32\...\{1B305614-536F-47B0-917D-140C1D2477BA}}_is1) (Version: 1.4 - Tim Witschel Serververmietung) AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 141 - Abelssoft) Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Attack Surface Analyzer (HKLM\...\{2710505A-D198-4906-8767-F869909D9FA6}) (Version: 5.3.0.0 - Microsoft Corporation) AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin) Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation) Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.27.0.1146 - Bitdefender) Bloodline Champions (HKLM-x32\...\{81E58F0A-E24E-4132-98C2-6BA39899692E}_is1) (Version: 2.4.1.0 - Stunlock Studios) BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3066 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{8789EB72-635E-4A91-95DB-3FC11CBE7725}) (Version: 0.8.7.3066 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media) CANYON USB PC CAMERA (HKLM-x32\...\{A59AB961-BE82-41E0-B0FB-648DFA6DDEA4}) (Version: 1.0.20 - ANC) Cobra 11 - Highway Nights Demo (remove only) (HKLM-x32\...\HighwayNights Demo) (Version: - ) Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version: - ) Common Desktop Agent (Version: 1.62.0 - OEM) Hidden CPUCooL (remove only) (HKLM-x32\...\CPUCooL) (Version: - ) Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Domingo 2 Version 2.6.1. (HKLM-x32\...\{FB326C8F-DA81-4764-B994-6D3D6C4796A9}_is1) (Version: - Patrick Diekmann) Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) Download.am (HKLM-x32\...\Download.am) (Version: - ) Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media) eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM) Epigenesis (HKLM-x32\...\Steam App 244590) (Version: - Dead Shark Triplepunch) <==== ATTENTION eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.) eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden Genesis (HKCU\...\genesis) (Version: - ) <==== ATTENTION GEONExT 1.74 (HKLM-x32\...\GEONExT_is1) (Version: 1.74 - GEONExT Group) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media) Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3013 - Acer Incorporated) ICQ 8.2 (build 6901) (HKCU\...\ICQ) (Version: 8.2.6901.0 - ICQ) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated) ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden InetStat (HKCU\...\InetStat) (Version: 0.3 - InetStat) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation) iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality) Loong Dragonblood (HKLM-x32\...\{BAE0CFD0-1598-4BC4-9AB3-BD2CF575EED9}) (Version: 2.5.12 - gamigo) MAGIX Web Designer 9 Premium (HKLM\...\MX.{B497E1E1-E2E9-4B93-B242-86087EDEDF92}) (Version: 9.0.1.27343 - MAGIX AG) MAGIX Web Designer 9 Premium (Version: 9.0.1.27343 - MAGIX AG) Hidden Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation) MediaEspresso (x32 Version: 5.1.1116_32498 - CyberLink Corp.) Hidden Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) MKLOL (HKCU\...\MKLOL) (Version: - ) Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla) Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla) MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MultIV (HKLM-x32\...\{D0CA9142-4127-40FF-B3C1-B2C089B745A2}_is1) (Version: 0.2 - MultIV Team) MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation) NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.19.0 - NEC Electronics Corporation) Hidden Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden Nero Express Help (x32 Version: 9.4.37.100 - Nero AG) Hidden Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden Nero StartSmart (x32 Version: 9.4.37.100 - Nero AG) Hidden Nero StartSmart Help (x32 Version: 9.4.27.100 - Nero AG) Hidden Nero StartSmart OEM (x32 Version: 9.16.0.100 - Nero AG) Hidden NeroExpress (x32 Version: 9.4.37.100 - Nero AG) Hidden neroxml (x32 Version: 1.0.0 - Nero AG) Hidden Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation) NVIDIA 3D Vision Controller-Treiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 332.21 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.21 - NVIDIA Corporation) NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation) NVIDIA Grafiktreiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation) Opera Stable 21.0.1432.57 (HKLM-x32\...\Opera 21.0.1432.57) (Version: 21.0.1432.57 - Opera Software ASA) Overwolf (HKLM-x32\...\{FB83467F-D8EB-43E6-8B3D-860B045C1C52}) (Version: 0.51.325 - Overwolf) Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf) phpDesigner 8 version 8.1.2 (HKLM-x32\...\phpDesigner8_is1) (Version: - MPSOFTWARE) Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - ) pidgin-otr 4.0.0-1 (HKLM-x32\...\pidgin-otr) (Version: 4.0.0-1 - Cypherpunks CA) Poker Pop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}) (Version: - Oberon Media) PrivaZer (HKLM-x32\...\PrivaZer) (Version: 2.19.0.0 - Goversoft LLC) ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.) RegClean-Pro (HKLM-x32\...\RegClean-Pro_is1) (Version: 6.21 - Systweak Inc) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.20.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.20.0 - Renesas Electronics Corporation) Hidden RrSavings (x32 Version: 1.0.0.0 - RrSavings) Hidden <==== ATTENTION Samsung CLX-3300 Series (HKLM-x32\...\Samsung CLX-3300 Series) (Version: 1.01 (01.05.2012) - Samsung Electronics Co., Ltd.) Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.02.09 (25.04.2012) - Samsung Electronics Co., Ltd.) Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.45.02(01.05.2012) - Samsung Electronics Co., Ltd.) Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.06.24 (25.04.2012) - Samsung Electronics Co., Ltd.) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00.04 - Samsung Electronics Co., Ltd.) Samsung Scan Process Machine (x32 Version: 1.00.18.04 - Samsung Electronics Co., Ltd.) Hidden Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software) SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden simplitec simplicheck (HKLM-x32\...\{183D780B-28F9-41BA-A2CB-605F324A5781}) (Version: 1.3.10.0 - simplitec GmbH) Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.) SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version: - Oberon Media) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer) TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.275 - TuneUp Software) TuneUp Utilities 2014 (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) War Thunder Launcher 1.0.1.355 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment) Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) WolfTeam-DE (HKLM-x32\...\WolfTeam-DE) (Version: - ) ==================== Restore Points ========================= 11-05-2014 13:58:15 RegClean Pro So, Mai 11, 14 15:58 11-05-2014 16:40:47 Installiert CANYON USB PC CAMERA 11-05-2014 16:41:17 Gerätetreiber-Paketinstallation: VGA SoC PC-Camera provider Bildverarbeitungsgeräte 12-05-2014 23:33:11 RegClean Pro Di, Mai 13, 14 01:33 14-05-2014 19:59:23 Windows Update 16-05-2014 08:30:02 RegClean Pro Fr, Mai 16, 14 10:30 ==================== Hosts content: ========================== 2009-07-14 04:34 - 2014-03-21 14:56 - 00000895 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.google-analytics.com 127.0.0.1 google-analytics.com ==================== Scheduled Tasks (whitelisted) ============= Task: {0D7608FD-DBC5-47E6-A8FB-5554041EBA93} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {1086B9DD-4C9F-4E2F-A37E-8E541943544B} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-04-25] (Systweak Inc) <==== ATTENTION Task: {1578F21F-DB6C-49B1-B9AE-D20AFBC1D83D} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-04-25] (Systweak Inc) <==== ATTENTION Task: {1FF09EAB-1B3A-4E4C-81F2-86843C9A3667} - System32\Tasks\AntiBrowserSpy - BrowserMask => C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2014-01-13] () Task: {2A032745-2D20-450E-87A0-638DF39EC962} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2010-08-19] (Acer) Task: {46012232-7C26-470E-BB9B-9F4A570F6484} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22] (Google Inc.) Task: {4625DB89-D0C3-4CCE-A1EB-F1A0E9702F54} - System32\Tasks\Opera D6 => C:\Program Files (x86)\Opera\launcher.exe [2014-04-30] (Opera Software) Task: {7793B38D-D00A-4BA2-A836-CE7611EF8D2C} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-04-25] (Systweak Inc) <==== ATTENTION Task: {7A3CB029-11C4-40C8-83D5-C93DE8959402} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {7C7EF8CA-1D7B-4342-B2B1-95EA79E7B96E} - System32\Tasks\AcerArcadeDeluxe => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe [2011-01-07] (Acer Incorporated) Task: {7DDC0322-429D-4048-86B4-C5A0CB1FFAB3} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-03-20] (TuneUp Software) Task: {92F6A158-B868-4D71-9124-C0E0B04D4D51} - System32\Tasks\Opera D7 => C:\Program Files (x86)\Opera\launcher.exe [2014-04-30] (Opera Software) Task: {E0E342D7-A3D5-4D1D-92A2-9DCCFD2FF50C} - System32\Tasks\fsupdate => C:\Program Task: {E45A60B7-1372-49AC-B36B-B964D515BD14} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2014-04-08] (Systweak) <==== ATTENTION Task: {F36DEA01-83A9-4ED8-B6C7-A491822E21B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22] (Google Inc.) Task: {F87DED90-640F-440C-9EC4-218364591BD2} - System32\Tasks\ArcadeDeluxeAgentTS => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2011-01-07] (CyberLink Corp.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION ==================== Loaded Modules (whitelisted) ============= 2014-04-24 02:17 - 2013-06-19 11:45 - 00265080 ____N () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll 2014-04-25 21:40 - 2014-03-27 19:18 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui 2014-04-25 21:40 - 2011-11-14 19:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll 2014-04-25 21:40 - 2014-03-27 19:18 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui 2014-04-25 21:40 - 2014-03-25 10:53 - 00771328 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttpbr.mdl 2014-04-25 21:40 - 2014-03-25 10:53 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttpdsp.mdl 2014-04-25 21:40 - 2014-03-25 10:53 - 02593416 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttpph.mdl 2014-04-25 21:40 - 2014-03-25 10:53 - 01317216 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttprbl.mdl 2014-02-16 19:50 - 2013-12-19 20:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-01-29 19:14 - 2012-01-09 13:47 - 00034304 _____ () C:\Windows\System32\sst7clm.dll 2014-01-29 19:14 - 2012-04-26 08:34 - 01186304 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sst7cdu.dll 2014-03-21 14:42 - 2014-01-13 10:45 - 00823424 _____ () C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe 2014-03-21 14:42 - 2014-01-13 10:45 - 00055936 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbSettings.dll 2014-03-21 14:42 - 2014-01-13 10:45 - 00861312 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyResources.dll 2014-03-21 14:42 - 2014-01-13 10:45 - 01340032 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyLibrary.dll 2014-03-21 14:42 - 2014-01-13 10:44 - 01401472 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbGui.dll 2014-03-21 14:42 - 2014-01-13 10:45 - 00016000 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbProcessManager.dll 2012-02-20 23:23 - 2012-02-20 23:23 - 00456704 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe 2012-02-20 23:23 - 2012-02-20 23:23 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll 2014-04-17 01:58 - 2014-04-17 01:57 - 01260648 _____ () C:\Users\Simon\AppData\Roaming\InetStat\inetstat.exe 2011-12-04 17:28 - 2011-12-04 17:28 - 01725952 _____ () C:\Program Files (x86)\CPUCooL\CPUCooL.exe 2014-03-20 14:44 - 2014-03-20 14:44 - 00675640 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll 2009-12-14 04:19 - 2009-12-09 11:24 - 00076320 _____ () C:\OEM\USBDECTION\USBS3S4Detection.exe 2014-04-24 02:17 - 2013-03-25 15:16 - 01117920 ____N () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll 2014-01-22 23:07 - 2013-03-01 14:13 - 01300816 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe 2014-01-22 23:07 - 2014-05-08 14:22 - 05424120 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\LoLLauncher.exe 2014-01-22 23:04 - 2013-07-13 17:35 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.88\deploy\LolClient.exe 2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-05-11 15:47 - 2012-07-25 12:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll 2014-05-11 15:47 - 2014-04-08 12:04 - 01730928 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll 2014-03-05 20:30 - 2014-03-05 20:30 - 00025600 _____ () C:\Program Files (x86)\Overwolf\CoreAudioApi.dll 2014-04-24 02:17 - 2014-03-15 00:05 - 00204280 ____N () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll 2014-04-25 15:30 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll 2014-04-25 15:30 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll 2014-04-25 15:30 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll 2014-04-25 15:30 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll 2014-04-25 15:30 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll 2014-04-25 15:30 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll 2014-02-19 15:35 - 2014-02-19 15:35 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll 2010-10-27 13:00 - 2010-09-13 19:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2014-04-25 15:30 - 2014-04-24 02:33 - 13692232 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll 2014-01-22 23:07 - 2014-05-08 14:22 - 01531384 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\RiotLauncher.dll 2014-01-22 23:04 - 2013-07-13 17:35 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.88\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll 2014-05-01 01:13 - 2014-05-01 01:13 - 03019888 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll 2014-05-01 01:13 - 2014-05-01 01:13 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll 2014-05-01 01:13 - 2014-05-01 01:13 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\Simon\Downloads\bitdefender_antitheft.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\bitdefender_isecurity.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\bitdefender_tsecurity (1).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\bitdefender_tsecurity (2).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\cfw_installer_5732_83.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader (1).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_cfw_installer_5732_83.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_setup.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\gfwlive35setup (1).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\gfwlive35setup.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\IE9-Windows7-x64-deu.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\multiv_setup (1).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\multiv_setup (2).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\multiv_setup.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\privazer_free (1).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\SteamSetup.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\SystemCheck_deDE (1).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\SystemCheck_deDE (2).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\SystemCheck_deDE.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\TuneUpUtilities2014_de2745-DE.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\WindowsUpgradeAssistant.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\Wolfteam INV Hack AUG 2013.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\wt_launcher_doi_1.0.1.355.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\YouTube-Unblocker-055 - CHIP-Downloader.exe:BDU ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: McAfee Inc. mfeapfk Description: McAfee Inc. mfeapfk Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: mfeapfk Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (05/16/2014 10:16:14 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: CooLSrv.exe, Version: 0.0.0.0, Zeitstempel: 0x4ed0cb16 Name des fehlerhaften Moduls: CooLSrv.exe, Version: 0.0.0.0, Zeitstempel: 0x4ed0cb16 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001ec91 ID des fehlerhaften Prozesses: 0x89c Startzeit der fehlerhaften Anwendung: 0xCooLSrv.exe0 Pfad der fehlerhaften Anwendung: CooLSrv.exe1 Pfad des fehlerhaften Moduls: CooLSrv.exe2 Berichtskennung: CooLSrv.exe3 Error: (05/16/2014 10:15:51 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. System.SystemException: Bitdefender antivirus HV.sys loaded ---> System.ComponentModel.Win32Exception: Unzulässige Funktion --- Ende der internen Ausnahmestapelüberwachung --- bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (05/16/2014 10:15:46 AM) (Source: McLogEvent) (EventID: 5022) (User: NT-AUTORITÄT) Description: Initialisierung des MCSCAN32-Moduls ist fehlgeschlagen. Das Modul hat folgenden Fehler ausgegeben: 1 Error: (05/15/2014 09:41:11 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm RegCleanPro.exe, Version 6.21.65.2903 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 6b4 Startzeit: 01cf70735bfb9a34 Endzeit: 20 Anwendungspfad: C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe Berichts-ID: dae43554-dc68-11e3-bcce-bc0543069a9f Error: (05/15/2014 09:25:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: CooLSrv.exe, Version: 0.0.0.0, Zeitstempel: 0x4ed0cb16 Name des fehlerhaften Moduls: CooLSrv.exe, Version: 0.0.0.0, Zeitstempel: 0x4ed0cb16 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001ec91 ID des fehlerhaften Prozesses: 0x8d8 Startzeit der fehlerhaften Anwendung: 0xCooLSrv.exe0 Pfad der fehlerhaften Anwendung: CooLSrv.exe1 Pfad des fehlerhaften Moduls: CooLSrv.exe2 Berichtskennung: CooLSrv.exe3 Error: (05/15/2014 09:24:23 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. System.SystemException: Bitdefender antivirus HV.sys loaded ---> System.ComponentModel.Win32Exception: Unzulässige Funktion --- Ende der internen Ausnahmestapelüberwachung --- bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (05/15/2014 09:24:21 PM) (Source: McLogEvent) (EventID: 5022) (User: NT-AUTORITÄT) Description: Initialisierung des MCSCAN32-Moduls ist fehlgeschlagen. Das Modul hat folgenden Fehler ausgegeben: 1 Error: (05/14/2014 08:13:24 PM) (Source: SideBySide) (EventID: 63) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig. Error: (05/14/2014 05:45:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: CooLSrv.exe, Version: 0.0.0.0, Zeitstempel: 0x4ed0cb16 Name des fehlerhaften Moduls: CooLSrv.exe, Version: 0.0.0.0, Zeitstempel: 0x4ed0cb16 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001ec91 ID des fehlerhaften Prozesses: 0xbbc Startzeit der fehlerhaften Anwendung: 0xCooLSrv.exe0 Pfad der fehlerhaften Anwendung: CooLSrv.exe1 Pfad des fehlerhaften Moduls: CooLSrv.exe2 Berichtskennung: CooLSrv.exe3 Error: (05/14/2014 05:45:25 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. System.SystemException: Bitdefender antivirus HV.sys loaded ---> System.ComponentModel.Win32Exception: Unzulässige Funktion --- Ende der internen Ausnahmestapelüberwachung --- bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) System errors: ============= Error: (05/16/2014 10:16:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "CPUCooLServer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/16/2014 10:15:51 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: %%1064 Error: (05/16/2014 10:15:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee Anti-Malware Core" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (05/16/2014 10:14:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet: %%1243 Error: (05/15/2014 09:25:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "CPUCooLServer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/15/2014 09:24:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: %%1064 Error: (05/15/2014 09:24:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee Anti-Malware Core" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (05/15/2014 09:24:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet: %%1243 Error: (05/14/2014 05:45:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "CPUCooLServer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/14/2014 05:45:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: %%1064 Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-04-14 21:31:48.346 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQ566.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-14 21:31:48.251 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQ566.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-14 21:31:26.499 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQAFF6.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-14 21:31:26.413 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQAFF6.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-14 13:34:16.090 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQ86FA.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-14 13:34:15.988 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQ86FA.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Percentage of memory in use: 65% Total physical RAM: 8174 MB Available physical RAM: 2809.2 MB Total Pagefile: 16346.18 MB Available Pagefile: 9897.16 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:456.95 GB) (Free:336.84 GB) NTFS Drive d: (DATA) (Fixed) (Total:457.46 GB) (Free:307 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: FEB9136C) Partition 1: (Not Active) - (Size=17 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=457 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=457 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
