Trojan.Agent e:\programs\\rhv\ati\7-zip\7-zip\...

helpmenao · 21.05.2014, 23:22

Hallo,
ich habe ein echt unangenehmes problem,
ich bin heute mal mit Malwarebytes Anti-Malware über meine Festplatten gelaufen
und nach 9 Minuten hat sich das Programm einfach aufgehängt und ist abgestürtzt.
Danach beschloss ich die "Detected Items" liste schnell zu öffnen bevor es erneut abstürtzte und sah, dass es sich anscheinend um eine zip bombe handelte.

Zitat:

("Detected items" liste von MWB)Trojan.Agent | Folder | e:\programs\\rhv\ati
Trojan.Agent | Folder | e:\programs\\rhv\ati\7-zip
... \7-zip\7-zip\ ...

und im internet fand ich nichts, dass mir eventuell helfen konnte.
hier noch ein Screenshot:
https://www.dropbox.com/s/ryt79zzjzfqife6/Unbenannt.png

schrauber · 22.05.2014, 05:45

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

helpmenao · 22.05.2014, 15:56

FRST.txt:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014
Ran by Snippah# (administrator) on SNIPPAH-PC on 22-05-2014 16:40:27
Running from C:\Users\Snippah#\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASRock) C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMS\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMS\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Spotify Ltd) C:\Users\Snippah#\AppData\Roaming\Spotify\spotify.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Valve Corporation) E:\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Windows\SysWOW64\C2MP\TrayMenu.exe
() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
(Dropbox, Inc.) C:\Users\Snippah#\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) E:\Teamviewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMS\Avira\AntiVir Desktop\avshadow.exe
(LogMeIn Inc.) E:\PROGRAMS\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) E:\PROGRAMS\LogMeIn Hamachi\LMIGuardianSvc.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMS\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) E:\PROGRAMS\iTunes\iTunesHelper.exe
() E:\PROGRAMS\Gameiki\Gameiki Mod Installer\Gameiki Mod Installer.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMS\Avira\My Avira\Avira.OE.Systray.exe
(LogMeIn Inc.) E:\PROGRAMS\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) E:\PROGRAMS\LogMeIn Hamachi\LMIGuardianSvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
(Mozilla Corporation) C:\Users\Snippah#\Desktop\Tor Browser\Browser\firefox.exe
() C:\Users\Snippah#\Desktop\Tor Browser\Tor\tor.exe
(Mozilla Corporation) E:\PROGRAMS\Mozilla Firefox\firefox.exe
(Apple Inc.) E:\PROGRAMS\iPod\bin\iPodService.exe
(Microsoft Corporation) E:\PROGRAMS\Windows Media Player\wmpnetwk.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [XFast LAN] => E:\Xfast lan\cFosSpeed.exe [1441152 2011-10-19] ()
HKLM\...\Run: [NvBackend] => E:\PROGRAMS\\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => E:\PROGRAMS\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => E:\PROGRAMS\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => E:\PROGRAMS\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1679360 2012-02-28] (Wondershare)
HKLM-x32\...\Run: [iTunesHelper] => E:\PROGRAMS\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [Gameiki] => E:\PROGRAMS\Gameiki\Gameiki Mod Installer\Gameiki Mod Installer.exe [358912 2014-02-23] ()
HKLM-x32\...\Run: [Avira Systray] => E:\PROGRAMS\Avira\My Avira\Avira.OE.Systray.exe [182352 2014-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => E:\PROGRAMS\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [Spotify] => C:\Users\Snippah#\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [Spotify Web Helper] => C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [Steam] => E:\Steam\steam.exe [1775808 2014-05-21] (Valve Corporation)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [ckzeom] => regsvr32.exe "
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [yiasfxw] => regsvr32.exe "C:\ProgramData\yiasfxw.dat"
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\MountPoints2: {901dd429-bb81-11e3-b620-806e6f6e6963} - F:\SETUP.EXE
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\MountPoints2: {d3d23749-9fef-11e3-9919-806e6f6e6963} - F:\DVDSetup.exe
AppInit_DLLs:  =>  File Not Found
AppInit_DLLs-x32:  => "" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk
ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\C2MP\TrayMenu.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
Startup: C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Snippah#\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.de
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.de
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-flv
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\PROGRAMS\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\PROGRAMS\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\PROGRAMS\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\PROGRAMS\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Users\Snippah#\AppData\Local\Microsoft\Windows Sidebar\Gadgets\skypegadget1.4.gadget\wrapper\Skype4COM.dll No File

FireFox:
========
FF ProfilePath: C:\Users\Snippah#\AppData\Roaming\Mozilla\Firefox\Profiles\wwxr4ze2.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - E:\PROGRAMS\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - E:\PROGRAMS\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\PROGRAMS\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - E:\PROGRAMS\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - E:\PROGRAMS\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - E:\PROGRAMS\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - E:\PROGRAMS\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - E:\PROGRAMS\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Snippah#\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF StartMenuInternet: FIREFOX.EXE - E:\PROGRAMS\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "https://www.google.de/",  "hxxp://www.google.de/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - E:\PROGRAMS\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - E:\PROGRAMS\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - E:\PROGRAMS\Google\Chrome\Application\34.0.1847.137\pdf.dll No File
CHR Plugin: (Free Studio) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_0\np_dvs_plugin.dll (DVDVideoSoft Ltd.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll No File
CHR Plugin: (Google Update) - E:\PROGRAMS\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.550.14) - E:\PROGRAMS\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U55) - E:\PROGRAMS\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - E:\PROGRAMS\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - E:\PROGRAMS\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - E:\PROGRAMS\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - E:\PROGRAMS\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Extension: (ProxFlow) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-05-10]
CHR Extension: (Bookmarks) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\adgbnjhpkfmgbidgbhdllmehfihlpoda [2014-04-12]
CHR Extension: (Google Docs) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-31]
CHR Extension: (Google Drive) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-27]
CHR Extension: (YouTube) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-27]
CHR Extension: (Adblock Plus) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-12]
CHR Extension: (Google-Suche) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-27]
CHR Extension: (Avira Browser Safety) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-04-12]
CHR Extension: (AdBlock) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-12]
CHR Extension: (Dropbox) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-04-12]
CHR Extension: (FVD Downloader) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-04-12]
CHR Extension: (DVDVideoSoft) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2014-05-03]
CHR Extension: (Google Wallet) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-27]
CHR Extension: (ProxPrice) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2014-05-14]
CHR Extension: (Google Mail) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-27]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-05-03]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-07-28] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; E:\PROGRAMS\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; E:\PROGRAMS\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; E:\PROGRAMS\Avira\My Avira\Avira.OE.ServiceHost.exe [124496 2014-05-05] (Avira Operations GmbH & Co. KG)
S2 cFosSpeedS; E:\Xfast lan\spd.exe [395136 2011-10-19] ()
R2 Hamachi2Svc; E:\PROGRAMS\LogMeIn Hamachi\hamachi-2.exe [2228048 2014-05-13] (LogMeIn Inc.)
R3 iPod Service; E:\PROGRAMS\iPod\bin\iPodService.exe [641352 2014-02-21] (Apple Inc.)
S3 MozillaMaintenance; E:\PROGRAMS\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-03-15] (Mozilla Foundation)
U2 NvNetworkService; E:\PROGRAMS\\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; E:\PROGRAMS\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 Stereo Service; E:\PROGRAMS\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [411936 2014-03-04] (NVIDIA Corporation)
R2 TeamViewer9; E:\Teamviewer\TeamViewer_Service.exe [4972864 2014-04-02] (TeamViewer GmbH)
S3 FirebirdServerMAGIXInstance; "C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe" [X]

==================== Drivers (Whitelisted) ====================

R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-21] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 RTCore64; E:\PROGRAMS\MSI Afterburner\RTCore64.sys [13368 2013-01-23] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 teVirtualMIDI64; C:\Windows\System32\DRIVERS\teVirtualMIDI64.sys [30208 2012-08-16] (Tobias Erichsen)
S3 Tortilla; C:\Windows\System32\DRIVERS\tortilla.sys [14992 2014-04-06] ()
S3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2013-05-30] (Wondershare)
S3 ZD1211BU(WLAN); C:\Windows\System32\DRIVERS\zd1211Bu.sys [493440 2005-10-28] (ZyDAS Technology Corporation)
S2 AODDriver4.2.0; \??\E:\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
R3 ArdDrv; \??\C:\Windows\SysWOW64\Drivers\ArdDrv.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-22 16:40 - 2014-05-22 16:40 - 00020251 _____ () C:\Users\Snippah#\Downloads\FRST.txt
2014-05-22 16:39 - 2014-05-22 16:39 - 02067456 _____ (Farbar) C:\Users\Snippah#\Downloads\FRST64.exe
2014-05-22 16:33 - 2014-05-22 16:33 - 00000168 _____ () C:\Windows\setupact.log
2014-05-22 16:33 - 2014-05-22 16:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-21 23:02 - 2014-05-22 16:40 - 00000000 ____D () C:\FRST
2014-05-21 22:55 - 2014-05-22 00:27 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\CrashDumps
2014-05-21 22:32 - 2014-05-21 22:32 - 00000948 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-21 19:41 - 2014-05-22 16:36 - 00003036 _____ () C:\Windows\System32\Tasks\asrRd
2014-05-20 15:38 - 2014-05-20 15:38 - 00000000 ____D () E:\PROGRAMS\Tor Browser
2014-05-20 00:01 - 2014-05-10 22:03 - 22771879 _____ () C:\Users\Snippah#\Desktop\BraeburnDaki.rar
2014-05-19 21:03 - 2014-05-19 21:03 - 00000628 _____ () C:\Users\Snippah#\Desktop\JRT.txt
2014-05-19 19:25 - 2014-05-19 19:25 - 00002037 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-05-18 22:55 - 2014-05-18 22:56 - 00000052 _____ () C:\Users\Snippah#\Desktop\httpswww.youtube.comwatchv=1C5aNKnEbzE.txt
2014-05-17 12:50 - 2014-05-21 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Half-Life 2 Riot Act
2014-05-17 12:50 - 2014-05-17 13:05 - 00000822 _____ () C:\Users\Snippah#\Desktop\Play Half-Life 2 Riot Act.lnk
2014-05-17 12:50 - 2014-05-17 12:50 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life 2 Riot Act
2014-05-17 12:09 - 2014-05-17 12:09 - 00000202 _____ () C:\Users\Snippah#\Desktop\Estranged Act I.url
2014-05-16 18:30 - 2014-05-16 18:30 - 01220772 _____ (pendrivelinux.com) C:\Users\Snippah#\Desktop\YUMI-2.0.0.4.exe
2014-05-15 18:35 - 2014-05-15 18:51 - 00004608 _____ () C:\Users\Snippah#\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-15 15:34 - 2014-05-15 15:54 - 00002546 _____ () C:\Users\Snippah#\Desktop\EDITSIS_avi.HDP
2014-05-15 00:32 - 2014-05-15 00:04 - 2591555916 _____ () C:\Users\Snippah#\Desktop\EDITSIS.avi
2014-05-14 21:12 - 2014-05-14 21:12 - 00000000 ____D () E:\PROGRAMS\LogMeIn Hamachi
2014-05-14 21:12 - 2014-05-14 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-13 15:17 - 2014-05-21 22:42 - 00000029 _____ () C:\ProgramData\yiasfxw.dat
2014-05-12 17:42 - 2014-05-12 17:42 - 01048630 _____ () C:\Users\Snippah#\Desktop\c_frying_pan.bmp
2014-05-12 17:35 - 2014-05-12 17:52 - 01398308 _____ () C:\Users\Snippah#\Desktop\c_frying_pan.vtf
2014-05-10 23:33 - 2014-05-10 23:33 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Unity
2014-05-10 18:53 - 2014-05-10 18:53 - 00000000 ____D () C:\Users\Snippah#\Sources
2014-05-10 18:53 - 2014-05-10 18:51 - 00000057 _____ () C:\Users\Snippah#\start.bat
2014-05-10 18:53 - 2014-05-10 18:29 - 00072704 _____ (Igor Pavlov) C:\Users\Snippah#\LZMA.dll
2014-05-10 18:53 - 2012-04-23 11:15 - 00019456 _____ () C:\Users\Snippah#\VSIF2VCD.exe
2014-05-10 16:20 - 2014-05-10 16:20 - 00001701 _____ () C:\Users\Public\Desktop\IrfanView Thumbnails.lnk
2014-05-10 16:20 - 2014-05-10 16:20 - 00000831 _____ () C:\Users\Public\Desktop\IrfanView.lnk
2014-05-10 16:20 - 2014-05-10 16:20 - 00000000 ____D () E:\PROGRAMS\IrfanView
2014-05-10 16:20 - 2014-05-10 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-05-09 00:40 - 2014-05-09 00:40 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Terraria_Launcher
2014-05-09 00:39 - 2014-05-09 00:39 - 00001030 _____ () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameiki Mod Installer.lnk
2014-05-09 00:39 - 2014-05-09 00:39 - 00000754 _____ () C:\Users\Snippah#\Desktop\Gamiki Mod Installer.lnk
2014-05-09 00:39 - 2014-05-09 00:39 - 00000000 ____D () E:\PROGRAMS\Gameiki
2014-05-08 18:38 - 2014-05-08 18:38 - 00000906 _____ () C:\Users\Snippah#\Desktop\Notepad++.lnk
2014-05-08 18:00 - 2014-05-08 18:00 - 00001752 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2014-05-08 18:00 - 2014-05-08 18:00 - 00001712 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2014-05-08 18:00 - 2014-05-08 18:00 - 00001697 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-05-08 17:59 - 2014-05-08 18:00 - 00000000 ____D () E:\PROGRAMS\JDownloader
2014-05-08 17:57 - 2014-05-08 17:57 - 00001152 _____ () C:\Users\Snippah#\Desktop\Continue JDownloader Installation.lnk
2014-05-08 16:19 - 2014-05-08 16:19 - 00000000 __RSH () C:\MSDOS.SYS
2014-05-08 16:19 - 2014-05-08 16:19 - 00000000 __RSH () C:\IO.SYS
2014-05-07 21:04 - 2014-05-07 21:04 - 00002107 _____ () C:\Users\Snippah#\Desktop\Chrome OS (ChromiumOS Vanilla Build) - USB-Image - CHIP Downloader.lnk
2014-05-07 20:29 - 2014-05-07 20:29 - 00000808 _____ () C:\Users\Public\Desktop\EasyBCD 2.2.lnk
2014-05-07 20:29 - 2014-05-07 20:29 - 00000000 ____D () E:\PROGRAMS\EasyBCD
2014-05-05 21:16 - 2014-05-05 21:16 - 01495300 _____ () C:\Users\Snippah#\Desktop\tf_english.txt
2014-05-05 17:56 - 2014-05-05 17:56 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-05 15:57 - 2014-05-05 16:04 - 00002614 _____ () C:\Windows\diagwrn.xml
2014-05-05 15:57 - 2014-05-05 16:04 - 00001890 _____ () C:\Windows\diagerr.xml
2014-05-03 20:53 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-03 13:37 - 2014-05-21 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-05-03 13:37 - 2014-05-19 19:25 - 00001243 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-05-03 13:37 - 2014-05-19 19:25 - 00000000 ____D () E:\PROGRAMS\DVDVideoSoft
2014-05-03 13:37 - 2014-05-17 17:47 - 00001973 _____ () C:\Users\Public\Desktop\Free YouTube Download.lnk
2014-05-03 13:36 - 2014-05-19 19:26 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\DVDVideoSoft
2014-05-03 02:06 - 2014-05-03 02:24 - 00085848 _____ () C:\Users\Snippah#\Desktop\wetgerger.wav
2014-05-03 02:06 - 2014-05-03 02:24 - 00002546 _____ () C:\Users\Snippah#\Desktop\wetgerger.HDP
2014-05-03 00:30 - 2014-05-19 16:45 - 00000000 ____D () C:\Users\Snippah#\Desktop\magix fertig
2014-05-02 23:37 - 2014-05-03 00:31 - 00208670 _____ () C:\Users\Snippah#\Documents\i hate all of you bitches.MVP
2014-05-02 23:33 - 2014-05-03 00:50 - 30310868 _____ () C:\Users\Snippah#\Desktop\gaaaaaaaaaaaaaaaaay.wav
2014-05-02 23:33 - 2014-05-03 00:50 - 00002586 _____ () C:\Users\Snippah#\Desktop\gaaaaaaaaaaaaaaaaay.HDP
2014-05-02 22:47 - 2014-05-02 23:05 - 00002578 _____ () C:\Users\Snippah#\Desktop\gvzgfvztmmjkmmkm,.HDP
2014-05-02 22:47 - 2014-05-02 22:47 - 25705428 _____ () C:\Users\Snippah#\Desktop\gvzgfvztmmjkmmkm,.wav
2014-05-02 22:09 - 2014-05-02 22:09 - 00002558 _____ () C:\Users\Snippah#\Desktop\fuck you all.HDP
2014-05-02 22:08 - 2014-05-02 22:08 - 25285588 _____ () C:\Users\Snippah#\Desktop\fuck you all.wav
2014-05-02 17:28 - 2014-05-02 17:28 - 00476204 _____ () C:\Users\Snippah#\Desktop\leckma.wav
2014-05-02 17:26 - 2014-05-02 17:26 - 00401964 _____ () C:\Users\Snippah#\Desktop\hure.wav
2014-05-02 17:24 - 2014-05-02 17:24 - 00434220 _____ () C:\Users\Snippah#\Desktop\gdfgfddfg.wav
2014-05-02 17:22 - 2014-05-02 17:22 - 00701484 _____ () C:\Users\Snippah#\Desktop\ghedhg.wav
2014-05-02 17:00 - 2014-05-02 17:00 - 00710100 _____ () C:\Users\Snippah#\Desktop\fghfgszherhe.wav
2014-04-30 00:58 - 2014-04-30 00:58 - 160792641 _____ () C:\Users\Snippah#\Desktop\Juliens Bibelkunde #1 - Die Schöpfung.mp4
2014-04-28 16:02 - 2014-05-12 16:16 - 00000918 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-04-28 16:01 - 2014-05-12 16:16 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-27 23:50 - 2014-04-27 23:50 - 00001622 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () E:\PROGRAMS\iTunes
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () E:\PROGRAMS\iPod
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-27 23:50 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-04-27 19:40 - 2014-04-27 19:40 - 00000199 _____ () C:\Users\Snippah#\Desktop\Left 4 Dead 2.url
2014-04-27 18:26 - 2014-04-27 18:26 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\java
2014-04-25 16:25 - 2014-04-25 16:25 - 00403600 _____ () C:\Users\Snippah#\Desktop\gatling_shoot_crit.wav
2014-04-25 15:59 - 2014-04-25 15:59 - 00402892 _____ () C:\Users\Snippah#\Desktop\gatling_shoot.wav
2014-04-25 14:09 - 2014-04-25 18:24 - 01541196 _____ () C:\Users\Snippah#\Desktop\minigun_shoot.wav
2014-04-25 14:06 - 2014-04-25 14:06 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-25 06:39 - 2014-04-25 06:40 - 16560431 _____ () C:\Users\Snippah#\Desktop\tf2intro.mp4
2014-04-25 03:49 - 2014-04-25 00:10 - 15183406 _____ () C:\Users\Snippah#\Desktop\crit_power.wav
2014-04-25 02:58 - 2014-04-25 02:58 - 00000000 ____D () C:\Users\Snippah#\Desktop\sound1234521
2014-04-25 02:34 - 2014-04-25 02:34 - 00159810 _____ () C:\Users\Snippah#\Desktop\im going to lick ya.wav
2014-04-25 02:29 - 2014-04-25 02:29 - 00123564 _____ () C:\Users\Snippah#\Desktop\neinneinnein1.wav
2014-04-25 02:29 - 2014-04-25 02:29 - 00082604 _____ () C:\Users\Snippah#\Desktop\neinnein2.wav
2014-04-25 02:28 - 2014-04-25 02:28 - 00553180 _____ () C:\Users\Snippah#\Desktop\neinnein1.wav
2014-04-25 02:28 - 2014-04-25 02:28 - 00067392 _____ () C:\Users\Snippah#\Desktop\nein1.wav
2014-04-25 02:25 - 2014-04-25 02:25 - 00247264 _____ () C:\Users\Snippah#\Desktop\hitsound44.wav
2014-04-25 02:19 - 2014-04-25 16:27 - 00067392 _____ () C:\Users\Snippah#\Desktop\hitsound.wav
2014-04-24 19:05 - 2014-04-24 19:05 - 00000407 _____ () C:\Users\Snippah#\Desktop\gbvhjfh.aup
2014-04-23 21:30 - 2014-04-25 00:51 - 00160016 _____ () C:\Users\Snippah#\Desktop\ponymods.vpk.sound.cache
2014-04-23 20:47 - 2014-04-23 20:47 - 97177694 _____ () C:\Users\Snippah#\Desktop\ponymods_005.vpk
2014-04-23 20:47 - 2014-04-23 20:47 - 282278611 _____ () C:\Users\Snippah#\Desktop\ponymods_002.vpk
2014-04-23 20:47 - 2014-04-23 20:47 - 231986820 _____ () C:\Users\Snippah#\Desktop\ponymods_003.vpk
2014-04-23 20:47 - 2014-04-23 20:47 - 219861582 _____ () C:\Users\Snippah#\Desktop\ponymods_004.vpk
2014-04-23 20:47 - 2014-04-23 20:47 - 209760671 _____ () C:\Users\Snippah#\Desktop\ponymods_001.vpk
2014-04-23 20:47 - 2014-04-23 20:47 - 00098805 _____ () C:\Users\Snippah#\Desktop\ponymods_dir.vpk
2014-04-23 20:46 - 2014-04-23 20:47 - 211025205 _____ () C:\Users\Snippah#\Desktop\ponymods_000.vpk
2014-04-22 02:06 - 2014-04-22 02:08 - 00009396 _____ () C:\Users\Snippah#\Desktop\requiem for a dream - Lux Aeterna.mid
2014-04-22 02:00 - 2014-04-22 02:25 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Wondershare
2014-04-22 01:59 - 2013-05-30 13:56 - 00029288 _____ (Wondershare) C:\Windows\system32\Drivers\WsAudioDevice_383S(1).sys

==================== One Month Modified Files and Folders =======

2014-05-22 16:40 - 2014-05-22 16:40 - 00020251 _____ () C:\Users\Snippah#\Downloads\FRST.txt
2014-05-22 16:40 - 2014-05-21 23:02 - 00000000 ____D () C:\FRST
2014-05-22 16:39 - 2014-05-22 16:39 - 02067456 _____ (Farbar) C:\Users\Snippah#\Downloads\FRST64.exe
2014-05-22 16:38 - 2014-02-27 18:00 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Skype
2014-05-22 16:37 - 2014-02-27 17:35 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Spotify
2014-05-22 16:37 - 2014-02-27 17:35 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Spotify
2014-05-22 16:36 - 2014-05-21 19:41 - 00003036 _____ () C:\Windows\System32\Tasks\asrRd
2014-05-22 16:35 - 2014-04-15 18:15 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\LogMeIn Hamachi
2014-05-22 16:35 - 2014-03-01 21:03 - 00000000 ___RD () C:\Users\Snippah#\Dropbox
2014-05-22 16:35 - 2014-03-01 21:01 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Dropbox
2014-05-22 16:33 - 2014-05-22 16:33 - 00000168 _____ () C:\Windows\setupact.log
2014-05-22 16:33 - 2014-05-22 16:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-22 16:33 - 2014-02-27 22:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-22 16:33 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-22 00:31 - 2014-02-27 22:46 - 00682972 _____ () C:\Windows\WindowsUpdate.log
2014-05-22 00:27 - 2014-05-21 22:55 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\CrashDumps
2014-05-22 00:14 - 2014-03-04 02:36 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Paint.NET
2014-05-21 23:52 - 2014-03-31 22:01 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-21 23:44 - 2014-02-28 00:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-21 23:24 - 2009-07-14 06:45 - 00036336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-21 23:24 - 2009-07-14 06:45 - 00036336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-21 22:54 - 2014-05-17 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Half-Life 2 Riot Act
2014-05-21 22:54 - 2014-05-03 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-05-21 22:49 - 2014-02-28 07:41 - 00696878 _____ () C:\Windows\system32\perfh007.dat
2014-05-21 22:49 - 2014-02-28 07:41 - 00148174 _____ () C:\Windows\system32\perfc007.dat
2014-05-21 22:49 - 2009-07-14 07:13 - 01613540 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-21 22:42 - 2014-05-13 15:17 - 00000029 _____ () C:\ProgramData\yiasfxw.dat
2014-05-21 22:32 - 2014-05-21 22:32 - 00000948 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-21 20:03 - 2014-03-14 19:27 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4F372E70-9CBF-4970-A680-9F7B6BF7B9F1}
2014-05-20 15:38 - 2014-05-20 15:38 - 00000000 ____D () E:\PROGRAMS\Tor Browser
2014-05-20 00:44 - 2014-02-28 15:44 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Audacity
2014-05-19 21:03 - 2014-05-19 21:03 - 00000628 _____ () C:\Users\Snippah#\Desktop\JRT.txt
2014-05-19 19:26 - 2014-05-03 13:36 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\DVDVideoSoft
2014-05-19 19:25 - 2014-05-19 19:25 - 00002037 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-05-19 19:25 - 2014-05-03 13:37 - 00001243 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-05-19 19:25 - 2014-05-03 13:37 - 00000000 ____D () E:\PROGRAMS\DVDVideoSoft
2014-05-19 16:45 - 2014-05-03 00:30 - 00000000 ____D () C:\Users\Snippah#\Desktop\magix fertig
2014-05-18 22:56 - 2014-05-18 22:55 - 00000052 _____ () C:\Users\Snippah#\Desktop\httpswww.youtube.comwatchv=1C5aNKnEbzE.txt
2014-05-17 17:47 - 2014-05-03 13:37 - 00001973 _____ () C:\Users\Public\Desktop\Free YouTube Download.lnk
2014-05-17 15:45 - 2014-02-28 00:25 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-17 15:45 - 2014-02-28 00:25 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-17 15:45 - 2014-02-28 00:25 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-17 15:45 - 2014-02-28 00:25 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Adobe
2014-05-17 13:05 - 2014-05-17 12:50 - 00000822 _____ () C:\Users\Snippah#\Desktop\Play Half-Life 2 Riot Act.lnk
2014-05-17 12:50 - 2014-05-17 12:50 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life 2 Riot Act
2014-05-17 12:09 - 2014-05-17 12:09 - 00000202 _____ () C:\Users\Snippah#\Desktop\Estranged Act I.url
2014-05-17 12:09 - 2014-02-27 22:38 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-16 18:30 - 2014-05-16 18:30 - 01220772 _____ (pendrivelinux.com) C:\Users\Snippah#\Desktop\YUMI-2.0.0.4.exe
2014-05-15 18:51 - 2014-05-15 18:35 - 00004608 _____ () C:\Users\Snippah#\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-15 15:54 - 2014-05-15 15:34 - 00002546 _____ () C:\Users\Snippah#\Desktop\EDITSIS_avi.HDP
2014-05-15 15:28 - 2014-03-01 21:02 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-15 15:28 - 2014-02-27 22:51 - 00000000 ___RD () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 00:04 - 2014-05-15 00:32 - 2591555916 _____ () C:\Users\Snippah#\Desktop\EDITSIS.avi
2014-05-14 21:12 - 2014-05-14 21:12 - 00000000 ____D () E:\PROGRAMS\LogMeIn Hamachi
2014-05-14 21:12 - 2014-05-14 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-12 17:52 - 2014-05-12 17:35 - 01398308 _____ () C:\Users\Snippah#\Desktop\c_frying_pan.vtf
2014-05-12 17:42 - 2014-05-12 17:42 - 01048630 _____ () C:\Users\Snippah#\Desktop\c_frying_pan.bmp
2014-05-12 17:37 - 2014-03-04 02:36 - 00000000 ____D () E:\PROGRAMS\Paint.NET
2014-05-12 16:16 - 2014-04-28 16:02 - 00000918 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-12 16:16 - 2014-04-28 16:01 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-12 16:16 - 2014-04-10 20:58 - 00000000 ____D () E:\PROGRAMS\Avira
2014-05-12 16:16 - 2014-04-10 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-10 23:33 - 2014-05-10 23:33 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Unity
2014-05-10 22:03 - 2014-05-20 00:01 - 22771879 _____ () C:\Users\Snippah#\Desktop\BraeburnDaki.rar
2014-05-10 18:53 - 2014-05-10 18:53 - 00000000 ____D () C:\Users\Snippah#\Sources
2014-05-10 18:53 - 2014-02-27 22:51 - 00000000 ____D () C:\Users\Snippah#
2014-05-10 18:51 - 2014-05-10 18:53 - 00000057 _____ () C:\Users\Snippah#\start.bat
2014-05-10 18:37 - 2014-03-02 12:39 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Notepad++
2014-05-10 18:29 - 2014-05-10 18:53 - 00072704 _____ (Igor Pavlov) C:\Users\Snippah#\LZMA.dll
2014-05-10 16:20 - 2014-05-10 16:20 - 00001701 _____ () C:\Users\Public\Desktop\IrfanView Thumbnails.lnk
2014-05-10 16:20 - 2014-05-10 16:20 - 00000831 _____ () C:\Users\Public\Desktop\IrfanView.lnk
2014-05-10 16:20 - 2014-05-10 16:20 - 00000000 ____D () E:\PROGRAMS\IrfanView
2014-05-10 16:20 - 2014-05-10 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-05-10 12:06 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-09 00:40 - 2014-05-09 00:40 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Terraria_Launcher
2014-05-09 00:39 - 2014-05-09 00:39 - 00001030 _____ () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameiki Mod Installer.lnk
2014-05-09 00:39 - 2014-05-09 00:39 - 00000754 _____ () C:\Users\Snippah#\Desktop\Gamiki Mod Installer.lnk
2014-05-09 00:39 - 2014-05-09 00:39 - 00000000 ____D () E:\PROGRAMS\Gameiki
2014-05-08 18:38 - 2014-05-08 18:38 - 00000906 _____ () C:\Users\Snippah#\Desktop\Notepad++.lnk
2014-05-08 18:00 - 2014-05-08 18:00 - 00001752 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2014-05-08 18:00 - 2014-05-08 18:00 - 00001712 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2014-05-08 18:00 - 2014-05-08 18:00 - 00001697 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-05-08 18:00 - 2014-05-08 17:59 - 00000000 ____D () E:\PROGRAMS\JDownloader
2014-05-08 17:57 - 2014-05-08 17:57 - 00001152 _____ () C:\Users\Snippah#\Desktop\Continue JDownloader Installation.lnk
2014-05-08 16:51 - 2014-03-14 19:27 - 00032768 _____ () C:\Users\Snippah#\Documents\EasyBCD Backup (2014-03-14).bcd
2014-05-08 16:19 - 2014-05-08 16:19 - 00000000 __RSH () C:\MSDOS.SYS
2014-05-08 16:19 - 2014-05-08 16:19 - 00000000 __RSH () C:\IO.SYS
2014-05-07 23:04 - 2014-02-27 22:51 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\VirtualStore
2014-05-07 21:04 - 2014-05-07 21:04 - 00002107 _____ () C:\Users\Snippah#\Desktop\Chrome OS (ChromiumOS Vanilla Build) - USB-Image - CHIP Downloader.lnk
2014-05-07 20:29 - 2014-05-07 20:29 - 00000808 _____ () C:\Users\Public\Desktop\EasyBCD 2.2.lnk
2014-05-07 20:29 - 2014-05-07 20:29 - 00000000 ____D () E:\PROGRAMS\EasyBCD
2014-05-05 21:16 - 2014-05-05 21:16 - 01495300 _____ () C:\Users\Snippah#\Desktop\tf_english.txt
2014-05-05 17:56 - 2014-05-05 17:56 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-05 16:04 - 2014-05-05 15:57 - 00002614 _____ () C:\Windows\diagwrn.xml
2014-05-05 16:04 - 2014-05-05 15:57 - 00001890 _____ () C:\Windows\diagerr.xml
2014-05-03 02:24 - 2014-05-03 02:06 - 00085848 _____ () C:\Users\Snippah#\Desktop\wetgerger.wav
2014-05-03 02:24 - 2014-05-03 02:06 - 00002546 _____ () C:\Users\Snippah#\Desktop\wetgerger.HDP
2014-05-03 01:58 - 2014-03-01 21:03 - 00000000 ____D () C:\Users\Snippah#\Desktop\PICTUREZ(sorry google o3o)
2014-05-03 00:50 - 2014-05-02 23:33 - 30310868 _____ () C:\Users\Snippah#\Desktop\gaaaaaaaaaaaaaaaaay.wav
2014-05-03 00:50 - 2014-05-02 23:33 - 00002586 _____ () C:\Users\Snippah#\Desktop\gaaaaaaaaaaaaaaaaay.HDP
2014-05-03 00:31 - 2014-05-02 23:37 - 00208670 _____ () C:\Users\Snippah#\Documents\i hate all of you bitches.MVP
2014-05-02 23:05 - 2014-05-02 22:47 - 00002578 _____ () C:\Users\Snippah#\Desktop\gvzgfvztmmjkmmkm,.HDP
2014-05-02 22:47 - 2014-05-02 22:47 - 25705428 _____ () C:\Users\Snippah#\Desktop\gvzgfvztmmjkmmkm,.wav
2014-05-02 22:09 - 2014-05-02 22:09 - 00002558 _____ () C:\Users\Snippah#\Desktop\fuck you all.HDP
2014-05-02 22:08 - 2014-05-02 22:08 - 25285588 _____ () C:\Users\Snippah#\Desktop\fuck you all.wav
2014-05-02 17:28 - 2014-05-02 17:28 - 00476204 _____ () C:\Users\Snippah#\Desktop\leckma.wav
2014-05-02 17:26 - 2014-05-02 17:26 - 00401964 _____ () C:\Users\Snippah#\Desktop\hure.wav
2014-05-02 17:24 - 2014-05-02 17:24 - 00434220 _____ () C:\Users\Snippah#\Desktop\gdfgfddfg.wav
2014-05-02 17:22 - 2014-05-02 17:22 - 00701484 _____ () C:\Users\Snippah#\Desktop\ghedhg.wav
2014-05-02 17:00 - 2014-05-02 17:00 - 00710100 _____ () C:\Users\Snippah#\Desktop\fghfgszherhe.wav
2014-04-30 00:58 - 2014-04-30 00:58 - 160792641 _____ () C:\Users\Snippah#\Desktop\Juliens Bibelkunde #1 - Die Schöpfung.mp4
2014-04-27 23:51 - 2014-03-09 01:51 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\redsn0w
2014-04-27 23:50 - 2014-04-27 23:50 - 00001622 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () E:\PROGRAMS\iTunes
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () E:\PROGRAMS\iPod
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-27 23:49 - 2014-03-01 20:47 - 00000000 ____D () C:\ProgramData\Apple
2014-04-27 19:40 - 2014-04-27 19:40 - 00000199 _____ () C:\Users\Snippah#\Desktop\Left 4 Dead 2.url
2014-04-27 18:26 - 2014-04-27 18:26 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\java
2014-04-27 18:26 - 2014-03-10 15:34 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\.minecraft
2014-04-26 21:08 - 2014-04-11 19:54 - 00000000 ____D () E:\PROGRAMS\MSI Afterburner
2014-04-26 14:29 - 2009-07-14 06:45 - 00536056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-25 18:24 - 2014-04-25 14:09 - 01541196 _____ () C:\Users\Snippah#\Desktop\minigun_shoot.wav
2014-04-25 16:27 - 2014-04-25 02:19 - 00067392 _____ () C:\Users\Snippah#\Desktop\hitsound.wav
2014-04-25 16:25 - 2014-04-25 16:25 - 00403600 _____ () C:\Users\Snippah#\Desktop\gatling_shoot_crit.wav
2014-04-25 15:59 - 2014-04-25 15:59 - 00402892 _____ () C:\Users\Snippah#\Desktop\gatling_shoot.wav
2014-04-25 14:06 - 2014-04-25 14:06 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-25 14:06 - 2014-02-27 18:00 - 00000000 ____D () C:\ProgramData\Skype
2014-04-25 14:06 - 2014-02-27 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-25 06:40 - 2014-04-25 06:39 - 16560431 _____ () C:\Users\Snippah#\Desktop\tf2intro.mp4
2014-04-25 02:58 - 2014-04-25 02:58 - 00000000 ____D () C:\Users\Snippah#\Desktop\sound1234521
2014-04-25 02:34 - 2014-04-25 02:34 - 00159810 _____ () C:\Users\Snippah#\Desktop\im going to lick ya.wav
2014-04-25 02:29 - 2014-04-25 02:29 - 00123564 _____ () C:\Users\Snippah#\Desktop\neinneinnein1.wav
2014-04-25 02:29 - 2014-04-25 02:29 - 00082604 _____ () C:\Users\Snippah#\Desktop\neinnein2.wav
2014-04-25 02:28 - 2014-04-25 02:28 - 00553180 _____ () C:\Users\Snippah#\Desktop\neinnein1.wav
2014-04-25 02:28 - 2014-04-25 02:28 - 00067392 _____ () C:\Users\Snippah#\Desktop\nein1.wav
2014-04-25 02:25 - 2014-04-25 02:25 - 00247264 _____ () C:\Users\Snippah#\Desktop\hitsound44.wav
2014-04-25 00:51 - 2014-04-23 21:30 - 00160016 _____ () C:\Users\Snippah#\Desktop\ponymods.vpk.sound.cache
2014-04-25 00:10 - 2014-04-25 03:49 - 15183406 _____ () C:\Users\Snippah#\Desktop\crit_power.wav
2014-04-25 00:08 - 2014-02-27 17:29 - 00161744 _____ () C:\Users\Snippah#\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-25 00:05 - 2014-04-05 13:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-25 00:02 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2014-04-25 00:01 - 2014-04-05 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-04-24 19:05 - 2014-04-24 19:05 - 00000407 _____ () C:\Users\Snippah#\Desktop\gbvhjfh.aup
2014-04-23 20:47 - 2014-04-23 20:47 - 97177694 _____ () C:\Users\Snippah#\Desktop\ponymods_005.vpk
2014-04-23 20:47 - 2014-04-23 20:47 - 282278611 _____ () C:\Users\Snippah#\Desktop\ponymods_002.vpk
2014-04-23 20:47 - 2014-04-23 20:47 - 231986820 _____ () C:\Users\Snippah#\Desktop\ponymods_003.vpk
2014-04-23 20:47 - 2014-04-23 20:47 - 219861582 _____ () C:\Users\Snippah#\Desktop\ponymods_004.vpk
2014-04-23 20:47 - 2014-04-23 20:47 - 209760671 _____ () C:\Users\Snippah#\Desktop\ponymods_001.vpk
2014-04-23 20:47 - 2014-04-23 20:47 - 00098805 _____ () C:\Users\Snippah#\Desktop\ponymods_dir.vpk
2014-04-23 20:47 - 2014-04-23 20:46 - 211025205 _____ () C:\Users\Snippah#\Desktop\ponymods_000.vpk
2014-04-22 02:25 - 2014-04-22 02:00 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Wondershare
2014-04-22 02:08 - 2014-04-22 02:06 - 00009396 _____ () C:\Users\Snippah#\Desktop\requiem for a dream - Lux Aeterna.mid

Files to move or delete:
====================
C:\Users\Snippah#\AppData\Roaming\CamLayout.ini
C:\Users\Snippah#\AppData\Roaming\CamShapes.ini
C:\ProgramData\yiasfxw.dat
C:\Users\Snippah#\LZMA.dll
C:\Users\Snippah#\start.bat
C:\Users\Snippah#\VSIF2VCD.exe


Some content of TEMP:
====================
C:\Users\Snippah#\AppData\Local\Temp\avgnt.exe
C:\Users\Snippah#\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkjlt8f.dll
C:\Users\Snippah#\AppData\Local\Temp\ICReinstall_JDSetup130440382259325981.exe
C:\Users\Snippah#\AppData\Local\Temp\ntdll_dump.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-20 19:24

==================== End Of Log ============================

--- --- ---

Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2014
Ran by Snippah# at 2014-05-22 16:53:32
Running from C:\Users\Snippah#\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

802.11g USB 2.0 WLAN Adapter (HKLM-x32\...\InstallShield_{522014A5-9611-46E6-B04D-AB7891CFDA7F}) (Version: 1.00.4323 - WLAN Technology Corporation)
802.11g USB 2.0 WLAN Adapter (x32 Version: 1.00.4323 - WLAN Technology Corporation) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Alliance of Valiant Arms (HKLM-x32\...\Steam App 102700) (Version:  - RED DUCK Inc.)
AMD APP SDK Runtime (Version: 2.5.709.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2011.0728.1756.30366 - Ihr Firmenname) Hidden
Anvil Studio (HKLM-x32\...\{72D2241D-975D-4D5F-90A3-7D1390AF6F0A}) (Version: 14.04.04 - Willow Software)
Apache Tomcat 8.0.3 (HKLM\...\nbi-tomcat-8.0.3.0.0) (Version:  - )
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Archeblade (HKLM-x32\...\Steam App 207230) (Version:  - CodeBrush Games)
Arduino (HKLM-x32\...\Arduino) (Version: 1.0.5-r2 - Arduino LLC)
ASRock XFast RAM v2.0.28 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira (HKLM-x32\...\{70a79d1f-686d-4d5c-962b-07aa1294eae0}) (Version: 1.1.12.20002 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{c13d72f9-bcdd-4c16-a942-7373a528171e}) (Version: 1.0.5218.31571 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.12.20002 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Blender (HKLM\...\Blender) (Version: 2.70 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center (x32 Version: 2011.0728.1756.30366 - Ihr Firmenname) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0728.1756.30366 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0728.1756.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.0728.1756.30366 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.33 - Dropbox, Inc.)
DVS Video Downloader Addon for Google Chrome version 1.3.0.0 (HKLM-x32\...\DVS Video Downloader Addon for Google Chrome_is1) (Version: 1.3.0.0 - DVDVideoSoft Ltd.)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
Estranged: Act I (HKLM-x32\...\Steam App 261820) (Version:  - Alan Edwardes)
Fallen Earth (HKLM-x32\...\Steam App 113420) (Version:  - Reloaded Productions)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FormatFactory 3.3.2.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.2.0 - Format Factory)
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.2.16.327 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.35.514 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.35.514 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.35.514 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.35.514 - DVDVideoSoft Ltd.)
Gameiki Mod Installer (HKCU\...\Gameiki) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GCFScape 1.8.5 (HKLM\...\GCFScape_is1) (Version:  - Ryan Gregg)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GlassFish Server Open Source Edition 4.0 (HKLM\...\nbi-glassfish-mod-4.0.0.89.0) (Version:  - )
Half-Life 2 Riot Act 1.0 (HKLM-x32\...\Half-Life 2 Riot Act) (Version: 1.0 - Germano Guerrini)
Half-Life Dedicated Server Update Tool (HKLM-x32\...\Half-Life Dedicated Server Update Tool) (Version:  - )
iFunbox (v2.7.2386.747), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.7.2386.747 - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
MAGIX Movie Edit Pro 2014 Premium (HKLM-x32\...\MX.{72510287-CB56-494C-A719-683B051F76EC}) (Version: 13.0.0.30 - MAGIX AG)
MAGIX Movie Edit Pro 2014 Premium (Version: 13.0.0.30 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{0D951CBB-743C-4A68-8C85-97D89A61D7CD}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Multi Unpacker 1.0 (HKLM-x32\...\Multi Unpacker) (Version: 1.0 - Tomas Varaneckas)
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.1 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0.2 r2161 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
SWFPlayer 2.6.2.0 (HKLM-x32\...\SWFPlayer_is1) (Version: 2.6.2.0 - Michael Faust, Alpha Interactive)
Tactical Intervention (HKLM-x32\...\Steam App 51100) (Version:  - FIX Games)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VTFEdit 1.2.5 (HKLM-x32\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Windows 7 Codec Pack 4.0.8 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.8 - Windows 7 Codec Pack)
WinRAR 5.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn)

==================== Restore Points  =========================

21-05-2014 21:21:17 Removed 7-Zip 9.20 (x64 edition)

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {97AA5B37-9A17-4E60-AF6E-05FA339E3233} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {AE040821-AE1C-4918-95FC-D262E5DC8CAB} - System32\Tasks\asrRd => C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe [2012-10-25] (ASRock)
Task: {B6CA1662-C332-4A61-9ADD-6EB1E90E0BC6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-17] (Adobe Systems Incorporated)
Task: {DDD6662D-A71E-4F1F-AA3A-BA78E67AE915} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-04-13 15:07 - 2014-03-04 15:05 - 00116056 _____ () E:\PROGRAMS\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-07-28 18:44 - 2011-07-28 18:44 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2011-06-24 07:30 - 2011-06-24 07:30 - 00622080 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2011-06-24 07:30 - 2011-06-24 07:30 - 03641344 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-06-05 02:49 - 2013-06-05 02:49 - 00699392 _____ () C:\Windows\SysWOW64\C2MP\TrayMenu.exe
2013-08-29 21:36 - 2013-08-29 21:36 - 00048200 _____ () C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
2013-10-29 22:45 - 2013-10-29 22:45 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2013-10-29 22:45 - 2013-10-29 22:45 - 00798392 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-02-23 22:34 - 2014-02-23 22:34 - 00358912 _____ () E:\PROGRAMS\Gameiki\Gameiki Mod Installer\Gameiki Mod Installer.exe
2011-07-28 18:44 - 2011-07-28 18:44 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 02134528 _____ () C:\Users\Snippah#\Desktop\Tor Browser\Tor\tor.exe
2014-02-27 17:35 - 2014-05-16 06:01 - 00598072 _____ () C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-04-11 15:17 - 2014-02-25 11:41 - 00394808 _____ () E:\PROGRAMS\Avira\AntiVir Desktop\sqlite3.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-27 17:35 - 2014-05-16 06:01 - 36966968 _____ () C:\Users\Snippah#\AppData\Roaming\Spotify\Data\libcef.dll
2014-05-21 19:40 - 2014-04-30 02:08 - 01135104 _____ () E:\Steam\libavcodec-55.dll
2014-04-22 23:14 - 2014-04-30 02:08 - 00471552 _____ () E:\Steam\libavutil-53.dll
2014-05-21 19:40 - 2014-04-30 02:08 - 00404992 _____ () E:\Steam\libavformat-55.dll
2014-03-18 22:44 - 2014-04-30 02:08 - 00340992 _____ () E:\Steam\libavresample-1.dll
2014-03-18 22:44 - 2014-05-17 03:36 - 00756224 _____ () E:\Steam\SDL2.dll
2014-05-21 19:40 - 2014-04-29 02:37 - 02198720 _____ () E:\Steam\video.dll
2014-05-21 19:40 - 2014-04-29 02:37 - 00519168 _____ () E:\Steam\libswscale-2.dll
2014-03-18 22:46 - 2014-05-21 19:39 - 01145536 _____ () E:\Steam\bin\chromehtml.DLL
2014-03-18 22:47 - 2014-05-02 01:35 - 20628160 _____ () E:\Steam\bin\libcef.dll
2014-03-18 22:46 - 2013-06-15 01:49 - 01100800 _____ () E:\Steam\bin\avcodec-53.dll
2014-03-18 22:46 - 2013-06-15 01:49 - 00124416 _____ () E:\Steam\bin\avutil-51.dll
2014-03-18 22:46 - 2013-06-15 01:49 - 00192000 _____ () E:\Steam\bin\avformat-53.dll
2014-05-22 16:35 - 2014-05-22 16:35 - 00041984 _____ () c:\users\snippah#\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkjlt8f.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Snippah#\AppData\Roaming\Dropbox\bin\libcef.dll
2014-02-28 00:26 - 2014-05-05 10:37 - 00049744 _____ () C:\Users\Snippah#\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 04535310 _____ () C:\Users\Snippah#\Desktop\Tor Browser\Browser\mozjs.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00505859 _____ () C:\Users\Snippah#\Desktop\Tor Browser\Tor\libevent-2-0-5.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00090112 _____ () C:\Users\Snippah#\Desktop\Tor Browser\Tor\zlib1.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00104451 _____ () C:\Users\Snippah#\Desktop\Tor Browser\Tor\libssp-0.dll
2014-04-06 20:40 - 2014-03-15 10:40 - 03642480 _____ () E:\PROGRAMS\Mozilla Firefox\mozjs.dll
2014-02-27 17:35 - 2014-05-16 06:01 - 00886840 _____ () C:\Users\Snippah#\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-02-27 17:35 - 2014-05-16 06:01 - 00108600 _____ () C:\Users\Snippah#\AppData\Roaming\Spotify\Data\libegl.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: AODDriver4.2.0
Description: AODDriver4.2.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AODDriver4.2.0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/22/2014 04:35:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/22/2014 04:34:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (05/22/2014 04:33:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "cFosSpeed System Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%216

Error: (05/22/2014 04:33:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-05-22 16:33:40.884
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tortilla.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-22 16:33:40.869
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tortilla.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-21 23:15:26.365
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tortilla.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-21 23:15:26.365
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tortilla.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-21 19:38:39.477
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tortilla.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-21 19:38:39.477
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tortilla.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-20 15:24:28.944
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tortilla.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-20 15:24:28.944
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tortilla.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-19 15:31:18.508
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tortilla.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-19 15:31:18.508
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tortilla.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 31%
Total physical RAM: 8175.24 MB
Available physical RAM: 5613.66 MB
Total Pagefile: 16348.68 MB
Available Pagefile: 13223.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:58.59 GB) (Free:11.18 GB) NTFS
Drive d: (MeeM) (Fixed) (Total:149.05 GB) (Free:70.25 GB) NTFS
Drive e: (Proggz) (Fixed) (Total:872.92 GB) (Free:557.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (WLAN Installer) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS
Drive g: () (Fixed) (Total:31.5 GB) (Free:31.41 GB) NTFS
Drive h: (ASR_RAM) (Fixed) (Total:0.25 GB) (Free:0.25 GB) FAT
Drive i: (MEDIA) (Removable) (Total:7.39 GB) (Free:3.29 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 256 MB) (Disk ID: 6A2E17E3)
Partition 1: (Active) - (Size=256 MB) - (Type=06)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 16370F62)
Partition 1: (Active) - (Size=873 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=59 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 000245BF)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 31 GB) (Disk ID: 66205247)
No partition Table on disk 3.