16.05.2014, 15:45 | #5 | |
/// TB-Ausbilder | Verdacht auf einen bösen TrojanerZitat:
selbiges gilt für ComboFix. Scan mit Combofix
|
16.05.2014, 17:11 | #6 |
| Verdacht auf einen bösen Trojaner Hey sorry, dass ich es vom Download Ordner gestartet habe. Ist es schlimm ? Soll ich es nochmal machen vom Desktop ? Combofix Log: Code:
ATTFilter ComboFix 14-05-16.01 - Simon 16.05.2014 17:51:06.1.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8174.3410 [GMT 2:00] ausgeführt von:: C:\Users\Simon\Desktop\ComboFix.exe AV: Bitdefender Antivirus *Disabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D} FW: Bitdefender Firewall *Disabled* {A23392FD-84B9-F933-2C71-81E751F6EF46} SP: Bitdefender Spyware-Schutz *Disabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) C:\ProgramData\1398297261.bdinstall.bin C:\ProgramData\1398308156.bdinstall.bin C:\ProgramData\1398454570.bdinstall.bin C:\Windows\wininit.ini D:\install.exe ((((((((((((((((((((((((((((((((((((((( Treiber/Dienste ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_ACEDRV11 -------\Service_acedrv11 ((((((((((((((((((((((( Dateien erstellt von 2014-04-16 bis 2014-05-16 )))))))))))))))))))))))))))))) 2014-05-16 15:57:01 . 2014-05-16 15:57:01 -------- d-----w- C:\Users\Default\AppData\Local\temp 2014-05-16 14:33:31 . 2014-05-16 14:34:49 -------- d-----w- C:\FRST 2014-05-14 20:02:42 . 2014-05-06 04:40:42 23544320 ----a-w- C:\Windows\system32\mshtml.dll 2014-05-14 20:02:42 . 2014-05-06 04:17:53 2724864 ----a-w- C:\Windows\system32\mshtml.tlb 2014-05-14 20:02:42 . 2014-05-06 03:00:47 84992 ----a-w- C:\Windows\system32\mshtmled.dll 2014-05-14 20:02:41 . 2014-05-06 03:07:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2014-05-14 16:00:05 . 2014-03-25 02:43:12 14175744 ----a-w- C:\Windows\system32\shell32.dll 2014-05-12 23:29:32 . 2014-05-12 23:29:32 119512 ----a-w- C:\Windows\system32\drivers\48230029.sys 2014-05-11 16:41:05 . 2007-11-08 08:29:22 527872 ----a-w- C:\Windows\system32\drivers\PAC7302.SYS 2014-05-11 16:41:05 . 2007-11-02 09:07:28 8704 ----a-w- C:\Windows\system32\CoInst_071029.dll 2014-05-11 16:41:05 . 2000-06-08 15:00:00 119568 ----a-w- C:\Windows\SysWow64\KSPRbac9.rra 2014-05-11 16:41:04 . 2004-11-22 11:37:38 40960 ----a-w- C:\Windows\98Setup.exe 2014-05-11 16:41:03 . 2014-05-11 16:41:03 -------- d-----w- C:\Program Files (x86)\ANC 2014-05-11 16:41:03 . 2007-10-30 15:48:42 129024 ----a-w- C:\Windows\SysWow64\SP7302.ax 2014-05-11 16:41:02 . 2014-05-11 16:41:05 -------- d-----w- C:\Program Files (x86)\Common Files\PAC7302 2014-05-11 16:41:02 . 2014-05-11 16:41:02 -------- d-----w- C:\Windows\PixArt 2014-05-11 16:41:02 . 2007-11-08 08:30:08 454656 ----a-w- C:\Windows\SysWow64\drivers\PAC7302.sys 2014-05-11 16:41:02 . 2006-10-12 09:57:32 14336 ----a-w- C:\Windows\SysWow64\P7302USD.dll 2014-05-11 14:02:16 . 2014-05-11 14:02:16 -------- d-----w- C:\Users\Simon\AppData\Local\Opera Software 2014-05-11 14:02:13 . 2014-05-11 14:02:13 -------- d-----w- C:\Users\Simon\AppData\Roaming\Opera Software 2014-05-11 13:49:41 . 2014-05-11 14:03:31 -------- d-----w- C:\Program Files (x86)\PrivaZer 2014-05-11 13:48:49 . 2014-05-11 14:05:48 -------- d-----w- C:\Program Files (x86)\Opera 2014-05-11 13:47:58 . 2014-05-11 13:47:58 -------- d-----w- C:\ProgramData\Systweak 2014-05-11 13:47:57 . 2014-05-11 13:47:59 -------- d-----w- C:\Program Files (x86)\Advanced System Protector 2014-05-11 13:47:57 . 2012-07-25 10:03:10 16896 ----a-w- C:\Windows\system32\sasnative64.exe 2014-05-11 13:47:45 . 2014-05-11 13:48:00 -------- d-----w- C:\Users\Simon\AppData\Roaming\Systweak 2014-05-11 13:47:44 . 2014-04-25 12:49:06 20312 ----a-w- C:\Windows\system32\roboot64.exe 2014-05-11 13:47:42 . 2014-05-11 13:47:44 -------- d-----w- C:\Program Files (x86)\RegClean Pro 2014-05-08 11:02:02 . 2014-05-08 11:02:02 -------- d-----w- C:\Users\Simon\AppData\Local\WarThunder 2014-05-08 11:02:02 . 2014-05-08 11:02:02 -------- d-----w- C:\ProgramData\WarThunder 2014-05-08 11:01:41 . 2014-05-08 12:39:44 -------- d-----w- C:\Program Files (x86)\WarThunder 2014-05-06 17:21:48 . 2014-05-06 18:23:35 -------- d-----w- C:\Users\Simon\AppData\Roaming\tor 2014-05-03 17:41:32 . 2014-05-03 17:41:32 -------- d-----w- C:\Users\Simon\AppData\Local\EdgeOfReality 2014-05-03 17:41:04 . 2008-10-15 04:22:52 519000 ----a-w- C:\Windows\system32\d3dx10_40.dll 2014-05-03 17:41:04 . 2008-10-15 04:22:52 452440 ----a-w- C:\Windows\SysWow64\d3dx10_40.dll 2014-05-03 17:41:04 . 2008-10-15 04:22:52 2605920 ----a-w- C:\Windows\system32\D3DCompiler_40.dll 2014-05-03 17:41:04 . 2008-10-15 04:22:52 2036576 ----a-w- C:\Windows\SysWow64\D3DCompiler_40.dll 2014-05-03 17:40:57 . 2008-10-15 04:22:52 5631312 ----a-w- C:\Windows\system32\D3DX9_40.dll 2014-05-03 17:40:57 . 2008-10-15 04:22:52 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll 2014-05-03 15:54:40 . 2014-05-03 15:56:32 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2014-05-03 15:54:39 . 2014-05-04 11:43:24 -------- d-----w- C:\Program Files (x86)\Steam 2014-05-03 15:43:53 . 2014-05-03 15:43:53 -------- d-----w- C:\Users\Simon\AppData\Roaming\MultIV 2014-05-03 15:43:13 . 2014-05-03 15:44:28 -------- d-----w- C:\Program Files (x86)\MultIV 2014-05-03 01:30:36 . 2014-05-03 01:30:36 -------- d-----w- C:\Windows\SysWow64\xlive 2014-05-03 01:30:26 . 2014-05-03 01:30:36 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2014-05-01 14:30:26 . 2014-05-01 14:30:26 -------- d-----w- C:\Program Files (x86)\Domingo 2 2014-05-01 11:31:53 . 2014-05-01 11:31:53 -------- d-sh--w- C:\ProgramData\SecuROM 2014-05-01 11:25:53 . 2014-05-01 11:25:57 -------- d-----w- C:\Users\Simon\AppData\Local\Rockstar Games 2014-05-01 11:24:18 . 2014-05-01 11:24:19 -------- d--h--r- C:\Users\Simon\AppData\Roaming\SecuROM 2014-04-30 23:13:52 . 2014-05-02 23:35:58 -------- d-----w- C:\Program Files (x86)\Mozilla Thunderbird 2014-04-25 20:05:16 . 2014-04-25 20:05:16 -------- d-----w- C:\Users\Simon\AppData\Local\GGC 2014-04-25 19:40:26 . 2014-04-26 19:41:31 -------- d-----w- C:\Users\Simon\AppData\Roaming\Bitdefender 2014-04-25 19:36:50 . 2013-08-13 10:38:37 3271472 ---ha-w- C:\bdr-bz01 2014-04-25 19:36:43 . 2013-08-07 10:46:28 389240 ----a-w- C:\Windows\system32\drivers\trufos.sys 2014-04-25 19:36:42 . 2013-08-23 10:48:49 150256 ----a-w- C:\Windows\system32\drivers\gzflt.sys 2014-04-25 19:34:39 . 2014-05-15 19:22:10 -------- d-s---w- C:\Windows\system32\CompatTel 2014-04-25 19:18:09 . 2014-04-25 19:18:09 -------- d-----w- C:\Users\Simon\AppData\Roaming\MVH 2014-04-24 22:34:57 . 2014-04-24 22:34:57 -------- d-----w- C:\ProgramData\Nexon 2014-04-24 22:21:45 . 2014-04-24 22:21:45 -------- d-----w- C:\Nexon 2014-04-24 20:10:34 . 2014-04-24 20:10:34 -------- d-----w- C:\Program Files (x86)\Microsoft XNA 2014-04-24 20:08:36 . 2014-04-24 20:08:36 -------- d-----w- C:\Program Files (x86)\Stunlock Studios 2014-04-24 17:09:59 . 2014-03-20 12:44:20 43320 ----a-w- C:\Windows\system32\uxtuneup.dll 2014-04-24 17:09:59 . 2014-03-20 12:44:20 36152 ----a-w- C:\Windows\SysWow64\uxtuneup.dll 2014-04-24 16:42:44 . 2014-03-20 12:44:28 40760 ----a-w- C:\Windows\system32\TURegOpt.exe 2014-04-24 16:42:36 . 2014-03-20 12:44:20 29496 ----a-w- C:\Windows\system32\authuitu.dll 2014-04-24 16:42:33 . 2014-03-20 12:44:20 25400 ----a-w- C:\Windows\SysWow64\authuitu.dll 2014-04-24 16:42:21 . 2014-04-24 16:42:21 -------- d-----w- C:\Users\Simon\AppData\Roaming\TuneUp Software 2014-04-24 16:42:21 . 2014-04-24 16:42:21 -------- d-----w- C:\Users\Simon\AppData\Local\TuneUp Software 2014-04-24 16:42:17 . 2014-04-24 16:42:30 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2014 2014-04-24 16:41:45 . 2014-04-24 16:43:22 -------- d-----w- C:\ProgramData\TuneUp Software 2014-04-24 16:41:35 . 2014-04-24 16:48:49 -------- d-sh--w- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-04-24 16:41:34 . 2014-04-24 16:41:34 -------- d--h--w- C:\ProgramData\Common Files 2014-04-24 15:32:21 . 2014-04-24 17:23:01 -------- d-----w- C:\Users\Simon\AppData\Local\download.am-data 2014-04-24 15:31:59 . 2014-04-24 15:32:14 -------- d-----w- C:\Program Files (x86)\Download.am 2014-04-24 02:04:20 . 2014-04-24 02:04:20 -------- d-----w- C:\Users\Simon\AppData\Local\simon-p 2014-04-24 00:18:03 . 2009-07-14 22:21:12 1721576 ----a-w- C:\Windows\system32\WdfCoInstaller01009.dll 2014-04-24 00:18:00 . 2014-04-24 00:19:08 -------- d-----w- C:\ProgramData\BDLogging 2014-04-24 00:17:53 . 2012-04-17 11:34:26 76944 ----a-w- C:\Windows\system32\drivers\bdvedisk.sys 2014-04-24 00:17:47 . 2013-11-04 13:47:36 82824 ----a-w- C:\Windows\system32\drivers\bdsandbox.sys 2014-04-24 00:17:47 . 2013-11-04 13:47:08 74512 ----a-w- C:\Windows\SysWow64\bdsandboxuiskin32.dll 2014-04-24 00:17:47 . 2013-02-22 16:46:52 93600 ----a-w- C:\Windows\system32\drivers\BdfNdisf6.sys 2014-04-24 00:17:47 . 2007-04-11 08:11:20 511328 ----a-w- C:\Windows\capicom.dll 2014-04-24 00:17:45 . 2013-12-02 09:58:48 635392 ----a-w- C:\Windows\system32\drivers\avckf.sys 2014-04-24 00:17:45 . 2013-12-02 09:56:50 893440 ----a-w- C:\Windows\system32\drivers\avc3.sys 2014-04-24 00:17:45 . 2012-11-02 11:17:46 261056 ----a-w- C:\Windows\system32\drivers\avchv.sys 2014-04-23 23:54:31 . 2014-04-25 19:40:47 -------- d-----w- C:\ProgramData\Bitdefender 2014-04-23 23:54:31 . 2014-04-24 00:57:08 74512 ----a-w- C:\Windows\system32\bdsandboxuiskin32.dll 2014-04-23 23:54:31 . 2014-04-23 23:57:41 -------- d-----w- C:\Program Files\Bitdefender 2014-04-23 23:54:31 . 2013-11-04 13:47:10 84848 ----a-w- C:\Windows\system32\BDSandBoxUISkin.dll 2014-04-23 23:54:31 . 2013-11-04 13:46:57 34384 ----a-w- C:\Windows\system32\BDSandBoxUH.dll 2014-04-23 23:54:21 . 2014-05-08 10:35:15 -------- d-----w- C:\Users\Simon\AppData\Roaming\QuickScan 2014-04-23 23:51:59 . 2014-04-25 19:36:43 -------- d-----w- C:\Program Files\Common Files\Bitdefender 2014-04-23 23:51:47 . 2014-04-23 23:51:47 -------- d-----w- C:\Program Files (x86)\Common Files\Bitdefender 2014-04-22 20:49:56 . 2014-04-22 20:49:56 -------- d-sh--w- C:\Users\Simon\AppData\Local\EmieUserList 2014-04-22 20:49:56 . 2014-04-22 20:49:56 -------- d-sh--w- C:\Users\Simon\AppData\Local\EmieSiteList 2014-04-21 17:59:58 . 2014-04-30 22:13:49 -------- d-----w- C:\Users\Simon\AppData\Local\Thunderbird 2014-04-21 17:59:58 . 2014-04-21 17:59:58 -------- d-----w- C:\Users\Simon\AppData\Roaming\Thunderbird 2014-04-20 17:07:47 . 2014-05-16 16:02:17 119512 ----a-w- C:\Windows\system32\drivers\MBAMSwissArmy.sys 2014-04-20 17:07:37 . 2014-04-03 07:51:04 88280 ----a-w- C:\Windows\system32\drivers\mbamchameleon.sys 2014-04-20 17:07:36 . 2014-04-20 17:07:38 -------- d-----w- C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-20 17:07:36 . 2014-04-20 17:07:36 -------- d-----w- C:\ProgramData\Malwarebytes 2014-04-20 17:07:36 . 2014-04-03 07:51:16 63192 ----a-w- C:\Windows\system32\drivers\mwac.sys 2014-04-20 17:07:36 . 2014-04-03 07:50:58 25816 ----a-w- C:\Windows\system32\drivers\mbam.sys 2014-04-17 17:10:19 . 2014-04-17 17:10:28 -------- d-----w- C:\Users\Simon\AppData\Local\Mozilla 2014-04-17 17:10:12 . 2014-05-03 01:17:28 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-17 13:07:53 . 2014-04-18 14:00:07 -------- d-----w- C:\AdwCleaner 2014-04-16 23:58:34 . 2014-04-16 23:58:34 -------- d-----w- C:\Program Files (x86)\Rr Savings 2014-04-16 23:58:04 . 2014-04-16 23:59:07 -------- d-----w- C:\temp 2014-04-16 23:58:04 . 2014-04-16 23:58:04 -------- d-----w- C:\Users\Simon\AppData\Roaming\InetStat 2014-04-16 23:58:00 . 2014-04-24 01:12:09 -------- d-----w- C:\Users\Simon\AppData\Local\Genesis 2014-04-16 23:57:33 . 2014-04-20 17:16:35 -------- d-----w- C:\Program Files\002 . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) 2014-05-14 20:00:36 . 2014-01-22 21:14:41 93223848 ----a-w- C:\Windows\system32\MRT.exe 2014-05-03 01:19:34 . 2014-04-11 12:06:39 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2014-05-03 01:19:34 . 2014-04-11 12:06:39 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2014-04-14 18:13:43 . 2014-03-16 19:41:31 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2014-04-03 19:18:58 . 2007-04-27 08:43:58 120200 ----a-w- C:\Windows\SysWow64\DLLDEV32i.dll 2014-04-03 19:03:34 . 2010-01-06 01:04:02 106112 ----a-w- C:\Windows\system32\drivers\mferkdet.sys 2014-04-01 17:41:35 . 2014-04-01 17:41:35 1236816 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2014-03-31 20:46:48 . 2014-03-31 20:46:48 130712 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL 2014-03-31 20:46:48 . 2014-03-31 20:46:48 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX 2014-03-17 08:16:10 . 2014-04-03 19:14:57 10521840 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CF0952C6-2699-480D-BE05-CCC2C2BF3E79}\mpengine.dll 2014-03-04 14:35:23 . 2014-03-11 14:32:13 1885472 ----a-w- C:\Windows\system32\nvdispco6433523.dll 2014-03-04 14:35:23 . 2014-03-11 14:32:13 1516488 ----a-w- C:\Windows\system32\nvdispgenco6433523.dll 2014-03-04 09:44:21 . 2014-04-09 11:49:33 362496 ----a-w- C:\Windows\system32\wow64win.dll 2014-03-04 09:44:21 . 2014-04-09 11:49:33 243712 ----a-w- C:\Windows\system32\wow64.dll 2014-03-04 09:44:21 . 2014-04-09 11:49:33 13312 ----a-w- C:\Windows\system32\wow64cpu.dll 2014-03-04 09:44:03 . 2014-04-09 11:49:33 16384 ----a-w- C:\Windows\system32\ntvdm64.dll 2014-03-04 09:44:00 . 2014-04-09 11:49:33 1163264 ----a-w- C:\Windows\system32\kernel32.dll 2014-03-04 09:17:19 . 2014-04-09 11:49:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2014-03-04 09:17:05 . 2014-04-09 11:49:33 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2014-03-04 09:16:54 . 2014-04-09 11:49:33 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2014-03-04 09:16:18 . 2014-04-09 11:49:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2014-03-04 08:09:30 . 2014-04-09 11:49:33 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2014-03-04 08:09:29 . 2014-04-09 11:49:33 2048 ----a-w- C:\Windows\SysWow64\user.exe (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-05-27 02:40:28 120176 ----a-w- C:\Program Files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe" [2014-01-14 17:47:54 20728480] "Overwolf"="C:\Program Files (x86)\Overwolf\Overwolf.exe" [2014-03-05 18:29:24 37664] "window"="C:\Program Files (x86)\Java\jre7\bin\javaw.exe" [2014-04-14 18:05:06 175528] "InetStat"="C:\Users\Simon\AppData\Roaming\InetStat\inetstat.exe" [2014-04-16 23:57:26 1260648] "Bitdefender-Geldbörse-Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" [2014-03-18 22:06:55 567888] "Bitdefender-Geldbörse"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" [2014-03-14 22:24:33 1001536] "Bitdefender-Geldbörse-Anwendungs-Agent"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [2014-03-18 22:04:16 614232] "GoogleChromeAutoLaunch_5DAEC53D8C099B1094B921010676FA41"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2014-05-07 23:29:35 841032] "icq"="C:\Users\Simon\AppData\Roaming\ICQM\icq.exe" [2014-02-13 14:18:56 33664344] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 02:59:08 337264] "EgisTecPMMUpdate"="C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 05:11:56 407920] "Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 22:33:10 1155928] "AVMWlanClient"="C:\Program Files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 01:00:00 2105344] "BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe" [2014-03-06 11:49:20 819984] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Bitdefender-Geldbörse-Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" [2014-03-18 22:06:55 567888] "Bitdefender-Geldbörse"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" [2014-03-14 22:24:33 1001536] "Bitdefender-Geldbörse-Anwendungs-Agent"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [2014-03-18 22:04:16 614232] C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ CPUCooL.lnk - C:\Program Files (x86)\CPUCooL\CPUCooL.exe 1 [2011-12-4 1725952] Curse.lnk - C:\Users\Simon\AppData\Roaming\Curse Client\Bin\Curse.exe /startup [2014-3-7 8528136] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Samsung Network PC Fax.lnk - C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe [2014-1-29 273408] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] @="" [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "Aeria Ignite"="C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent "ArcadeMovieService"="C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe" "EgisUpdate"="C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d "Download.am"=C:\Program Files (x86)\Download.am\download.am.exe --no-browser --disable-splash "Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe "IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe "MDS_Menu"="C:\Program Files (x86)\Acer Arcade Deluxe\MediaEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaEspresso\6.1" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" R2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;C:\Program Files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x] R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [x] R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x] R3 avckf;avckf;C:\Windows\system32\DRIVERS\avckf.sys;C:\Windows\SYSNATIVE\DRIVERS\avckf.sys [x] R3 avmeject;AVM Eject;C:\Windows\system32\drivers\avmeject.sys;C:\Windows\SYSNATIVE\drivers\avmeject.sys [x] R3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [x] R3 BDSandBox;BDSandBox;C:\Windows\system32\drivers\bdsandbox.sys;C:\Windows\SYSNATIVE\drivers\bdsandbox.sys [x] R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys;C:\Windows\SYSNATIVE\drivers\cfwids.sys [x] R3 EagleX64;EagleX64;C:\Windows\system32\drivers\EagleX64.sys;C:\Windows\SYSNATIVE\drivers\EagleX64.sys [x] R3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\system32\drivers\HipShieldK.sys;C:\Windows\SYSNATIVE\drivers\HipShieldK.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\system32\IEEtwCollector.exe;C:\Windows\SYSNATIVE\IEEtwCollector.exe [x] R3 mfencrk;McAfee Inc. mfencrk;C:\Windows\system32\DRIVERS\mfencrk.sys;C:\Windows\SYSNATIVE\DRIVERS\mfencrk.sys [x] R3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys;C:\Windows\SYSNATIVE\drivers\mferkdet.sys [x] R3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x] R3 OverwolfUpdaterService;Overwolf Updater Service;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [x] R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [x] R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys;C:\Windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 wolfkr;wolfkr;C:\AeriaGames\WolfTeam-DE\avital\wolfk64.sys;C:\AeriaGames\WolfTeam-DE\avital\wolfk64.sys [x] R4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe;C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [x] R4 bdfwfpf_pc;bdfwfpf_pc;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [x] R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [x] S0 avc3;avc3;C:\Windows\system32\DRIVERS\avc3.sys;C:\Windows\SYSNATIVE\DRIVERS\avc3.sys [x] S0 gzflt;gzflt;C:\Windows\system32\DRIVERS\gzflt.sys;C:\Windows\SYSNATIVE\DRIVERS\gzflt.sys [x] S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x] S1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x] S1 BDVEDISK;BDVEDISK;C:\Windows\system32\DRIVERS\bdvedisk.sys;C:\Windows\SYSNATIVE\DRIVERS\bdvedisk.sys [x] S1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys;C:\Windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x] S1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys;C:\Windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x] S1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys;C:\Windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x] S2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x] S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [x] S2 BstHdUpdaterSvc;BlueStacks Updater Service;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [x] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] S2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [x] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x] S2 MBAMService;MBAMService;C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x] S2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe;C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [x] S2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [x] S2 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys;C:\Windows\SYSNATIVE\drivers\mfewfpk.sys [x] S2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x] S2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe;C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [x] S2 Samsung Network Fax Server;Samsung Network Fax Server;C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe;C:\Windows\SYSNATIVE\spool\drivers\x64\3\NetFaxServer64.exe [x] S2 SSPORT;SSPORT;C:\Windows\system32\Drivers\SSPORT.sys;C:\Windows\SYSNATIVE\Drivers\SSPORT.sys [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x] S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x] S2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [x] S2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe;C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [x] S2 USBS3S4Detection;USBS3S4Detection;C:\OEM\USBDECTION\USBS3S4Detection.exe;C:\OEM\USBDECTION\USBS3S4Detection.exe [x] S3 avchv;avchv Function Driver;C:\Windows\system32\DRIVERS\avchv.sys;C:\Windows\SYSNATIVE\DRIVERS\avchv.sys [x] S3 fwlanusbn;FRITZ!WLAN N;C:\Windows\system32\DRIVERS\fwlanusbn.sys;C:\Windows\SYSNATIVE\DRIVERS\fwlanusbn.sys [x] S3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys;C:\Windows\SYSNATIVE\drivers\mbam.sys [x] S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\MBAMSwissArmy.sys;C:\Windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x] S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\system32\drivers\mwac.sys;C:\Windows\SYSNATIVE\drivers\mwac.sys [x] S3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys;C:\Windows\SYSNATIVE\drivers\mfefirek.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys;C:\Windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys;C:\Windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\system32\drivers\nvvad64v.sys;C:\Windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x] --- Andere Dienste/Treiber im Speicher --- *NewlyCreated* - MBAMSWISSARMY *NewlyCreated* - MBAMWEBACCESSCONTROL *NewlyCreated* - WS2IFSL *Deregistered* - mfeavfk01 [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-05-16 08:36:34 1077576 ----a-w- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe Inhalt des "geplante Tasks" Ordners 2014-05-16 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22 21:03:28 . 2014-01-22 21:03:26] 2014-05-16 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22 21:03:28 . 2014-01-22 21:03:26] 2014-05-16 C:\Windows\Tasks\RegClean Pro_DEFAULT.job - C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-05-11 13:47:42 . 2014-04-25 12:49:02] 2014-05-11 C:\Windows\Tasks\RegClean Pro_UPDATES.job - C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-05-11 13:47:42 . 2014-04-25 12:49:02] --------- X64 Entries ----------- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-05-27 02:42:12 137584 ----a-w- C:\Program Files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1] @="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}" [HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}] 2013-07-08 12:59:21 206352 ------w- C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxshell.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2] @="{342DAA0B-D796-460D-8566-901E08A1CCAD}" [HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}] 2013-07-08 12:59:21 206352 ------w- C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxshell.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3] @="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}" [HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}] 2013-07-08 12:59:21 206352 ------w- C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxshell.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4] @="{33816773-98AE-4723-ADE0-EBE54C8B5A67}" [HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}] 2013-07-08 12:59:21 206352 ------w- C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxshell.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-03 08:17:38 11464296] "CDAServer"="C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe" [2012-02-20 21:23:34 456704] "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 09:32:47 2234144] "ShadowPlay"="C:\Windows\system32\nvspcap64.dll" [2014-02-05 09:30:41 1179576] "Bdagent"="C:\Program Files\Bitdefender\Bitdefender\bdagent.exe" [2014-03-25 19:40:11 1742064] "PAC7302_Monitor"="C:\Windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 09:01:16 319488] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp ------- Zusätzlicher Suchlauf ------- uStart Page = about:blank uLocal Page = C:\Windows\system32\blank.htm mStart Page = about:blank mLocal Page = C:\Windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <local> IE: Nach Microsoft E&xel exportieren - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 Trusted Zone: aeriagames.com TCP: Interfaces\{D10E3A7A-0730-4774-8825-D3595DA11AC6}: NameServer = 192.168.178.235,192.168.178.1 FF - ProfilePath - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default\ - - - - Entfernte verwaiste Registrierungseinträge - - - - Toolbar-Locked - (no file) Wow6432Node-HKU-Default-RunOnce-SPReview - C:\Windows\System32\SPReview\SPReview.exe HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start Toolbar-Locked - (no file) AddRemove-genesis - c:\users\simon\appdata\local\genesis\genesis.exe |
17.05.2014, 09:24 | #7 |
/// TB-Ausbilder | Verdacht auf einen bösen Trojaner Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 3 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 4 Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann. Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.
Schritt 5
Bitte poste mit deiner nächsten Antwort
|
17.05.2014, 12:25 | #8 |
| Verdacht auf einen bösen Trojaner Adw Cleaner: Code:
ATTFilter # AdwCleaner v3.208 - Bericht erstellt am 17/05/2014 um 12:07:55 # Aktualisiert 11/05/2014 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzername : Simon - SIMON-PC # Gestartet von : C:\Users\Simon\Desktop\adwcleaner_3.208.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\ProgramData\Systweak Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro Ordner Gelöscht : C:\Program Files (x86)\Advanced System Protector Ordner Gelöscht : C:\Program Files (x86)\RegClean Pro Ordner Gelöscht : C:\Program Files (x86)\Rr Savings Ordner Gelöscht : C:\Program Files\002 Ordner Gelöscht : C:\Users\Simon\AppData\Local\Genesis Ordner Gelöscht : C:\Users\Simon\AppData\Roaming\Systweak Datei Gelöscht : C:\Users\Public\Desktop\Advanced System Protector.lnk Datei Gelöscht : C:\Users\Public\Desktop\RegClean Pro.lnk Datei Gelöscht : C:\Windows\System32\roboot64.exe Datei Gelöscht : C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage Datei Gelöscht : C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal Datei Gelöscht : C:\Windows\System32\Tasks\Advanced System Protector_startup Datei Gelöscht : C:\Windows\System32\Tasks\RegClean Pro Datei Gelöscht : C:\Windows\Tasks\RegClean Pro_DEFAULT.job Datei Gelöscht : C:\Windows\System32\Tasks\RegClean Pro_DEFAULT Datei Gelöscht : C:\Windows\Tasks\RegClean Pro_UPDATES.job Datei Gelöscht : C:\Windows\System32\Tasks\RegClean Pro_UPDATES ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS Schlüssel Gelöscht : HKCU\Software\genesis Schlüssel Gelöscht : HKCU\Software\InstallCore Schlüssel Gelöscht : HKCU\Software\OCS Schlüssel Gelöscht : HKCU\Software\systweak Schlüssel Gelöscht : HKLM\Software\systweak Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3566FB70-E722-4182-8266-815EAE862998} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean-Pro_is1 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\07BF6653227E2814286618E5EA689289 Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\07BF6653227E2814286618E5EA689289 ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.17041 -\\ Mozilla Firefox v28.0 (de) [ Datei : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default\prefs.js ] -\\ Google Chrome v34.0.1847.137 [ Datei : C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\preferences ] Gelöscht [Search Provider] : hxxp://www.qone8.com/web/?type=dspp&ts=1397737782&from=smt&uid=ST31000524AS_9VPCK3Z0XXXX9VPCK3Z0&q={searchTerms} Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms} ************************* AdwCleaner[R0].txt - [9889 octets] - [17/04/2014 15:07:55] AdwCleaner[R1].txt - [1547 octets] - [17/04/2014 17:44:17] AdwCleaner[R2].txt - [1036 octets] - [17/04/2014 17:47:19] AdwCleaner[R3].txt - [1289 octets] - [18/04/2014 15:58:58] AdwCleaner[R4].txt - [4320 octets] - [17/05/2014 12:07:24] AdwCleaner[S0].txt - [7061 octets] - [17/04/2014 15:08:19] AdwCleaner[S1].txt - [1397 octets] - [17/04/2014 17:44:49] AdwCleaner[S2].txt - [971 octets] - [17/04/2014 17:49:35] AdwCleaner[S3].txt - [1351 octets] - [18/04/2014 16:00:04] AdwCleaner[S4].txt - [4036 octets] - [17/05/2014 12:07:55] ########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [4096 octets] ########## Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 17.05.2014 Suchlauf-Zeit: 12:41:23 Logdatei: mbam.txt Administrator: Ja Version: 2.00.1.1004 Malware Datenbank: v2014.05.17.05 Rootkit Datenbank: v2014.03.27.01 Lizenz: Premium Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Simon Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 276835 Verstrichene Zeit: 7 Min, 59 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 3 PUP.Optional.Verti, C:\Users\Simon\Downloads\PricePeep.exe, In Quarantäne, [dd9c1e34aecd1323d1211e21f60e36ca], PUP.Optional.Superfish.A, C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, In Quarantäne, [0376b999cfac63d3a3dc7f04d52df50b], PUP.Optional.Superfish.A, C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, In Quarantäne, [e2977bd784f702349ee12e556b9739c7], Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter Zoek.exe v5.0.0.0 Updated 14-April-2014 Tool run by Simon on 17.05.2014 at 12:48:05,78. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Simon\Desktop\zoek.com [Scan all users] [Script inserted] ==== System Restore Info ====================== 17.05.2014 12:49:15 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3809745895-3397772576-1149702982-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-3809745895-3397772576-1149702982-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-3809745895-3397772576-1149702982-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully HKEY_USERS\S-1-5-21-3809745895-3397772576-1149702982-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default\prefs.js: Added to C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default\prefs.js: user_pref("browser.startup.homepage", "hxxp://www.google.com"); user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "hxxp://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\Simon\AppData\Roaming\Thunderbird\Profiles\k7qwhxlh.default\prefs.js: Added to C:\Users\Simon\AppData\Roaming\Thunderbird\Profiles\k7qwhxlh.default\prefs.js: user_pref("browser.startup.homepage", "hxxp://www.google.com"); user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "hxxp://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ==== Deleting Files \ Folders ====================== C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted C:\PROGRA~3\OberonGameConsole deleted C:\Windows\SysNative\sasnative64.exe deleted C:\Users\Simon\Downloads\rcpsetup_2005_file.net_ab_DE-kTweak.exe deleted C:\Users\Simon\Desktop\chrome-youtube-downloader-2.6.20.crx deleted "C:\PROGRA~2\AntiBrowserSpy\AbBugReporter.dll" deleted "C:\PROGRA~2\AntiBrowserSpy\AbCommons.dll" deleted "C:\PROGRA~2\AntiBrowserSpy\AbFlexTrans.dll" deleted "C:\PROGRA~2\AntiBrowserSpy\AbGui.dll" deleted "C:\PROGRA~2\AntiBrowserSpy\AbProcessManager.dll" deleted "C:\PROGRA~2\AntiBrowserSpy\AbSettings.dll" deleted "C:\PROGRA~2\AntiBrowserSpy\AbSettingsKeeper.dll" not deleted "C:\PROGRA~2\AntiBrowserSpy\AntiBrowserSpyLibrary.dll" deleted "C:\PROGRA~2\AntiBrowserSpy\AntiBrowserSpyResources.dll" deleted "C:\PROGRA~2\AntiBrowserSpy\BrowserMask.exe" deleted "C:\PROGRA~2\AntiBrowserSpy\Hardcodet.Wpf.TaskbarNotification.dll" deleted "C:\PROGRA~2\AntiBrowserSpy\log4net.dll" deleted "C:\PROGRA~2\AntiBrowserSpy\XDMessaging.dll" deleted "C:\PROGRA~2\AntiBrowserSpy\XDMessaging.Transport.IOStream.dll" deleted "C:\Users\Simon\AppData\Roaming\MultIV" deleted "C:\PROGRA~2\AntiBrowserSpy" not deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "ffpwdman@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman" [27.03.2014 19:26] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default - Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default F2CD1D7524F8E15AAC55568B9F72DE5B - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll - Nexon Game Controller ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ccahoghmggldkcdjiebjkidpfongdfbl - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx[03.03.2014 13:59] fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[] oohfajmmkkdjdoaoncnnbgfoomiakgbd - C:\Program Files (x86)\AntiBrowserSpy\Addons\Chrome.crx[] Bitdefender Wallet - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl SiteAdvisor - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho ==== Chrome Fix ====================== C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_artikel.softonic.de_0.localstorage deleted successfully C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_artikel.softonic.de_0.localstorage-journal deleted successfully C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vocup.softonic.de_0.localstorage deleted successfully C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vocup.softonic.de_0.localstorage-journal deleted successfully C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_windows-keyfinder.softonic.de_0.localstorage deleted successfully C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_windows-keyfinder.softonic.de_0.localstorage-journal deleted successfully C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohfajmmkkdjdoaoncnnbgfoomiakgbd deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyOverride"="<local>" "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\oohfajmmkkdjdoaoncnnbgfoomiakgbd deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\27DFQ9ZP will be deleted at reboot C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73I92H91 will be deleted at reboot C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9YR3W56 will be deleted at reboot C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWBCI32B will be deleted at reboot C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCRZS6RI will be deleted at reboot C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7UKZUFG will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Simon\AppData\Local\Mozilla\Firefox\Profiles\ngqpozn3.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1195 folders=153 58724563 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Public\AppData\Local\temp emptied successfully C:\Users\Simon\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Simon\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\AntiBrowserSpy\AbSettingsKeeper.dll" not found "C:\PROGRA~2\AntiBrowserSpy" not found "C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\27DFQ9ZP" not found "C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73I92H91" not found "C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9YR3W56" not found "C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWBCI32B" not found "C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCRZS6RI" not found "C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7UKZUFG" not found ==== EOF on 17.05.2014 at 13:14:24,76 ====================== Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Home Premium x64 Ran by Simon on 17.05.2014 at 12:20:46,97 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 17.05.2014 at 12:30:52,85 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-05-2014 Ran by Simon (administrator) on SIMON-PC on 17-05-2014 13:17:49 Running from C:\Users\Simon\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe () C:\OEM\USBDECTION\USBS3S4Detection.