========================================================
Disk: 4 (Size: 7 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber · 23.05.2014, 16:04

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

helpmenao · 24.05.2014, 10:03

Code:

ATTFilter

ComboFix 14-05-19.01 - Snippah# 24.05.2014  10:43:43.1.6 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.8175.5396 [GMT 2:00]
ausgeführt von:: c:\users\Snippah#\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Snippah#\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Snippah#\LZMA.dll
c:\users\Snippah#\VSIF2VCD.exe
c:\windows\SysWOW64\C2MP\TrayMenu.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-24 bis 2014-05-24  ))))))))))))))))))))))))))))))
.
.
2014-05-23 16:16 . 2014-05-23 16:16	--------	d-----w-	c:\users\Snippah#\AppData\Local\Bluestacks
2014-05-22 14:57 . 2014-05-22 14:57	--------	d-----w-	c:\users\Snippah#\AppData\Roaming\Nico Mak Computing
2014-05-22 14:57 . 2014-05-22 14:57	--------	d-----w-	c:\programdata\Nico Mak Computing
2014-05-22 14:57 . 2014-05-22 14:57	--------	d-----w-	e:\programs\WinZip Malware Protector
2014-05-22 14:57 . 2013-03-15 15:10	20480	----a-w-	c:\windows\system32\wsusnative64.exe
2014-05-21 21:02 . 2014-05-22 14:54	--------	d-----w-	C:\FRST
2014-05-21 20:55 . 2014-05-21 22:27	--------	d-----w-	c:\users\Snippah#\AppData\Local\CrashDumps
2014-05-20 13:38 . 2014-05-20 13:38	--------	d-----w-	e:\programs\Tor Browser
2014-05-14 19:12 . 2014-05-14 19:12	--------	d-----w-	e:\programs\LogMeIn Hamachi
2014-05-10 21:33 . 2014-05-10 21:33	--------	d-----w-	c:\users\Snippah#\AppData\Local\Unity
2014-05-10 16:53 . 2014-05-10 16:53	--------	d-----w-	c:\users\Snippah#\Sources
2014-05-10 16:53 . 2014-05-10 16:51	57	----a-w-	c:\users\Snippah#\start.bat
2014-05-10 14:20 . 2014-05-10 14:20	--------	d-----w-	e:\programs\IrfanView
2014-05-08 22:40 . 2014-05-08 22:40	--------	d-----w-	c:\users\Snippah#\AppData\Local\Terraria_Launcher
2014-05-08 22:39 . 2014-05-08 22:39	--------	d-----w-	e:\programs\Gameiki
2014-05-08 15:59 . 2014-05-08 16:00	--------	d-----w-	e:\programs\JDownloader
2014-05-07 18:29 . 2014-05-07 18:29	--------	d-----w-	e:\programs\EasyBCD
2014-05-05 15:56 . 2014-05-05 15:56	--------	d-----w-	c:\programdata\InstallMate
2014-05-03 18:53 . 2010-08-30 06:34	536576	----a-w-	c:\windows\SysWow64\sqlite3.dll
2014-05-03 11:37 . 2014-05-19 17:25	--------	d-----w-	e:\programs\DVDVideoSoft
2014-05-03 11:36 . 2014-05-19 17:26	--------	d-----w-	c:\users\Snippah#\AppData\Roaming\DVDVideoSoft
2014-04-28 14:01 . 2014-05-12 14:16	--------	d-----w-	c:\programdata\Package Cache
2014-04-27 21:50 . 2012-08-21 11:01	33240	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2014-04-27 21:50 . 2014-04-27 21:50	--------	d-----w-	e:\programs\iPod
2014-04-27 21:50 . 2014-04-27 21:50	--------	d-----w-	e:\programs\iTunes
2014-04-27 21:50 . 2014-04-27 21:50	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-27 16:26 . 2014-04-27 16:26	--------	d-----w-	c:\users\Snippah#\AppData\Roaming\java
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-21 21:52 . 2014-03-31 20:01	119512	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-17 13:45 . 2014-02-27 22:25	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-17 13:45 . 2014-02-27 22:25	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-16 13:15 . 2014-04-16 13:15	111016	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-04-16 13:15 . 2014-04-16 13:15	313256	----a-w-	c:\windows\system32\javaws.exe
2014-04-16 13:15 . 2014-04-13 12:34	191400	----a-w-	c:\windows\system32\javaw.exe
2014-04-16 13:15 . 2014-04-13 12:34	190888	----a-w-	c:\windows\system32\java.exe
2014-04-16 12:55 . 2014-04-16 12:55	0	----a-w-	c:\windows\SysWow64\REN512E.tmp
2014-04-16 12:55 . 2014-04-16 12:55	0	----a-w-	c:\windows\SysWow64\REN512D.tmp
2014-04-14 18:13 . 2014-04-19 11:20	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-11 19:18 . 2014-04-11 19:19	84720	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2014-04-06 18:31 . 2014-04-06 18:31	14992	----a-w-	c:\windows\system32\drivers\tortilla.sys
2014-04-03 07:51 . 2014-03-31 20:00	63192	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-04-03 07:51 . 2014-03-31 20:00	88280	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-04-03 07:50 . 2014-03-31 20:00	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-04-01 19:03 . 2014-04-01 19:03	110080	----a-r-	c:\users\Snippah#\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconF7A21AF7.exe
2014-04-01 19:03 . 2014-04-01 19:03	110080	----a-r-	c:\users\Snippah#\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconD7F16134.exe
2014-04-01 19:03 . 2014-04-01 19:03	110080	----a-r-	c:\users\Snippah#\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\Icon1226A4C5.exe
2014-03-04 14:35 . 2014-04-13 13:02	9690424	----a-w-	c:\windows\SysWow64\nvopencl.dll
2014-03-04 14:35 . 2014-04-13 13:02	947808	----a-w-	c:\windows\system32\nvumdshimx.dll
2014-03-04 14:35 . 2014-04-13 13:02	832936	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2014-03-04 14:35 . 2014-04-13 13:02	18302384	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-03-04 14:35 . 2014-04-13 13:02	15783992	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2014-03-04 14:35 . 2014-04-13 13:02	11589272	----a-w-	c:\windows\system32\nvopencl.dll
2014-03-04 14:35 . 2014-04-13 13:02	9728064	----a-w-	c:\windows\SysWow64\nvcuda.dll
2014-03-04 14:35 . 2014-04-13 13:02	892704	----a-w-	c:\windows\system32\NvIFR64.dll
2014-03-04 14:35 . 2014-04-13 13:02	877856	----a-w-	c:\windows\system32\NvFBC64.dll
2014-03-04 14:35 . 2014-04-13 13:02	863064	----a-w-	c:\windows\SysWow64\NvIFR.dll
2014-03-04 14:35 . 2014-04-13 13:02	846168	----a-w-	c:\windows\SysWow64\NvFBC.dll
2014-03-04 14:35 . 2014-04-13 13:02	353504	----a-w-	c:\windows\system32\nvoglshim64.dll
2014-03-04 14:35 . 2014-04-13 13:02	31474976	----a-w-	c:\windows\system32\nvoglv64.dll
2014-03-04 14:35 . 2014-04-13 13:02	3143456	----a-w-	c:\windows\system32\nvcuvid.dll
2014-03-04 14:35 . 2014-04-13 13:02	305600	----a-w-	c:\windows\SysWow64\nvoglshim32.dll
2014-03-04 14:35 . 2014-04-13 13:02	2958792	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2014-03-04 14:35 . 2014-04-13 13:02	2783008	----a-w-	c:\windows\system32\nvcuvenc.dll
2014-03-04 14:35 . 2014-04-13 13:02	2411976	----a-w-	c:\windows\SysWow64\nvcuvenc.dll
2014-03-04 14:35 . 2014-04-13 13:02	23716640	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2014-03-04 14:35 . 2014-04-13 13:02	1885472	----a-w-	c:\windows\system32\nvdispco6433523.dll
2014-03-04 14:35 . 2014-04-13 13:02	17755424	----a-w-	c:\windows\system32\nvd3dumx.dll
2014-03-04 14:35 . 2014-04-13 13:02	174296	----a-w-	c:\windows\system32\nvinitx.dll
2014-03-04 14:35 . 2014-04-13 13:02	1516488	----a-w-	c:\windows\system32\nvdispgenco6433523.dll
2014-03-04 14:35 . 2014-04-13 13:02	148016	----a-w-	c:\windows\SysWow64\nvinit.dll
2014-03-04 14:35 . 2014-04-13 13:02	14709720	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-03-04 14:35 . 2014-04-13 13:02	12708128	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2014-03-04 14:35 . 2014-04-13 13:02	11636176	----a-w-	c:\windows\system32\nvcuda.dll
2014-03-04 14:35 . 2014-04-13 13:02	3093280	----a-w-	c:\windows\system32\nvapi64.dll
2014-03-04 14:35 . 2014-04-13 13:02	2715264	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-03-04 14:35 . 2014-04-13 13:02	25255256	----a-w-	c:\windows\system32\nvcompiler.dll
2014-03-04 14:35 . 2014-04-13 13:02	17561544	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2014-03-04 13:06 . 2014-04-13 13:07	6714312	----a-w-	c:\windows\system32\nvcpl.dll
2014-03-04 13:06 . 2014-04-13 13:07	3497816	----a-w-	c:\windows\system32\nvsvc64.dll
2014-03-04 13:05 . 2014-04-13 13:07	922968	----a-w-	c:\windows\system32\nvvsvc.exe
2014-03-04 13:05 . 2014-04-13 13:07	64968	----a-w-	c:\windows\system32\nvshext.dll
2014-03-04 13:05 . 2014-04-13 13:07	2558808	----a-w-	c:\windows\system32\nvsvcr.dll
2014-03-04 13:05 . 2014-04-13 13:07	386336	----a-w-	c:\windows\system32\nvmctray.dll
2014-03-04 13:05 . 2014-04-13 13:07	3649185	----a-w-	c:\windows\system32\nvcoproc.bin
2014-03-04 11:32 . 2014-04-13 13:08	599840	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2014-02-25 09:41 . 2014-04-11 13:17	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2014-02-25 09:41 . 2014-04-11 13:17	131576	----a-w-	c:\windows\system32\drivers\avipbb.sys
2014-02-25 09:41 . 2014-04-11 13:17	108440	----a-w-	c:\windows\system32\drivers\avgntflt.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2014-05-14 15:35	297128	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Snippah#\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Snippah#\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Snippah#\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ckzeom"="0" [X]
"yiasfxw"="0" [X]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"Steam"="e:\steam\steam.exe" [2014-05-21 1775808]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"avgnt"="e:\programs\Avira\AntiVir Desktop\avgnt.exe" [2014-02-25 689744]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-12 43848]
"QuickTime Task"="e:\programs\QuickTime\QTTask.exe" [2014-01-17 421888]
"Wondershare Helper Compact.exe"="e:\programs\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2012-02-28 1679360]
"iTunesHelper"="e:\programs\iTunes\iTunesHelper.exe" [2014-02-21 152392]
"Gameiki"="e:\programs\Gameiki\Gameiki Mod Installer\Gameiki Mod Installer.exe" [2014-02-23 358912]
"Avira Systray"="e:\programs\Avira\My Avira\Avira.OE.Systray.exe" [2014-05-05 182352]
"LogMeIn Hamachi Ui"="e:\programs\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-05-13 3814736]
.
c:\users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Snippah#\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-8 32668056]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2013-10-29 36536]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CodecPackUpdateChecker.lnk - c:\windows\SysWOW64\C2MP\UpdateChecker.exe [2013-8-29 48200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
2;2 NvNetworkService;NVIDIA Network Service;e:\programs\\NVIDIA Corporation\NetService\NvNetworkService.exe;e:\programs\\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R2 AODDriver4.2.0;AODDriver4.2.0;e:\ati technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;e:\ati technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 RTCore64;RTCore64;e:\programs\MSI Afterburner\RTCore64.sys;e:\programs\MSI Afterburner\RTCore64.sys [x]
R3 teVirtualMIDI64;teVirtualMIDI - Virtual MIDI Driver x64;c:\windows\system32\DRIVERS\teVirtualMIDI64.sys;c:\windows\SYSNATIVE\DRIVERS\teVirtualMIDI64.sys [x]
R3 Tortilla;Tortilla Driver;c:\windows\system32\DRIVERS\tortilla.sys;c:\windows\SYSNATIVE\DRIVERS\tortilla.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WsAudioDevice_383S(1);WsAudioDevice_383S(1);c:\windows\system32\drivers\WsAudioDevice_383S(1).sys;c:\windows\SYSNATIVE\drivers\WsAudioDevice_383S(1).sys [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
R3 ZD1211BU(WLAN);802.11g USB 2.0 Wireless LAN Driver (USB)(WLAN);c:\windows\system32\DRIVERS\zd1211Bu.sys;c:\windows\SYSNATIVE\DRIVERS\zd1211Bu.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 AsrRamDisk;AsrRamDisk;c:\windows\system32\DRIVERS\AsrRamDisk.sys;c:\windows\SYSNATIVE\DRIVERS\AsrRamDisk.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AntiVirSchedulerService;Avira Planer;e:\programs\Avira\AntiVir Desktop\sched.exe;e:\programs\Avira\AntiVir Desktop\sched.exe [x]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Avira.OE.ServiceHost;Avira Service Host;e:\programs\Avira\My Avira\Avira.OE.ServiceHost.exe;e:\programs\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;e:\programs\LogMeIn Hamachi\hamachi-2.exe;e:\programs\LogMeIn Hamachi\hamachi-2.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;e:\programs\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;e:\programs\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;e:\programs\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;e:\programs\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;e:\teamviewer\TeamViewer_Service.exe;e:\teamviewer\TeamViewer_Service.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 ArdDrv;ArdDrv;c:\windows\SysWOW64\Drivers\ArdDrv.sys;c:\windows\SysWOW64\Drivers\ArdDrv.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - ARDDRV
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-22 15:09	1091912	----a-w-	e:\programs\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-27 13:45]
.
2014-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- e:\programs\Google\Update\GoogleUpdate.exe [2014-04-01 18:55]
.
2014-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- e:\programs\Google\Update\GoogleUpdate.exe [2014-04-01 18:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2014-04-22 15:17	357432	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Snippah#\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Snippah#\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Snippah#\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Snippah#\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"XFast LAN"="e:\xfast lan\cFosSpeed.exe" [2011-10-19 1441152]
"NvBackend"="e:\programs\\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.de
mDefault_Page_URL = hxxp://www.google.de
mStart Page = hxxp://www.google.de
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.de
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
FF - ProfilePath - c:\users\Snippah#\AppData\Roaming\Mozilla\Firefox\Profiles\wwxr4ze2.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-GoogleDriveSync - c:\program files (x86)\Google\Drive\googledrivesync.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk - c:\windows\SysWOW64\C2MP\TrayMenu.exe
AddRemove-DVS Video Downloader Addon for Google Chrome_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\unins000.exe/SILENT
AddRemove-Half-Life 2 Riot Act - e:\steam\SteamApps\sourcemods\half-life 2 riot act\uninst.exe
AddRemove-Half-Life Dedicated Server Update Tool - e:\programs\\Valve\HLServer\UNWISE.EXE
AddRemove-iFunbox_is1 - c:\program files (x86)\i-Funbox DevTeam\unins000.exe
AddRemove-InstallShield_{522014A5-9611-46E6-B04D-AB7891CFDA7F} - c:\program files (x86)\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe
AddRemove-LAME_is1 - c:\program files (x86)\Lame For Audacity\unins000.exe
AddRemove-MAGIX_{0D951CBB-743C-4A68-8C85-97D89A61D7CD} - c:\program files (x86)\Common Files\MAGIX Services\Uninstall\{0D951CBB-743C-4A68-8C85-97D89A61D7CD}\Speed3_burnR_mxcdr_de-DE_setup.exe
AddRemove-MX.{72510287-CB56-494C-A719-683B051F76EC} - c:\program files (x86)\Common Files\MAGIX Services\Uninstall\{72510287-CB56-494C-A719-683B051F76EC}\Movie_Edit_Pro_2014_Premium_en-II_setup.exe
AddRemove-{8833FFB6-5B0C-4764-81AA-06DFEED9A476} - c:\program files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\SETUP.EXE
AddRemove-{c13d72f9-bcdd-4c16-a942-7373a528171e} - c:\programdata\Package Cache\{c13d72f9-bcdd-4c16-a942-7373a528171e}\Avira.OE.Setup.Bundle.En-us.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\ASRock Utility\XFast RAM\asrRd.exe
e:\programs\WinZip Malware Protector\WinZipMalwareProtector.exe
e:\programs\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
e:\programs\NVIDIA Corporation\NetService\NvNetworkService.exe
e:\programs\NVIDIA Corporation\Update Core\NvBackend.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-05-24  10:59:56 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-05-24 08:59
.
Vor Suchlauf: 11 Verzeichnis(se), 11.877.986.304 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 11.990.605.824 Bytes frei
.
- - End Of File - - 40636DEC341385173D0BE400330CB320
5FB38429D5D77768867C76DCBDB35194

schrauber · 25.05.2014, 06:34

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

helpmenao · 25.05.2014, 14:33

mbam:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 25.05.2014
Suchlauf-Zeit: 14:21:55
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.05.25.02
Rootkit Datenbank: v2014.05.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Snippah#

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 289829
Verstrichene Zeit: 14 Min, 18 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 18
Trojan.Agent, e:\programs\\rhv\ati, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\images, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\reports, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\akv\ati, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\images, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\reports, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\arh\ati, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\images, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\reports, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 

Dateien: 294
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\atdcm64a.sys, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\atilog.dll, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\atimanifestdlmext.dll, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\atisetup.exe, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\compressiondlmext.dll, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\crcverdlmext.dll, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\detectionmanager.dll, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\difxapi.dll, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\dlmcom.dll, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\encryptiondlmext.dll, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\installmanager.dll, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\installmanagerapp.exe, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\languagemgr.dll, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\mfc110u.dll, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\microsoft.vc80.mfc.manifest, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\msvcp110.dll, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\msvcr110.dll, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\packagemanager.dll, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\readme.rtf, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\setacl64.exe, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\setacl64.exe.manifest, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\setup.exe, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\xerces-c_2_6.dll, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\zlibwapi.dll, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensecsy.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetenu.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\atiicdxx.msi, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\chipset.msi, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\dlmserver.cfg, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\eulachs.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\euladeu.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\eulaenu.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\installmanager.cfg, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\language.dat, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensechs.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensecht.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensedan.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensedeu.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licenseenu.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licenseesp.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensefin.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensefra.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licenseita.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensejpn.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensekor.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensenld.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensenor.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licenseplk.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licenseptb.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensesve.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensetha.txt, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\mmtablerev0.msi, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\mmtablerev1.msi, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\mmtablerev2.msi, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monet.ini, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetchs.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetcht.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetcsy.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetdan.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetdeu.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetesp.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetfin.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetfra.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetgrk.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monethng.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetita.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetjpn.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetkor.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetnld.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetnor.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetplk.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetptb.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetrsa.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetsve.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monettha.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monettrk.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\oem.dat, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\os.dat, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\osmajorminor.dat, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\osservicepacks.dat, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\packagesubtype.dat, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\packagetype.dat, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\security.dat, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\splash.bmp, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\tvtablerev1.msi, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\tvw_usb_id.msi, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\images\a.jpg, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\images\b.jpg, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\images\c.jpg, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\images\d.jpg, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\images\e.jpg, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\images\f.jpg, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\reports\report.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\reports\report.xml.2014_03_10_14.27.56.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\reports\report.xml.2014_03_10_14.27.59.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\reports\report.xml.2014_03_17_21.18.03.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\reports\report.xml.2014_03_17_21.21.42.xml, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\rhv\ati\cim\reports\report.xml.xsl, In Quarantäne, [3d59c293bbc038fe5e40da9b3ec4659b], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\atdcm64a.sys, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\atilog.dll, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\atimanifestdlmext.dll, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\atisetup.exe, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\compressiondlmext.dll, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\crcverdlmext.dll, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\detectionmanager.dll, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\difxapi.dll, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\dlmcom.dll, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\encryptiondlmext.dll, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\installmanager.dll, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\installmanagerapp.exe, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\languagemgr.dll, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\mfc110u.dll, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\microsoft.vc80.mfc.manifest, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\msvcp110.dll, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\msvcr110.dll, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\packagemanager.dll, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\readme.rtf, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\setacl64.exe, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\setacl64.exe.manifest, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\setup.exe, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\xerces-c_2_6.dll, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\zlibwapi.dll, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensecsy.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetenu.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\atiicdxx.msi, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\chipset.msi, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\dlmserver.cfg, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\eulachs.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\euladeu.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\eulaenu.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\installmanager.cfg, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\language.dat, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensechs.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensecht.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensedan.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensedeu.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licenseenu.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licenseesp.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensefin.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensefra.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licenseita.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensejpn.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensekor.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensenld.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensenor.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licenseplk.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licenseptb.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensesve.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensetha.txt, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\mmtablerev0.msi, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\mmtablerev1.msi, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\mmtablerev2.msi, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monet.ini, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetchs.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetcht.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetcsy.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetdan.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetdeu.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetesp.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetfin.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetfra.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetgrk.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monethng.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetita.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetjpn.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetkor.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetnld.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetnor.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetplk.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetptb.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetrsa.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetsve.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monettha.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monettrk.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\oem.dat, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\os.dat, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\osmajorminor.dat, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\osservicepacks.dat, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\packagesubtype.dat, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\packagetype.dat, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\security.dat, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\splash.bmp, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\tvtablerev1.msi, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\tvw_usb_id.msi, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\images\a.jpg, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\images\b.jpg, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\images\c.jpg, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\images\d.jpg, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\images\e.jpg, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\images\f.jpg, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\reports\report.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\reports\report.xml.2014_03_10_14.27.56.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\reports\report.xml.2014_03_10_14.27.59.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\reports\report.xml.2014_03_17_21.18.03.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\reports\report.xml.2014_03_17_21.21.42.xml, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\akv\ati\cim\reports\report.xml.xsl, In Quarantäne, [c1d560f53645a78f049b5d1834ceb050], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\atdcm64a.sys, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\atilog.dll, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\atimanifestdlmext.dll, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\atisetup.exe, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\compressiondlmext.dll, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\crcverdlmext.dll, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\detectionmanager.dll, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\difxapi.dll, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\dlmcom.dll, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\encryptiondlmext.dll, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\installmanager.dll, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\installmanagerapp.exe, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\languagemgr.dll, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\mfc110u.dll, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\microsoft.vc80.mfc.manifest, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\msvcp110.dll, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\msvcr110.dll, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\packagemanager.dll, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\readme.rtf, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\setacl64.exe, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\setacl64.exe.manifest, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\setup.exe, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\xerces-c_2_6.dll, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\zlibwapi.dll, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensecsy.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetenu.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\atiicdxx.msi, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\chipset.msi, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\dlmserver.cfg, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\eulachs.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\euladeu.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\eulaenu.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\installmanager.cfg, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\language.dat, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensechs.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensecht.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensedan.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensedeu.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licenseenu.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licenseesp.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensefin.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensefra.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licenseita.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensejpn.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensekor.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensenld.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensenor.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licenseplk.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licenseptb.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensesve.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensetha.txt, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\mmtablerev0.msi, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\mmtablerev1.msi, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\mmtablerev2.msi, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monet.ini, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetchs.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetcht.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetcsy.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetdan.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetdeu.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetesp.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetfin.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetfra.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetgrk.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monethng.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetita.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetjpn.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetkor.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetnld.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetnor.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetplk.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetptb.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetrsa.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetsve.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monettha.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monettrk.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\oem.dat, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\os.dat, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\osmajorminor.dat, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\osservicepacks.dat, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\packagesubtype.dat, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\packagetype.dat, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\security.dat, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\splash.bmp, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\tvtablerev1.msi, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\tvw_usb_id.msi, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\images\a.jpg, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\images\b.jpg, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\images\c.jpg, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\images\d.jpg, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\images\e.jpg, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\images\f.jpg, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\reports\report.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\reports\report.xml.2014_03_10_14.27.56.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\reports\report.xml.2014_03_10_14.27.59.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\reports\report.xml.2014_03_17_21.18.03.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\reports\report.xml.2014_03_17_21.21.42.xml, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 
Trojan.Agent, e:\programs\\arh\ati\cim\reports\report.xml.xsl, In Quarantäne, [97ffe66f611a1323703098dd857dd030], 

Physische Sektoren: 0
(No malicious items detected)


(end)

AdwCleaner:

Code:

ATTFilter

# AdwCleaner v3.210 - Bericht erstellt am 25/05/2014 um 15:07:28
# Aktualisiert 19/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Snippah# - SNIPPAH-PC
# Gestartet von : C:\Users\Snippah#\Downloads\adwcleaner_3.210.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage
Datei Gelöscht : C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wpm_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wpm_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Browser ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Snippah#\AppData\Roaming\Mozilla\Firefox\Profiles\wwxr4ze2.default\prefs.js ]


-\\ Google Chrome v35.0.1916.114

[ Datei : C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
Gelöscht [Extension] : mkcedibhemacmilmkpndpkoidlnmgngg

*************************

AdwCleaner[R0].txt - [2457 octets] - [25/05/2014 15:05:06]
AdwCleaner[S0].txt - [2393 octets] - [25/05/2014 15:07:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2453 octets] ##########

JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Snippah# on 25.05.2014 at 15:12:54,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.05.2014 at 15:28:03,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 01
Ran by Snippah# (administrator) on SNIPPAH-PC on 25-05-2014 15:28:57
Running from C:\Users\Snippah#\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMS\Avira\AntiVir Desktop\sched.exe
(ASRock) C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe
(Nico Mak Computing) E:\PROGRAMS\WinZip Malware Protector\WinZipMalwareProtector.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Spotify Ltd) C:\Users\Snippah#\AppData\Roaming\Spotify\spotify.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMS\Avira\AntiVir Desktop\avguard.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Valve Corporation) E:\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\NetService\NvNetworkService.exe
(Dropbox, Inc.) C:\Users\Snippah#\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\Update Core\NvBackend.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMS\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) E:\PROGRAMS\iTunes\iTunesHelper.exe
() E:\PROGRAMS\Gameiki\Gameiki Mod Installer\Gameiki Mod Installer.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMS\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMS\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMS\Avira\AntiVir Desktop\avshadow.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
(Apple Inc.) E:\PROGRAMS\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) E:\PROGRAMS\Windows Media Player\wmpnetwk.exe
() C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [XFast LAN] => E:\Xfast lan\cFosSpeed.exe [1441152 2011-10-19] ()
HKLM\...\Run: [NvBackend] => E:\PROGRAMS\\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => E:\PROGRAMS\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => E:\PROGRAMS\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => E:\PROGRAMS\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1679360 2012-02-28] (Wondershare)
HKLM-x32\...\Run: [iTunesHelper] => E:\PROGRAMS\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [Gameiki] => E:\PROGRAMS\Gameiki\Gameiki Mod Installer\Gameiki Mod Installer.exe [358912 2014-02-23] ()
HKLM-x32\...\Run: [Avira Systray] => E:\PROGRAMS\Avira\My Avira\Avira.OE.Systray.exe [182352 2014-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => E:\PROGRAMS\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [Spotify] => C:\Users\Snippah#\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [Spotify Web Helper] => C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [Steam] => E:\Steam\steam.exe [1775808 2014-05-21] (Valve Corporation)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [ckzeom] => 0
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [yiasfxw] => 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
Startup: C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Snippah#\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.de
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-flv
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\PROGRAMS\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\PROGRAMS\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\PROGRAMS\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\PROGRAMS\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Users\Snippah#\AppData\Local\Microsoft\Windows Sidebar\Gadgets\skypegadget1.4.gadget\wrapper\Skype4COM.dll No File