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe (PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe (Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\javaw.exe () C:\Users\Simon\AppData\Roaming\InetStat\inetstat.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe (Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\pmbxcrnmh.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor) HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] () HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1742064 2014-03-25] (Bitdefender) HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation) HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation) HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [819984 2014-03-06] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.) HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-03-19] (Bitdefender) HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-03-15] (Bitdefender) HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-03-19] (Bitdefender) HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20728480 2014-01-14] (Skype Technologies S.A.) HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [37664 2014-03-05] (Overwolf LTD) HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [window] => "C:\Program Files (x86)\Java\jre7\bin\javaw.exe" -jar "C:\Users\Simon\AppData\Roaming\archivos java\jar.B09" HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [InetStat] => C:\Users\Simon\AppData\Roaming\InetStat\inetstat.exe [1260648 2014-04-17] () HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-03-19] (Bitdefender) HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-03-15] (Bitdefender) HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-03-19] (Bitdefender) HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [GoogleChromeAutoLaunch_5DAEC53D8C099B1094B921010676FA41] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-05-08] (Google Inc.) HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [icq] => C:\Users\Simon\AppData\Roaming\ICQM\icq.exe [33664344 2014-02-13] (ICQ) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Samsung Electronics Co., Ltd.) Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CPUCooL.lnk ShortcutTarget: CPUCooL.lnk -> C:\Program Files (x86)\CPUCooL\CPUCooL.exe () Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk ShortcutTarget: Curse.lnk -> C:\Users\Simon\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc) ==================== Internet (Whitelisted) ==================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File Tcpip\..\Interfaces\{D10E3A7A-0730-4774-8825-D3595DA11AC6}: [NameServer]192.168.178.235,192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default FF NewTab: hxxp://www.google.com/ FF DefaultSearchEngine: Google FF SearchEngineOrder.1: Google FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.com FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q= FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Greasemonkey - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\ngqpozn3.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-05-11] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-04-25] FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ [] FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-04-25] Chrome: ======= CHR Extension: (Bitdefender Wallet) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-04-24] CHR Extension: (Google Wallet) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-17] CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-04-25] ==================== Services (Whitelisted) ================= R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender) S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-06] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-06] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-06] (BlueStack Systems, Inc.) S2 CPUCooLServer; C:\Program Files (x86)\CPUCooL\CooLSrv.exe [743936 2011-12-01] () R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199032 2010-01-06] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.) R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.) S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation) S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD) R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender) R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [237056 2012-04-26] (Samsung Electronics Co., Ltd.) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2138936 2014-03-20] (TuneUp Software) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender) R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] () R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1523728 2014-03-24] (Bitdefender) S2 mfecore; "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe" [X] ==================== Drivers (Whitelisted) ==================== U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2013-12-02] (BitDefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2013-12-02] (BitDefender) S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin) R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC) S4 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL) S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL) R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-06] (BlueStack Systems) S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.) R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-17] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation) R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.) R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.) U3 mfeavfk01; No ImagePath R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.) R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.) U5 mfencbdc; C:\Windows\System32\Drivers\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.) S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2014-04-03] (McAfee, Inc.) R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.) R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] () R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.) S3 PAC7302; C:\Windows\SysWOW64\DRIVERS\PAC7302.SYS [454656 2007-11-08] (PixArt Imaging Inc.) S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-01-23] () R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-02-10] (TuneUp Software) S3 wolfkr; C:\AeriaGames\WolfTeam-DE\avital\wolfk64.sys [86352 2014-04-14] () S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-17 13:17 - 2014-05-17 13:18 - 00022699 _____ () C:\Users\Simon\Desktop\FRST.txt 2014-05-17 13:15 - 2014-05-17 13:15 - 00013047 _____ () C:\Users\Simon\Desktop\zoek-results.txt 2014-05-17 13:11 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-05-17 12:48 - 2014-05-17 13:14 - 00013047 _____ () C:\zoek-results.log 2014-05-17 12:48 - 2014-05-17 13:07 - 00000000 ____D () C:\zoek_backup 2014-05-17 12:48 - 2014-05-17 12:48 - 00000000 ____D () C:\Users\Simon\Desktop\zoek 2014-05-17 12:48 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Simon\Desktop\zoek.scr 2014-05-17 12:48 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Simon\Desktop\zoek.pif 2014-05-17 12:48 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Simon\Desktop\zoek.com 2014-05-17 12:47 - 2014-05-17 12:47 - 04235514 _____ () C:\Users\Simon\Downloads\zoek.rar 2014-05-17 12:42 - 2014-05-17 12:42 - 00001620 _____ () C:\Users\Simon\Desktop\mbam.txt 2014-05-17 12:31 - 2014-05-17 12:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.0.1.1004 (1).exe 2014-05-17 12:30 - 2014-05-17 12:30 - 00000759 _____ () C:\Users\Simon\Desktop\JRT.txt 2014-05-17 12:20 - 2014-05-17 12:20 - 01016261 _____ (Thisisu) C:\Users\Simon\Desktop\JRT.exe 2014-05-17 12:20 - 2014-05-17 12:20 - 00000000 ____D () C:\Windows\ERUNT 2014-05-17 12:18 - 2014-05-17 12:18 - 00004180 _____ () C:\Users\Simon\Desktop\AdwCleaner[S4].txt 2014-05-17 12:07 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-05-17 12:06 - 2014-05-17 12:06 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\Program Files\iTunes 2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\Program Files\iPod 2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-05-17 12:02 - 2014-05-17 12:02 - 01325827 _____ () C:\Users\Simon\Desktop\adwcleaner_3.208.exe 2014-05-16 18:09 - 2014-05-16 18:09 - 00038341 _____ () C:\ComboFix.txt 2014-05-16 17:49 - 2014-05-16 18:09 - 00000000 ____D () C:\ComboFix 2014-05-16 17:49 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-05-16 17:49 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-05-16 17:49 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-05-16 17:49 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-05-16 17:49 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-05-16 17:49 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-05-16 17:49 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-05-16 17:49 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-05-16 17:48 - 2014-05-16 18:09 - 00000000 ____D () C:\Qoobox 2014-05-16 17:48 - 2014-05-16 18:08 - 00000000 ____D () C:\Windows\erdnt 2014-05-16 17:09 - 2014-05-16 17:09 - 05200990 ____R (Swearware) C:\Users\Simon\Desktop\ComboFix.exe 2014-05-16 16:34 - 2014-05-16 16:34 - 00049056 _____ () C:\Users\Simon\Downloads\Addition.txt 2014-05-16 16:33 - 2014-05-17 13:17 - 00000000 ____D () C:\FRST 2014-05-16 16:33 - 2014-05-16 16:34 - 00097162 _____ () C:\Users\Simon\Downloads\FRST.txt 2014-05-16 16:33 - 2014-05-16 16:33 - 02067456 _____ (Farbar) C:\Users\Simon\Desktop\FRST64.exe 2014-05-14 22:02 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-14 22:02 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-14 22:02 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-14 22:02 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-14 22:02 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-14 22:02 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-14 18:00 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-14 18:00 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-14 17:59 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-14 17:59 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-14 17:59 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-14 17:59 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-14 17:59 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-14 17:59 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-14 17:59 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-14 17:59 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-14 17:59 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-14 17:59 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-05-14 17:59 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-05-14 17:59 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-14 17:59 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-14 17:59 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-14 17:59 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-14 17:59 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-14 17:59 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-14 17:59 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-14 17:59 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-14 17:59 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-14 17:59 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-14 17:59 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-14 17:59 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-14 17:59 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-14 17:59 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-14 17:59 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-14 17:59 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-14 17:59 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-05-14 17:59 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-05-14 17:59 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-05-14 17:59 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-05-14 17:59 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-05-13 01:29 - 2014-05-13 01:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2014-05-11 18:46 - 2014-05-11 18:58 - 00230432 _____ () C:\PA7302.DAT 2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\Windows\PixArt 2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CANYON USB PC CAMERA 2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\Program Files (x86)\ANC 2014-05-11 18:41 - 2007-11-08 10:30 - 00454656 _____ (PixArt Imaging Inc.) C:\Windows\SysWOW64\Drivers\PAC7302.sys 2014-05-11 18:41 - 2007-11-08 10:29 - 00527872 _____ (PixArt Imaging Inc.) C:\Windows\system32\Drivers\PAC7302.SYS 2014-05-11 18:41 - 2007-11-02 11:07 - 00008704 _____ (PixArt Imaging Inc.) C:\Windows\system32\CoInst_071029.dll 2014-05-11 18:41 - 2007-10-30 17:48 - 00129024 _____ (PixArt Imaging Incorporation) C:\Windows\SysWOW64\SP7302.ax 2014-05-11 18:41 - 2007-03-20 16:44 - 00000566 _____ () C:\Windows\SysWOW64\SP7302.ini 2014-05-11 18:41 - 2006-10-12 11:57 - 00014336 _____ (PixArt Imaging Inc.) C:\Windows\SysWOW64\P7302USD.dll 2014-05-11 18:41 - 2004-11-22 13:37 - 00040960 _____ () C:\Windows\98Setup.exe 2014-05-11 18:41 - 2000-06-08 17:00 - 00119568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KSPRbac9.rra 2014-05-11 18:40 - 2014-05-11 18:40 - 05611298 _____ () C:\Users\Simon\Downloads\CNR-WCAM53_Drv_XPVW32.zip 2014-05-11 16:31 - 2014-05-11 16:32 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (3) (1).crx 2014-05-11 16:31 - 2014-05-11 16:31 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader (1).exe 2014-05-11 16:31 - 2014-05-11 16:31 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (3).crx 2014-05-11 16:31 - 2014-05-11 16:31 - 00143081 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0.zip 2014-05-11 16:31 - 2014-03-28 17:58 - 00155577 _____ () C:\Users\Simon\Desktop\proxtube_1.3.0.crx 2014-05-11 16:29 - 2014-05-11 16:29 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader.exe 2014-05-11 16:29 - 2014-05-11 16:29 - 00105903 _____ () C:\Users\Simon\Downloads\chrome-youtube-downloader-2.6.20.crx 2014-05-11 16:29 - 2014-05-11 16:29 - 00099158 _____ () C:\Users\Simon\Downloads\chrome-youtube-downloader-2.6.20.zip 2014-05-11 16:23 - 2014-05-11 16:23 - 00279792 _____ () C:\Users\Simon\Downloads\YouTube-Unblocker-055.zip 2014-05-11 16:22 - 2014-05-11 16:22 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\YouTube-Unblocker-055 - CHIP-Downloader.exe 2014-05-11 16:07 - 2014-05-11 16:18 - 230403208 _____ (COMODO) C:\Users\Simon\Downloads\cfw_installer_5732_83.exe 2014-05-11 16:07 - 2014-05-11 16:07 - 00686664 _____ ( ) C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_cfw_installer_5732_83.exe 2014-05-11 16:02 - 2014-05-11 16:02 - 07198344 _____ (Goversoft LLC) C:\Users\Simon\Downloads\privazer_free (1).exe 2014-05-11 16:02 - 2014-05-11 16:02 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Opera Software 2014-05-11 16:02 - 2014-05-11 16:02 - 00000000 ____D () C:\Users\Simon\AppData\Local\Opera Software 2014-05-11 15:51 - 2014-05-11 15:51 - 00295232 _____ () C:\Windows\Minidump\051114-20716-01.dmp 2014-05-11 15:49 - 2014-05-11 16:03 - 00000000 ____D () C:\Program Files (x86)\PrivaZer 2014-05-11 15:48 - 2014-05-11 16:05 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-05-11 15:48 - 2014-05-11 15:48 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7 2014-05-11 15:48 - 2014-05-11 15:48 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6 2014-05-11 15:48 - 2014-05-11 15:48 - 00001137 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-05-11 15:48 - 2014-05-11 15:48 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-05-11 15:34 - 2014-05-11 15:34 - 00339543 _____ () C:\Users\Simon\Downloads\Ask-Fm-Autolike.rar 2014-05-08 13:02 - 2014-05-08 13:02 - 00000000 ____D () C:\Users\Simon\AppData\Local\WarThunder 2014-05-08 13:02 - 2014-05-08 13:02 - 00000000 ____D () C:\ProgramData\WarThunder 2014-05-08 13:01 - 2014-05-08 14:39 - 00000000 ____D () C:\Program Files (x86)\WarThunder 2014-05-08 13:01 - 2014-05-08 13:01 - 04124808 _____ (Gaijin Entertainment ) C:\Users\Simon\Downloads\wt_launcher_doi_1.0.1.355.exe 2014-05-08 13:01 - 2014-05-08 13:01 - 00001109 _____ () C:\Users\Public\Desktop\WarThunder.lnk 2014-05-08 13:01 - 2014-05-08 13:01 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder 2014-05-08 00:32 - 2014-05-08 00:34 - 00053504 _____ () C:\Users\Simon\Downloads\bootkit_remover.zip 2014-05-06 19:21 - 2014-05-06 20:23 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\tor 2014-05-06 19:15 - 2014-05-06 19:17 - 26815695 _____ () C:\Users\Simon\Downloads\torbrowser-install-3.6_en-US.exe 2014-05-03 19:41 - 2014-05-03 19:41 - 00000000 ____D () C:\Users\Simon\AppData\Local\EdgeOfReality 2014-05-03 19:41 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2014-05-03 19:41 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2014-05-03 19:41 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2014-05-03 19:41 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2014-05-03 19:40 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2014-05-03 19:40 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll 2014-05-03 19:02 - 2014-05-03 19:02 - 00000219 _____ () C:\Users\Simon\Desktop\Dota 2.url 2014-05-03 18:47 - 2014-05-03 18:47 - 00000222 _____ () C:\Users\Simon\Desktop\Loadout.url 2014-05-03 18:29 - 2014-05-08 13:01 - 00000000 ____D () C:\Users\Simon\Documents\My Games 2014-05-03 18:18 - 2014-05-03 19:02 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-05-03 18:18 - 2014-05-03 18:18 - 00000222 _____ () C:\Users\Simon\Desktop\Epigenesis.url 2014-05-03 17:54 - 2014-05-04 13:43 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-05-03 17:54 - 2014-05-03 17:54 - 01141680 _____ () C:\Users\Simon\Downloads\SteamSetup.exe 2014-05-03 17:54 - 2014-05-03 17:54 - 00000971 _____ () C:\Users\Public\Desktop\Steam.lnk 2014-05-03 17:54 - 2014-05-03 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-05-03 17:51 - 2014-05-03 17:51 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup (2).exe 2014-05-03 17:51 - 2014-05-03 17:51 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup (1).exe 2014-05-03 17:43 - 2014-05-03 17:44 - 00000999 _____ () C:\Users\Public\Desktop\MultIV.lnk 2014-05-03 17:43 - 2014-05-03 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultIV 2014-05-03 17:43 - 2014-05-03 17:44 - 00000000 ____D () C:\Program Files (x86)\MultIV 2014-05-03 17:42 - 2014-05-03 17:42 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup.exe 2014-05-03 17:39 - 2014-05-03 17:39 - 04954736 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\WindowsUpgradeAssistant.exe 2014-05-03 17:34 - 2014-05-03 17:35 - 36965680 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\IE9-Windows7-x64-deu.exe 2014-05-03 17:01 - 2014-05-03 17:01 - 17532198 _____ () C:\Users\Simon\Downloads\1355067475iCEnhancer2_1FINAL.zip 2014-05-03 05:14 - 2014-05-03 05:14 - 97580750 _____ () C:\Users\Simon\Downloads\Seven Reel's Realistic ENB v1.5b.zip 2014-05-03 05:06 - 2014-05-03 05:06 - 19677675 _____ () C:\Users\Simon\Downloads\Fighter Jet P-996 Lazer 3.zip 2014-05-03 05:05 - 2014-05-03 05:05 - 00717632 _____ () C:\Users\Simon\Downloads\scripthookdotnet_v1.7.1.7b.zip 2014-05-03 04:52 - 2014-05-03 04:52 - 00000000 ____D () C:\Users\Simon\Desktop\Backup 2014-05-03 04:50 - 2014-05-03 