FireFox:
========
FF ProfilePath: C:\Users\Snippah#\AppData\Roaming\Mozilla\Firefox\Profiles\wwxr4ze2.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - E:\PROGRAMS\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - E:\PROGRAMS\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\PROGRAMS\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - E:\PROGRAMS\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - E:\PROGRAMS\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - E:\PROGRAMS\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - E:\PROGRAMS\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - E:\PROGRAMS\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - E:\PROGRAMS\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - E:\PROGRAMS\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Snippah#\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF StartMenuInternet: FIREFOX.EXE - E:\PROGRAMS\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "https://www.google.de/", "hxxp://www.google.de/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - E:\PROGRAMS\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - E:\PROGRAMS\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - E:\PROGRAMS\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Free Studio) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_0\np_dvs_plugin.dll (DVDVideoSoft Ltd.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll No File
CHR Plugin: (Google Update) - E:\PROGRAMS\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.550.14) - E:\PROGRAMS\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U55) - E:\PROGRAMS\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - E:\PROGRAMS\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - E:\PROGRAMS\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - E:\PROGRAMS\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - E:\PROGRAMS\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Extension: (ProxFlow) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-05-10]
CHR Extension: (Bookmarks) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\adgbnjhpkfmgbidgbhdllmehfihlpoda [2014-04-12]
CHR Extension: (Google Docs) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-31]
CHR Extension: (Google Drive) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-27]
CHR Extension: (YouTube) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-27]
CHR Extension: (Adblock Plus) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-12]
CHR Extension: (Google-Suche) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-27]
CHR Extension: (Avira Browser Safety) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-04-12]
CHR Extension: (AdBlock) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-12]
CHR Extension: (Dropbox) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-04-12]
CHR Extension: (FVD Downloader) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-04-12]
CHR Extension: (DVDVideoSoft) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2014-05-03]
CHR Extension: (Google Wallet) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-27]
CHR Extension: (ProxPrice) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2014-05-14]
CHR Extension: (Google Mail) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-27]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-05-03]
CHR StartMenuInternet: Google Chrome - E:\PROGRAMS\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-07-28] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; E:\PROGRAMS\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; E:\PROGRAMS\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; E:\PROGRAMS\Avira\My Avira\Avira.OE.ServiceHost.exe [124496 2014-05-05] (Avira Operations GmbH & Co. KG)
S2 cFosSpeedS; E:\Xfast lan\spd.exe [395136 2011-10-19] ()
S2 gupdate; E:\PROGRAMS\Google\Update\GoogleUpdate.exe [116648 2014-04-01] (Google Inc.)
S3 gupdatem; E:\PROGRAMS\Google\Update\GoogleUpdate.exe [116648 2014-04-01] (Google Inc.)
S2 Hamachi2Svc; E:\PROGRAMS\LogMeIn Hamachi\hamachi-2.exe [2228048 2014-05-13] (LogMeIn Inc.)
R3 iPod Service; E:\PROGRAMS\iPod\bin\iPodService.exe [641352 2014-02-21] (Apple Inc.)
S3 MozillaMaintenance; E:\PROGRAMS\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-03-15] (Mozilla Foundation)
U2 NvNetworkService; E:\PROGRAMS\\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; E:\PROGRAMS\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 Stereo Service; E:\PROGRAMS\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [411936 2014-03-04] (NVIDIA Corporation)
S2 TeamViewer9; E:\Teamviewer\TeamViewer_Service.exe [4972864 2014-04-02] (TeamViewer GmbH)
S3 FirebirdServerMAGIXInstance; "C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe" [X]

==================== Drivers (Whitelisted) ====================

R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-25] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 RTCore64; E:\PROGRAMS\MSI Afterburner\RTCore64.sys [13368 2013-01-23] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 teVirtualMIDI64; C:\Windows\System32\DRIVERS\teVirtualMIDI64.sys [30208 2012-08-16] (Tobias Erichsen)
S3 Tortilla; C:\Windows\System32\DRIVERS\tortilla.sys [14992 2014-04-06] ()
S3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2013-05-30] (Wondershare)
S3 ZD1211BU(WLAN); C:\Windows\System32\DRIVERS\zd1211Bu.sys [493440 2005-10-28] (ZyDAS Technology Corporation)
S2 AODDriver4.2.0; \??\E:\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
R3 ArdDrv; \??\C:\Windows\SysWOW64\Drivers\ArdDrv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-25 15:28 - 2014-05-25 15:28 - 00000628 _____ () C:\Users\Snippah#\Desktop\JRT.txt
2014-05-25 15:28 - 2014-05-25 15:28 - 00000000 ____D () C:\Users\Snippah#\Downloads\FRST-OlderVersion
2014-05-25 15:12 - 2014-05-25 15:11 - 01016261 _____ (Thisisu) C:\Users\Snippah#\Desktop\JRT.exe
2014-05-25 15:11 - 2014-05-25 15:11 - 01016261 _____ (Thisisu) C:\Users\Snippah#\Downloads\JRT.exe
2014-05-25 15:11 - 2014-05-25 15:11 - 00002541 _____ () C:\Users\Snippah#\Desktop\AdwCleaner[S0].txt
2014-05-25 15:04 - 2014-05-25 15:07 - 00000000 ____D () C:\AdwCleaner
2014-05-25 15:04 - 2014-05-25 15:04 - 01326389 _____ () C:\Users\Snippah#\Downloads\adwcleaner_3.210.exe
2014-05-25 15:03 - 2014-05-25 15:03 - 00036560 _____ () C:\Users\Snippah#\Desktop\mbam.txt
2014-05-25 14:20 - 2014-05-25 14:20 - 00000889 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-25 14:20 - 2014-05-25 14:20 - 00000000 ____D () E:\PROGRAMS\ Malwarebytes Anti-Malware 
2014-05-25 14:20 - 2014-05-25 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-25 14:20 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-25 14:20 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-25 14:20 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-25 14:19 - 2014-05-25 14:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Snippah#\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-25 14:10 - 2014-05-25 15:08 - 00231134 _____ () C:\Windows\PFRO.log
2014-05-25 02:51 - 2014-05-25 02:51 - 00000799 _____ () C:\Users\Snippah#\Desktop\astudio2.exe - Verknüpfung.lnk
2014-05-25 01:00 - 2014-05-25 15:09 - 00000504 _____ () C:\Windows\setupact.log
2014-05-25 01:00 - 2014-05-25 01:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-24 22:08 - 2014-05-24 22:08 - 06098116 _____ () C:\Users\Snippah#\Downloads\paint.net.4.0.5226.41987.install.zip
2014-05-24 22:08 - 2014-05-24 22:08 - 00000000 ____D () C:\Users\Snippah#\Downloads\paint.net.4.0.5226.41987.install
2014-05-24 21:16 - 2014-05-24 21:16 - 00045579 _____ () C:\Users\Snippah#\Downloads\Beep_1sec.zip
2014-05-24 21:16 - 2014-05-24 21:16 - 00000000 ____D () C:\Users\Snippah#\Downloads\Beep_1sec
2014-05-24 20:15 - 2014-03-04 06:40 - 00000571 _____ () C:\Users\Snippah#\Desktop\VIDEOSEDITIEREN.lnk
2014-05-24 20:00 - 2013-08-26 04:10 - 186294276 _____ () C:\Users\Snippah#\Desktop\FILE0002.MOV
2014-05-24 10:59 - 2014-05-24 10:59 - 00028849 _____ () C:\ComboFix.txt
2014-05-24 10:41 - 2014-05-24 11:00 - 00000000 ____D () C:\Qoobox
2014-05-24 10:41 - 2014-05-24 10:58 - 00000000 ____D () C:\Windows\erdnt
2014-05-24 10:41 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-24 10:41 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-24 10:41 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-24 10:41 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-24 10:41 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-24 10:41 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-24 10:41 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-24 10:41 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-24 10:39 - 2014-05-24 10:39 - 05200426 ____R (Swearware) C:\Users\Snippah#\Desktop\ComboFix.exe
2014-05-23 18:16 - 2014-05-23 18:16 - 12814576 _____ (BlueStack Systems Inc.) C:\Users\Snippah#\Downloads\BlueStacks-SplitInstaller_native.exe
2014-05-23 18:16 - 2014-05-23 18:16 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Bluestacks
2014-05-22 17:10 - 2014-05-22 17:10 - 00002008 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-22 17:10 - 2014-05-22 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-22 17:09 - 2014-05-25 15:14 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-22 17:09 - 2014-05-25 15:08 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-22 17:09 - 2014-05-22 17:09 - 00004088 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-22 17:09 - 2014-05-22 17:09 - 00003836 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-22 17:08 - 2014-05-22 17:08 - 39809104 _____ (Google Inc.) C:\Users\Snippah#\Downloads\ChromeStandaloneSetup_35.0.1916.114.exe
2014-05-22 16:58 - 2014-05-25 15:10 - 00003094 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-05-22 16:57 - 2014-05-22 16:57 - 00000942 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-05-22 16:57 - 2014-05-22 16:57 - 00000000 ____D () E:\PROGRAMS\WinZip Malware Protector
2014-05-22 16:57 - 2014-05-22 16:57 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Nico Mak Computing
2014-05-22 16:57 - 2014-05-22 16:57 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-05-22 16:57 - 2014-05-22 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-05-22 16:57 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-05-22 16:53 - 2014-05-22 16:54 - 00030717 _____ () C:\Users\Snippah#\Downloads\Addition.txt
2014-05-22 16:40 - 2014-05-25 15:28 - 00018948 _____ () C:\Users\Snippah#\Downloads\FRST.txt
2014-05-22 16:39 - 2014-05-25 15:28 - 02066944 _____ (Farbar) C:\Users\Snippah#\Downloads\FRST64.exe
2014-05-21 23:02 - 2014-05-25 15:28 - 00000000 ____D () C:\FRST
2014-05-21 22:55 - 2014-05-22 00:27 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\CrashDumps
2014-05-21 22:32 - 2014-05-21 22:32 - 00000948 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-21 19:41 - 2014-05-25 15:11 - 00003036 _____ () C:\Windows\System32\Tasks\asrRd
2014-05-20 15:38 - 2014-05-20 15:38 - 00000000 ____D () E:\PROGRAMS\Tor Browser
2014-05-17 12:50 - 2014-05-21 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Half-Life 2 Riot Act
2014-05-17 12:50 - 2014-05-17 12:50 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life 2 Riot Act
2014-05-16 18:30 - 2014-05-16 18:30 - 01220772 _____ (pendrivelinux.com) C:\Users\Snippah#\Desktop\YUMI-2.0.0.4.exe
2014-05-15 18:35 - 2014-05-15 18:51 - 00004608 _____ () C:\Users\Snippah#\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-15 00:32 - 2014-05-15 00:04 - 2591555916 _____ () C:\Users\Snippah#\Desktop\EDITSIS.avi
2014-05-14 21:12 - 2014-05-14 21:12 - 00000000 ____D () E:\PROGRAMS\LogMeIn Hamachi
2014-05-14 21:12 - 2014-05-14 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-13 15:17 - 2014-05-21 22:42 - 00000029 _____ () C:\ProgramData\yiasfxw.dat
2014-05-10 23:33 - 2014-05-10 23:33 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Unity
2014-05-10 18:53 - 2014-05-10 18:53 - 00000000 ____D () C:\Users\Snippah#\Sources
2014-05-10 18:53 - 2014-05-10 18:51 - 00000057 _____ () C:\Users\Snippah#\start.bat
2014-05-10 16:20 - 2014-05-10 16:20 - 00000000 ____D () E:\PROGRAMS\IrfanView
2014-05-10 16:20 - 2014-05-10 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-05-09 00:40 - 2014-05-09 00:40 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Terraria_Launcher
2014-05-09 00:39 - 2014-05-09 00:39 - 00001030 _____ () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameiki Mod Installer.lnk
2014-05-09 00:39 - 2014-05-09 00:39 - 00000000 ____D () E:\PROGRAMS\Gameiki
2014-05-08 18:38 - 2014-05-08 18:38 - 00000906 _____ () C:\Users\Snippah#\Desktop\Notepad++.lnk
2014-05-08 18:00 - 2014-05-08 18:00 - 00001752 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2014-05-08 18:00 - 2014-05-08 18:00 - 00001712 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2014-05-08 18:00 - 2014-05-08 18:00 - 00001697 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-05-08 17:59 - 2014-05-08 18:00 - 00000000 ____D () E:\PROGRAMS\JDownloader
2014-05-08 16:19 - 2014-05-08 16:19 - 00000000 __RSH () C:\MSDOS.SYS
2014-05-08 16:19 - 2014-05-08 16:19 - 00000000 __RSH () C:\IO.SYS
2014-05-07 21:04 - 2014-05-07 21:04 - 00002107 _____ () C:\Users\Snippah#\Desktop\Chrome OS (ChromiumOS Vanilla Build) - USB-Image - CHIP Downloader.lnk
2014-05-07 20:29 - 2014-05-07 20:29 - 00000808 _____ () C:\Users\Public\Desktop\EasyBCD 2.2.lnk
2014-05-07 20:29 - 2014-05-07 20:29 - 00000000 ____D () E:\PROGRAMS\EasyBCD
2014-05-05 17:56 - 2014-05-05 17:56 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-05 15:57 - 2014-05-05 16:04 - 00002614 _____ () C:\Windows\diagwrn.xml
2014-05-05 15:57 - 2014-05-05 16:04 - 00001890 _____ () C:\Windows\diagerr.xml
2014-05-03 20:53 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-03 13:37 - 2014-05-21 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-05-03 13:37 - 2014-05-19 19:25 - 00000000 ____D () E:\PROGRAMS\DVDVideoSoft
2014-05-03 13:37 - 2014-05-17 17:47 - 00001973 _____ () C:\Users\Public\Desktop\Free YouTube Download.lnk
2014-05-03 13:36 - 2014-05-19 19:26 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\DVDVideoSoft
2014-05-03 00:30 - 2014-05-24 21:29 - 00000000 ____D () C:\Users\Snippah#\Desktop\magix fertig
2014-05-02 23:37 - 2014-05-03 00:31 - 00208670 _____ () C:\Users\Snippah#\Documents\i hate all of you bitches.MVP
2014-04-28 16:02 - 2014-05-12 16:16 - 00000918 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-04-28 16:01 - 2014-05-12 16:16 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () E:\PROGRAMS\iTunes
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () E:\PROGRAMS\iPod
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-27 23:50 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-04-27 18:26 - 2014-04-27 18:26 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\java
2014-04-25 14:06 - 2014-04-25 14:06 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk

==================== One Month Modified Files and Folders =======

2014-05-25 15:29 - 2014-05-22 16:40 - 00018948 _____ () C:\Users\Snippah#\Downloads\FRST.txt
2014-05-25 15:28 - 2014-05-25 15:28 - 00000628 _____ () C:\Users\Snippah#\Desktop\JRT.txt
2014-05-25 15:28 - 2014-05-25 15:28 - 00000000 ____D () C:\Users\Snippah#\Downloads\FRST-OlderVersion
2014-05-25 15:28 - 2014-05-22 16:39 - 02066944 _____ (Farbar) C:\Users\Snippah#\Downloads\FRST64.exe
2014-05-25 15:28 - 2014-05-21 23:02 - 00000000 ____D () C:\FRST
2014-05-25 15:25 - 2014-02-27 18:00 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Skype
2014-05-25 15:18 - 2009-07-14 06:45 - 00036336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-25 15:18 - 2009-07-14 06:45 - 00036336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-25 15:14 - 2014-05-22 17:09 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-25 15:12 - 2014-04-15 18:15 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\LogMeIn Hamachi
2014-05-25 15:12 - 2014-02-27 17:35 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Spotify
2014-05-25 15:11 - 2014-05-25 15:12 - 01016261 _____ (Thisisu) C:\Users\Snippah#\Desktop\JRT.exe
2014-05-25 15:11 - 2014-05-25 15:11 - 01016261 _____ (Thisisu) C:\Users\Snippah#\Downloads\JRT.exe
2014-05-25 15:11 - 2014-05-25 15:11 - 00002541 _____ () C:\Users\Snippah#\Desktop\AdwCleaner[S0].txt
2014-05-25 15:11 - 2014-05-21 19:41 - 00003036 _____ () C:\Windows\System32\Tasks\asrRd
2014-05-25 15:11 - 2014-03-01 21:01 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Dropbox
2014-05-25 15:10 - 2014-05-22 16:58 - 00003094 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-05-25 15:10 - 2014-03-01 21:03 - 00000000 ___RD () C:\Users\Snippah#\Dropbox
2014-05-25 15:10 - 2014-03-01 21:02 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\DropboxMaster
2014-05-25 15:09 - 2014-05-25 01:00 - 00000504 _____ () C:\Windows\setupact.log
2014-05-25 15:08 - 2014-05-25 14:10 - 00231134 _____ () C:\Windows\PFRO.log
2014-05-25 15:08 - 2014-05-22 17:09 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-25 15:08 - 2014-02-27 22:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-25 15:08 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-25 15:07 - 2014-05-25 15:04 - 00000000 ____D () C:\AdwCleaner
2014-05-25 15:07 - 2014-02-27 22:46 - 00715311 _____ () C:\Windows\WindowsUpdate.log
2014-05-25 15:04 - 2014-05-25 15:04 - 01326389 _____ () C:\Users\Snippah#\Downloads\adwcleaner_3.210.exe
2014-05-25 15:03 - 2014-05-25 15:03 - 00036560 _____ () C:\Users\Snippah#\Desktop\mbam.txt
2014-05-25 15:02 - 2014-03-31 22:01 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-25 14:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-05-25 14:44 - 2014-02-28 00:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-25 14:20 - 2014-05-25 14:20 - 00000889 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-25 14:20 - 2014-05-25 14:20 - 00000000 ____D () E:\PROGRAMS\ Malwarebytes Anti-Malware 
2014-05-25 14:20 - 2014-05-25 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-25 14:20 - 2014-05-25 14:19 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Snippah#\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-25 14:14 - 2014-03-01 21:02 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-25 14:14 - 2014-02-27 22:51 - 00000000 ___RD () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-25 02:51 - 2014-05-25 02:51 - 00000799 _____ () C:\Users\Snippah#\Desktop\astudio2.exe - Verknüpfung.lnk
2014-05-25 01:00 - 2014-05-25 01:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-25 00:12 - 2014-03-08 01:17 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Anvil Studio
2014-05-24 22:35 - 2014-03-14 19:27 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4F372E70-9CBF-4970-A680-9F7B6BF7B9F1}
2014-05-24 22:21 - 2014-03-11 19:09 - 01594156 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-24 22:21 - 2014-02-28 07:41 - 00699462 _____ () C:\Windows\system32\perfh007.dat
2014-05-24 22:21 - 2014-02-28 07:41 - 00149602 _____ () C:\Windows\system32\perfc007.dat
2014-05-24 22:21 - 2009-07-14 07:13 - 01594156 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-24 22:08 - 2014-05-24 22:08 - 06098116 _____ () C:\Users\Snippah#\Downloads\paint.net.4.0.5226.41987.install.zip
2014-05-24 22:08 - 2014-05-24 22:08 - 00000000 ____D () C:\Users\Snippah#\Downloads\paint.net.4.0.5226.41987.install
2014-05-24 21:29 - 2014-05-03 00:30 - 00000000 ____D () C:\Users\Snippah#\Desktop\magix fertig
2014-05-24 21:16 - 2014-05-24 21:16 - 00045579 _____ () C:\Users\Snippah#\Downloads\Beep_1sec.zip
2014-05-24 21:16 - 2014-05-24 21:16 - 00000000 ____D () C:\Users\Snippah#\Downloads\Beep_1sec
2014-05-24 11:00 - 2014-05-24 10:41 - 00000000 ____D () C:\Qoobox
2014-05-24 11:00 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-24 10:59 - 2014-05-24 10:59 - 00028849 _____ () C:\ComboFix.txt
2014-05-24 10:59 - 2014-04-14 20:42 - 00000000 ____D () C:\Users\Snippah
2014-05-24 10:58 - 2014-05-24 10:41 - 00000000 ____D () C:\Windows\erdnt
2014-05-24 10:58 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-24 10:56 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-24 10:51 - 2014-03-08 16:55 - 00000000 ____D () C:\Windows\SysWOW64\C2MP
2014-05-24 10:51 - 2014-02-27 22:51 - 00000000 ____D () C:\Users\Snippah#
2014-05-24 10:39 - 2014-05-24 10:39 - 05200426 ____R (Swearware) C:\Users\Snippah#\Desktop\ComboFix.exe
2014-05-24 09:54 - 2014-02-27 17:35 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Spotify
2014-05-23 18:16 - 2014-05-23 18:16 - 12814576 _____ (BlueStack Systems Inc.) C:\Users\Snippah#\Downloads\BlueStacks-SplitInstaller_native.exe
2014-05-23 18:16 - 2014-05-23 18:16 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Bluestacks
2014-05-22 17:10 - 2014-05-22 17:10 - 00002008 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-22 17:10 - 2014-05-22 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-22 17:09 - 2014-05-22 17:09 - 00004088 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-22 17:09 - 2014-05-22 17:09 - 00003836 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-22 17:08 - 2014-05-22 17:08 - 39809104 _____ (Google Inc.) C:\Users\Snippah#\Downloads\ChromeStandaloneSetup_35.0.1916.114.exe
2014-05-22 16:57 - 2014-05-22 16:57 - 00000942 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-05-22 16:57 - 2014-05-22 16:57 - 00000000 ____D () E:\PROGRAMS\WinZip Malware Protector
2014-05-22 16:57 - 2014-05-22 16:57 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Nico Mak Computing
2014-05-22 16:57 - 2014-05-22 16:57 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-05-22 16:57 - 2014-05-22 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-05-22 16:54 - 2014-05-22 16:53 - 00030717 _____ () C:\Users\Snippah#\Downloads\Addition.txt
2014-05-22 16:47 - 2014-04-06 20:40 - 00000000 ____D () E:\PROGRAMS\Mozilla Firefox
2014-05-22 00:27 - 2014-05-21 22:55 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\CrashDumps
2014-05-22 00:14 - 2014-03-04 02:36 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Paint.NET
2014-05-21 22:54 - 2014-05-17 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Half-Life 2 Riot Act
2014-05-21 22:54 - 2014-05-03 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-05-21 22:42 - 2014-05-13 15:17 - 00000029 _____ () C:\ProgramData\yiasfxw.dat
2014-05-21 22:32 - 2014-05-21 22:32 - 00000948 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-20 15:38 - 2014-05-20 15:38 - 00000000 ____D () E:\PROGRAMS\Tor Browser
2014-05-20 00:44 - 2014-02-28 15:44 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Audacity
2014-05-19 19:26 - 2014-05-03 13:36 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\DVDVideoSoft
2014-05-19 19:25 - 2014-05-03 13:37 - 00000000 ____D () E:\PROGRAMS\DVDVideoSoft
2014-05-17 17:47 - 2014-05-03 13:37 - 00001973 _____ () C:\Users\Public\Desktop\Free YouTube Download.lnk
2014-05-17 15:45 - 2014-02-28 00:25 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-17 15:45 - 2014-02-28 00:25 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-17 15:45 - 2014-02-28 00:25 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-17 15:45 - 2014-02-28 00:25 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Adobe
2014-05-17 12:50 - 2014-05-17 12:50 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life 2 Riot Act
2014-05-17 12:09 - 2014-02-27 22:38 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-16 18:30 - 2014-05-16 18:30 - 01220772 _____ (pendrivelinux.com) C:\Users\Snippah#\Desktop\YUMI-2.0.0.4.exe
2014-05-15 18:51 - 2014-05-15 18:35 - 00004608 _____ () C:\Users\Snippah#\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-15 00:04 - 2014-05-15 00:32 - 2591555916 _____ () C:\Users\Snippah#\Desktop\EDITSIS.avi
2014-05-14 21:12 - 2014-05-14 21:12 - 00000000 ____D () E:\PROGRAMS\LogMeIn Hamachi
2014-05-14 21:12 - 2014-05-14 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-12 16:16 - 2014-04-28 16:02 - 00000918 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-12 16:16 - 2014-04-28 16:01 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-12 16:16 - 2014-04-10 20:58 - 00000000 ____D () E:\PROGRAMS\Avira
2014-05-12 16:16 - 2014-04-10 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-12 07:26 - 2014-05-25 14:20 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-25 14:20 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-25 14:20 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-10 23:33 - 2014-05-10 23:33 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Unity
2014-05-10 18:53 - 2014-05-10 18:53 - 00000000 ____D () C:\Users\Snippah#\Sources
2014-05-10 18:51 - 2014-05-10 18:53 - 00000057 _____ () C:\Users\Snippah#\start.bat
2014-05-10 18:37 - 2014-03-02 12:39 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Notepad++
2014-05-10 16:20 - 2014-05-10 16:20 - 00000000 ____D () E:\PROGRAMS\IrfanView
2014-05-10 16:20 - 2014-05-10 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-05-10 12:06 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-09 00:40 - 2014-05-09 00:40 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Terraria_Launcher
2014-05-09 00:39 - 2014-05-09 00:39 - 00001030 _____ () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameiki Mod Installer.lnk
2014-05-09 00:39 - 2014-05-09 00:39 - 00000000 ____D () E:\PROGRAMS\Gameiki
2014-05-08 18:38 - 2014-05-08 18:38 - 00000906 _____ () C:\Users\Snippah#\Desktop\Notepad++.lnk
2014-05-08 18:00 - 2014-05-08 18:00 - 00001752 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2014-05-08 18:00 - 2014-05-08 18:00 - 00001712 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2014-05-08 18:00 - 2014-05-08 18:00 - 00001697 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-05-08 18:00 - 2014-05-08 17:59 - 00000000 ____D () E:\PROGRAMS\JDownloader
2014-05-08 16:51 - 2014-03-14 19:27 - 00032768 _____ () C:\Users\Snippah#\Documents\EasyBCD Backup (2014-03-14).bcd
2014-05-08 16:19 - 2014-05-08 16:19 - 00000000 __RSH () C:\MSDOS.SYS
2014-05-08 16:19 - 2014-05-08 16:19 - 00000000 __RSH () C:\IO.SYS
2014-05-07 23:04 - 2014-02-27 22:51 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\VirtualStore
2014-05-07 21:04 - 2014-05-07 21:04 - 00002107 _____ () C:\Users\Snippah#\Desktop\Chrome OS (ChromiumOS Vanilla Build) - USB-Image - CHIP Downloader.lnk
2014-05-07 20:29 - 2014-05-07 20:29 - 00000808 _____ () C:\Users\Public\Desktop\EasyBCD 2.2.lnk
2014-05-07 20:29 - 2014-05-07 20:29 - 00000000 ____D () E:\PROGRAMS\EasyBCD
2014-05-05 17:56 - 2014-05-05 17:56 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-05 16:04 - 2014-05-05 15:57 - 00002614 _____ () C:\Windows\diagwrn.xml
2014-05-05 16:04 - 2014-05-05 15:57 - 00001890 _____ () C:\Windows\diagerr.xml
2014-05-03 00:31 - 2014-05-02 23:37 - 00208670 _____ () C:\Users\Snippah#\Documents\i hate all of you bitches.MVP
2014-04-27 23:51 - 2014-03-09 01:51 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\redsn0w
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () E:\PROGRAMS\iTunes
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () E:\PROGRAMS\iPod
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-27 23:49 - 2014-03-01 20:47 - 00000000 ____D () C:\ProgramData\Apple
2014-04-27 18:26 - 2014-04-27 18:26 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\java
2014-04-27 18:26 - 2014-03-10 15:34 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\.minecraft
2014-04-26 21:08 - 2014-04-11 19:54 - 00000000 ____D () E:\PROGRAMS\MSI Afterburner
2014-04-26 14:29 - 2009-07-14 06:45 - 00536056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-25 14:06 - 2014-04-25 14:06 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-25 14:06 - 2014-02-27 18:00 - 00000000 ____D () C:\ProgramData\Skype
2014-04-25 14:06 - 2014-02-27 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-25 00:08 - 2014-02-27 17:29 - 00161744 _____ () C:\Users\Snippah#\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-25 00:05 - 2014-04-05 13:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-25 00:02 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2014-04-25 00:01 - 2014-04-05 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

Files to move or delete:
====================
C:\Users\Snippah#\AppData\Roaming\CamLayout.ini
C:\Users\Snippah#\AppData\Roaming\CamShapes.ini
C:\ProgramData\yiasfxw.dat
C:\Users\Snippah#\start.bat