04:53 - 89876480 _____ () C:\Users\Simon\Desktop\vehicles.img 2014-05-03 04:50 - 2014-05-03 04:50 - 00000000 ____D () C:\Users\Simon\Desktop\Infernus 2014-05-03 04:49 - 2014-05-03 04:49 - 00000000 ____D () C:\Users\Simon\Desktop\SparkIV 2014-05-03 04:48 - 2014-05-03 04:48 - 01540953 _____ () C:\Users\Simon\Downloads\SparkIV 0.6.6.zip 2014-05-03 04:46 - 2014-05-03 04:46 - 04695532 _____ () C:\Users\Simon\Downloads\1398374770_ageraone.rar 2014-05-03 03:32 - 2014-05-03 03:32 - 00000000 ____D () C:\Users\Simon\Documents\Games for Windows - LIVE Demos 2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\Windows\SysWOW64\xlive 2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace 2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2014-05-03 03:29 - 2014-05-03 03:29 - 00642712 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\gfwlive35setup.exe 2014-05-03 03:29 - 2014-05-03 03:29 - 00642712 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\gfwlive35setup (1).exe 2014-05-01 19:04 - 2014-05-01 19:04 - 00081626 _____ () C:\Users\Simon\Documents\Unit 1.voc 2014-05-01 19:04 - 2014-05-01 19:04 - 00081626 _____ () C:\Users\Simon\Desktop\Unit 1.voc 2014-05-01 17:09 - 2014-05-01 17:09 - 04044159 _____ () C:\Users\Simon\Downloads\1259416463_ProVehicleModv1.0.1.zip 2014-05-01 16:30 - 2014-05-01 16:30 - 00001027 _____ () C:\Users\Public\Desktop\Domingo 2.lnk 2014-05-01 16:30 - 2014-05-01 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Domingo 2 2014-05-01 16:30 - 2014-05-01 16:30 - 00000000 ____D () C:\Program Files (x86)\Domingo 2 2014-05-01 16:29 - 2014-05-01 16:29 - 04241516 _____ (Patrick Diekmann ) C:\Users\Simon\Downloads\setup.exe 2014-05-01 16:29 - 2014-05-01 16:29 - 00728032 _____ () C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_setup.exe 2014-05-01 15:56 - 2014-05-01 15:56 - 01138458 _____ () C:\Users\Simon\Downloads\1385372962_Space Shuttle.rar 2014-05-01 15:34 - 2014-05-01 15:35 - 00072097 _____ () C:\Users\Simon\Downloads\xliveless - v0.999b7 (patch 1.0.7.0. and EFLC 1.1.2.0).zip 2014-05-01 15:26 - 2014-05-01 15:26 - 02662221 _____ () C:\Users\Simon\Downloads\1310225693_Simple Native Trainer v.6.3.rar 2014-05-01 13:34 - 2014-05-01 13:34 - 00000000 ____D () C:\Users\Simon\Documents\Rockstar Games 2014-05-01 13:31 - 2014-05-01 13:31 - 00000000 __SHD () C:\ProgramData\SecuROM 2014-05-01 13:30 - 2014-05-01 13:30 - 04776440 _____ () C:\Users\Simon\Downloads\LaunchGTAIV.zip 2014-05-01 13:25 - 2014-05-01 13:25 - 00000000 ____D () C:\Users\Simon\AppData\Local\Rockstar Games 2014-05-01 13:24 - 2014-05-01 13:24 - 00000000 __RHD () C:\Users\Simon\AppData\Roaming\SecuROM 2014-05-01 03:46 - 2014-05-01 03:53 - 20725128 _____ () C:\Users\Simon\Downloads\MMM_PT._vlad.7z 2014-05-01 01:13 - 2014-05-03 01:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-04-28 20:55 - 2014-04-28 20:55 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (2).crx 2014-04-28 20:53 - 2014-04-28 20:53 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (1).crx 2014-04-28 20:52 - 2014-04-28 20:52 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0.crx 2014-04-25 22:05 - 2014-04-25 22:05 - 00000000 ____D () C:\Users\Simon\AppData\Local\GGC 2014-04-25 22:03 - 2012-10-09 19:30 - 05570560 _____ (GGC) C:\Users\Simon\Desktop\Gordonsys 2.0.exe 2014-04-25 22:01 - 2014-04-25 22:03 - 05570641 _____ () C:\Users\Simon\Downloads\Gordonsys2.0.rar 2014-04-25 21:40 - 2014-04-26 21:41 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Bitdefender 2014-04-25 21:40 - 2014-04-25 21:40 - 00002194 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk 2014-04-25 21:40 - 2014-04-25 21:40 - 00002075 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk 2014-04-25 21:40 - 2014-04-25 21:40 - 00000684 ____H () C:\bdr-cf01 2014-04-25 21:40 - 2014-04-25 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2014-04-25 21:36 - 2014-04-25 21:40 - 00253404 ____H () C:\bdr-ld01 2014-04-25 21:36 - 2014-04-25 21:40 - 00009216 ____H () C:\bdr-ld01.mbr 2014-04-25 21:36 - 2013-09-24 15:38 - 46879860 ____H () C:\bdr-im01.gz 2014-04-25 21:36 - 2013-08-23 12:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys 2014-04-25 21:36 - 2013-08-13 12:38 - 03271472 ____H () C:\bdr-bz01 2014-04-25 21:36 - 2013-08-07 12:46 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys 2014-04-25 21:34 - 2014-05-15 21:22 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-04-25 21:18 - 2014-04-25 21:18 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\MVH 2014-04-25 02:34 - 2014-04-25 02:34 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2014-04-25 00:53 - 2014-04-25 21:18 - 01373184 _____ () C:\Users\Simon\Desktop\MVH Loader.exe 2014-04-25 00:53 - 2014-04-25 00:53 - 01108568 _____ () C:\Users\Simon\Downloads\MVH Loader.zip 2014-04-25 00:47 - 2014-04-25 00:47 - 04106679 _____ () C:\Users\Simon\Downloads\[Abs]Loader.rar 2014-04-25 00:34 - 2014-04-25 00:34 - 00000000 ____D () C:\ProgramData\Nexon 2014-04-25 00:28 - 2014-04-25 00:41 - 00000000 ____D () C:\Users\Simon\Desktop\Combat Arms Hack 2014-04-25 00:24 - 2014-04-25 00:24 - 00001634 _____ () C:\Users\Public\Desktop\Combat Arms EU.lnk 2014-04-25 00:24 - 2014-04-25 00:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon 2014-04-25 00:21 - 2014-04-25 00:40 - 00000000 ____D () C:\ProgramData\NexonEU 2014-04-25 00:21 - 2014-04-25 00:21 - 00000000 ____D () C:\Nexon 2014-04-24 23:52 - 2014-04-25 00:13 - 1967289647 _____ (Nexon) C:\Users\Simon\Desktop\Combatarms_eu.exe 2014-04-24 23:51 - 2014-04-24 23:51 - 10552296 _____ (Akamai Technologies, Inc.) C:\Users\Simon\Downloads\NexonEU_Installer.exe 2014-04-24 23:50 - 2014-04-24 23:50 - 01617203 _____ () C:\Users\Simon\Downloads\[ghbsys.net] Public-Client.zip 2014-04-24 22:10 - 2014-04-24 22:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA 2014-04-24 22:09 - 2014-04-24 22:09 - 00001474 _____ () C:\Users\Public\Desktop\Bloodline Champions.lnk 2014-04-24 22:09 - 2014-04-24 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodline Champions 2014-04-24 22:08 - 2014-04-24 22:08 - 00000000 ____D () C:\Program Files (x86)\Stunlock Studios 2014-04-24 22:03 - 2014-04-24 22:08 - 363876296 _____ (Stunlock Studios ) C:\Users\Simon\Downloads\bloodline-champions_25983.exe 2014-04-24 22:03 - 2014-04-24 22:03 - 01062288 _____ () C:\Users\Simon\Downloads\Bloodline-Champions-lnstall.exe 2014-04-24 19:33 - 2014-04-24 19:33 - 10768896 _____ () C:\Users\Simon\Downloads\Wolfteam INV Hack AUG 2013.exe 2014-04-24 19:25 - 2014-04-24 19:25 - 00058597 _____ () C:\Users\Simon\Downloads\Business.Card.Maker.8.0_CRK-FFF.zip 2014-04-24 19:22 - 2014-04-24 19:22 - 00077025 _____ () C:\Users\Simon\Downloads\CD244A3FE5B95DA446608BC56299A387E1A64734.torrent 2014-04-24 19:09 - 2014-03-20 14:44 - 00043320 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll 2014-04-24 19:09 - 2014-03-20 14:44 - 00036152 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll 2014-04-24 19:04 - 2014-04-24 19:04 - 00000000 ____D () C:\Users\Simon\Desktop\Programme;Spiele 2014-04-24 19:01 - 2014-04-24 19:08 - 00000000 ____D () C:\Users\Simon\Desktop\Programme 2014-04-24 19:00 - 2014-04-25 21:17 - 00000000 ____D () C:\Users\Simon\Desktop\Bilder 2014-04-24 18:59 - 2014-04-24 18:59 - 07307552 _____ () C:\Users\Simon\Downloads\bitdefender_isecurity.exe 2014-04-24 18:49 - 2014-05-01 13:11 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler 2014-04-24 18:42 - 2014-04-24 18:42 - 00002217 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk 2014-04-24 18:42 - 2014-04-24 18:42 - 00002209 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk 2014-04-24 18:42 - 2014-04-24 18:42 - 00002197 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk 2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TuneUp Software 2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Users\Simon\AppData\Local\TuneUp Software 2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014 2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014 2014-04-24 18:42 - 2014-03-20 14:44 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe 2014-04-24 18:42 - 2014-03-20 14:44 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll 2014-04-24 18:42 - 2014-03-20 14:44 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll 2014-04-24 18:41 - 2014-04-24 18:43 - 00000000 ____D () C:\ProgramData\TuneUp Software 2014-04-24 18:41 - 2014-04-24 18:41 - 00074811 _____ () C:\Users\Simon\Downloads\TuneUp 2014 Keygen by Game24x.rar 2014-04-24 18:40 - 2014-04-24 18:41 - 27878824 _____ (TuneUp Software) C:\Users\Simon\Downloads\TuneUpUtilities2014_de2745-DE.exe 2014-04-24 18:32 - 2014-04-24 18:33 - 209715712 _____ () C:\Users\Simon\Desktop\Tresor.bvd 2014-04-24 17:32 - 2014-04-24 19:23 - 00000000 ____D () C:\Users\Simon\Downloads\Download.am 2014-04-24 17:32 - 2014-04-24 19:23 - 00000000 ____D () C:\Users\Simon\AppData\Local\download.am-data 2014-04-24 17:32 - 2014-04-24 17:32 - 00001053 _____ () C:\Users\Simon\Desktop\Download.am.lnk 2014-04-24 17:32 - 2014-04-24 17:32 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download.am 2014-04-24 17:31 - 2014-04-24 17:32 - 00000000 ____D () C:\Program Files (x86)\Download.am 2014-04-24 17:25 - 2014-04-24 17:25 - 13540177 _____ () C:\Users\Simon\Downloads\download.am-build233.zip 2014-04-24 17:20 - 2014-04-24 17:21 - 00000000 ____D () C:\Users\Simon\Desktop\RSDownloader 2014-04-24 17:20 - 2014-04-24 17:20 - 03028121 _____ () C:\Users\Simon\Downloads\RSD_0.61.zip 2014-04-24 17:20 - 2014-04-24 17:20 - 00000164 _____ () C:\Users\Simon\Downloads\40961pa16fh3627.rsdf 2014-04-24 17:19 - 2014-04-24 17:19 - 00000000 ____D () C:\Users\Simon\Desktop\JDownloader 2014-04-24 17:18 - 2014-04-24 17:18 - 31419822 _____ () C:\Users\Simon\Downloads\JDownloader.zip 2014-04-24 15:59 - 2014-04-24 15:59 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE (2).exe 2014-04-24 15:58 - 2014-04-24 15:58 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE.exe 2014-04-24 15:58 - 2014-04-24 15:58 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE (1).exe 2014-04-24 04:55 - 2014-04-24 04:55 - 01147424 _____ () C:\Users\Simon\Downloads\bitdefender_antitheft.exe 2014-04-24 04:48 - 2014-04-24 04:48 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity (2).exe 2014-04-24 04:04 - 2014-04-24 04:04 - 00000000 ____D () C:\Users\Simon\AppData\Local\simon-p 2014-04-24 03:43 - 2014-04-24 03:43 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity (1).exe 2014-04-24 02:24 - 2014-04-24 02:24 - 00295296 _____ () C:\Windows\Minidump\042414-30264-01.dmp 2014-04-24 02:19 - 2014-04-24 02:19 - 00000385 _____ () C:\Windows\system32\user_gensett.xml 2014-04-24 02:19 - 2014-04-24 02:19 - 00000385 _____ () C:\Users\Simon\AppData\Roaminguser_gensett.xml 2014-04-24 02:18 - 2014-04-24 02:19 - 00000000 ____D () C:\ProgramData\BDLogging 2014-04-24 02:18 - 2014-04-24 02:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf 2014-04-24 02:18 - 2009-07-15 00:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll 2014-04-24 02:17 - 2014-04-24 02:17 - 00283192 _____ (Mozilla) C:\Users\Simon\Downloads\Firefox Setup Stub 28.0 (1).exe 2014-04-24 02:17 - 2013-12-02 11:58 - 00635392 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys 2014-04-24 02:17 - 2013-12-02 11:56 - 00893440 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys 2014-04-24 02:17 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys 2014-04-24 02:17 - 2013-11-04 15:47 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll 2014-04-24 02:17 - 2013-02-22 18:46 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys 2014-04-24 02:17 - 2012-11-02 13:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys 2014-04-24 02:17 - 2012-04-17 13:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys 2014-04-24 02:17 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll 2014-04-24 01:54 - 2014-05-08 12:35 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\QuickScan 2014-04-24 01:54 - 2014-04-25 21:40 - 00000000 ____D () C:\ProgramData\Bitdefender 2014-04-24 01:54 - 2014-04-24 02:57 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll 2014-04-24 01:54 - 2014-04-24 01:57 - 00000000 ____D () C:\Program Files\Bitdefender 2014-04-24 01:54 - 2013-11-04 15:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll 2014-04-24 01:54 - 2013-11-04 15:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll 2014-04-24 01:51 - 2014-04-25 21:36 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender 2014-04-24 01:51 - 2014-04-24 01:51 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity.exe 2014-04-22 22:49 - 2014-04-22 22:49 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieUserList 2014-04-22 22:49 - 2014-04-22 22:49 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieSiteList 2014-04-22 22:44 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-22 22:44 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-22 22:44 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-22 22:44 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-22 22:44 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-22 22:44 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-22 22:44 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-22 22:44 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-22 22:44 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-22 22:44 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-22 22:44 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-22 22:44 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-04-22 22:44 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-22 22:44 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-22 22:44 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-22 22:44 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-04-22 22:44 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-04-22 22:44 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-22 22:44 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-22 22:44 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-22 22:44 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-04-22 22:44 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-04-22 22:44 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-04-22 22:44 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-04-22 22:44 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-22 22:44 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-04-22 22:44 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-04-22 22:44 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-04-22 22:44 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-04-22 22:44 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-22 22:44 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-22 22:44 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-22 22:44 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-04-22 22:44 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-04-22 22:44 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-22 22:44 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-04-22 22:44 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-04-22 22:44 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-04-22 22:44 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-22 22:44 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-22 22:44 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-22 22:44 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-04-22 22:44 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-04-22 22:44 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-04-22 03:07 - 2014-04-22 03:07 - 00043012 _____ () C:\Users\Simon\Downloads\AimPoint.exe 2014-04-21 19:59 - 2014-05-01 00:13 - 00000000 ____D () C:\Users\Simon\AppData\Local\Thunderbird 2014-04-21 19:59 - 2014-04-21 19:59 - 21987424 _____ (Mozilla) C:\Users\Simon\Downloads\Thunderbird_Setup_de24.4.0.exe 2014-04-21 19:59 - 2014-04-21 19:59 - 00002106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2014-04-21 19:59 - 2014-04-21 19:59 - 00002094 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2014-04-21 19:59 - 2014-04-21 19:59 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Thunderbird 2014-04-20 19:07 - 2014-05-17 13:14 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-20 19:07 - 2014-05-17 12:32 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-20 19:07 - 2014-05-17 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-04-20 19:07 - 2014-05-17 12:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-20 19:07 - 2014-04-20 19:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-20 19:07 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-20 19:07 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-20 19:07 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-20 19:07 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-04-20 14:09 - 2014-04-20 14:09 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-04-20 14:09 - 2014-04-20 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-18 16:00 - 2014-04-18 16:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204 (2).exe 2014-04-18 16:00 - 2014-04-18 16:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204 (1).exe 2014-04-18 16:00 - 2014-04-18 16:00 - 00016670 _____ () C:\Users\Simon\Downloads\hijackthis.log 2014-04-18 15:59 - 2014-04-18 15:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204.exe 2014-04-17 19:10 - 2014-05-03 03:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-17 19:10 - 2014-04-17 19:10 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-17 19:10 - 2014-04-17 19:10 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Mozilla 2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Users\Simon\AppData\Local\Mozilla 2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\ProgramData\Mozilla 2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-17 19:09 - 2014-04-17 19:09 - 00283192 _____ (Mozilla) C:\Users\Simon\Downloads\Firefox Setup Stub 28.0.exe 2014-04-17 15:07 - 2014-05-17 12:08 - 00000000 ____D () C:\AdwCleaner 2014-04-17 15:07 - 2014-04-17 15:07 - 00000000 ____D () C:\Users\Simon\Downloads\AdwCleaner_TSA221R2W 2014-04-17 01:58 - 2014-04-17 01:58 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\InetStat 2014-04-17 01:57 - 2014-04-17 01:57 - 00003162 _____ () C:\Windows\System32\Tasks\fsupdate ==================== One Month Modified Files and Folders ======= 2014-05-17 13:18 - 2014-05-17 13:17 - 00022699 _____ () C:\Users\Simon\Desktop\FRST.txt 2014-05-17 13:17 - 2014-05-16 16:33 - 00000000 ____D () C:\FRST 2014-05-17 13:17 - 2014-01-22 22:01 - 01212270 _____ () C:\Windows\WindowsUpdate.log 2014-05-17 13:16 - 2014-01-23 18:35 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Skype 2014-05-17 13:15 - 2014-05-17 13:15 - 00013047 _____ () C:\Users\Simon\Desktop\zoek-results.txt 2014-05-17 13:14 - 2014-05-17 12:48 - 00013047 _____ () C:\zoek-results.log 2014-05-17 13:14 - 2014-04-20 19:07 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-17 13:14 - 2014-01-27 20:47 - 00000000 ____D () C:\Users\Simon\AppData\Local\Overwolf 2014-05-17 13:13 - 2014-01-22 23:03 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-17 13:13 - 2014-01-22 22:05 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-05-17 13:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-17 13:13 - 2009-07-14 06:51 - 00073201 _____ () C:\Windows\setupact.log 2014-05-17 13:12 - 2014-01-22 22:27 - 00000000 ____D () C:\Windows\de 2014-05-17 13:12 - 2014-01-22 21:56 - 00242430 _____ () C:\Windows\PFRO.log 2014-05-17 13:07 - 2014-05-17 12:48 - 00000000 ____D () C:\zoek_backup 2014-05-17 12:48 - 2014-05-17 12:48 - 00000000 ____D () C:\Users\Simon\Desktop\zoek 2014-05-17 12:47 - 2014-05-17 12:47 - 04235514 _____ () C:\Users\Simon\Downloads\zoek.rar 2014-05-17 12:42 - 2014-05-17 12:42 - 00001620 _____ () C:\Users\Simon\Desktop\mbam.txt 2014-05-17 12:34 - 2014-01-22 23:03 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-17 12:32 - 2014-05-17 12:31 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.0.1.1004 (1).exe 2014-05-17 12:32 - 2014-04-20 19:07 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-17 12:32 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-17 12:32 - 2014-04-20 19:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-17 12:30 - 2014-05-17 12:30 - 00000759 _____ () C:\Users\Simon\Desktop\JRT.txt 2014-05-17 12:23 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-17 12:23 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-17 12:20 - 2014-05-17 12:20 - 01016261 _____ (Thisisu) C:\Users\Simon\Desktop\JRT.exe 2014-05-17 12:20 - 2014-05-17 12:20 - 00000000 ____D () C:\Windows\ERUNT 2014-05-17 12:18 - 2014-05-17 12:18 - 00004180 _____ () C:\Users\Simon\Desktop\AdwCleaner[S4].txt 2014-05-17 12:08 - 2014-04-17 15:07 - 00000000 ____D () C:\AdwCleaner 2014-05-17 12:06 - 2014-05-17 12:06 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\Program Files\iTunes 2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\Program Files\iPod 2014-05-17 12:06 - 2014-05-17 12:06 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-05-17 12:02 - 2014-05-17 12:02 - 01325827 _____ () C:\Users\Simon\Desktop\adwcleaner_3.208.exe 2014-05-17 00:03 - 2014-03-31 23:30 - 00000000 ____D () C:\Users\Simon\log2s 2014-05-16 18:09 - 2014-05-16 18:09 - 00038341 _____ () C:\ComboFix.txt 2014-05-16 18:09 - 2014-05-16 17:49 - 00000000 ____D () C:\ComboFix 2014-05-16 18:09 - 2014-05-16 17:48 - 00000000 ____D () C:\Qoobox 2014-05-16 18:09 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-05-16 18:08 - 2014-05-16 17:48 - 00000000 ____D () C:\Windows\erdnt 2014-05-16 18:02 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-05-16 17:57 - 2009-07-14 04:34 - 73662464 _____ () C:\Windows\system32\config\SOFTWARE.bak 2014-05-16 17:57 - 2009-07-14 04:34 - 25952256 _____ () C:\Windows\system32\config\SYSTEM.bak 2014-05-16 17:57 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak 2014-05-16 17:57 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak 2014-05-16 17:57 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak 2014-05-16 17:09 - 2014-05-16 17:09 - 05200990 ____R (Swearware) C:\Users\Simon\Desktop\ComboFix.exe 2014-05-16 16:34 - 2014-05-16 16:34 - 00049056 _____ () C:\Users\Simon\Downloads\Addition.txt 2014-05-16 16:34 - 2014-05-16 16:33 - 00097162 _____ () C:\Users\Simon\Downloads\FRST.txt 2014-05-16 16:33 - 2014-05-16 16:33 - 02067456 _____ (Farbar) C:\Users\Simon\Desktop\FRST64.exe 2014-05-16 10:37 - 2014-01-22 23:04 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-05-15 21:24 - 2014-01-22 22:54 - 00000000 ___RD () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-15 21:24 - 2014-01-22 22:54 - 00000000 ___RD () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-15 21:22 - 2014-04-25 21:34 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-14 22:02 - 2014-02-19 14:48 - 00000000 ____D () C:\Windows\system32\MRT 2014-05-14 22:02 - 2014-01-29 19:01 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-05-14 22:00 - 2014-01-22 23:14 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-05-13 01:29 - 2014-05-13 01:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2014-05-11 18:58 - 2014-05-11 18:46 - 00230432 _____ () C:\PA7302.DAT 2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\Windows\PixArt 2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CANYON USB PC CAMERA 2014-05-11 18:41 - 2014-05-11 18:41 - 00000000 ____D () C:\Program Files (x86)\ANC 2014-05-11 18:41 - 2010-10-27 13:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-05-11 18:40 - 2014-05-11 18:40 - 05611298 _____ () C:\Users\Simon\Downloads\CNR-WCAM53_Drv_XPVW32.zip 2014-05-11 16:32 - 2014-05-11 16:31 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (3) (1).crx 2014-05-11 16:31 - 2014-05-11 16:31 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader (1).exe 2014-05-11 16:31 - 2014-05-11 16:31 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (3).crx 2014-05-11 16:31 - 2014-05-11 16:31 - 00143081 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0.zip 2014-05-11 16:29 - 2014-05-11 16:29 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader.exe 2014-05-11 16:29 - 2014-05-11 16:29 - 00105903 _____ () C:\Users\Simon\Downloads\chrome-youtube-downloader-2.6.20.crx 2014-05-11 16:29 - 2014-05-11 16:29 - 00099158 _____ () C:\Users\Simon\Downloads\chrome-youtube-downloader-2.6.20.zip 2014-05-11 16:23 - 2014-05-11 16:23 - 00279792 _____ () C:\Users\Simon\Downloads\YouTube-Unblocker-055.zip 2014-05-11 16:22 - 2014-05-11 16:22 - 00629584 _____ (Chip Digital GmbH) C:\Users\Simon\Downloads\YouTube-Unblocker-055 - CHIP-Downloader.exe 2014-05-11 16:18 - 2014-05-11 16:07 - 230403208 _____ (COMODO) C:\Users\Simon\Downloads\cfw_installer_5732_83.exe 2014-05-11 16:14 - 2014-03-21 14:43 - 00000000 ____D () C:\Users\Simon\AppData\Local\PrivaZer 2014-05-11 16:07 - 2014-05-11 16:07 - 00686664 _____ ( ) C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_cfw_installer_5732_83.exe 2014-05-11 16:05 - 2014-05-11 15:48 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-05-11 16:03 - 2014-05-11 15:49 - 00000000 ____D () C:\Program Files (x86)\PrivaZer 2014-05-11 16:03 - 2014-03-21 14:43 - 00001905 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk 2014-05-11 16:03 - 2014-03-21 14:43 - 00001893 _____ () C:\Users\Public\Desktop\PrivaZer.lnk 2014-05-11 16:02 - 2014-05-11 16:02 - 07198344 _____ (Goversoft LLC) C:\Users\Simon\Downloads\privazer_free (1).exe 2014-05-11 16:02 - 2014-05-11 16:02 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Opera Software 2014-05-11 16:02 - 2014-05-11 16:02 - 00000000 ____D () C:\Users\Simon\AppData\Local\Opera Software 2014-05-11 15:51 - 2014-05-11 15:51 - 00295232 _____ () C:\Windows\Minidump\051114-20716-01.dmp 2014-05-11 15:51 - 2014-01-23 19:38 - 739826304 _____ () C:\Windows\MEMORY.DMP 2014-05-11 15:51 - 2014-01-23 19:38 - 00000000 ____D () C:\Windows\Minidump 2014-05-11 15:48 - 2014-05-11 15:48 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D7 2014-05-11 15:48 - 2014-05-11 15:48 - 00003254 _____ () C:\Windows\System32\Tasks\Opera D6 2014-05-11 15:48 - 2014-05-11 15:48 - 00001137 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-05-11 15:48 - 2014-05-11 15:48 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-05-11 15:47 - 2014-03-21 14:42 - 07202440 _____ (Goversoft LLC) C:\Users\Simon\Downloads\privazer_free.exe 2014-05-11 15:34 - 2014-05-11 15:34 - 00339543 _____ () C:\Users\Simon\Downloads\Ask-Fm-Autolike.rar 2014-05-09 08:14 - 2014-05-14 17:59 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-09 08:11 - 2014-05-14 17:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-09 03:01 - 2014-01-27 20:47 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TS3Client 2014-05-08 17:29 - 2014-01-22 23:03 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-05-08 17:29 - 2014-01-22 23:03 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-08 14:39 - 2014-05-08 13:01 - 00000000 ____D () C:\Program Files (x86)\WarThunder 2014-05-08 14:39 - 2014-01-22 23:17 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-05-08 13:02 - 2014-05-08 13:02 - 00000000 ____D () C:\Users\Simon\AppData\Local\WarThunder 2014-05-08 13:02 - 2014-05-08 13:02 - 00000000 ____D () C:\ProgramData\WarThunder 2014-05-08 13:01 - 2014-05-08 13:01 - 04124808 _____ (Gaijin Entertainment ) C:\Users\Simon\Downloads\wt_launcher_doi_1.0.1.355.exe 2014-05-08 13:01 - 2014-05-08 13:01 - 00001109 _____ () C:\Users\Public\Desktop\WarThunder.lnk 2014-05-08 13:01 - 2014-05-08 13:01 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder 2014-05-08 13:01 - 2014-05-03 18:29 - 00000000 ____D () C:\Users\Simon\Documents\My Games 2014-05-08 12:35 - 2014-04-24 01:54 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\QuickScan 2014-05-08 00:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system 2014-05-08 00:34 - 2014-05-08 00:32 - 00053504 _____ () C:\Users\Simon\Downloads\bootkit_remover.zip 2014-05-06 20:23 - 2014-05-06 19:21 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\tor 2014-05-06 19:17 - 2014-05-06 19:15 - 26815695 _____ () C:\Users\Simon\Downloads\torbrowser-install-3.6_en-US.exe 2014-05-06 06:40 - 2014-05-14 22:02 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-06 06:17 - 2014-05-14 22:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-06 05:25 - 2014-05-14 22:02 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-06 05:07 - 2014-05-14 22:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-06 05:00 - 2014-05-14 22:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-06 04:10 - 2014-05-14 22:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-04 13:43 - 2014-05-03 17:54 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-05-03 19:41 - 2014-05-03 19:41 - 00000000 ____D () C:\Users\Simon\AppData\Local\EdgeOfReality 2014-05-03 19:40 - 2014-01-22 22:27 - 00028868 _____ () C:\Windows\DirectX.log 2014-05-03 19:02 - 2014-05-03 19:02 - 00000219 _____ () C:\Users\Simon\Desktop\Dota 2.url 2014-05-03 19:02 - 2014-05-03 18:18 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-05-03 18:47 - 2014-05-03 18:47 - 00000222 _____ () C:\Users\Simon\Desktop\Loadout.url 2014-05-03 18:18 - 2014-05-03 18:18 - 00000222 _____ () C:\Users\Simon\Desktop\Epigenesis.url 2014-05-03 17:54 - 2014-05-03 17:54 - 01141680 _____ () C:\Users\Simon\Downloads\SteamSetup.exe 2014-05-03 17:54 - 2014-05-03 17:54 - 00000971 _____ () C:\Users\Public\Desktop\Steam.lnk 2014-05-03 17:54 - 2014-05-03 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-05-03 17:51 - 2014-05-03 17:51 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup (2).exe 2014-05-03 17:51 - 2014-05-03 17:51 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup (1).exe 2014-05-03 17:44 - 2014-05-03 17:43 - 00000999 _____ () C:\Users\Public\Desktop\MultIV.lnk 2014-05-03 17:44 - 2014-05-03 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultIV 2014-05-03 17:44 - 2014-05-03 17:43 - 00000000 ____D () C:\Program Files (x86)\MultIV 2014-05-03 17:42 - 2014-05-03 17:42 - 03384836 _____ (MultIV Team ) C:\Users\Simon\Downloads\multiv_setup.exe 2014-05-03 17:39 - 2014-05-03 17:39 - 04954736 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\WindowsUpgradeAssistant.exe 2014-05-03 17:35 - 2014-05-03 17:34 - 36965680 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\IE9-Windows7-x64-deu.exe 2014-05-03 17:35 - 2014-01-24 00:08 - 00005990 _____ () C:\Windows\IE9_main.log 2014-05-03 17:01 - 2014-05-03 17:01 - 17532198 _____ () C:\Users\Simon\Downloads\1355067475iCEnhancer2_1FINAL.zip 2014-05-03 05:14 - 2014-05-03 05:14 - 97580750 _____ () C:\Users\Simon\Downloads\Seven Reel's Realistic ENB v1.5b.zip 2014-05-03 05:06 - 2014-05-03 05:06 - 19677675 _____ () C:\Users\Simon\Downloads\Fighter Jet P-996 Lazer 3.zip 2014-05-03 05:05 - 2014-05-03 05:05 - 00717632 _____ () C:\Users\Simon\Downloads\scripthookdotnet_v1.7.1.7b.zip 2014-05-03 04:53 - 2014-05-03 04:50 - 89876480 _____ () C:\Users\Simon\Desktop\vehicles.img 2014-05-03 04:52 - 2014-05-03 04:52 - 00000000 ____D () C:\Users\Simon\Desktop\Backup 2014-05-03 04:50 - 2014-05-03 04:50 - 00000000 ____D () C:\Users\Simon\Desktop\Infernus 2014-05-03 04:49 - 2014-05-03 04:49 - 00000000 ____D () C:\Users\Simon\Desktop\SparkIV 2014-05-03 04:48 - 2014-05-03 04:48 - 01540953 _____ () C:\Users\Simon\Downloads\SparkIV 0.6.6.zip 2014-05-03 04:46 - 2014-05-03 04:46 - 04695532 _____ () C:\Users\Simon\Downloads\1398374770_ageraone.rar 2014-05-03 03:32 - 2014-05-03 03:32 - 00000000 ____D () C:\Users\Simon\Documents\Games for Windows - LIVE Demos 2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\Windows\SysWOW64\xlive 2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace 2014-05-03 03:30 - 2014-05-03 03:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2014-05-03 03:30 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-05-03 03:29 - 2014-05-03 03:29 - 00642712 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\gfwlive35setup.exe 2014-05-03 03:29 - 2014-05-03 03:29 - 00642712 _____ (Microsoft Corporation) C:\Users\Simon\Downloads\gfwlive35setup (1).exe 2014-05-03 03:19 - 2014-04-11 14:06 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-03 03:19 - 2014-04-11 14:06 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-03 03:17 - 2014-04-17 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-05-03 01:35 - 2014-05-01 01:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-05-01 19:04 - 2014-05-01 19:04 - 00081626 _____ () C:\Users\Simon\Documents\Unit 1.voc 2014-05-01 19:04 - 2014-05-01 19:04 - 00081626 _____ () C:\Users\Simon\Desktop\Unit 1.voc 2014-05-01 17:09 - 2014-05-01 17:09 - 04044159 _____ () C:\Users\Simon\Downloads\1259416463_ProVehicleModv1.0.1.zip 2014-05-01 16:30 - 2014-05-01 16:30 - 00001027 _____ () C:\Users\Public\Desktop\Domingo 2.lnk 2014-05-01 16:30 - 2014-05-01 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Domingo 2 2014-05-01 16:30 - 2014-05-01 16:30 - 00000000 ____D () C:\Program Files (x86)\Domingo 2 2014-05-01 16:29 - 2014-05-01 16:29 - 04241516 _____ (Patrick Diekmann ) C:\Users\Simon\Downloads\setup.exe 2014-05-01 16:29 - 2014-05-01 16:29 - 00728032 _____ () C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_setup.exe 2014-05-01 15:56 - 2014-05-01 15:56 - 01138458 _____ () C:\Users\Simon\Downloads\1385372962_Space Shuttle.rar 2014-05-01 15:35 - 2014-05-01 15:34 - 00072097 _____ () C:\Users\Simon\Downloads\xliveless - v0.999b7 (patch 1.0.7.0. and EFLC 1.1.2.0).zip 2014-05-01 15:26 - 2014-05-01 15:26 - 02662221 _____ () C:\Users\Simon\Downloads\1310225693_Simple Native Trainer v.6.3.rar 2014-05-01 13:34 - 2014-05-01 13:34 - 00000000 ____D () C:\Users\Simon\Documents\Rockstar Games 2014-05-01 13:31 - 2014-05-01 13:31 - 00000000 __SHD () C:\ProgramData\SecuROM 2014-05-01 13:30 - 2014-05-01 13:30 - 04776440 _____ () C:\Users\Simon\Downloads\LaunchGTAIV.zip 2014-05-01 13:25 - 2014-05-01 13:25 - 00000000 ____D () C:\Users\Simon\AppData\Local\Rockstar Games 2014-05-01 13:24 - 2014-05-01 13:24 - 00000000 __RHD () C:\Users\Simon\AppData\Roaming\SecuROM 2014-05-01 13:11 - 2014-04-24 18:49 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler 2014-05-01 03:53 - 2014-05-01 03:46 - 20725128 _____ () C:\Users\Simon\Downloads\MMM_PT._vlad.7z 2014-05-01 00:13 - 2014-04-21 19:59 - 00000000 ____D () C:\Users\Simon\AppData\Local\Thunderbird 2014-04-28 20:55 - 2014-04-28 20:55 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (2).crx 2014-04-28 20:53 - 2014-04-28 20:53 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0 (1).crx 2014-04-28 20:52 - 2014-04-28 20:52 - 00155577 _____ () C:\Users\Simon\Downloads\proxtube_1.3.0.crx 2014-04-27 02:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\addins 2014-04-26 21:41 - 2014-04-25 21:40 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Bitdefender 2014-04-25 22:05 - 2014-04-25 22:05 - 00000000 ____D () C:\Users\Simon\AppData\Local\GGC 2014-04-25 22:03 - 2014-04-25 22:01 - 05570641 _____ () C:\Users\Simon\Downloads\Gordonsys2.0.rar 2014-04-25 21:40 - 2014-04-25 21:40 - 00002194 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk 2014-04-25 21:40 - 2014-04-25 21:40 - 00002075 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk 2014-04-25 21:40 - 2014-04-25 21:40 - 00000684 ____H () C:\bdr-cf01 2014-04-25 21:40 - 2014-04-25 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2014-04-25 21:40 - 2014-04-25 21:36 - 00253404 ____H () C:\bdr-ld01 2014-04-25 21:40 - 2014-04-25 21:36 - 00009216 ____H () C:\bdr-ld01.mbr 2014-04-25 21:40 - 2014-04-24 01:54 - 00000000 ____D () C:\ProgramData\Bitdefender 2014-04-25 21:36 - 2014-04-24 01:51 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender 2014-04-25 21:18 - 2014-04-25 21:18 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\MVH 2014-04-25 21:18 - 2014-04-25 00:53 - 01373184 _____ () C:\Users\Simon\Desktop\MVH Loader.exe 2014-04-25 21:17 - 2014-04-24 19:00 - 00000000 ____D () C:\Users\Simon\Desktop\Bilder 2014-04-25 19:35 - 2014-01-22 22:53 - 00000000 ____D () C:\Users\Simon\AppData\Local\VirtualStore 2014-04-25 02:34 - 2014-04-25 02:34 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2014-04-25 00:53 - 2014-04-25 00:53 - 01108568 _____ () C:\Users\Simon\Downloads\MVH Loader.zip 2014-04-25 00:47 - 2014-04-25 00:47 - 04106679 _____ () C:\Users\Simon\Downloads\[Abs]Loader.rar 2014-04-25 00:41 - 2014-04-25 00:28 - 00000000 ____D () C:\Users\Simon\Desktop\Combat Arms Hack 2014-04-25 00:40 - 2014-04-25 00:21 - 00000000 ____D () C:\ProgramData\NexonEU 2014-04-25 00:34 - 2014-04-25 00:34 - 00000000 ____D () C:\ProgramData\Nexon 2014-04-25 00:24 - 2014-04-25 00:24 - 00001634 _____ () C:\Users\Public\Desktop\Combat Arms EU.lnk 2014-04-25 00:24 - 2014-04-25 00:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon 2014-04-25 00:21 - 2014-04-25 00:21 - 00000000 ____D () C:\Nexon 2014-04-25 00:13 - 2014-04-24 23:52 - 1967289647 _____ (Nexon) C:\Users\Simon\Desktop\Combatarms_eu.exe 2014-04-24 23:51 - 2014-04-24 23:51 - 10552296 _____ (Akamai Technologies, Inc.) C:\Users\Simon\Downloads\NexonEU_Installer.exe 2014-04-24 23:51 - 2014-04-14 21:03 - 00000000 ____D () C:\Users\Simon\AppData\Local\Akamai 2014-04-24 23:50 - 2014-04-24 23:50 - 01617203 _____ () C:\Users\Simon\Downloads\[ghbsys.net] Public-Client.zip 2014-04-24 22:10 - 2014-04-24 22:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA 2014-04-24 22:09 - 2014-04-24 22:09 - 00001474 _____ () C:\Users\Public\Desktop\Bloodline Champions.lnk 2014-04-24 22:09 - 2014-04-24 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodline Champions 2014-04-24 22:08 - 2014-04-24 22:08 - 00000000 ____D () C:\Program Files (x86)\Stunlock Studios 2014-04-24 22:08 - 2014-04-24 22:03 - 363876296 _____ (Stunlock Studios ) C:\Users\Simon\Downloads\bloodline-champions_25983.exe 2014-04-24 22:03 - 2014-04-24 22:03 - 01062288 _____ () C:\Users\Simon\Downloads\Bloodline-Champions-lnstall.exe 2014-04-24 19:35 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Offline Web Pages 2014-04-24 19:33 - 2014-04-24 19:33 - 10768896 _____ () C:\Users\Simon\Downloads\Wolfteam INV Hack AUG 2013.exe 2014-04-24 19:25 - 2014-04-24 19:25 - 00058597 _____ () C:\Users\Simon\Downloads\Business.Card.Maker.8.0_CRK-FFF.zip 2014-04-24 19:23 - 2014-04-24 17:32 - 00000000 ____D () C:\Users\Simon\Downloads\Download.am 2014-04-24 19:23 - 2014-04-24 17:32 - 00000000 ____D () C:\Users\Simon\AppData\Local\download.am-data 2014-04-24 19:22 - 2014-04-24 19:22 - 00077025 _____ () C:\Users\Simon\Downloads\CD244A3FE5B95DA446608BC56299A387E1A64734.torrent 2014-04-24 19:08 - 2014-04-24 19:01 - 00000000 ____D () C:\Users\Simon\Desktop\Programme 2014-04-24 19:04 - 2014-04-24 19:04 - 00000000 ____D () C:\Users\Simon\Desktop\Programme;Spiele 2014-04-24 18:59 - 2014-04-24 18:59 - 07307552 _____ () C:\Users\Simon\Downloads\bitdefender_isecurity.exe 