Some content of TEMP:
====================
C:\Users\Snippah#\AppData\Local\Temp\avgnt.exe
C:\Users\Snippah#\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvheyq7.dll
C:\Users\Snippah#\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-20 19:24

==================== End Of Log ============================

--- --- ---

schrauber · 26.05.2014, 12:24

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

helpmenao · 27.05.2014, 14:54

ESET fragt ob ein proxy eingerichtet wär und ich komm nicht weiter

hier der log vom Security Check:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.83  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 55  
 Adobe Flash Player 	13.0.0.214  
 Mozilla Firefox (28.0) 
 Google Chrome 33.0.1750.146  
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 ESET ESET Online Scanner OnlineScannerApp.exe  
 ESET ESET Online Scanner OnlineCmdLineScanner.exe  
 WinZip Malware Protector WinZipMalwareProtector.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

und FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Snippah# (administrator) on SNIPPAH-PC on 27-05-2014 15:50:56
Running from C:\Users\Snippah#\Downloads\FRST-OlderVersion
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASRock) C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe
(Nico Mak Computing) E:\PROGRAMS\WinZip Malware Protector\WinZipMalwareProtector.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) E:\Teamviewer\TeamViewer_Service.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMS\Avira\My Avira\Avira.OE.ServiceHost.exe
(LogMeIn Inc.) E:\PROGRAMS\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) E:\PROGRAMS\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn Inc.) E:\PROGRAMS\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) E:\PROGRAMS\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\Display\nvtray.exe
(Spotify Ltd) C:\Users\Snippah#\AppData\Roaming\Spotify\spotify.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Valve Corporation) E:\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
(Dropbox, Inc.) C:\Users\Snippah#\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) E:\PROGRAMS\iTunes\iTunesHelper.exe
() E:\PROGRAMS\Gameiki\Gameiki Mod Installer\Gameiki Mod Installer.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMS\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) E:\PROGRAMS\Windows Media Player\wmpnetwk.exe
(Apple Inc.) E:\PROGRAMS\iPod\bin\iPodService.exe
() C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMS\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMS\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMS\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMS\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA) E:\PROGRAMS\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
() C:\Users\Snippah#\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Don HO don.h@free.fr) E:\PROGRAMS\Notepad++\notepad++.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [XFast LAN] => E:\Xfast lan\cFosSpeed.exe [1441152 2011-10-19] ()
HKLM\...\Run: [NvBackend] => E:\PROGRAMS\\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => E:\PROGRAMS\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => E:\PROGRAMS\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => E:\PROGRAMS\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1679360 2012-02-28] (Wondershare)
HKLM-x32\...\Run: [iTunesHelper] => E:\PROGRAMS\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [Gameiki] => E:\PROGRAMS\Gameiki\Gameiki Mod Installer\Gameiki Mod Installer.exe [358912 2014-02-23] ()
HKLM-x32\...\Run: [Avira Systray] => E:\PROGRAMS\Avira\My Avira\Avira.OE.Systray.exe [182352 2014-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => E:\PROGRAMS\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [Spotify] => C:\Users\Snippah#\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [Spotify Web Helper] => C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [Steam] => E:\Steam\steam.exe [1775808 2014-05-21] (Valve Corporation)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [ckzeom] => 0
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [yiasfxw] => 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
Startup: C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Snippah#\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.de
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-flv
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\PROGRAMS\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\PROGRAMS\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\PROGRAMS\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\PROGRAMS\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Users\Snippah#\AppData\Local\Microsoft\Windows Sidebar\Gadgets\skypegadget1.4.gadget\wrapper\Skype4COM.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Snippah#\AppData\Roaming\Mozilla\Firefox\Profiles\wwxr4ze2.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - E:\PROGRAMS\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - E:\PROGRAMS\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\PROGRAMS\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - E:\PROGRAMS\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - E:\PROGRAMS\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - E:\PROGRAMS\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - E:\PROGRAMS\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - E:\PROGRAMS\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - E:\PROGRAMS\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - E:\PROGRAMS\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Snippah#\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF StartMenuInternet: FIREFOX.EXE - E:\PROGRAMS\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "https://www.google.de/", "hxxp://www.google.de/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - E:\PROGRAMS\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - E:\PROGRAMS\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - E:\PROGRAMS\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Free Studio) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_0\np_dvs_plugin.dll (DVDVideoSoft Ltd.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll No File
CHR Plugin: (Google Update) - E:\PROGRAMS\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.550.14) - E:\PROGRAMS\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U55) - E:\PROGRAMS\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - E:\PROGRAMS\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - E:\PROGRAMS\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - E:\PROGRAMS\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - E:\PROGRAMS\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Extension: (ProxFlow) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-05-10]
CHR Extension: (Bookmarks) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\adgbnjhpkfmgbidgbhdllmehfihlpoda [2014-04-12]
CHR Extension: (Google Docs) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-31]
CHR Extension: (Google Drive) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-27]
CHR Extension: (YouTube) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-27]
CHR Extension: (Adblock Plus) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-12]
CHR Extension: (Google-Suche) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-27]
CHR Extension: (Avira Browser Safety) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-04-12]
CHR Extension: (AdBlock) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-12]
CHR Extension: (Dropbox) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-04-12]
CHR Extension: (FVD Downloader) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-04-12]
CHR Extension: (DVDVideoSoft) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2014-05-03]
CHR Extension: (Google Wallet) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-27]
CHR Extension: (ProxPrice) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2014-05-14]
CHR Extension: (Google Mail) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-27]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-05-03]
CHR StartMenuInternet: Google Chrome - E:\PROGRAMS\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-07-28] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; E:\PROGRAMS\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; E:\PROGRAMS\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; E:\PROGRAMS\Avira\My Avira\Avira.OE.ServiceHost.exe [124496 2014-05-05] (Avira Operations GmbH & Co. KG)
S2 cFosSpeedS; E:\Xfast lan\spd.exe [395136 2011-10-19] ()
S2 gupdate; E:\PROGRAMS\Google\Update\GoogleUpdate.exe [116648 2014-04-01] (Google Inc.)
S3 gupdatem; E:\PROGRAMS\Google\Update\GoogleUpdate.exe [116648 2014-04-01] (Google Inc.)
R2 Hamachi2Svc; E:\PROGRAMS\LogMeIn Hamachi\hamachi-2.exe [2228048 2014-05-13] (LogMeIn Inc.)
R3 iPod Service; E:\PROGRAMS\iPod\bin\iPodService.exe [641352 2014-02-21] (Apple Inc.)
S3 MozillaMaintenance; E:\PROGRAMS\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-03-15] (Mozilla Foundation)
U2 NvNetworkService; E:\PROGRAMS\\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; E:\PROGRAMS\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 Stereo Service; E:\PROGRAMS\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [411936 2014-03-04] (NVIDIA Corporation)
R2 TeamViewer9; E:\Teamviewer\TeamViewer_Service.exe [4972864 2014-04-02] (TeamViewer GmbH)
S3 FirebirdServerMAGIXInstance; "C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe" [X]

==================== Drivers (Whitelisted) ====================

R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 LoopBeMidi1; C:\Windows\System32\drivers\loopbe1.sys [13824 2011-04-09] (nerds.de)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 RTCore64; E:\PROGRAMS\MSI Afterburner\RTCore64.sys [13368 2013-01-23] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 teVirtualMIDI64; C:\Windows\System32\DRIVERS\teVirtualMIDI64.sys [30208 2012-08-16] (Tobias Erichsen)
S3 Tortilla; C:\Windows\System32\DRIVERS\tortilla.sys [14992 2014-04-06] ()
S3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2013-05-30] (Wondershare)
S3 ZD1211BU(WLAN); C:\Windows\System32\DRIVERS\zd1211Bu.sys [493440 2005-10-28] (ZyDAS Technology Corporation)
S2 AODDriver4.2.0; \??\E:\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
R3 ArdDrv; \??\C:\Windows\SysWOW64\Drivers\ArdDrv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-27 15:45 - 2014-05-27 15:45 - 00854367 _____ () C:\Users\Snippah#\Downloads\SecurityCheck.exe
2014-05-27 15:40 - 2014-05-27 15:40 - 00000000 ____D () E:\PROGRAMS\ESET
2014-05-27 15:39 - 2014-05-27 15:40 - 02347384 _____ (ESET) C:\Users\Snippah#\Downloads\esetsmartinstaller_deu.exe
2014-05-26 16:21 - 2014-05-26 16:21 - 00001828 _____ () C:\Users\Public\Desktop\loopMIDI.lnk
2014-05-26 16:21 - 2014-05-26 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\loopMIDI
2014-05-26 16:20 - 2014-05-26 16:20 - 00000000 ____D () C:\Users\Snippah#\Downloads\loopMIDI_1_0_5_15
2014-05-26 16:19 - 2014-05-26 16:19 - 00870544 _____ () C:\Users\Snippah#\Downloads\loopMIDI_1_0_5_15.zip
2014-05-26 16:09 - 2014-05-26 16:09 - 01669280 _____ (nerds.de Daniel Schmitt) C:\Users\Snippah#\Downloads\setupipmiditrial.exe
2014-05-26 16:09 - 2014-05-26 16:09 - 01016128 _____ () C:\Users\Snippah#\Downloads\setuploopbe1.exe
2014-05-26 15:43 - 2014-05-26 15:43 - 00000000 ____D () C:\Users\Snippah#\Downloads\derpy_hooves_windows_7_theme_by_matniky-d5j6t07
2014-05-26 15:34 - 2014-05-26 15:34 - 00000000 ____D () C:\Users\Snippah#\Downloads\uxpatcher10
2014-05-26 15:32 - 2014-05-26 15:33 - 06075955 _____ () C:\Users\Snippah#\Downloads\uxpatcher10.zip
2014-05-26 15:31 - 2014-05-26 15:31 - 00961360 _____ (Chip Digital GmbH) C:\Users\Snippah#\Downloads\UxTheme Multi Patcher - CHIP-Installer.exe
2014-05-26 15:29 - 2014-05-26 15:30 - 46070819 _____ () C:\Users\Snippah#\Downloads\derpy_hooves_windows_7_theme_by_matniky-d5j6t07.rar
2014-05-26 15:14 - 2014-05-26 15:14 - 02294104 _____ () C:\Users\Snippah#\Downloads\Rainmeter-3.1.exe
2014-05-26 15:13 - 2014-05-26 15:14 - 23424432 _____ (Windows 7 - Codec Pack) C:\Users\Snippah#\Downloads\windows.7.codec.pack.v4.0.9.setup.exe
2014-05-25 19:33 - 2014-05-25 19:34 - 353169964 _____ () C:\Users\Snippah#\Desktop\anal.wav
2014-05-25 15:28 - 2014-05-27 15:50 - 00000000 ____D () C:\Users\Snippah#\Downloads\FRST-OlderVersion
2014-05-25 15:28 - 2014-05-25 15:28 - 00000628 _____ () C:\Users\Snippah#\Desktop\JRT.txt
2014-05-25 15:12 - 2014-05-25 15:11 - 01016261 _____ (Thisisu) C:\Users\Snippah#\Desktop\JRT.exe
2014-05-25 15:11 - 2014-05-25 15:11 - 01016261 _____ (Thisisu) C:\Users\Snippah#\Downloads\JRT.exe
2014-05-25 15:11 - 2014-05-25 15:11 - 00002541 _____ () C:\Users\Snippah#\Desktop\AdwCleaner[S0].txt
2014-05-25 15:04 - 2014-05-25 15:07 - 00000000 ____D () C:\AdwCleaner
2014-05-25 15:04 - 2014-05-25 15:04 - 01326389 _____ () C:\Users\Snippah#\Downloads\adwcleaner_3.210.exe
2014-05-25 15:03 - 2014-05-25 15:03 - 00036560 _____ () C:\Users\Snippah#\Desktop\mbam.txt
2014-05-25 14:20 - 2014-05-25 14:20 - 00000889 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-25 14:20 - 2014-05-25 14:20 - 00000000 ____D () E:\PROGRAMS\ Malwarebytes Anti-Malware 
2014-05-25 14:20 - 2014-05-25 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-25 14:20 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-25 14:20 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-25 14:20 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-25 14:19 - 2014-05-25 14:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Snippah#\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-25 14:10 - 2014-05-27 15:28 - 00303974 _____ () C:\Windows\PFRO.log
2014-05-25 02:51 - 2014-05-25 02:51 - 00000799 _____ () C:\Users\Snippah#\Desktop\astudio2.exe - Verknüpfung.lnk
2014-05-25 01:00 - 2014-05-27 15:29 - 00001653 _____ () C:\Windows\setupact.log
2014-05-25 01:00 - 2014-05-25 01:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-24 22:08 - 2014-05-24 22:08 - 06098116 _____ () C:\Users\Snippah#\Downloads\paint.net.4.0.5226.41987.install.zip
2014-05-24 22:08 - 2014-05-24 22:08 - 00000000 ____D () C:\Users\Snippah#\Downloads\paint.net.4.0.5226.41987.install
2014-05-24 21:16 - 2014-05-24 21:16 - 00045579 _____ () C:\Users\Snippah#\Downloads\Beep_1sec.zip
2014-05-24 21:16 - 2014-05-24 21:16 - 00000000 ____D () C:\Users\Snippah#\Downloads\Beep_1sec
2014-05-24 20:15 - 2014-03-04 06:40 - 00000571 _____ () C:\Users\Snippah#\Desktop\VIDEOSEDITIEREN.lnk
2014-05-24 20:00 - 2013-08-26 04:10 - 186294276 _____ () C:\Users\Snippah#\Desktop\FILE0002.MOV
2014-05-24 10:59 - 2014-05-24 10:59 - 00028849 _____ () C:\ComboFix.txt
2014-05-24 10:41 - 2014-05-24 11:00 - 00000000 ____D () C:\Qoobox
2014-05-24 10:41 - 2014-05-24 10:58 - 00000000 ____D () C:\Windows\erdnt
2014-05-24 10:41 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-24 10:41 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-24 10:41 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-24 10:41 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-24 10:41 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-24 10:41 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-24 10:41 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-24 10:41 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-24 10:39 - 2014-05-24 10:39 - 05200426 ____R (Swearware) C:\Users\Snippah#\Desktop\ComboFix.exe
2014-05-23 18:16 - 2014-05-23 18:16 - 12814576 _____ (BlueStack Systems Inc.) C:\Users\Snippah#\Downloads\BlueStacks-SplitInstaller_native.exe
2014-05-23 18:16 - 2014-05-23 18:16 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Bluestacks
2014-05-22 17:10 - 2014-05-22 17:10 - 00002008 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-22 17:10 - 2014-05-22 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-22 17:09 - 2014-05-27 15:29 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-22 17:09 - 2014-05-26 22:14 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-22 17:09 - 2014-05-22 17:09 - 00004088 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-22 17:09 - 2014-05-22 17:09 - 00003836 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-22 17:08 - 2014-05-22 17:08 - 39809104 _____ (Google Inc.) C:\Users\Snippah#\Downloads\ChromeStandaloneSetup_35.0.1916.114.exe
2014-05-22 16:58 - 2014-05-27 15:29 - 00003094 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-05-22 16:57 - 2014-05-22 16:57 - 00000942 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-05-22 16:57 - 2014-05-22 16:57 - 00000000 ____D () E:\PROGRAMS\WinZip Malware Protector
2014-05-22 16:57 - 2014-05-22 16:57 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Nico Mak Computing
2014-05-22 16:57 - 2014-05-22 16:57 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-05-22 16:57 - 2014-05-22 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-05-22 16:57 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-05-22 16:53 - 2014-05-22 16:54 - 00030717 _____ () C:\Users\Snippah#\Downloads\Addition.txt
2014-05-22 16:40 - 2014-05-25 15:29 - 00046068 _____ () C:\Users\Snippah#\Desktop\FRST.txt
2014-05-22 16:39 - 2014-05-25 15:28 - 02066944 _____ (Farbar) C:\Users\Snippah#\Downloads\FRST64.exe
2014-05-21 23:02 - 2014-05-27 15:50 - 00000000 ____D () C:\FRST
2014-05-21 22:55 - 2014-05-22 00:27 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\CrashDumps
2014-05-21 22:32 - 2014-05-21 22:32 - 00000948 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-21 19:41 - 2014-05-27 15:31 - 00003036 _____ () C:\Windows\System32\Tasks\asrRd
2014-05-20 15:38 - 2014-05-20 15:38 - 00000000 ____D () E:\PROGRAMS\Tor Browser
2014-05-20 15:02 - 2014-05-20 15:02 - 00045384 _____ () C:\Windows\SysWOW64\DiscHandler.exe
2014-05-17 12:50 - 2014-05-21 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Half-Life 2 Riot Act
2014-05-17 12:50 - 2014-05-17 12:50 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life 2 Riot Act
2014-05-16 18:30 - 2014-05-16 18:30 - 01220772 _____ (pendrivelinux.com) C:\Users\Snippah#\Desktop\YUMI-2.0.0.4.exe
2014-05-15 18:35 - 2014-05-15 18:51 - 00004608 _____ () C:\Users\Snippah#\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-15 00:32 - 2014-05-15 00:04 - 2591555916 _____ () C:\Users\Snippah#\Desktop\EDITSIS.avi
2014-05-14 21:12 - 2014-05-14 21:12 - 00000000 ____D () E:\PROGRAMS\LogMeIn Hamachi
2014-05-14 21:12 - 2014-05-14 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-13 17:05 - 2014-05-13 17:05 - 04374528 _____ () C:\Windows\system32\ffdshow.ax
2014-05-13 17:05 - 2014-05-13 17:05 - 04009984 _____ () C:\Windows\system32\ffmpeg.dll
2014-05-13 17:05 - 2014-05-13 17:05 - 00474624 _____ () C:\Windows\system32\ff_kernelDeint.dll
2014-05-13 17:05 - 2014-05-13 17:05 - 00127488 _____ () C:\Windows\system32\ff_vfw.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 01532928 _____ () C:\Windows\system32\ff_samplerate.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00631296 _____ () C:\Windows\system32\TomsMoComp_ff.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00222720 _____ () C:\Windows\system32\ff_libdts.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00190464 _____ () C:\Windows\system32\libmpeg2_ff.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00183296 _____ () C:\Windows\system32\ff_unrar.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00156672 _____ () C:\Windows\system32\ff_libmad.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00116224 _____ () C:\Windows\system32\ff_liba52.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00114688 _____ () C:\Windows\system32\ff_wmv9.dll
2014-05-13 17:02 - 2014-05-13 17:02 - 03916288 _____ () C:\Windows\SysWOW64\ffmpeg.dll
2014-05-13 17:01 - 2014-05-13 17:01 - 03502592 _____ () C:\Windows\SysWOW64\ffdshow.ax
2014-05-13 17:01 - 2014-05-13 17:01 - 00271360 _____ () C:\Windows\SysWOW64\TomsMoComp_ff.dll
2014-05-13 17:01 - 2014-05-13 17:01 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 01525760 _____ () C:\Windows\SysWOW64\ff_samplerate.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00211968 _____ () C:\Windows\SysWOW64\ff_libdts.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00157184 _____ () C:\Windows\SysWOW64\ff_unrar.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00147456 _____ () C:\Windows\SysWOW64\ff_libmad.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00136704 _____ () C:\Windows\SysWOW64\libmpeg2_ff.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00114688 _____ () C:\Windows\SysWOW64\ff_liba52.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00099840 _____ () C:\Windows\SysWOW64\ff_wmv9.dll
2014-05-13 15:17 - 2014-05-21 22:42 - 00000029 _____ () C:\ProgramData\yiasfxw.dat
2014-05-10 23:33 - 2014-05-10 23:33 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Unity
2014-05-10 18:53 - 2014-05-10 18:53 - 00000000 ____D () C:\Users\Snippah#\Sources
2014-05-10 18:53 - 2014-05-10 18:51 - 00000057 _____ () C:\Users\Snippah#\start.bat
2014-05-10 16:20 - 2014-05-10 16:20 - 00000000 ____D () E:\PROGRAMS\IrfanView
2014-05-10 16:20 - 2014-05-10 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-05-09 00:40 - 2014-05-09 00:40 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Terraria_Launcher
2014-05-09 00:39 - 2014-05-09 00:39 - 00001030 _____ () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameiki Mod Installer.lnk
2014-05-09 00:39 - 2014-05-09 00:39 - 00000000 ____D () E:\PROGRAMS\Gameiki
2014-05-08 18:38 - 2014-05-08 18:38 - 00000906 _____ () C:\Users\Snippah#\Desktop\Notepad++.lnk
2014-05-08 18:00 - 2014-05-08 18:00 - 00001752 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2014-05-08 18:00 - 2014-05-08 18:00 - 00001712 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2014-05-08 18:00 - 2014-05-08 18:00 - 00001697 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-05-08 17:59 - 2014-05-08 18:00 - 00000000 ____D () E:\PROGRAMS\JDownloader
2014-05-08 16:19 - 2014-05-08 16:19 - 00000000 __RSH () C:\MSDOS.SYS
2014-05-08 16:19 - 2014-05-08 16:19 - 00000000 __RSH () C:\IO.SYS
2014-05-07 21:04 - 2014-05-07 21:04 - 00002107 _____ () C:\Users\Snippah#\Desktop\Chrome OS (ChromiumOS Vanilla Build) - USB-Image - CHIP Downloader.lnk
2014-05-07 20:29 - 2014-05-07 20:29 - 00000808 _____ () C:\Users\Public\Desktop\EasyBCD 2.2.lnk
2014-05-07 20:29 - 2014-05-07 20:29 - 00000000 ____D () E:\PROGRAMS\EasyBCD
2014-05-05 17:56 - 2014-05-05 17:56 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-05 15:57 - 2014-05-05 16:04 - 00002614 _____ () C:\Windows\diagwrn.xml
2014-05-05 15:57 - 2014-05-05 16:04 - 00001890 _____ () C:\Windows\diagerr.xml
2014-05-03 20:53 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-03 13:37 - 2014-05-21 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-05-03 13:37 - 2014-05-19 19:25 - 00000000 ____D () E:\PROGRAMS\DVDVideoSoft
2014-05-03 13:37 - 2014-05-17 17:47 - 00001973 _____ () C:\Users\Public\Desktop\Free YouTube Download.lnk
2014-05-03 13:36 - 2014-05-19 19:26 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\DVDVideoSoft
2014-05-03 00:30 - 2014-05-24 21:29 - 00000000 ____D () C:\Users\Snippah#\Desktop\magix fertig
2014-05-02 23:37 - 2014-05-03 00:31 - 00208670 _____ () C:\Users\Snippah#\Documents\i hate all of you bitches.MVP
2014-05-01 18:02 - 2014-05-01 18:02 - 00428792 _____ (MPC-HC Team) C:\Windows\system32\cdxareader.ax
2014-05-01 17:56 - 2014-05-01 17:56 - 00368888 _____ (MPC-HC Team) C:\Windows\SysWOW64\cdxareader.ax
2014-04-28 16:02 - 2014-05-12 16:16 - 00000918 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-04-28 16:01 - 2014-05-12 16:16 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () E:\PROGRAMS\iTunes
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () E:\PROGRAMS\iPod
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-27 23:50 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-04-27 18:26 - 2014-04-27 18:26 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\java