2014-04-24 18:43 - 2014-04-24 18:41 - 00000000 ____D () C:\ProgramData\TuneUp Software 2014-04-24 18:42 - 2014-04-24 18:42 - 00002217 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk 2014-04-24 18:42 - 2014-04-24 18:42 - 00002209 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk 2014-04-24 18:42 - 2014-04-24 18:42 - 00002197 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk 2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\TuneUp Software 2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Users\Simon\AppData\Local\TuneUp Software 2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014 2014-04-24 18:42 - 2014-04-24 18:42 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014 2014-04-24 18:41 - 2014-04-24 18:41 - 00074811 _____ () C:\Users\Simon\Downloads\TuneUp 2014 Keygen by Game24x.rar 2014-04-24 18:41 - 2014-04-24 18:40 - 27878824 _____ (TuneUp Software) C:\Users\Simon\Downloads\TuneUpUtilities2014_de2745-DE.exe 2014-04-24 18:33 - 2014-04-24 18:32 - 209715712 _____ () C:\Users\Simon\Desktop\Tresor.bvd 2014-04-24 17:32 - 2014-04-24 17:32 - 00001053 _____ () C:\Users\Simon\Desktop\Download.am.lnk 2014-04-24 17:32 - 2014-04-24 17:32 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download.am 2014-04-24 17:32 - 2014-04-24 17:31 - 00000000 ____D () C:\Program Files (x86)\Download.am 2014-04-24 17:25 - 2014-04-24 17:25 - 13540177 _____ () C:\Users\Simon\Downloads\download.am-build233.zip 2014-04-24 17:21 - 2014-04-24 17:20 - 00000000 ____D () C:\Users\Simon\Desktop\RSDownloader 2014-04-24 17:20 - 2014-04-24 17:20 - 03028121 _____ () C:\Users\Simon\Downloads\RSD_0.61.zip 2014-04-24 17:20 - 2014-04-24 17:20 - 00000164 _____ () C:\Users\Simon\Downloads\40961pa16fh3627.rsdf 2014-04-24 17:19 - 2014-04-24 17:19 - 00000000 ____D () C:\Users\Simon\Desktop\JDownloader 2014-04-24 17:18 - 2014-04-24 17:18 - 31419822 _____ () C:\Users\Simon\Downloads\JDownloader.zip 2014-04-24 16:03 - 2014-03-08 18:51 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Curse Client 2014-04-24 15:59 - 2014-04-24 15:59 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE (2).exe 2014-04-24 15:58 - 2014-04-24 15:58 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE.exe 2014-04-24 15:58 - 2014-04-24 15:58 - 01467128 _____ () C:\Users\Simon\Downloads\SystemCheck_deDE (1).exe 2014-04-24 04:55 - 2014-04-24 04:55 - 01147424 _____ () C:\Users\Simon\Downloads\bitdefender_antitheft.exe 2014-04-24 04:48 - 2014-04-24 04:48 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity (2).exe 2014-04-24 04:18 - 2014-04-14 13:33 - 00000000 ____D () C:\Users\Simon\Desktop\PBdownforce 2014-04-24 04:04 - 2014-04-24 04:04 - 00000000 ____D () C:\Users\Simon\AppData\Local\simon-p 2014-04-24 03:43 - 2014-04-24 03:43 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity (1).exe 2014-04-24 02:57 - 2014-04-24 01:54 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll 2014-04-24 02:24 - 2014-04-24 02:24 - 00295296 _____ () C:\Windows\Minidump\042414-30264-01.dmp 2014-04-24 02:24 - 2014-02-04 22:14 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-04-24 02:19 - 2014-04-24 02:19 - 00000385 _____ () C:\Windows\system32\user_gensett.xml 2014-04-24 02:19 - 2014-04-24 02:19 - 00000385 _____ () C:\Users\Simon\AppData\Roaminguser_gensett.xml 2014-04-24 02:19 - 2014-04-24 02:18 - 00000000 ____D () C:\ProgramData\BDLogging 2014-04-24 02:18 - 2014-04-24 02:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf 2014-04-24 02:17 - 2014-04-24 02:17 - 00283192 _____ (Mozilla) C:\Users\Simon\Downloads\Firefox Setup Stub 28.0 (1).exe 2014-04-24 01:57 - 2014-04-24 01:54 - 00000000 ____D () C:\Program Files\Bitdefender 2014-04-24 01:53 - 2014-02-04 22:14 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-04-24 01:51 - 2014-04-24 01:51 - 07304560 _____ () C:\Users\Simon\Downloads\bitdefender_tsecurity.exe 2014-04-23 22:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-04-22 22:49 - 2014-04-22 22:49 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieUserList 2014-04-22 22:49 - 2014-04-22 22:49 - 00000000 __SHD () C:\Users\Simon\AppData\Local\EmieSiteList 2014-04-22 22:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-04-22 03:07 - 2014-04-22 03:07 - 00043012 _____ () C:\Users\Simon\Downloads\AimPoint.exe 2014-04-21 19:59 - 2014-04-21 19:59 - 21987424 _____ (Mozilla) C:\Users\Simon\Downloads\Thunderbird_Setup_de24.4.0.exe 2014-04-21 19:59 - 2014-04-21 19:59 - 00002106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2014-04-21 19:59 - 2014-04-21 19:59 - 00002094 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2014-04-21 19:59 - 2014-04-21 19:59 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Thunderbird 2014-04-20 19:16 - 2010-10-27 13:16 - 00000000 ____D () C:\Windows\oem 2014-04-20 19:07 - 2014-04-20 19:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Simon\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-20 19:07 - 2014-04-20 19:07 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-20 14:09 - 2014-04-20 14:09 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-04-20 14:09 - 2014-04-20 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-20 14:09 - 2014-03-16 21:41 - 00000000 ____D () C:\Program Files (x86)\Java 2014-04-20 14:09 - 2014-03-16 21:40 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-19 19:18 - 2014-02-15 14:30 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\.purple 2014-04-18 16:00 - 2014-04-18 16:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204 (2).exe 2014-04-18 16:00 - 2014-04-18 16:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204 (1).exe 2014-04-18 16:00 - 2014-04-18 16:00 - 00016670 _____ () C:\Users\Simon\Downloads\hijackthis.log 2014-04-18 15:59 - 2014-04-18 15:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\Simon\Downloads\HiJackThis204.exe 2014-04-17 19:10 - 2014-04-17 19:10 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-17 19:10 - 2014-04-17 19:10 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\Mozilla 2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Users\Simon\AppData\Local\Mozilla 2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\ProgramData\Mozilla 2014-04-17 19:10 - 2014-04-17 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-17 19:09 - 2014-04-17 19:09 - 00283192 _____ (Mozilla) C:\Users\Simon\Downloads\Firefox Setup Stub 28.0.exe 2014-04-17 15:08 - 2014-01-22 23:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-04-17 15:08 - 2014-01-22 22:54 - 00000999 _____ () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-17 15:08 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-17 15:07 - 2014-04-17 15:07 - 00000000 ____D () C:\Users\Simon\Downloads\AdwCleaner_TSA221R2W 2014-04-17 01:58 - 2014-04-17 01:58 - 00000000 ____D () C:\Users\Simon\AppData\Roaming\InetStat 2014-04-17 01:57 - 2014-04-17 01:57 - 00003162 _____ () C:\Windows\System32\Tasks\fsupdate Some content of TEMP: ==================== C:\Users\Simon\AppData\Local\Temp\JNativeHook_5684379255690441288.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe [2014-05-14 17:59] - [2014-03-04 11:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-09 13:35 ==================== End Of Log ============================ --- --- --- |
17.05.2014, 12:26 | #9 |
| Verdacht auf einen bösen Trojaner Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2014 Ran by Simon at 2014-05-17 13:18:31 Running from C:\Users\Simon\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D} AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Firewall (Disabled) {A23392FD-84B9-F933-2C71-81E751F6EF46} ==================== Installed Programs ====================== Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 5.1.8507 - CyberLink Corp.) Acer Arcade Deluxe (x32 Version: 5.1.8507 - CyberLink Corp.) Hidden Acer Arcade Movie (x32 Version: 9.0.7201 - CyberLink Corp.) Hidden Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3015 - Acer Incorporated) Acer GameZone Console (HKLM-x32\...\{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1) (Version: 6.1.0.9 - Oberon Media, Inc.) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0318.2010 - Acer Incorporated) Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.) Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated) Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated) Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment) Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden Airport Mania First Flight (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}) (Version: - Oberon Media) Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc) Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media) Another Life Client 1.52 (HKLM-x32\...\{D4E82BDF-6252-4761-A020-37DBC34C7617}}_is1) (Version: 1.52 - Tim Witschel Serververmietung) AnotherLife Client Version 1.4 (HKLM-x32\...\{1B305614-536F-47B0-917D-140C1D2477BA}}_is1) (Version: 1.4 - Tim Witschel Serververmietung) AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 141 - Abelssoft) Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Attack Surface Analyzer (HKLM\...\{2710505A-D198-4906-8767-F869909D9FA6}) (Version: 5.3.0.0 - Microsoft Corporation) AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin) Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation) Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.27.0.1146 - Bitdefender) Bloodline Champions (HKLM-x32\...\{81E58F0A-E24E-4132-98C2-6BA39899692E}_is1) (Version: 2.4.1.0 - Stunlock Studios) BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3066 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{8789EB72-635E-4A91-95DB-3FC11CBE7725}) (Version: 0.8.7.3066 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media) CANYON USB PC CAMERA (HKLM-x32\...\{A59AB961-BE82-41E0-B0FB-648DFA6DDEA4}) (Version: 1.0.20 - ANC) Cobra 11 - Highway Nights Demo (remove only) (HKLM-x32\...\HighwayNights Demo) (Version: - ) Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version: - ) Common Desktop Agent (Version: 1.62.0 - OEM) Hidden CPUCooL (remove only) (HKLM-x32\...\CPUCooL) (Version: - ) Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Domingo 2 Version 2.6.1. (HKLM-x32\...\{FB326C8F-DA81-4764-B994-6D3D6C4796A9}_is1) (Version: - Patrick Diekmann) Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) Download.am (HKLM-x32\...\Download.am) (Version: - ) Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media) eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM) Epigenesis (HKLM-x32\...\Steam App 244590) (Version: - Dead Shark Triplepunch) <==== ATTENTION eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.) eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden GEONExT 1.74 (HKLM-x32\...\GEONExT_is1) (Version: 1.74 - GEONExT Group) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media) Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3013 - Acer Incorporated) ICQ 8.2 (build 6901) (HKCU\...\ICQ) (Version: 8.2.6901.0 - ICQ) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated) ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden InetStat (HKCU\...\InetStat) (Version: 0.3 - InetStat) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation) iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality) Loong Dragonblood (HKLM-x32\...\{BAE0CFD0-1598-4BC4-9AB3-BD2CF575EED9}) (Version: 2.5.12 - gamigo) MAGIX Web Designer 9 Premium (HKLM\...\MX.{B497E1E1-E2E9-4B93-B242-86087EDEDF92}) (Version: 9.0.1.27343 - MAGIX AG) MAGIX Web Designer 9 Premium (Version: 9.0.1.27343 - MAGIX AG) Hidden Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation) MediaEspresso (x32 Version: 5.1.1116_32498 - CyberLink Corp.) Hidden Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) MKLOL (HKCU\...\MKLOL) (Version: - ) Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla) Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla) MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MultIV (HKLM-x32\...\{D0CA9142-4127-40FF-B3C1-B2C089B745A2}_is1) (Version: 0.2 - MultIV Team) MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation) NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.19.0 - NEC Electronics Corporation) Hidden Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden Nero Express Help (x32 Version: 9.4.37.100 - Nero AG) Hidden Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden Nero StartSmart (x32 Version: 9.4.37.100 - Nero AG) Hidden Nero StartSmart Help (x32 Version: 9.4.27.100 - Nero AG) Hidden Nero StartSmart OEM (x32 Version: 9.16.0.100 - Nero AG) Hidden NeroExpress (x32 Version: 9.4.37.100 - Nero AG) Hidden neroxml (x32 Version: 1.0.0 - Nero AG) Hidden Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation) NVIDIA 3D Vision Controller-Treiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 332.21 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.21 - NVIDIA Corporation) NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation) NVIDIA Grafiktreiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation) Opera Stable 21.0.1432.57 (HKLM-x32\...\Opera 21.0.1432.57) (Version: 21.0.1432.57 - Opera Software ASA) Overwolf (HKLM-x32\...\{FB83467F-D8EB-43E6-8B3D-860B045C1C52}) (Version: 0.51.325 - Overwolf) Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf) phpDesigner 8 version 8.1.2 (HKLM-x32\...\phpDesigner8_is1) (Version: - MPSOFTWARE) Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - ) pidgin-otr 4.0.0-1 (HKLM-x32\...\pidgin-otr) (Version: 4.0.0-1 - Cypherpunks CA) Poker Pop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}) (Version: - Oberon Media) PrivaZer (HKLM-x32\...\PrivaZer) (Version: 2.19.0.0 - Goversoft LLC) ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.20.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.20.0 - Renesas Electronics Corporation) Hidden Samsung CLX-3300 Series (HKLM-x32\...\Samsung CLX-3300 Series) (Version: 1.01 (01.05.2012) - Samsung Electronics Co., Ltd.) Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.02.09 (25.04.2012) - Samsung Electronics Co., Ltd.) Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.45.02(01.05.2012) - Samsung Electronics Co., Ltd.) Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.06.24 (25.04.2012) - Samsung Electronics Co., Ltd.) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00.04 - Samsung Electronics Co., Ltd.) Samsung Scan Process Machine (x32 Version: 1.00.18.04 - Samsung Electronics Co., Ltd.) Hidden Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software) SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden simplitec simplicheck (HKLM-x32\...\{183D780B-28F9-41BA-A2CB-605F324A5781}) (Version: 1.3.10.0 - simplitec GmbH) Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.) SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version: - Oberon Media) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer) TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.275 - TuneUp Software) TuneUp Utilities 2014 (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) War Thunder Launcher 1.0.1.355 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment) Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) WolfTeam-DE (HKLM-x32\...\WolfTeam-DE) (Version: - ) ==================== Restore Points ========================= 11-05-2014 13:58:15 RegClean Pro So, Mai 11, 14 15:58 11-05-2014 16:40:47 Installiert CANYON USB PC CAMERA 11-05-2014 16:41:17 Gerätetreiber-Paketinstallation: VGA SoC PC-Camera provider Bildverarbeitungsgeräte 12-05-2014 23:33:11 RegClean Pro Di, Mai 13, 14 01:33 14-05-2014 19:59:23 Windows Update 16-05-2014 08:30:02 RegClean Pro Fr, Mai 16, 14 10:30 17-05-2014 10:48:59 zoek.exe restore point ==================== Hosts content: ========================== 2009-07-14 04:34 - 2014-05-16 18:02 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {0D7608FD-DBC5-47E6-A8FB-5554041EBA93} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {1578F21F-DB6C-49B1-B9AE-D20AFBC1D83D} - \RegClean Pro_UPDATES No Task File <==== ATTENTION Task: {1FF09EAB-1B3A-4E4C-81F2-86843C9A3667} - System32\Tasks\AntiBrowserSpy - BrowserMask => C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe Task: {2A032745-2D20-450E-87A0-638DF39EC962} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2010-08-19] (Acer) Task: {46012232-7C26-470E-BB9B-9F4A570F6484} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22] (Google Inc.) Task: {4625DB89-D0C3-4CCE-A1EB-F1A0E9702F54} - System32\Tasks\Opera D6 => C:\Program Files (x86)\Opera\launcher.exe [2014-04-30] (Opera Software) Task: {638C1CFD-1280-4BDC-9ACB-C6ABB1AF06BF} - \Advanced System Protector_startup No Task File <==== ATTENTION Task: {7793B38D-D00A-4BA2-A836-CE7611EF8D2C} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION Task: {7A3CB029-11C4-40C8-83D5-C93DE8959402} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {7C7EF8CA-1D7B-4342-B2B1-95EA79E7B96E} - System32\Tasks\AcerArcadeDeluxe => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe [2011-01-07] (Acer Incorporated) Task: {7DDC0322-429D-4048-86B4-C5A0CB1FFAB3} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-03-20] (TuneUp Software) Task: {7F4FECF9-D90F-412D-B936-24812D315AFC} - \RegClean Pro No Task File <==== ATTENTION Task: {92F6A158-B868-4D71-9124-C0E0B04D4D51} - System32\Tasks\Opera D7 => C:\Program Files (x86)\Opera\launcher.exe [2014-04-30] (Opera Software) Task: {E0E342D7-A3D5-4D1D-92A2-9DCCFD2FF50C} - System32\Tasks\fsupdate => C:\Program Task: {F36DEA01-83A9-4ED8-B6C7-A491822E21B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22] (Google Inc.) Task: {F87DED90-640F-440C-9EC4-218364591BD2} - System32\Tasks\ArcadeDeluxeAgentTS => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2011-01-07] (CyberLink Corp.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-04-24 02:17 - 2013-06-19 11:45 - 00265080 ____N () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll 2014-04-25 21:40 - 2014-03-27 19:18 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui 2014-04-25 21:40 - 2011-11-14 19:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll 2014-04-25 21:40 - 2014-03-27 19:18 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui 2014-04-25 21:40 - 2014-03-25 10:53 - 00771328 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttpbr.mdl 2014-04-25 21:40 - 2014-03-25 10:53 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttpdsp.mdl 2014-04-25 21:40 - 2014-03-25 10:53 - 02593416 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttpph.mdl 2014-04-25 21:40 - 2014-03-25 10:53 - 01317216 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttprbl.mdl 2014-02-16 19:50 - 2013-12-19 20:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-01-29 19:14 - 2012-01-09 13:47 - 00034304 _____ () C:\Windows\System32\sst7clm.dll 2014-01-29 19:14 - 2012-04-26 08:34 - 01186304 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sst7cdu.dll 2014-03-20 14:44 - 2014-03-20 14:44 - 00675640 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll 2009-12-14 04:19 - 2009-12-09 11:24 - 00076320 _____ () C:\OEM\USBDECTION\USBS3S4Detection.exe 2014-04-24 02:17 - 2013-03-25 15:16 - 01117920 ____N () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll 2012-02-20 23:23 - 2012-02-20 23:23 - 00456704 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe 2012-02-20 23:23 - 2012-02-20 23:23 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll 2014-04-17 01:58 - 2014-04-17 01:57 - 01260648 _____ () C:\Users\Simon\AppData\Roaming\InetStat\inetstat.exe 2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-03-05 20:30 - 2014-03-05 20:30 - 00025600 _____ () C:\Program Files (x86)\Overwolf\CoreAudioApi.dll 2014-05-17 13:14 - 2014-05-17 13:14 - 00056335 _____ () C:\Users\Simon\AppData\Local\Temp\JNativeHook_5684379255690441288.dll 2014-04-24 02:17 - 2014-03-15 00:05 - 00204280 ____N () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll 2014-02-19 15:35 - 2014-02-19 15:35 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll 2010-10-27 13:00 - 2010-09-13 19:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2014-05-16 10:37 - 2014-05-08 01:29 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll 2014-05-16 10:37 - 2014-05-08 01:29 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll 2014-05-16 10:37 - 2014-05-08 01:29 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll 2014-05-16 10:37 - 2014-05-08 01:29 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll 2014-05-16 10:37 - 2014-05-08 01:29 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll 2014-05-16 10:37 - 2014-05-08 01:29 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll 2014-05-16 10:37 - 2014-05-08 01:29 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\Simon\Desktop\adwcleaner_3.208.exe:BDU AlternateDataStreams: C:\Users\Simon\Desktop\JRT.