==================== One Month Modified Files and Folders =======

2014-05-27 15:50 - 2014-05-25 15:28 - 00000000 ____D () C:\Users\Snippah#\Downloads\FRST-OlderVersion
2014-05-27 15:50 - 2014-05-21 23:02 - 00000000 ____D () C:\FRST
2014-05-27 15:48 - 2014-02-27 18:00 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Skype
2014-05-27 15:45 - 2014-05-27 15:45 - 00854367 _____ () C:\Users\Snippah#\Downloads\SecurityCheck.exe
2014-05-27 15:44 - 2014-02-28 00:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-27 15:42 - 2009-07-14 06:45 - 00036336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-27 15:42 - 2009-07-14 06:45 - 00036336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-27 15:40 - 2014-05-27 15:40 - 00000000 ____D () E:\PROGRAMS\ESET
2014-05-27 15:40 - 2014-05-27 15:39 - 02347384 _____ (ESET) C:\Users\Snippah#\Downloads\esetsmartinstaller_deu.exe
2014-05-27 15:37 - 2014-03-14 19:27 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4F372E70-9CBF-4970-A680-9F7B6BF7B9F1}
2014-05-27 15:34 - 2014-04-11 15:17 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-27 15:34 - 2014-04-11 15:17 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-27 15:34 - 2014-02-27 22:46 - 00728507 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 15:33 - 2014-02-27 17:35 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Spotify
2014-05-27 15:32 - 2014-03-01 21:03 - 00000000 ___RD () C:\Users\Snippah#\Dropbox
2014-05-27 15:32 - 2014-03-01 21:02 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\DropboxMaster
2014-05-27 15:32 - 2014-03-01 21:01 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Dropbox
2014-05-27 15:31 - 2014-05-21 19:41 - 00003036 _____ () C:\Windows\System32\Tasks\asrRd
2014-05-27 15:31 - 2014-04-15 18:15 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\LogMeIn Hamachi
2014-05-27 15:29 - 2014-05-25 01:00 - 00001653 _____ () C:\Windows\setupact.log
2014-05-27 15:29 - 2014-05-22 17:09 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-27 15:29 - 2014-05-22 16:58 - 00003094 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-05-27 15:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 15:28 - 2014-05-25 14:10 - 00303974 _____ () C:\Windows\PFRO.log
2014-05-27 15:28 - 2014-02-27 22:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-26 22:14 - 2014-05-22 17:09 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-26 16:21 - 2014-05-26 16:21 - 00001828 _____ () C:\Users\Public\Desktop\loopMIDI.lnk
2014-05-26 16:21 - 2014-05-26 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\loopMIDI
2014-05-26 16:21 - 2014-03-29 20:49 - 00000000 ____D () E:\PROGRAMS\Tobias Erichsen
2014-05-26 16:20 - 2014-05-26 16:20 - 00000000 ____D () C:\Users\Snippah#\Downloads\loopMIDI_1_0_5_15
2014-05-26 16:19 - 2014-05-26 16:19 - 00870544 _____ () C:\Users\Snippah#\Downloads\loopMIDI_1_0_5_15.zip
2014-05-26 16:16 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-26 16:09 - 2014-05-26 16:09 - 01669280 _____ (nerds.de Daniel Schmitt) C:\Users\Snippah#\Downloads\setupipmiditrial.exe
2014-05-26 16:09 - 2014-05-26 16:09 - 01016128 _____ () C:\Users\Snippah#\Downloads\setuploopbe1.exe
2014-05-26 15:50 - 2014-03-31 22:01 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-26 15:43 - 2014-05-26 15:43 - 00000000 ____D () C:\Users\Snippah#\Downloads\derpy_hooves_windows_7_theme_by_matniky-d5j6t07
2014-05-26 15:34 - 2014-05-26 15:34 - 00000000 ____D () C:\Users\Snippah#\Downloads\uxpatcher10
2014-05-26 15:33 - 2014-05-26 15:32 - 06075955 _____ () C:\Users\Snippah#\Downloads\uxpatcher10.zip
2014-05-26 15:31 - 2014-05-26 15:31 - 00961360 _____ (Chip Digital GmbH) C:\Users\Snippah#\Downloads\UxTheme Multi Patcher - CHIP-Installer.exe
2014-05-26 15:30 - 2014-05-26 15:29 - 46070819 _____ () C:\Users\Snippah#\Downloads\derpy_hooves_windows_7_theme_by_matniky-d5j6t07.rar
2014-05-26 15:17 - 2014-03-16 18:15 - 00001706 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2014-05-26 15:14 - 2014-05-26 15:14 - 02294104 _____ () C:\Users\Snippah#\Downloads\Rainmeter-3.1.exe
2014-05-26 15:14 - 2014-05-26 15:13 - 23424432 _____ (Windows 7 - Codec Pack) C:\Users\Snippah#\Downloads\windows.7.codec.pack.v4.0.9.setup.exe
2014-05-25 22:50 - 2014-03-10 15:34 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\.minecraft
2014-05-25 19:36 - 2014-02-28 15:44 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Audacity
2014-05-25 19:34 - 2014-05-25 19:33 - 353169964 _____ () C:\Users\Snippah#\Desktop\anal.wav
2014-05-25 15:29 - 2014-05-22 16:40 - 00046068 _____ () C:\Users\Snippah#\Desktop\FRST.txt
2014-05-25 15:28 - 2014-05-25 15:28 - 00000628 _____ () C:\Users\Snippah#\Desktop\JRT.txt
2014-05-25 15:28 - 2014-05-22 16:39 - 02066944 _____ (Farbar) C:\Users\Snippah#\Downloads\FRST64.exe
2014-05-25 15:11 - 2014-05-25 15:12 - 01016261 _____ (Thisisu) C:\Users\Snippah#\Desktop\JRT.exe
2014-05-25 15:11 - 2014-05-25 15:11 - 01016261 _____ (Thisisu) C:\Users\Snippah#\Downloads\JRT.exe
2014-05-25 15:11 - 2014-05-25 15:11 - 00002541 _____ () C:\Users\Snippah#\Desktop\AdwCleaner[S0].txt
2014-05-25 15:07 - 2014-05-25 15:04 - 00000000 ____D () C:\AdwCleaner
2014-05-25 15:04 - 2014-05-25 15:04 - 01326389 _____ () C:\Users\Snippah#\Downloads\adwcleaner_3.210.exe
2014-05-25 15:03 - 2014-05-25 15:03 - 00036560 _____ () C:\Users\Snippah#\Desktop\mbam.txt
2014-05-25 14:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-05-25 14:20 - 2014-05-25 14:20 - 00000889 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-25 14:20 - 2014-05-25 14:20 - 00000000 ____D () E:\PROGRAMS\ Malwarebytes Anti-Malware 
2014-05-25 14:20 - 2014-05-25 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-25 14:20 - 2014-05-25 14:19 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Snippah#\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-25 14:14 - 2014-03-01 21:02 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-25 14:14 - 2014-02-27 22:51 - 00000000 ___RD () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-25 02:51 - 2014-05-25 02:51 - 00000799 _____ () C:\Users\Snippah#\Desktop\astudio2.exe - Verknüpfung.lnk
2014-05-25 01:00 - 2014-05-25 01:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-25 00:12 - 2014-03-08 01:17 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Anvil Studio
2014-05-24 22:21 - 2014-03-11 19:09 - 01594156 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-24 22:21 - 2014-02-28 07:41 - 00699462 _____ () C:\Windows\system32\perfh007.dat
2014-05-24 22:21 - 2014-02-28 07:41 - 00149602 _____ () C:\Windows\system32\perfc007.dat
2014-05-24 22:21 - 2009-07-14 07:13 - 01594156 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-24 22:08 - 2014-05-24 22:08 - 06098116 _____ () C:\Users\Snippah#\Downloads\paint.net.4.0.5226.41987.install.zip
2014-05-24 22:08 - 2014-05-24 22:08 - 00000000 ____D () C:\Users\Snippah#\Downloads\paint.net.4.0.5226.41987.install
2014-05-24 21:29 - 2014-05-03 00:30 - 00000000 ____D () C:\Users\Snippah#\Desktop\magix fertig
2014-05-24 21:16 - 2014-05-24 21:16 - 00045579 _____ () C:\Users\Snippah#\Downloads\Beep_1sec.zip
2014-05-24 21:16 - 2014-05-24 21:16 - 00000000 ____D () C:\Users\Snippah#\Downloads\Beep_1sec
2014-05-24 11:00 - 2014-05-24 10:41 - 00000000 ____D () C:\Qoobox
2014-05-24 11:00 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-24 10:59 - 2014-05-24 10:59 - 00028849 _____ () C:\ComboFix.txt
2014-05-24 10:59 - 2014-04-14 20:42 - 00000000 ____D () C:\Users\Snippah
2014-05-24 10:58 - 2014-05-24 10:41 - 00000000 ____D () C:\Windows\erdnt
2014-05-24 10:56 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-24 10:51 - 2014-03-08 16:55 - 00000000 ____D () C:\Windows\SysWOW64\C2MP
2014-05-24 10:51 - 2014-02-27 22:51 - 00000000 ____D () C:\Users\Snippah#
2014-05-24 10:39 - 2014-05-24 10:39 - 05200426 ____R (Swearware) C:\Users\Snippah#\Desktop\ComboFix.exe
2014-05-24 09:54 - 2014-02-27 17:35 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Spotify
2014-05-23 18:16 - 2014-05-23 18:16 - 12814576 _____ (BlueStack Systems Inc.) C:\Users\Snippah#\Downloads\BlueStacks-SplitInstaller_native.exe
2014-05-23 18:16 - 2014-05-23 18:16 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Bluestacks
2014-05-22 17:10 - 2014-05-22 17:10 - 00002008 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-22 17:10 - 2014-05-22 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-22 17:09 - 2014-05-22 17:09 - 00004088 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-22 17:09 - 2014-05-22 17:09 - 00003836 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-22 17:08 - 2014-05-22 17:08 - 39809104 _____ (Google Inc.) C:\Users\Snippah#\Downloads\ChromeStandaloneSetup_35.0.1916.114.exe
2014-05-22 16:57 - 2014-05-22 16:57 - 00000942 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-05-22 16:57 - 2014-05-22 16:57 - 00000000 ____D () E:\PROGRAMS\WinZip Malware Protector
2014-05-22 16:57 - 2014-05-22 16:57 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Nico Mak Computing
2014-05-22 16:57 - 2014-05-22 16:57 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-05-22 16:57 - 2014-05-22 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-05-22 16:54 - 2014-05-22 16:53 - 00030717 _____ () C:\Users\Snippah#\Downloads\Addition.txt
2014-05-22 16:47 - 2014-04-06 20:40 - 00000000 ____D () E:\PROGRAMS\Mozilla Firefox
2014-05-22 00:27 - 2014-05-21 22:55 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\CrashDumps
2014-05-22 00:14 - 2014-03-04 02:36 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Paint.NET
2014-05-21 22:54 - 2014-05-17 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Half-Life 2 Riot Act
2014-05-21 22:54 - 2014-05-03 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-05-21 22:42 - 2014-05-13 15:17 - 00000029 _____ () C:\ProgramData\yiasfxw.dat
2014-05-21 22:32 - 2014-05-21 22:32 - 00000948 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-20 15:38 - 2014-05-20 15:38 - 00000000 ____D () E:\PROGRAMS\Tor Browser
2014-05-20 15:02 - 2014-05-20 15:02 - 00045384 _____ () C:\Windows\SysWOW64\DiscHandler.exe
2014-05-19 19:26 - 2014-05-03 13:36 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\DVDVideoSoft
2014-05-19 19:25 - 2014-05-03 13:37 - 00000000 ____D () E:\PROGRAMS\DVDVideoSoft
2014-05-17 17:47 - 2014-05-03 13:37 - 00001973 _____ () C:\Users\Public\Desktop\Free YouTube Download.lnk
2014-05-17 15:45 - 2014-02-28 00:25 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-17 15:45 - 2014-02-28 00:25 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-17 15:45 - 2014-02-28 00:25 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-17 15:45 - 2014-02-28 00:25 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Adobe
2014-05-17 12:50 - 2014-05-17 12:50 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life 2 Riot Act
2014-05-17 12:09 - 2014-02-27 22:38 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-16 18:30 - 2014-05-16 18:30 - 01220772 _____ (pendrivelinux.com) C:\Users\Snippah#\Desktop\YUMI-2.0.0.4.exe
2014-05-15 18:51 - 2014-05-15 18:35 - 00004608 _____ () C:\Users\Snippah#\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-15 00:04 - 2014-05-15 00:32 - 2591555916 _____ () C:\Users\Snippah#\Desktop\EDITSIS.avi
2014-05-14 21:12 - 2014-05-14 21:12 - 00000000 ____D () E:\PROGRAMS\LogMeIn Hamachi
2014-05-14 21:12 - 2014-05-14 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-13 17:05 - 2014-05-13 17:05 - 04374528 _____ () C:\Windows\system32\ffdshow.ax
2014-05-13 17:05 - 2014-05-13 17:05 - 04009984 _____ () C:\Windows\system32\ffmpeg.dll
2014-05-13 17:05 - 2014-05-13 17:05 - 00474624 _____ () C:\Windows\system32\ff_kernelDeint.dll
2014-05-13 17:05 - 2014-05-13 17:05 - 00127488 _____ () C:\Windows\system32\ff_vfw.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 01532928 _____ () C:\Windows\system32\ff_samplerate.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00631296 _____ () C:\Windows\system32\TomsMoComp_ff.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00222720 _____ () C:\Windows\system32\ff_libdts.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00190464 _____ () C:\Windows\system32\libmpeg2_ff.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00183296 _____ () C:\Windows\system32\ff_unrar.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00156672 _____ () C:\Windows\system32\ff_libmad.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00116224 _____ () C:\Windows\system32\ff_liba52.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00114688 _____ () C:\Windows\system32\ff_wmv9.dll
2014-05-13 17:02 - 2014-05-13 17:02 - 03916288 _____ () C:\Windows\SysWOW64\ffmpeg.dll
2014-05-13 17:01 - 2014-05-13 17:01 - 03502592 _____ () C:\Windows\SysWOW64\ffdshow.ax
2014-05-13 17:01 - 2014-05-13 17:01 - 00271360 _____ () C:\Windows\SysWOW64\TomsMoComp_ff.dll
2014-05-13 17:01 - 2014-05-13 17:01 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 01525760 _____ () C:\Windows\SysWOW64\ff_samplerate.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00211968 _____ () C:\Windows\SysWOW64\ff_libdts.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00157184 _____ () C:\Windows\SysWOW64\ff_unrar.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00147456 _____ () C:\Windows\SysWOW64\ff_libmad.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00136704 _____ () C:\Windows\SysWOW64\libmpeg2_ff.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00114688 _____ () C:\Windows\SysWOW64\ff_liba52.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00099840 _____ () C:\Windows\SysWOW64\ff_wmv9.dll
2014-05-12 16:16 - 2014-04-28 16:02 - 00000918 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-12 16:16 - 2014-04-28 16:01 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-12 16:16 - 2014-04-10 20:58 - 00000000 ____D () E:\PROGRAMS\Avira
2014-05-12 16:16 - 2014-04-10 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-12 07:26 - 2014-05-25 14:20 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-25 14:20 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-25 14:20 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-10 23:33 - 2014-05-10 23:33 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Unity
2014-05-10 18:53 - 2014-05-10 18:53 - 00000000 ____D () C:\Users\Snippah#\Sources
2014-05-10 18:51 - 2014-05-10 18:53 - 00000057 _____ () C:\Users\Snippah#\start.bat
2014-05-10 18:37 - 2014-03-02 12:39 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Notepad++
2014-05-10 16:20 - 2014-05-10 16:20 - 00000000 ____D () E:\PROGRAMS\IrfanView
2014-05-10 16:20 - 2014-05-10 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-05-10 12:06 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-09 00:40 - 2014-05-09 00:40 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Terraria_Launcher
2014-05-09 00:39 - 2014-05-09 00:39 - 00001030 _____ () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameiki Mod Installer.lnk
2014-05-09 00:39 - 2014-05-09 00:39 - 00000000 ____D () E:\PROGRAMS\Gameiki
2014-05-08 18:38 - 2014-05-08 18:38 - 00000906 _____ () C:\Users\Snippah#\Desktop\Notepad++.lnk
2014-05-08 18:00 - 2014-05-08 18:00 - 00001752 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2014-05-08 18:00 - 2014-05-08 18:00 - 00001712 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2014-05-08 18:00 - 2014-05-08 18:00 - 00001697 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-05-08 18:00 - 2014-05-08 17:59 - 00000000 ____D () E:\PROGRAMS\JDownloader
2014-05-08 16:51 - 2014-03-14 19:27 - 00032768 _____ () C:\Users\Snippah#\Documents\EasyBCD Backup (2014-03-14).bcd
2014-05-08 16:19 - 2014-05-08 16:19 - 00000000 __RSH () C:\MSDOS.SYS
2014-05-08 16:19 - 2014-05-08 16:19 - 00000000 __RSH () C:\IO.SYS
2014-05-07 23:04 - 2014-02-27 22:51 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\VirtualStore
2014-05-07 21:04 - 2014-05-07 21:04 - 00002107 _____ () C:\Users\Snippah#\Desktop\Chrome OS (ChromiumOS Vanilla Build) - USB-Image - CHIP Downloader.lnk
2014-05-07 20:29 - 2014-05-07 20:29 - 00000808 _____ () C:\Users\Public\Desktop\EasyBCD 2.2.lnk
2014-05-07 20:29 - 2014-05-07 20:29 - 00000000 ____D () E:\PROGRAMS\EasyBCD
2014-05-05 17:56 - 2014-05-05 17:56 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-05 16:04 - 2014-05-05 15:57 - 00002614 _____ () C:\Windows\diagwrn.xml
2014-05-05 16:04 - 2014-05-05 15:57 - 00001890 _____ () C:\Windows\diagerr.xml
2014-05-03 00:31 - 2014-05-02 23:37 - 00208670 _____ () C:\Users\Snippah#\Documents\i hate all of you bitches.MVP
2014-05-01 18:02 - 2014-05-01 18:02 - 00428792 _____ (MPC-HC Team) C:\Windows\system32\cdxareader.ax
2014-05-01 17:56 - 2014-05-01 17:56 - 00368888 _____ (MPC-HC Team) C:\Windows\SysWOW64\cdxareader.ax
2014-04-27 23:51 - 2014-03-09 01:51 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\redsn0w
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () E:\PROGRAMS\iTunes
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () E:\PROGRAMS\iPod
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-27 23:50 - 2014-04-27 23:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-27 23:49 - 2014-03-01 20:47 - 00000000 ____D () C:\ProgramData\Apple
2014-04-27 18:26 - 2014-04-27 18:26 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\java

Files to move or delete:
====================
C:\Users\Snippah#\AppData\Roaming\CamLayout.ini
C:\Users\Snippah#\AppData\Roaming\CamShapes.ini
C:\ProgramData\yiasfxw.dat
C:\Users\Snippah#\start.bat


Some content of TEMP:
====================
C:\Users\Snippah#\AppData\Local\Temp\avgnt.exe
C:\Users\Snippah#\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5rlh3k.dll
C:\Users\Snippah#\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-20 19:24

==================== End Of Log ===========================

--- --- ---

schrauber · 28.05.2014, 11:07

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [ckzeom] => 0
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [yiasfxw] => 0

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Noch Probleme?

helpmenao · 30.05.2014, 16:26

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-05-2014 02
Ran by Snippah# at 2014-05-30 17:25:51 Run:1
Running from C:\Users\Snippah#\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [ckzeom] => 0
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [yiasfxw] => 0
         
*****************

HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ckzeom => Value deleted successfully.
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\Software\Microsoft\Windows\CurrentVersion\Run\\yiasfxw => Value deleted successfully.

==== End of Fixlog ====

schrauber · 31.05.2014, 15:14

meine Frage?

helpmenao · 31.07.2014, 20:21

immer wenn ich mit mbam scanne kommen die dateien wieder
sorry das ich nicht direkt geantwortet habe.
hier der mbam log:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 31.07.2014
Suchlauf-Zeit: 16:11:37
Logdatei: mbamlog.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.03.04.09
Rootkit Datenbank: v2014.02.20.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Snippah#

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 265261
Verstrichene Zeit: 12 Min, 40 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 1
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WOW6432NODE\InstallIQ, In Quarantäne, [7ecb4db2463475c1b785fc92bd45b64a], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 24
Trojan.Agent, e:\programs\\rhv\ati, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\images, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\reports, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\sda, In Quarantäne, [d376c6390773e452a3173e479f63639d], 
Trojan.Agent, e:\programs\\rhv\sda\sd formatter, In Quarantäne, [d376c6390773e452a3173e479f63639d], 
Trojan.Agent, e:\programs\\akv\ati, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\images, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\reports, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\sda, In Quarantäne, [87c2cc3398e294a2d0eb72137e849868], 
Trojan.Agent, e:\programs\\akv\sda\sd formatter, In Quarantäne, [87c2cc3398e294a2d0eb72137e849868], 
Trojan.Agent, e:\programs\\arh\ati, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\images, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\reports, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\sda, In Quarantäne, [59f06b94661440f616a6f88de71b6898], 
Trojan.Agent, e:\programs\\arh\sda\sd formatter, In Quarantäne, [59f06b94661440f616a6f88de71b6898], 

Dateien: 265
PUP.Optional.InstallIQ, C:\Users\Snippah#\Downloads\coretemp_d7632790_CB-DL-Manager [1].exe, In Quarantäne, [c9801fe06b0f52e4acc024388879ab55], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\installmanagerapp.exe, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\atdcm64a.sys, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\atilog.dll, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\atimanifestdlmext.dll, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\atisetup.exe, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\mfc110u.dll, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\microsoft.vc80.mfc.manifest, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\readme.rtf, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\bin64\setacl64.exe.manifest, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensecsy.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetenu.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\atiicdxx.msi, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\chipset.msi, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\dlmserver.cfg, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\eulachs.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\euladeu.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\eulaenu.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\installmanager.cfg, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\language.dat, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensechs.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensecht.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensedan.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensedeu.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licenseenu.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licenseesp.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensefin.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensefra.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licenseita.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensejpn.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensekor.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensenld.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensenor.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licenseplk.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licenseptb.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensesve.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\licensetha.txt, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\mmtablerev0.msi, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\mmtablerev1.msi, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\mmtablerev2.msi, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monet.ini, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetchs.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetcht.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetcsy.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetdan.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetdeu.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetesp.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetfin.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetfra.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetgrk.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monethng.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetita.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetjpn.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetkor.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetnld.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetnor.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetplk.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetptb.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetrsa.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monetsve.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monettha.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\monettrk.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\oem.dat, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\os.dat, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\osmajorminor.dat, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\osservicepacks.dat, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\packagesubtype.dat, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\packagetype.dat, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\security.dat, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\splash.bmp, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\tvtablerev1.msi, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\config\tvw_usb_id.msi, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\images\a.jpg, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\images\b.jpg, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\images\c.jpg, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\images\d.jpg, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\images\e.jpg, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\images\f.jpg, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\reports\report.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\reports\report.xml.2014_03_10_14.27.56.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\reports\report.xml.2014_03_10_14.27.59.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\reports\report.xml.2014_03_17_21.18.03.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\reports\report.xml.2014_03_17_21.21.42.xml, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\ati\cim\reports\report.xml.xsl, In Quarantäne, [014809f61565d85e5b5f562fd72b4ab6], 
Trojan.Agent, e:\programs\\rhv\sda\sd formatter\dll32nt.dll, In Quarantäne, [d376c6390773e452a3173e479f63639d], 
Trojan.Agent, e:\programs\\rhv\sda\sd formatter\sdformatter.exe, In Quarantäne, [d376c6390773e452a3173e479f63639d], 
Trojan.Agent, e:\programs\\rhv\sda\sd formatter\sdformatterchs.dll, In Quarantäne, [d376c6390773e452a3173e479f63639d], 
Trojan.Agent, e:\programs\\rhv\sda\sd formatter\sdformattercht.dll, In Quarantäne, [d376c6390773e452a3173e479f63639d], 
Trojan.Agent, e:\programs\\rhv\sda\sd formatter\sdformatterjpn.dll, In Quarantäne, [d376c6390773e452a3173e479f63639d], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\installmanagerapp.exe, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\atdcm64a.sys, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\atilog.dll, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\atimanifestdlmext.dll, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\atisetup.exe, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\mfc110u.dll, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\microsoft.vc80.mfc.manifest, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\readme.rtf, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\bin64\setacl64.exe.manifest, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensecsy.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetenu.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\atiicdxx.msi, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\chipset.msi, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\dlmserver.cfg, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\eulachs.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\euladeu.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\eulaenu.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\installmanager.cfg, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\language.dat, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensechs.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensecht.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensedan.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensedeu.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licenseenu.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licenseesp.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensefin.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensefra.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licenseita.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensejpn.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensekor.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensenld.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensenor.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licenseplk.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licenseptb.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensesve.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\licensetha.txt, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\mmtablerev0.msi, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\mmtablerev1.msi, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\mmtablerev2.msi, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monet.ini, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetchs.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetcht.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetcsy.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetdan.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetdeu.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetesp.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetfin.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetfra.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetgrk.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monethng.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetita.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetjpn.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetkor.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetnld.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetnor.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetplk.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetptb.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetrsa.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monetsve.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monettha.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\monettrk.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\oem.dat, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\os.dat, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\osmajorminor.dat, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\osservicepacks.dat, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\packagesubtype.dat, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\packagetype.dat, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\security.dat, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\splash.bmp, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\tvtablerev1.msi, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\config\tvw_usb_id.msi, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\images\a.jpg, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\images\b.jpg, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\images\c.jpg, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\images\d.jpg, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\images\e.jpg, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\images\f.jpg, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\reports\report.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\reports\report.xml.2014_03_10_14.27.56.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\reports\report.xml.2014_03_10_14.27.59.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\reports\report.xml.2014_03_17_21.18.03.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\reports\report.xml.2014_03_17_21.21.42.xml, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\ati\cim\reports\report.xml.xsl, In Quarantäne, [1138d32c17637cba9a21384da75b16ea], 
Trojan.Agent, e:\programs\\akv\sda\sd formatter\dll32nt.dll, In Quarantäne, [87c2cc3398e294a2d0eb72137e849868], 
Trojan.Agent, e:\programs\\akv\sda\sd formatter\sdformatter.exe, In Quarantäne, [87c2cc3398e294a2d0eb72137e849868], 
Trojan.Agent, e:\programs\\akv\sda\sd formatter\sdformatterchs.dll, In Quarantäne, [87c2cc3398e294a2d0eb72137e849868], 
Trojan.Agent, e:\programs\\akv\sda\sd formatter\sdformattercht.dll, In Quarantäne, [87c2cc3398e294a2d0eb72137e849868], 
Trojan.Agent, e:\programs\\akv\sda\sd formatter\sdformatterjpn.dll, In Quarantäne, [87c2cc3398e294a2d0eb72137e849868], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\installmanagerapp.exe, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\atdcm64a.sys, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\atilog.dll, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\atimanifestdlmext.dll, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\atisetup.exe, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\mfc110u.dll, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\microsoft.vc80.mfc.manifest, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\readme.rtf, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\bin64\setacl64.exe.manifest, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensecsy.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetenu.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\atiicdxx.msi, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\chipset.msi, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\dlmserver.cfg, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\eulachs.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\euladeu.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\eulaenu.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\installmanager.cfg, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\language.dat, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensechs.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensecht.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensedan.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensedeu.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licenseenu.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licenseesp.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensefin.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensefra.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licenseita.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensejpn.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensekor.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensenld.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensenor.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licenseplk.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licenseptb.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensesve.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\licensetha.txt, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\mmtablerev0.msi, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\mmtablerev1.msi, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\mmtablerev2.msi, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monet.ini, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetchs.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetcht.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetcsy.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetdan.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetdeu.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetesp.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetfin.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetfra.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetgrk.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monethng.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetita.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetjpn.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetkor.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetnld.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetnor.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetplk.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetptb.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetrsa.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monetsve.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monettha.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\monettrk.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\oem.dat, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\os.dat, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\osmajorminor.dat, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\osservicepacks.dat, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\packagesubtype.dat, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\packagetype.dat, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\security.dat, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\splash.bmp, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\tvtablerev1.msi, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\config\tvw_usb_id.msi, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\images\a.jpg, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\images\b.jpg, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\images\c.jpg, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\images\d.jpg, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\images\e.jpg, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\images\f.jpg, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\reports\report.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\reports\report.xml.2014_03_10_14.27.56.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\reports\report.xml.2014_03_10_14.27.59.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\reports\report.xml.2014_03_17_21.18.03.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\reports\report.xml.2014_03_17_21.21.42.xml, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\ati\cim\reports\report.xml.xsl, In Quarantäne, [1e2b6798f9812a0c06b6632215edb749], 
Trojan.Agent, e:\programs\\arh\sda\sd formatter\dll32nt.dll, In Quarantäne, [59f06b94661440f616a6f88de71b6898], 
Trojan.Agent, e:\programs\\arh\sda\sd formatter\sdformatter.exe, In Quarantäne, [59f06b94661440f616a6f88de71b6898], 
Trojan.Agent, e:\programs\\arh\sda\sd formatter\sdformatterchs.dll, In Quarantäne, [59f06b94661440f616a6f88de71b6898], 
Trojan.Agent, e:\programs\\arh\sda\sd formatter\sdformattercht.dll, In Quarantäne, [59f06b94661440f616a6f88de71b6898], 
Trojan.Agent, e:\programs\\arh\sda\sd formatter\sdformatterjpn.dll, In Quarantäne, [59f06b94661440f616a6f88de71b6898], 

Physische Sektoren: 0
(No malicious items detected)


(end)

danke im voraus

ich bin grad noch mit adw cleaner drüber gelaufen
hier der log:

Code:

ATTFilter

# AdwCleaner v3.302 - Bericht erstellt am 31/07/2014 um 16:51:39
# Aktualisiert 30/07/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Snippah# - SNIPPAH-PC
# Gestartet von : C:\Users\Snippah#\Desktop\adwcleaner_3.302.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\NCH Software
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
Ordner Gelöscht : E:\PROGRAMS\\NCH Software
Ordner Gelöscht : E:\PROGRAMS\\WinZip Malware Protector
Ordner Gelöscht : C:\Users\Snippah#\AppData\Roaming\NCH Software

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Browser ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\Snippah#\AppData\Roaming\Mozilla\Firefox\Profiles\wwxr4ze2.default\prefs.js ]


-\\ Google Chrome v36.0.1985.125

[ Datei : C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
Gelöscht [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp

*************************

AdwCleaner[R0].txt - [2457 octets] - [25/05/2014 15:05:06]
AdwCleaner[R1].txt - [2708 octets] - [31/07/2014 16:50:17]
AdwCleaner[S0].txt - [2541 octets] - [25/05/2014 15:07:28]
AdwCleaner[S1].txt - [2544 octets] - [31/07/2014 16:51:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2604 octets] ##########

beim hochfahren öffnet sich ausserdem chrome immer automatisch, selbst nach dem scan

hallo,ich mhab mit avira einen scan gemacht
hier der log:

Code:

ATTFilter

Avira Free Antivirus
Erstellungsdatum der Reportdatei: Donnerstag, 31. Juli 2014  17:04


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira Antivirus Free
Seriennummer   : 0000149996-AVHOE-0000001
Plattform      : Windows 7 Professional
Windowsversion : (Service Pack 1)  [6.1.7601]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : SNIPPAH-PC

Versionsinformationen:
BUILD.DAT      : 14.0.5.464     91868 Bytes  02.07.2014 13:06:00
AVSCAN.EXE     : 14.0.5.396   1042512 Bytes  01.07.2014 13:20:00
AVSCANRC.DLL   : 14.0.5.364     62544 Bytes  01.07.2014 13:20:00
LUKE.DLL       : 14.0.5.336     57936 Bytes  01.07.2014 13:20:09
AVSCPLR.DLL    : 14.0.5.376     89680 Bytes  01.07.2014 13:20:00
AVREG.DLL      : 14.0.5.356    261200 Bytes  01.07.2014 13:19:59
avlode.dll     : 14.0.5.396    588368 Bytes  01.07.2014 13:19:59
avlode.rdf     : 14.0.4.42      65114 Bytes  26.07.2014 17:01:45
XBV00008.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00009.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00010.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00011.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00012.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00013.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00014.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00015.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00016.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00017.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00018.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00019.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00020.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00021.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00022.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00023.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00024.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00025.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00026.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00027.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00028.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00029.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00030.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00031.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00032.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00033.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:17
XBV00034.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:18
XBV00035.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:18
XBV00036.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:18
XBV00037.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:18
XBV00038.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:18
XBV00039.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:18
XBV00040.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:18
XBV00041.VDF   : 8.11.153.142     2048 Bytes  06.06.2014 13:27:18
XBV00223.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:09
XBV00224.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:09
XBV00225.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:09
XBV00226.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:09
XBV00227.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:09
XBV00228.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:09
XBV00229.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:09
XBV00230.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:10
XBV00231.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:10
XBV00232.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:10
XBV00233.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:10
XBV00234.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:10
XBV00235.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:10
XBV00236.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:10
XBV00237.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:10
XBV00238.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:10
XBV00239.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:10
XBV00240.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:10
XBV00241.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:10
XBV00242.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:11
XBV00243.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:11
XBV00244.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:11
XBV00245.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:11
XBV00246.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:11
XBV00247.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:11
XBV00248.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:11
XBV00249.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:11
XBV00250.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:11
XBV00251.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:11
XBV00252.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:11
XBV00253.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:11
XBV00254.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:11
XBV00255.VDF   : 8.11.159.102     2048 Bytes  08.07.2014 17:02:12
XBV00000.VDF   : 7.11.70.0   66736640 Bytes  04.04.2013 09:41:06
XBV00001.VDF   : 7.11.74.226  2201600 Bytes  30.04.2013 09:41:06
XBV00002.VDF   : 7.11.80.60   2751488 Bytes  28.05.2013 09:41:06
XBV00003.VDF   : 7.11.85.214  2162688 Bytes  21.06.2013 09:41:06
XBV00004.VDF   : 7.11.91.176  3903488 Bytes  23.07.2013 09:41:06
XBV00005.VDF   : 7.11.98.186  6822912 Bytes  29.08.2013 09:41:06
XBV00006.VDF   : 7.11.139.38 15708672 Bytes  27.03.2014 13:19:49
XBV00007.VDF   : 7.11.152.100  4193792 Bytes  02.06.2014 16:13:27
XBV00042.VDF   : 8.11.153.142   710656 Bytes  06.06.2014 13:27:18
XBV00043.VDF   : 8.11.155.44  1013760 Bytes  16.06.2014 13:27:19
XBV00044.VDF   : 8.11.159.102  1662976 Bytes  08.07.2014 17:01:49
XBV00045.VDF   : 8.11.159.104    13824 Bytes  08.07.2014 17:01:49
XBV00046.VDF   : 8.11.159.108    13312 Bytes  08.07.2014 17:01:49
XBV00047.VDF   : 8.11.159.112    30720 Bytes  09.07.2014 17:01:49
XBV00048.VDF   : 8.11.159.114     6144 Bytes  09.07.2014 17:01:49
XBV00049.VDF   : 8.11.159.116    10240 Bytes  09.07.2014 17:01:49
XBV00050.VDF   : 8.11.159.118     5632 Bytes  09.07.2014 17:01:49
XBV00051.VDF   : 8.11.159.122     7168 Bytes  09.07.2014 17:01:49
XBV00052.VDF   : 8.11.159.126   180736 Bytes  09.07.2014 17:01:49
XBV00053.VDF   : 8.11.159.148   174080 Bytes  09.07.2014 17:01:50
XBV00054.VDF   : 8.11.159.168     2560 Bytes  09.07.2014 17:01:50
XBV00055.VDF   : 8.11.159.188    15360 Bytes  09.07.2014 17:01:50
XBV00056.VDF   : 8.11.159.210    25600 Bytes  09.07.2014 17:01:50
XBV00057.VDF   : 8.11.159.212     7168 Bytes  09.07.2014 17:01:50
XBV00058.VDF   : 8.11.159.218    27648 Bytes  10.07.2014 17:01:50
XBV00059.VDF   : 8.11.159.220     2048 Bytes  10.07.2014 17:01:50
XBV00060.VDF   : 8.11.159.222    29696 Bytes  10.07.2014 17:01:50
XBV00061.VDF   : 8.11.159.224   167936 Bytes  10.07.2014 17:01:50
XBV00062.VDF   : 8.11.159.226    35328 Bytes  10.07.2014 17:01:50
XBV00063.VDF   : 8.11.159.230   186368 Bytes  10.07.2014 17:01:51
XBV00064.VDF   : 8.11.159.250    16896 Bytes  10.07.2014 17:01:51
XBV00065.VDF   : 8.11.159.252     2048 Bytes  10.07.2014 17:01:51
XBV00066.VDF   : 8.11.160.16     6144 Bytes  10.07.2014 17:01:51
XBV00067.VDF   : 8.11.160.40    17408 Bytes  10.07.2014 17:01:51
XBV00068.VDF   : 8.11.160.42     2048 Bytes  11.07.2014 17:01:51
XBV00069.VDF   : 8.11.160.46   179200 Bytes  11.07.2014 17:01:51
XBV00070.VDF   : 8.11.160.48   203264 Bytes  11.07.2014 17:01:51
XBV00071.VDF   : 8.11.160.50     6144 Bytes  11.07.2014 17:01:51
XBV00072.VDF   : 8.11.160.52     2048 Bytes  11.07.2014 17:01:51
XBV00073.VDF   : 8.11.160.54     2048 Bytes  11.07.2014 17:01:51
XBV00074.VDF   : 8.11.160.58    22016 Bytes  11.07.2014 17:01:52
XBV00075.VDF   : 8.11.160.60     2048 Bytes  11.07.2014 17:01:52
XBV00076.VDF   : 8.11.160.62     8192 Bytes  11.07.2014 17:01:52
XBV00077.VDF   : 8.11.160.66   198656 Bytes  12.07.2014 17:01:52
XBV00078.VDF   : 8.11.160.68     7168 Bytes  12.07.2014 17:01:52
XBV00079.VDF   : 8.11.160.70    14848 Bytes  12.07.2014 17:01:52
XBV00080.VDF   : 8.11.160.72     7168 Bytes  12.07.2014 17:01:52
XBV00081.VDF   : 8.11.160.92    40448 Bytes  13.07.2014 17:01:52
XBV00082.VDF   : 8.11.160.112     2048 Bytes  13.07.2014 17:01:52
XBV00083.VDF   : 8.11.160.130   193024 Bytes  13.07.2014 17:01:53
XBV00084.VDF   : 8.11.160.132     2048 Bytes  13.07.2014 17:01:53
XBV00085.VDF   : 8.11.160.152    20480 Bytes  13.07.2014 17:01:53
XBV00086.VDF   : 8.11.160.154     2048 Bytes  13.07.2014 17:01:53
XBV00087.VDF   : 8.11.160.156    20992 Bytes  14.07.2014 17:01:53
XBV00088.VDF   : 8.11.160.158     2560 Bytes  14.07.2014 17:01:53
XBV00089.VDF   : 8.11.160.160    11264 Bytes  14.07.2014 17:01:53
XBV00090.VDF   : 8.11.160.162     2560 Bytes  14.07.2014 17:01:53
XBV00091.VDF   : 8.11.160.166    14336 Bytes  14.07.2014 17:01:53
XBV00092.VDF   : 8.11.160.168     5120 Bytes  14.07.2014 17:01:53
XBV00093.VDF   : 8.11.160.178     7168 Bytes  14.07.2014 17:01:53
XBV00094.VDF   : 8.11.160.180     2048 Bytes  14.07.2014 17:01:53
XBV00095.VDF   : 8.11.160.182     2048 Bytes  14.07.2014 17:01:53
XBV00096.VDF   : 8.11.160.188   256000 Bytes  14.07.2014 17:01:53
XBV00097.VDF   : 8.11.160.190     7680 Bytes  14.07.2014 17:01:54
XBV00098.VDF   : 8.11.160.194    18432 Bytes  15.07.2014 17:01:54
XBV00099.VDF   : 8.11.160.212   184832 Bytes  15.07.2014 17:01:54
XBV00100.VDF   : 8.11.160.230   289792 Bytes  15.07.2014 17:01:54
XBV00101.VDF   : 8.11.160.232     2048 Bytes  15.07.2014 17:01:54
XBV00102.VDF   : 8.11.160.234   176128 Bytes  15.07.2014 17:01:55
XBV00103.VDF   : 8.11.160.254    18432 Bytes  15.07.2014 17:01:55
XBV00104.VDF   : 8.11.161.16     6144 Bytes  16.07.2014 17:01:55
XBV00105.VDF   : 8.11.161.32     2048 Bytes  16.07.2014 17:01:55
XBV00106.VDF   : 8.11.161.34     2048 Bytes  16.07.2014 17:01:55
XBV00107.VDF   : 8.11.161.52    26624 Bytes  16.07.2014 17:01:55
XBV00108.VDF   : 8.11.161.68   184832 Bytes  16.07.2014 17:01:55
XBV00109.VDF   : 8.11.161.84     2048 Bytes  16.07.2014 17:01:55
XBV00110.VDF   : 8.11.162.2      2560 Bytes  16.07.2014 17:01:55
XBV00111.VDF   : 8.11.162.6     16896 Bytes  16.07.2014 17:01:55
XBV00112.VDF   : 8.11.162.8     24064 Bytes  16.07.2014 17:01:55
XBV00113.VDF   : 8.11.162.10     2560 Bytes  16.07.2014 17:01:55
XBV00114.VDF   : 8.11.162.14    41472 Bytes  17.07.2014 17:01:56
XBV00115.VDF   : 8.11.162.16     2048 Bytes  17.07.2014 17:01:56
XBV00116.VDF   : 8.11.162.18   215040 Bytes  17.07.2014 17:01:56
XBV00117.VDF   : 8.11.162.22   184320 Bytes  17.07.2014 17:01:56
XBV00118.VDF   : 8.11.162.40   258048 Bytes  17.07.2014 17:01:56
XBV00119.VDF   : 8.11.162.42     3584 Bytes  17.07.2014 17:01:56
XBV00120.VDF   : 8.11.162.58     3072 Bytes  17.07.2014 17:01:56
XBV00121.VDF   : 8.11.162.78     2048 Bytes  17.07.2014 17:01:57
XBV00122.VDF   : 8.11.162.94     2048 Bytes  17.07.2014 17:01:57
XBV00123.VDF   : 8.11.162.110    35840 Bytes  17.07.2014 17:01:57
XBV00124.VDF   : 8.11.162.112     2048 Bytes  18.07.2014 17:01:57
XBV00125.VDF   : 8.11.162.130    23040 Bytes  18.07.2014 17:01:57
XBV00126.VDF   : 8.11.162.134   184320 Bytes  18.07.2014 17:01:57
XBV00127.VDF   : 8.11.162.136     2048 Bytes  18.07.2014 17:01:57
XBV00128.VDF   : 8.11.162.152   231424 Bytes  18.07.2014 17:01:57
XBV00129.VDF   : 8.11.162.154     2048 Bytes  18.07.2014 17:01:58
XBV00130.VDF   : 8.11.162.170   108032 Bytes  18.07.2014 17:01:58
XBV00131.VDF   : 8.11.162.172     9728 Bytes  18.07.2014 17:01:58
XBV00132.VDF   : 8.11.162.174     2048 Bytes  18.07.2014 17:01:58
XBV00133.VDF   : 8.11.162.188    20992 Bytes  18.07.2014 17:01:58
XBV00134.VDF   : 8.11.162.192     2048 Bytes  18.07.2014 17:01:58
XBV00135.VDF   : 8.11.162.194     2048 Bytes  18.07.2014 17:01:58
XBV00136.VDF   : 8.11.162.200    19968 Bytes  18.07.2014 17:01:59
XBV00137.VDF   : 8.11.162.204     2048 Bytes  18.07.2014 17:01:59
XBV00138.VDF   : 8.11.162.212     2048 Bytes  18.07.2014 17:01:59
XBV00139.VDF   : 8.11.162.228   227840 Bytes  19.07.2014 17:01:59
XBV00140.VDF   : 8.11.162.244     2048 Bytes  19.07.2014 17:01:59
XBV00141.VDF   : 8.11.163.2     31232 Bytes  19.07.2014 17:02:00
XBV00142.VDF   : 8.11.163.16    62464 Bytes  20.07.2014 17:02:00
XBV00143.VDF   : 8.11.163.20   202752 Bytes  20.07.2014 17:02:00
XBV00144.VDF   : 8.11.163.22     2048 Bytes  20.07.2014 17:02:00
XBV00145.VDF   : 8.11.163.26    50176 Bytes  21.07.2014 17:02:00
XBV00146.VDF   : 8.11.163.28    23040 Bytes  21.07.2014 17:02:00
XBV00147.VDF   : 8.11.163.42     6144 Bytes  21.07.2014 17:02:00
XBV00148.VDF   : 8.11.163.44     2560 Bytes  21.07.2014 17:02:00
XBV00149.VDF   : 8.11.163.56     5120 Bytes  21.07.2014 17:02:00
XBV00150.VDF   : 8.11.163.68     8192 Bytes  21.07.2014 17:02:00
XBV00151.VDF   : 8.11.163.74   213504 Bytes  21.07.2014 17:02:01
XBV00152.VDF   : 8.11.163.78    22528 Bytes  22.07.2014 17:02:01
XBV00153.VDF   : 8.11.163.82     2560 Bytes  22.07.2014 17:02:01
XBV00154.VDF   : 8.11.163.84   181248 Bytes  22.07.2014 17:02:01
XBV00155.VDF   : 8.11.163.86     9728 Bytes  22.07.2014 17:02:01
XBV00156.VDF   : 8.11.163.92     2560 Bytes  22.07.2014 17:02:01
XBV00157.VDF   : 8.11.163.98   230400 Bytes  22.07.2014 17:02:01
XBV00158.VDF   : 8.11.163.100     2048 Bytes  22.07.2014 17:02:01
XBV00159.VDF   : 8.11.163.102     2048 Bytes  22.07.2014 17:02:01
XBV00160.VDF   : 8.11.163.108    22528 Bytes  22.07.2014 17:02:01
XBV00161.VDF   : 8.11.163.112    17920 Bytes  22.07.2014 17:02:01
XBV00162.VDF   : 8.11.163.116     2048 Bytes  23.07.2014 17:02:02
XBV00163.VDF   : 8.11.163.130   194048 Bytes  23.07.2014 17:02:02
XBV00164.VDF   : 8.11.163.142    20992 Bytes  23.07.2014 17:02:02
XBV00165.VDF   : 8.11.163.154    11776 Bytes  23.07.2014 17:02:02
XBV00166.VDF   : 8.11.163.158    17920 Bytes  23.07.2014 17:02:02
XBV00167.VDF   : 8.11.163.164     2048 Bytes  23.07.2014 17:02:02
XBV00168.VDF   : 8.11.163.170    14848 Bytes  23.07.2014 17:02:03
XBV00169.VDF   : 8.11.163.174   193024 Bytes  23.07.2014 17:02:03
XBV00170.VDF   : 8.11.163.176     3072 Bytes  23.07.2014 17:02:03
XBV00171.VDF   : 8.11.163.178     3072 Bytes  23.07.2014 17:02:03
XBV00172.VDF   : 8.11.163.184   199168 Bytes  24.07.2014 17:02:03
XBV00173.VDF   : 8.11.163.186   421376 Bytes  24.07.2014 17:02:04
XBV00174.VDF   : 8.11.163.198     2048 Bytes  24.07.2014 17:02:04
XBV00175.VDF   : 8.11.163.200     2048 Bytes  24.07.2014 17:02:04
XBV00176.VDF   : 8.11.163.212   212992 Bytes  24.07.2014 17:02:04
XBV00177.VDF   : 8.11.163.222    34816 Bytes  24.07.2014 17:02:04
XBV00178.VDF   : 8.11.163.226     2048 Bytes  24.07.2014 17:02:04
XBV00179.VDF   : 8.11.163.230    21504 Bytes  24.07.2014 17:02:04
XBV00180.VDF   : 8.11.163.234    18944 Bytes  25.07.2014 17:02:05
XBV00181.VDF   : 8.11.163.236     6656 Bytes  25.07.2014 17:02:05
XBV00182.VDF   : 8.11.163.238     2048 Bytes  25.07.2014 17:02:05
XBV00183.VDF   : 8.11.163.240   198144 Bytes  25.07.2014 17:02:05
XBV00184.VDF   : 8.11.163.244    38400 Bytes  25.07.2014 17:02:05
XBV00185.VDF   : 8.11.163.246     2048 Bytes  25.07.2014 17:02:05
XBV00186.VDF   : 8.11.163.248     6144 Bytes  25.07.2014 17:02:05
XBV00187.VDF   : 8.11.163.252    11776 Bytes  25.07.2014 17:02:05
XBV00188.VDF   : 8.11.163.254     2048 Bytes  25.07.2014 17:02:05
XBV00189.VDF   : 8.11.164.2      2048 Bytes  26.07.2014 17:02:05
XBV00190.VDF   : 8.11.164.6      5120 Bytes  26.07.2014 17:02:06
XBV00191.VDF   : 8.11.164.8      2048 Bytes  26.07.2014 17:02:06
XBV00192.VDF   : 8.11.164.20    32768 Bytes  26.07.2014 22:58:38
XBV00193.VDF   : 8.11.164.30     2048 Bytes  26.07.2014 22:58:38
XBV00194.VDF   : 8.11.164.42    37376 Bytes  27.07.2014 10:58:38
XBV00195.VDF   : 8.11.164.52     5632 Bytes  27.07.2014 16:59:17
XBV00196.VDF   : 8.11.164.54    40960 Bytes  28.07.2014 10:59:15
XBV00197.VDF   : 8.11.164.56     2048 Bytes  28.07.2014 10:59:15
XBV00198.VDF   : 8.11.164.58     4096 Bytes  28.07.2014 10:59:15
XBV00199.VDF   : 8.11.164.60     4608 Bytes  28.07.2014 10:59:15
XBV00200.VDF   : 8.11.164.62    17920 Bytes  28.07.2014 16:58:50
XBV00201.VDF   : 8.11.164.66     2048 Bytes  28.07.2014 16:58:50
XBV00202.VDF   : 8.11.164.74   206848 Bytes  28.07.2014 22:58:56
XBV00203.VDF   : 8.11.164.76   191488 Bytes  28.07.2014 22:58:59
XBV00204.VDF   : 8.11.164.78     2048 Bytes  28.07.2014 22:58:59
XBV00205.VDF   : 8.11.164.82     7168 Bytes  28.07.2014 22:59:00
XBV00206.VDF   : 8.11.164.86     9216 Bytes  29.07.2014 10:58:43
XBV00207.VDF   : 8.11.164.88   218112 Bytes  29.07.2014 16:59:33
XBV00208.VDF   : 8.11.164.98     7168 Bytes  29.07.2014 16:59:33
XBV00209.VDF   : 8.11.164.106     2048 Bytes  29.07.2014 16:59:33
XBV00210.VDF   : 8.11.164.116    90112 Bytes  29.07.2014 22:59:07
XBV00211.VDF   : 8.11.164.128   197120 Bytes  29.07.2014 22:59:08
XBV00212.VDF   : 8.11.164.138     5632 Bytes  29.07.2014 06:48:53
XBV00213.VDF   : 8.11.164.142     9728 Bytes  30.07.2014 06:48:53
XBV00214.VDF   : 8.11.164.144   199680 Bytes  30.07.2014 06:48:54
XBV00215.VDF   : 8.11.164.146   206848 Bytes  30.07.2014 14:52:51
XBV00216.VDF   : 8.11.164.148     4096 Bytes  30.07.2014 14:52:51
XBV00217.VDF   : 8.11.164.150    39936 Bytes  30.07.2014 14:52:51
XBV00218.VDF   : 8.11.164.156   220160 Bytes  30.07.2014 14:58:33
XBV00219.VDF   : 8.11.164.164    16896 Bytes  31.07.2014 14:58:33
XBV00220.VDF   : 8.11.164.172     6144 Bytes  31.07.2014 14:58:33
XBV00221.VDF   : 8.11.164.188   218624 Bytes  31.07.2014 14:58:33
XBV00222.VDF   : 8.11.164.196     2048 Bytes  31.07.2014 14:58:33
LOCAL000.VDF   : 8.11.164.196 109292032 Bytes  31.07.2014 14:58:46
Engineversion  : 8.3.22.14 
AEVDF.DLL      : 8.3.0.4       118976 Bytes  11.04.2014 13:19:09
AESCRIPT.DLL   : 8.2.0.12      426184 Bytes  26.07.2014 17:01:45
AESCN.DLL      : 8.3.2.2       139456 Bytes  26.07.2014 17:01:45
AESBX.DLL      : 8.2.20.24    1409224 Bytes  08.05.2014 15:02:14
AERDL.DLL      : 8.2.0.138     704888 Bytes  25.02.2014 09:41:04
AEPACK.DLL     : 8.4.0.46      786632 Bytes  28.07.2014 16:58:49
AEOFFICE.DLL   : 8.3.0.16      213192 Bytes  28.07.2014 16:58:49
AEHEUR.DLL     : 8.1.4.1188   7332040 Bytes  28.07.2014 16:58:49
AEHELP.DLL     : 8.3.1.0       278728 Bytes  28.05.2014 17:07:34
AEGEN.DLL      : 8.1.7.28      450752 Bytes  06.06.2014 13:27:15
AEEXP.DLL      : 8.4.2.6       237760 Bytes  27.06.2014 13:49:20
AEEMU.DLL      : 8.1.3.2       393587 Bytes  25.02.2014 09:41:04
AEDROID.DLL    : 8.4.2.24      442568 Bytes  04.06.2014 13:24:26
AECORE.DLL     : 8.3.2.2       241864 Bytes  26.07.2014 17:01:41
AEBB.DLL       : 8.1.1.4        53619 Bytes  25.02.2014 09:41:04
AVWINLL.DLL    : 14.0.5.320     24144 Bytes  01.07.2014 13:19:56
AVPREF.DLL     : 14.0.5.320     50256 Bytes  01.07.2014 13:19:59
AVREP.DLL      : 14.0.5.320    219216 Bytes  01.07.2014 13:19:59
AVARKT.DLL     : 14.0.5.368    226384 Bytes  01.07.2014 13:19:56
AVEVTLOG.DLL   : 14.0.5.320    182352 Bytes  01.07.2014 13:19:58
SQLITE3.DLL    : 14.0.5.320    452176 Bytes  01.07.2014 13:20:12
AVSMTP.DLL     : 14.0.5.320     76368 Bytes  01.07.2014 13:20:00
NETNT.DLL      : 14.0.5.320     13392 Bytes  01.07.2014 13:20:09
RCIMAGE.DLL    : 14.0.5.320   4998224 Bytes  01.07.2014 13:19:56
RCTEXT.DLL     : 14.0.5.322     73808 Bytes  01.07.2014 13:19:56

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: E:\PROGRAMS\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, E:, H:, 
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Donnerstag, 31. Juli 2014  17:04

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD1(C:, E:)'
    [INFO]      Es wurde kein Virus gefunden!
Bootsektor 'HDD2(D:)'
    [INFO]      Es wurde kein Virus gefunden!
Bootsektor 'HDD0(H:)'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '111' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '160' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'Fuel.Service.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '113' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvNetworkService.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtlService.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'TeamViewer_Service.exe' - '86' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.ServiceHost.exe' - '122' Modul(e) wurden durchsucht
Durchsuche Prozess 'hamachi-2.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMIGuardianSvc.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '165' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtWlan.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvBackend.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'asrRd.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'spotify.exe' - '118' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'Skype.exe' - '140' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyWebHelper.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'Steam.exe' - '130' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'sidebar.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'UpdateChecker.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dropbox.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'Rainmeter.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'iTunesHelper.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'Gameiki Mod Installer.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'hamachi-2-ui.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.Systray.exe' - '128' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMIGuardianSvc.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'iPodService.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'steamwebhelper.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'FABS.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '170' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'MMLoadDrv.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyHelper.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyHelper.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyHelper.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyHelper.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'SteamService.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyHelper.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyHelper.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'PresentationFontCache.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'winamp.exe' - '162' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'wstreamripper.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbam.exe' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '146' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '112' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'javaw.exe' - '88' Modul(e) wurden durchsucht
Durchsuche Prozess 'javaw.exe' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '30' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
E:\PROGRAMS\SDA\SD Formatter\SDFormatter.exe
  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen

Die Registry wurde durchsucht ( '5274' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\'
Beginne mit der Suche in 'D:\' <MeeM>
Beginne mit der Suche in 'E:\' <Proggz>
E:\PROGRAMS\ATI\CIM\Bin64\atdcm64a.sys
  [FUND]      Ist das Trojanische Pferd TR/Drop.Softomat.AN
E:\PROGRAMS\ATI\CIM\Bin64\ATILog.dll
  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen
E:\PROGRAMS\ATI\CIM\Bin64\ATIManifestDLMExt.dll
  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen
E:\PROGRAMS\ATI\CIM\Bin64\ATISetup.exe
  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen
E:\PROGRAMS\SDA\SD Formatter\DLL32nt.dll
  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen
E:\PROGRAMS\SDA\SD Formatter\SDFormatter.exe
  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen
E:\PROGRAMS\SDA\SD Formatter\SDFormatterCHS.dll
  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen
E:\PROGRAMS\SDA\SD Formatter\SDFormatterCHT.dll
  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen
E:\PROGRAMS\SDA\SD Formatter\SDFormatterJPN.dll
  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen
Beginne mit der Suche in 'H:\' <ASR_RAM>

Beginne mit der Desinfektion:
Die Datei '\\?\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter\SDFormatter.lnk' wurde ins Quarantäneverzeichnis verschoben.
E:\PROGRAMS\SDA\SD Formatter\SDFormatterJPN.dll
  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '526a39ad.qua' verschoben!
E:\PROGRAMS\SDA\SD Formatter\SDFormatterCHT.dll
  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4afd160a.qua' verschoben!
E:\PROGRAMS\SDA\SD Formatter\SDFormatterCHS.dll
  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '18a24ce2.qua' verschoben!
E:\PROGRAMS\SDA\SD Formatter\DLL32nt.dll
  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '7e930328.qua' verschoben!
E:\PROGRAMS\ATI\CIM\Bin64\ATISetup.exe
  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '3b122e2e.qua' verschoben!
E:\PROGRAMS\ATI\CIM\Bin64\ATIManifestDLMExt.dll
  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '44091c4f.qua' verschoben!
E:\PROGRAMS\ATI\CIM\Bin64\ATILog.dll
  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '08b13005.qua' verschoben!
E:\PROGRAMS\ATI\CIM\Bin64\atdcm64a.sys
  [FUND]      Ist das Trojanische Pferd TR/Drop.Softomat.AN
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '74b47035.qua' verschoben!
E:\PROGRAMS\SDA\SD Formatter\SDFormatter.exe
  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '409864b3.qua' verschoben!