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\bitdefender_antitheft.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\bitdefender_isecurity.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\bitdefender_tsecurity (1).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\bitdefender_tsecurity (2).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\cfw_installer_5732_83.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader (1).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_cfw_installer_5732_83.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_setup.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\gfwlive35setup (1).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\gfwlive35setup.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\IE9-Windows7-x64-deu.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\mbam-setup-2.0.1.1004 (1).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\multiv_setup (1).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\multiv_setup (2).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\multiv_setup.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\privazer_free (1).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\SteamSetup.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\SystemCheck_deDE (1).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\SystemCheck_deDE (2).exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\SystemCheck_deDE.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\TuneUpUtilities2014_de2745-DE.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\WindowsUpgradeAssistant.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\Wolfteam INV Hack AUG 2013.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\wt_launcher_doi_1.0.1.355.exe:BDU AlternateDataStreams: C:\Users\Simon\Downloads\YouTube-Unblocker-055 - CHIP-Downloader.exe:BDU ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: McAfee Inc. mfeapfk Description: McAfee Inc. mfeapfk Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: mfeapfk Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (05/17/2014 01:15:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: CooLSrv.exe, Version: 0.0.0.0, Zeitstempel: 0x4ed0cb16 Name des fehlerhaften Moduls: CooLSrv.exe, Version: 0.0.0.0, Zeitstempel: 0x4ed0cb16 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001ec91 ID des fehlerhaften Prozesses: 0xbbc Startzeit der fehlerhaften Anwendung: 0xCooLSrv.exe0 Pfad der fehlerhaften Anwendung: CooLSrv.exe1 Pfad des fehlerhaften Moduls: CooLSrv.exe2 Berichtskennung: CooLSrv.exe3 Error: (05/17/2014 01:13:52 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. System.SystemException: Bitdefender antivirus HV.sys loaded ---> System.ComponentModel.Win32Exception: Unzulässige Funktion --- Ende der internen Ausnahmestapelüberwachung --- bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (05/17/2014 01:13:49 PM) (Source: McLogEvent) (EventID: 5022) (User: NT-AUTORITÄT) Description: Initialisierung des MCSCAN32-Moduls ist fehlgeschlagen. Das Modul hat folgenden Fehler ausgegeben: 1 Error: (05/17/2014 01:12:11 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] System errors: ============= Error: (05/17/2014 01:15:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "CPUCooLServer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/17/2014 01:13:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: %%1064 Error: (05/17/2014 01:13:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee Anti-Malware Core" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (05/17/2014 01:13:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet: %%1243 Error: (05/17/2014 01:12:07 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error: (05/17/2014 01:04:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Error: (05/17/2014 01:04:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Error: (05/17/2014 01:04:42 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Error: (05/17/2014 01:04:41 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Error: (05/17/2014 01:04:40 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-05-16 17:56:41.121 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-05-16 17:56:41.052 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-14 21:31:48.346 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQ566.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-14 21:31:48.251 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQ566.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-14 21:31:26.499 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQAFF6.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-14 21:31:26.413 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQAFF6.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-14 13:34:16.090 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQ86FA.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-14 13:34:15.988 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Simon\AppData\Local\Temp\PHQ86FA.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Percentage of memory in use: 43% Total physical RAM: 8174 MB Available physical RAM: 4657.09 MB Total Pagefile: 16346.18 MB Available Pagefile: 12541.89 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:456.95 GB) (Free:335.97 GB) NTFS Drive d: (DATA) (Fixed) (Total:457.46 GB) (Free:307.1 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: FEB9136C) Partition 1: (Not Active) - (Size=17 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=457 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=457 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
17.05.2014, 19:32 | #10 |
/// TB-Ausbilder | Verdacht auf einen bösen Trojaner Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
|
18.05.2014, 19:39 | #11 |
| Verdacht auf einen bösen Trojaner Hey, Ich habe es 2 mal gemacht und 2 mal einen Bluescreen bekommen. Dies ist das Ergebnis: Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff Log created at 20:30 on 18/05/2014 by Simon Administrator - Elevation successful ========== folderfind ========== Searching for "Epigenesis" C:\Program Files (x86)\Steam\SteamApps\common\Epigenesis d------ [16:18 03/05/2014] Searching for "InetStat" |
19.05.2014, 11:17 | #12 |
/// TB-Ausbilder | Verdacht auf einen bösen Trojaner Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 3 h) dauern. Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [InetStat] => C:\Users\Simon\AppData\Roaming\InetStat\inetstat.exe [1260648 2014-04-17] () C:\Users\Simon\AppData\Roaming\InetStat Task: {1578F21F-DB6C-49B1-B9AE-D20AFBC1D83D} - \RegClean Pro_UPDATES No Task File <==== ATTENTION Task: {638C1CFD-1280-4BDC-9ACB-C6ABB1AF06BF} - \Advanced System Protector_startup No Task File <==== ATTENTION Task: {7793B38D-D00A-4BA2-A836-CE7611EF8D2C} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION Task: {7F4FECF9-D90F-412D-B936-24812D315AFC} - \RegClean Pro No Task File <==== ATTENTION Task: {E0E342D7-A3D5-4D1D-92A2-9DCCFD2FF50C} - System32\Tasks\fsupdate => C:\Program Files (x86)\Flowsurf end Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade Dir bitte SecurityCheck und:
Bitte poste mit deiner nächsten Antwort
|
20.05.2014, 04:39 | #13 |
| Verdacht auf einen bösen Trojaner Hey eine frage wieso musste ich den Haken wegmachen ? Er hat 21 Bedrohungen gefunden und jetzt kann ich sie nicht löschen. Aber okey hier die Logdateien Fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-05-2014 Ran by Simon at 2014-05-19 20:00:56 Run:1 Running from C:\Users\Simon\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** start HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\...\Run: [InetStat] => C:\Users\Simon\AppData\Roaming\InetStat\inetstat.exe [1260648 2014-04-17] () C:\Users\Simon\AppData\Roaming\InetStat Task: {1578F21F-DB6C-49B1-B9AE-D20AFBC1D83D} - \RegClean Pro_UPDATES No Task File <==== ATTENTION Task: {638C1CFD-1280-4BDC-9ACB-C6ABB1AF06BF} - \Advanced System Protector_startup No Task File <==== ATTENTION Task: {7793B38D-D00A-4BA2-A836-CE7611EF8D2C} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION Task: {7F4FECF9-D90F-412D-B936-24812D315AFC} - \RegClean Pro No Task File <==== ATTENTION Task: {E0E342D7-A3D5-4D1D-92A2-9DCCFD2FF50C} - System32\Tasks\fsupdate => C:\Program Files (x86)\Flowsurf end ***************** HKU\S-1-5-21-3809745895-3397772576-1149702982-1000\Software\Microsoft\Windows\CurrentVersion\Run\\InetStat => Value deleted successfully. C:\Users\Simon\AppData\Roaming\InetStat => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1578F21F-DB6C-49B1-B9AE-D20AFBC1D83D} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1578F21F-DB6C-49B1-B9AE-D20AFBC1D83D} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_UPDATES => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{638C1CFD-1280-4BDC-9ACB-C6ABB1AF06BF} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{638C1CFD-1280-4BDC-9ACB-C6ABB1AF06BF} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced System Protector_startup => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7793B38D-D00A-4BA2-A836-CE7611EF8D2C} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7793B38D-D00A-4BA2-A836-CE7611EF8D2C} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_DEFAULT => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7F4FECF9-D90F-412D-B936-24812D315AFC} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F4FECF9-D90F-412D-B936-24812D315AFC} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E0E342D7-A3D5-4D1D-92A2-9DCCFD2FF50C} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0E342D7-A3D5-4D1D-92A2-9DCCFD2FF50C} => Key deleted successfully. C:\Windows\System32\Tasks\fsupdate => not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\fsupdate => => Key not found. "C:\Program Files (x86)\Flowsurf" => File/Directory not found. ==== End of Fixlog ==== Code:
ATTFilter Results of screen317's Security Check version 0.99.82 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Bitdefender Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` TuneUp Utilities 2014 TuneUp Utilities 2014 (de-DE) TuneUp Utilities 2014 Java 7 Update 55 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox (28.0) Mozilla Thunderbird (24.5.0) Google Chrome 34.0.1847.131 Google Chrome 34.0.1847.137 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Bitdefender Bitdefender bdagent.exe Bitdefender Bitdefender pmbxag.exe Bitdefender Bitdefender antispam32 bdapppassmgr.exe Bitdefender Bitdefender seccenter.exe Bitdefender Bitdefender Antispam32 pmbxcrnmh.exe Google Chrome Application OnlineScannerApp.exe -?- `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=aeb928ee12e13f439c4319ad1226fb5a # engine=18324 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2014-05-19 10:49:01 # local_time=2014-05-20 12:49:01 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5893 16776574 100 94 3987244 152169591 0 0 # scanned=271487 # found=25 # cleaned=0 # scan_time=16605 sh=F01B2664D8FF5A98DF177B7A4407065C32D124EF ft=1 fh=c71c0011fee765ee vn="Variante von Win32/Toolbar.BitCocktail.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\v-bates\ExtensionUpdaterService.exe.vir" sh=D5D448655516475521ED05DA392C0B22E89CABD5 ft=1 fh=30880a3d9465871e vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe.vir" sh=0875B17C39CA91D4FACFE06BE9CFB7BD2AE287AB ft=1 fh=a08cff209f918acd vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AspManager.exe.vir" sh=1199BAB9CA3F35EC1E50A3B25674FCD022446C14 ft=1 fh=7a085a94c75bd2f2 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\filetypehelper.exe.vir" sh=993414D548BA0A93771FEA63B0B3E0F2105C356D ft=1 fh=8ed1e18223898060 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\scandll.dll.vir" sh=972AF4C0312608024BA34674A454DE7909FC1235 ft=1 fh=9742522cc36ca56a vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir" sh=8028172BC9A513432367160F74EC1C23222443D0 ft=1 fh=ab7fcbf3131dcbc5 vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir" sh=8A800850A8A6D6AEF40429A65E9A44F7CD63DEC1 ft=1 fh=d30edf88f42df73c vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterfacef32.dll.vir" sh=A0ECEA090A2C9C1811A8D603493AAF0EC1C1FBEB ft=1 fh=928bded3cf6339db vn="Win32/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir" sh=70B73E61B07B2857680F3558A3D9D069D8E58589 ft=1 fh=6a8606388ada4aa5 vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir" sh=9DC7FF01B4DE1EB1F6FEF0AB10600CF9860DF306 ft=0 fh=0000000000000000 vn="Variante von Java/Adwind.G Trojaner" ac=I fn="C:\Users\Simon\AppData\Roaming\archivos java\jar.B09" sh=9DC7FF01B4DE1EB1F6FEF0AB10600CF9860DF306 ft=0 fh=0000000000000000 vn="Variante von Java/Adwind.G Trojaner" ac=I fn="C:\Users\Simon\Documents\CyberLink\LocalStorage_V2\Misc\server.jar" sh=CBFE35420659E5A2A2BD258AD898FC4D6E40C848 ft=1 fh=68dd0032f97fb48a vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\Alarm-fr-Cobra-11---Highway-Nights-Setup.exe" sh=7E8006960221F200032F2901727E2CD3ACF1C7B3 ft=1 fh=25ca9dc4fa885ec8 vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\Bloodline-Champions-lnstall.exe" sh=A617268E0C7BF9261A354340857D138BF644F341 ft=1 fh=0a25c70a13d6d444 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader (1).exe" sh=7DDA48DBCFC826A1A42E316F79F76563730CB75F ft=1 fh=c89342640b14bba9 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader.exe" sh=59A35D0B4035EC1E7EFA6D0545DF5D67F006B793 ft=1 fh=c71c0011a7df4c29 vn="Variante von Win32/InstallCore.OO evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_cfw_installer_5732_83.exe" sh=85DD0BAB2110A4229E232C0C08D7A1350BF1A856 ft=1 fh=c71c001110b3f691 vn="Variante von Win32/Injected.F Trojaner" ac=I fn="C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_privazer_free.exe" sh=E7EE0DBBDBA0C713CBB47C7C7FDA795F8E0E28B7 ft=1 fh=c71c0011e48792bc vn="Win32/InstallCore.MF evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_setup.exe" sh=6E8E245DA2AFD0D5A7C8517FE6B1855740E73CBE ft=1 fh=f46531ff5f1543fa vn="Win32/OutBrowse.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\SoundCloudDownloader.exe" sh=35D484133B28BEF475E47C49B46EF8F7F7188894 ft=1 fh=6a0acec5a4802429 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simon\Downloads\YouTube-Unblocker-055 - CHIP-Downloader.exe" sh=F84EEB885B5A4137F14A57CDE24ECA4E81D38B41 ft=1 fh=2b25765c6b25d38b vn="Win32/Systweak.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Simon_Downloads_rcpsetup_2005_file.net_ab_DE-kTweak.exe.vir" sh=B68FB7A8DED6645815A22E0EFDDD3FBEFBA03A20 ft=1 fh=f9740609da47dd36 vn="Variante von Win32/GameModding.A evtl. unerwünschte Anwendung" ac=I fn="D:\Backup PC\Rockstar Games\Grand Theft Auto San Andreas mit Mods\www.GameModding.net\Uninstall(BF injection)8882-caterham-csr-260-gtasa.exe" sh=9A59F7965332C796F1E7587F889ECA9C1E1AAD3D ft=1 fh=79849f1b3e9243f5 vn="Win32/InstallMonetizer.AN evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Magic Views .exe" sh=F0BF10E830C53884820D41B451A251FC00333719 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.AA evtl. unerwünschte Anwendung" ac=I fn="D:\SIMON-PC\Backup Set 2013-05-10 215344\Backup Files 2013-05-10 215344\Backup files 46.zip" |
20.05.2014, 16:04 | #14 | |
/// TB-Ausbilder | Verdacht auf einen bösen TrojanerZitat:
Zum anderen... was ist, wenn ESET eine Datei fälschlicherweise löscht, die absolut legitim ist? Was dann? Dann wird rumgeheult und geschimpft.... Reste entfernen Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start C:\Users\Simon\AppData\Roaming\archivos java\jar.B09 C:\Users\Simon\Documents\CyberLink\LocalStorage_V2\Misc\server.jar C:\Users\Simon\Downloads\Alarm-fr-Cobra-11---Highway-Nights-Setup.exe C:\Users\Simon\Downloads\Bloodline-Champions-lnstall.exe C:\Users\Simon\Downloads\Chrome YouTube Downloader - CHIP-Downloader*.exe C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_cfw_installer_5732_83.exe C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_privazer_free.exe C:\Users\Simon\Downloads\COMPUTER_BILD-Download-Manager_fuer_setup.exe C:\Users\Simon\Downloads\SoundCloudDownloader.exe C:\Users\Simon\Downloads\YouTube-Unblocker-055 - CHIP-Downloader.exe D:\Downloads\Magic Views .exe D:\SIMON-PC\Backup Set 2013-05-10 215344\Backup Files 2013-05-10 215344\Backup files 46.zip end Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Wenn du keine Probleme mehr hast, dann sind wir hier fertig. Deine Logdateien sind sauber. Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern. Schritt 1 Du verwendest veraltete Software auf deinem Rechner, was ein Sicherheitsrisiko darstellt. Daher solltest du veraltete Software deinstallieren und anschließend die aktuellste Version installieren. Folge dem Pfad Start > Systemsteuerung > Sofware / Programme deinstallieren. Deinstalliere die folgenden Programme von deinem Rechner:
Downloade und installiere dir bitte nun:Starte deinen Rechner nach der Installation neu auf. Schritt 2 Die Reihenfolge ist hier entscheidend.
Schritt 3 Abschließend habe ich noch ein paar Tipps zur Absicherung deines Systems. Ich kann gar nicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti-Viren-Programm und zusätzlicher Schutz
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden. Mozilla Firefox
Performance
Was du vermeiden solltest:
Nun bleibt mir nur noch dir viel Spaß beim sicheren Surfen zu wünschen... ... und vielleicht möchtest du ja das Trojaner-Board unterstützen? Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
20.05.2014, 16:34 | #15 |
| Verdacht auf einen bösen Trojaner Hey jetzt wollte ich mich mal für die Hilfe sehr bedanken und danke dass du dir so viel Zeit für mich genommen hast. Eine Frage habe ich noch: Hatte ich einen bösartigen Trojaner auf meinem Pc? Ansonsten wünsche ich dir noch viel Spass weiterhin . MfG |
Themen zu Verdacht auf einen bösen Trojaner |
account, alter, anzeige, datei, dringend, eingefangen, facebook gehackt, frage, fragen, gehackt, gen, heute, hilfe bei trojaner, hohe, interne, jahre, java, keine viren, leute, nachricht, nachrichten, niemals, passwort, programm, trojaner, verdacht, wirklich, übers |