Ende des Suchlaufs: Donnerstag, 31. Juli 2014  21:19
Benötigte Zeit:  4:11:09 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

  66344 Verzeichnisse wurden überprüft
 4744486 Dateien wurden geprüft
     10 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      9 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 4744476 Dateien ohne Befall
  28451 Archive wurden durchsucht
      0 Warnungen
      9 Hinweise
 837375 Objekte wurden beim Rootkitscan durchsucht
      0 Versteckte Objekte wurden gefunden

sieht so aus als liegt das problem an diesem "tr/trash.gen"
hilfe?

schrauber · 01.08.2014, 17:51

frisches frst log bitte. Was is Laufwerk E:?

helpmenao · 01.08.2014, 20:00

E:\ ist die zweite partition der Boot-HDD (C:\)
hier der FRST log:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 02
Ran by Snippah# (administrator) on SNIPPAH-PC on 01-08-2014 20:56:41
Running from C:\Users\Snippah#\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek Semiconductor Corp.) E:\PROGRAMS\Realtek\USB Wireless LAN Utility\RtlService.exe
(TeamViewer GmbH) E:\Teamviewer\TeamViewer_Service.exe
(LogMeIn Inc.) E:\PROGRAMS\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) E:\PROGRAMS\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor Corp.) E:\PROGRAMS\Realtek\USB Wireless LAN Utility\RtWLan.exe
(ASRock) C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe
(Realtek Semiconductor) E:\PROGRAMS\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) E:\PROGRAMS\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) E:\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
(Dropbox, Inc.) C:\Users\Snippah#\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Microsoft Corporation) E:\PROGRAMS\Windows Media Player\wmpnetwk.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(LogMeIn Inc.) E:\PROGRAMS\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) E:\PROGRAMS\iPod\bin\iPodService.exe
(LogMeIn, Inc.) E:\PROGRAMS\LogMeIn Hamachi\LMIGuardianSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
(Microsoft Corporation) E:\PROGRAMS\Windows Media Player\wmplayer.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes Corporation) E:\PROGRAMS\ Malwarebytes Anti-Malware \mbam.exe
() E:\PROGRAMS\MSI Afterburner\MSIAfterburner.exe
() E:\PROGRAMS\RivaTuner Statistics Server\RTSS.exe
() E:\PROGRAMS\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
() E:\PROGRAMS\RivaTuner Statistics Server\EncoderServer.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\PROGRAMS\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [XFast LAN] => E:\Xfast lan\cFosSpeed.exe [1441152 2011-10-19] ()
HKLM\...\Run: [RTHDVCPL] => E:\PROGRAMS\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => E:\PROGRAMS\\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => E:\PROGRAMS\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-01] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => E:\PROGRAMS\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => E:\PROGRAMS\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1679360 2012-02-28] (Wondershare)
HKLM-x32\...\Run: [iTunesHelper] => E:\PROGRAMS\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [Gameiki] => E:\PROGRAMS\Gameiki\Gameiki Mod Installer\Gameiki Mod Installer.exe [358912 2014-02-23] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => E:\PROGRAMS\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira Systray] => E:\PROGRAMS\Avira\My Avira\Avira.OE.Systray.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2014-05-12] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [{9590977b-7b6f-467e-a11a-efa1fae804da}] => C:\ProgramData\Package Cache\{9590977b-7b6f-467e-a11a-efa1fae804da}\Avira.OE.Setup.Bundle.exe [678736 2014-08-01] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [Spotify] => C:\Users\Snippah#\AppData\Roaming\Spotify\Spotify.exe [6162488 2014-07-30] (Spotify Ltd)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [Spotify Web Helper] => C:\Users\Snippah#\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-30] (Spotify Ltd)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [Steam] => E:\Steam\steam.exe [1743552 2014-07-31] (Valve Corporation)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [EADM] => E:\PROGRAMS\Origin\Origin.exe [3595608 2014-07-26] (Electronic Arts)
HKU\S-1-5-21-2312074080-4073723537-3051129278-1000\...\Run: [NetLimiter] => E:\PROGRAMS\NetLimiter 3\NLClientApp.exe /tray
AppInit_DLLs-x32:  => "" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
Startup: C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Snippah#\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Snippah#\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Snippah#\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Snippah#\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Snippah#\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Snippah#\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Snippah#\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Snippah#\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.de
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-flv
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\PROGRAMS\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\PROGRAMS\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\PROGRAMS\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\PROGRAMS\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Users\Snippah#\AppData\Local\Microsoft\Windows Sidebar\Gadgets\skypegadget1.4.gadget\wrapper\Skype4COM.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Snippah#\AppData\Roaming\Mozilla\Firefox\Profiles\wwxr4ze2.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - E:\PROGRAMS\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - E:\PROGRAMS\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\PROGRAMS\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - E:\PROGRAMS\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - E:\PROGRAMS\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - E:\PROGRAMS\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - E:\PROGRAMS\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - E:\PROGRAMS\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - E:\PROGRAMS\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - E:\PROGRAMS\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - E:\PROGRAMS\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 - E:\PROGRAMS\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Snippah#\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: MD5 Reborned Hasher - C:\Users\Snippah#\AppData\Roaming\Mozilla\Firefox\Profiles\wwxr4ze2.default\Extensions\md5rehasher@phoneixs.es.xpi [2014-06-09]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF StartMenuInternet: FIREFOX.EXE - E:\PROGRAMS\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "https://www.google.de/", "hxxp://www.google.de/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - E:\PROGRAMS\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - E:\PROGRAMS\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - E:\PROGRAMS\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Free Studio) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_0\np_dvs_plugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - E:\PROGRAMS\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll No File
CHR Plugin: (Google Update) - E:\PROGRAMS\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.550.14) - E:\PROGRAMS\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U55) - E:\PROGRAMS\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - E:\PROGRAMS\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - E:\PROGRAMS\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - E:\PROGRAMS\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - E:\PROGRAMS\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Extension: (ProxFlow) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-05-10]
CHR Extension: (Bookmarks) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\adgbnjhpkfmgbidgbhdllmehfihlpoda [2014-04-12]
CHR Extension: (Google Docs) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-31]
CHR Extension: (Google Drive) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-27]
CHR Extension: (YouTube) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-27]
CHR Extension: (Adblock Plus) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-12]
CHR Extension: (Google-Suche) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-27]
CHR Extension: (Avira Browser Safety) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-04-12]
CHR Extension: (AdBlock) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-12]
CHR Extension: (Dropbox) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-04-12]
CHR Extension: (Google Wallet) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-27]
CHR Extension: (ProxPrice) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2014-05-14]
CHR Extension: (Google Mail) - C:\Users\Snippah#\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-27]
CHR StartMenuInternet: Google Chrome - E:\PROGRAMS\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-07-28] (Advanced Micro Devices, Inc.) [File not signed]
S2 AntiVirSchedulerService; E:\PROGRAMS\Avira\AntiVir Desktop\sched.exe [430160 2014-07-01] () [File not signed]
S2 AntiVirService; E:\PROGRAMS\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-01] () [File not signed]
S2 cFosSpeedS; E:\Xfast lan\spd.exe [395136 2011-10-19] () [File not signed]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S2 gupdate; E:\PROGRAMS\Google\Update\GoogleUpdate.exe [116648 2014-04-01] (Google Inc.)
S3 gupdatem; E:\PROGRAMS\Google\Update\GoogleUpdate.exe [116648 2014-04-01] (Google Inc.)
R2 Hamachi2Svc; E:\PROGRAMS\LogMeIn Hamachi\hamachi-2.exe [2544976 2014-07-21] (LogMeIn Inc.)
R3 iPod Service; E:\PROGRAMS\iPod\bin\iPodService.exe [641352 2014-02-21] (Apple Inc.)
S3 MozillaMaintenance; E:\PROGRAMS\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-05-07] (Mozilla Foundation)
R2 NvNetworkService; E:\PROGRAMS\\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; E:\PROGRAMS\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-05-30] ()
R2 RealtekCU; E:\PROGRAMS\Realtek\USB Wireless LAN Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [File not signed]
R2 Stereo Service; E:\PROGRAMS\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [411936 2014-07-02] (NVIDIA Corporation)
R2 TeamViewer9; E:\Teamviewer\TeamViewer_Service.exe [5037888 2014-07-02] (TeamViewer GmbH)
S2 Avira.OE.ServiceHost; "E:\PROGRAMS\Avira\My Avira\Avira.OE.ServiceHost.exe" [X]
S3 FirebirdServerMAGIXInstance; "C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 LoopBeMidi1; C:\Windows\System32\drivers\loopbe1.sys [13824 2011-04-09] (nerds.de) [File not signed]
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-01] (Malwarebytes Corporation)
R3 NvStreamKms; E:\PROGRAMS\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 RTCore64; E:\PROGRAMS\MSI Afterburner\RTCore64.sys [13480 2014-05-19] ()
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1525904 2013-11-07] (Realtek Semiconductor Corporation                           )
R3 teVirtualMIDI64; C:\Windows\System32\DRIVERS\teVirtualMIDI64.sys [30208 2012-08-16] (Tobias Erichsen)
S3 Tortilla; C:\Windows\System32\DRIVERS\tortilla.sys [14992 2014-04-06] ()
S3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2013-05-30] (Wondershare)
S3 ZD1211BU(WLAN); C:\Windows\System32\DRIVERS\zd1211Bu.sys [493440 2005-10-28] (ZyDAS Technology Corporation)
S3 ALSysIO; \??\C:\Users\Snippah#\AppData\Local\Temp\ALSysIO64.sys [X]
S2 AODDriver4.2.0; \??\E:\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
R3 ArdDrv; \??\C:\Windows\SysWOW64\Drivers\ArdDrv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S0 mqiyy; System32\drivers\xtvnyqgq.sys [X]
S3 MSICDSetup; \??\F:\CDriver64.sys [X]
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-01 20:56 - 2014-08-01 20:56 - 00023304 _____ () C:\Users\Snippah#\Desktop\FRST.txt
2014-08-01 20:55 - 2014-08-01 20:55 - 02094080 _____ (Farbar) C:\Users\Snippah#\Desktop\FRST64.exe
2014-08-01 15:51 - 2014-08-01 15:51 - 01315785 _____ () C:\Users\Snippah#\Desktop\ProtocolLib-3.4.0.jar
2014-08-01 15:51 - 2014-08-01 15:51 - 00044404 _____ () C:\Users\Snippah#\Desktop\BarAPI.jar
2014-08-01 12:48 - 2014-08-01 12:48 - 00000881 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-01 12:47 - 2014-08-01 12:47 - 24743106 _____ () C:\Users\Snippah#\Desktop\vlc-2.1.5-win32.exe
2014-08-01 06:55 - 2014-08-01 06:55 - 04431200 _____ (Avira Operations GmbH & Co. KG) C:\Users\Snippah#\Desktop\avira_de_av___ws2.exe
2014-08-01 06:36 - 2014-08-01 06:36 - 00003036 _____ () C:\Windows\System32\Tasks\asrRd
2014-08-01 06:35 - 2014-08-01 12:45 - 00000327 _____ () C:\Windows\setupact.log
2014-08-01 06:35 - 2014-08-01 06:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-01 06:33 - 2014-08-01 06:33 - 00265394 _____ () C:\Windows\PFRO.log
2014-08-01 05:53 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-08-01 05:53 - 2012-03-01 08:38 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-08-01 05:53 - 2012-03-01 08:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-08-01 05:53 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-08-01 05:53 - 2012-03-01 07:37 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-08-01 05:53 - 2012-03-01 07:33 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-08-01 05:53 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-08-01 05:48 - 2014-08-01 05:48 - 00263814 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-08-01 04:52 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-08-01 04:52 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-08-01 04:52 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-08-01 04:52 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-08-01 04:52 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-08-01 04:52 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-08-01 04:52 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-08-01 04:52 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-08-01 04:52 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-08-01 04:52 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-08-01 04:52 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-08-01 04:52 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-08-01 04:52 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-08-01 04:52 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-08-01 04:52 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-08-01 04:52 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-08-01 04:52 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-08-01 04:52 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-08-01 04:52 - 2013-05-13 07:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-08-01 04:52 - 2013-05-13 07:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-08-01 04:52 - 2013-05-13 07:51 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-08-01 04:52 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-08-01 04:52 - 2013-05-13 06:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-08-01 04:52 - 2013-05-13 06:45 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-08-01 04:52 - 2013-05-13 06:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-08-01 04:52 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-08-01 04:52 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-08-01 04:52 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-08-01 04:52 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-08-01 04:52 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-08-01 04:52 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-08-01 04:52 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-08-01 04:52 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-08-01 04:52 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-08-01 04:52 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-08-01 04:52 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-08-01 04:52 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-08-01 04:52 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-08-01 04:52 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-08-01 04:52 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-08-01 04:52 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-08-01 04:52 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-08-01 04:52 - 2011-02-12 13:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-08-01 04:51 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-08-01 04:51 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-08-01 04:51 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-08-01 04:51 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-08-01 04:51 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-08-01 04:51 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-08-01 04:51 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-08-01 04:51 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-08-01 04:51 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-08-01 04:51 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-08-01 04:51 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-08-01 04:51 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-08-01 04:51 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-08-01 04:51 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-08-01 04:51 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-08-01 04:51 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-08-01 04:51 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-08-01 04:51 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-08-01 04:51 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-08-01 04:51 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-08-01 04:51 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-08-01 04:51 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-08-01 04:51 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-08-01 04:51 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-08-01 04:51 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-01 04:51 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-08-01 04:51 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-08-01 04:51 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-08-01 04:51 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-08-01 04:51 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-08-01 04:51 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-08-01 04:51 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-08-01 04:51 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-08-01 04:51 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-08-01 04:51 - 2013-09-25 04:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-08-01 04:51 - 2013-09-25 03:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-08-01 04:51 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-08-01 04:51 - 2013-08-27 11:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-08-01 04:51 - 2013-08-27 11:01 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-08-01 04:51 - 2013-08-27 10:21 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-08-01 04:51 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-01 04:51 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-08-01 04:51 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-08-01 04:51 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-08-01 04:51 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-08-01 04:51 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-01 04:51 - 2011-11-19 16:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-08-01 04:51 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-08-01 04:51 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-08-01 04:51 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-08-01 04:51 - 2011-08-27 07:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-08-01 04:51 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-08-01 04:51 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-08-01 04:51 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-08-01 04:51 - 2011-02-23 06:56 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-08-01 04:51 - 2011-02-23 06:55 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-08-01 04:51 - 2011-02-23 06:55 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-08-01 04:51 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-08-01 04:51 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-07-31 16:50 - 2014-07-31 16:50 - 01361309 _____ () C:\Users\Snippah#\Desktop\adwcleaner_3.302.exe
2014-07-31 16:44 - 2014-07-31 16:44 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\NVIDIA
2014-07-31 16:40 - 2014-07-31 16:40 - 00001082 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-07-31 16:39 - 2014-07-31 16:40 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\NVIDIA Corporation
2014-07-31 16:39 - 2014-07-31 16:40 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\NVIDIA
2014-07-31 16:39 - 2014-07-31 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-31 16:39 - 2014-07-25 16:01 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-07-31 16:39 - 2014-07-25 16:01 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-07-31 16:39 - 2014-07-25 16:01 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-07-31 16:39 - 2014-07-25 16:01 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-07-31 16:38 - 2014-07-02 20:55 - 06783776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-07-31 16:38 - 2014-07-02 20:55 - 03522392 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-07-31 16:38 - 2014-07-02 20:55 - 02559960 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-07-31 16:38 - 2014-07-02 20:55 - 00935368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-07-31 16:38 - 2014-07-02 20:55 - 00386520 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-07-31 16:38 - 2014-07-02 20:55 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-07-31 16:38 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-07-31 16:38 - 2014-07-02 12:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2014-07-31 16:36 - 2014-07-02 23:29 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-07-31 16:36 - 2014-07-02 23:29 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-07-31 16:36 - 2014-07-02 23:29 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 18626304 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 14498552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-31 16:36 - 2014-07-02 22:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 03196816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 02814656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 00965312 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-07-31 16:36 - 2014-07-02 22:48 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
2014-07-31 16:36 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-07-31 16:36 - 2014-03-31 18:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-07-31 16:36 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-07-31 16:27 - 2014-07-31 16:27 - 00033990 _____ () C:\Users\Snippah#\Desktop\mbamlöog.txt
2014-07-31 16:20 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-07-31 16:20 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-07-31 16:20 - 2012-02-17 06:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-07-31 16:20 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-07-31 16:16 - 2014-07-31 16:33 - 337127848 _____ (NVIDIA Corporation) C:\Users\Snippah#\Desktop\340.52-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-07-31 16:15 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-31 16:15 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-31 16:15 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-31 16:15 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-07-31 16:15 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-07-31 16:15 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-31 16:15 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-31 16:15 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-31 16:15 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-31 16:14 - 2014-07-31 16:14 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-31 16:10 - 2014-07-31 16:10 - 00000889 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-31 16:09 - 2014-07-31 16:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Snippah#\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-31 05:13 - 2014-07-31 05:18 - 50753804 _____ () C:\Users\Snippah#\Desktop\Isabella II FTB 1.6 v03.zip
2014-07-31 05:05 - 2014-07-31 05:05 - 00428068 _____ () C:\Users\Snippah#\Desktop\OptiFine_1.6.4_HD_U_D1.jar
2014-07-30 21:47 - 2014-07-30 21:47 - 05445823 _____ () C:\Users\Snippah#\Desktop\DimensionalDoors-2.2.3-336.jar
2014-07-29 23:20 - 2014-07-29 23:21 - 00002626 _____ () C:\Users\Snippah#\Desktop\fuckherrightinthepussypewds_mp4.HDP
2014-07-29 23:20 - 2014-07-29 23:20 - 00179812 _____ () C:\Users\Snippah#\Desktop\fuck her right in the pussy pewds.MVP
2014-07-29 17:43 - 2014-07-29 17:43 - 02346942 _____ () C:\Users\Snippah#\Desktop\TechnicLauncher.exe
2014-07-29 16:43 - 2014-08-01 17:33 - 00000000 ____D () C:\Users\Snippah#\Desktop\Treeit_3.6.2.0_Server_Cauldron
2014-07-29 16:18 - 2014-07-29 16:27 - 191728963 _____ () C:\Users\Snippah#\Desktop\Treeit_3.6.2.0_Server_Cauldron.zip
2014-07-29 15:44 - 2014-07-29 15:45 - 05532231 _____ () C:\Users\Snippah#\Desktop\45cb6cbbff2d7fc1daefbd85b031fd9dcfc70e7b.ogg
2014-07-29 15:07 - 2014-07-29 15:08 - 05468843 _____ () C:\Users\Snippah#\Desktop\6254527d626a2c7d80901cc2e62dce3ba4bd81f6.ogg
2014-07-29 13:02 - 2014-07-29 23:21 - 02918060 _____ () C:\Users\Snippah#\Desktop\fuckherrightinthepussypewds_mp4.H0
2014-07-29 02:36 - 2014-07-28 23:37 - 403719453 _____ () C:\Users\Snippah#\Desktop\fuckherrightinthepussypewds.mp4
2014-07-29 02:03 - 2014-07-29 02:04 - 17013507 _____ () C:\Users\Snippah#\Desktop\blame youtube.wmv
2014-07-29 01:04 - 2014-07-29 01:04 - 00000000 ____D () E:\PROGRAMS\Core Temp
2014-07-29 01:04 - 2014-07-29 01:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2014-07-29 01:03 - 2014-07-29 01:03 - 00000000 ____D () C:\ProgramData\APN
2014-07-29 01:02 - 2014-07-29 01:02 - 00787392 _____ ( ) C:\Users\Snippah#\Desktop\coretemp_d7632790_CB-DL-Manager.exe
2014-07-28 23:30 - 2014-07-29 23:20 - 00000000 ____D () C:\Users\Snippah#\Desktop\360mlgpro
2014-07-28 23:30 - 2014-07-29 01:51 - 00000000 ____D () C:\Users\Snippah#\Desktop\Neuer Ordner
2014-07-28 20:31 - 2014-07-28 20:31 - 00000861 _____ () C:\Users\Snippah#\AppData\Local\recently-used.xbel
2014-07-28 03:51 - 2014-07-28 23:33 - 00000000 ____D () C:\Users\Snippah#\Desktop\Porn
2014-07-28 03:46 - 2014-07-28 03:46 - 02389423 _____ () C:\Users\Snippah#\Desktop\2014-07-28.wmv
2014-07-28 02:26 - 2014-07-28 03:50 - 605990161 _____ () C:\Users\Snippah#\Desktop\Porn.rar
2014-07-28 00:11 - 2014-07-28 00:46 - 00096590 _____ () C:\Users\Snippah#\Desktop\darude-sandstorm.mid
2014-07-27 23:58 - 2014-07-29 23:20 - 00000000 ____D () C:\Users\Snippah#\Desktop\magix fertig
2014-07-27 20:59 - 2014-07-27 20:59 - 00067810 _____ () C:\Users\Snippah#\Desktop\jason_derulo-wiggle_ft_snoop_dogg.mid
2014-07-27 20:00 - 2014-07-27 20:00 - 00035965 _____ () C:\Users\Snippah#\Desktop\Flim Flam Brothers.mid
2014-07-27 19:58 - 2014-07-27 19:58 - 00015589 _____ () C:\Users\Snippah#\Desktop\Becoming Popular Transcription.mid
2014-07-27 19:58 - 2014-07-27 19:58 - 00009136 _____ () C:\Users\Snippah#\Desktop\Celestias Ballad.mid
2014-07-27 19:57 - 2014-07-27 19:57 - 00018032 _____ () C:\Users\Snippah#\Desktop\True True Friend.mid
2014-07-27 05:14 - 2014-07-27 05:17 - 00030943 _____ () C:\Users\Snippah#\Desktop\This Day Aria.mid
2014-07-27 05:14 - 2014-07-27 05:14 - 00010527 _____ () C:\Users\Snippah#\Downloads\This Day Aria.mid
2014-07-27 05:14 - 2014-07-27 05:13 - 00007424 _____ () C:\Users\Snippah#\Desktop\The Six-hooved Stallion.mid
2014-07-27 05:13 - 2014-07-27 05:13 - 00016882 _____ () C:\Users\Snippah#\Downloads\maythebestpetwin Reedmace Star.midi
2014-07-27 05:13 - 2014-07-27 05:13 - 00016882 _____ () C:\Users\Snippah#\Desktop\maythebestpetwin Reedmace Star.midi
2014-07-27 05:13 - 2014-07-27 05:13 - 00007424 _____ () C:\Users\Snippah#\Downloads\The Six-hooved Stallion.mid
2014-07-27 05:13 - 2014-07-27 05:13 - 00004781 _____ () C:\Users\Snippah#\Downloads\circleoffriends by Reedmace Star.midi
2014-07-27 05:13 - 2014-07-27 05:13 - 00004781 _____ () C:\Users\Snippah#\Desktop\circleoffriends by Reedmace Star.midi
2014-07-27 05:11 - 2014-07-27 05:11 - 00004749 _____ () C:\Users\Snippah#\Downloads\Ive Got to Find a Way.mid
2014-07-27 05:11 - 2014-07-27 05:11 - 00004749 _____ () C:\Users\Snippah#\Desktop\Ive Got to Find a Way.mid
2014-07-27 05:07 - 2014-07-27 05:10 - 00043239 _____ () C:\Users\Snippah#\Desktop\BABSSEED.MID
2014-07-27 05:07 - 2014-07-27 05:07 - 00035669 _____ () C:\Users\Snippah#\Downloads\Raise This Barn Minor.mid
2014-07-27 05:07 - 2014-07-27 05:07 - 00035669 _____ () C:\Users\Snippah#\Desktop\Raise This Barn Minor.mid
2014-07-27 05:07 - 2014-07-27 05:06 - 00024175 _____ () C:\Users\Snippah#\Desktop\applesfull.mid
2014-07-27 05:06 - 2014-07-27 05:06 - 00043193 _____ () C:\Users\Snippah#\Downloads\BABSSEED.MID
2014-07-27 05:06 - 2014-07-27 05:06 - 00024175 _____ () C:\Users\Snippah#\Downloads\applesfull.mid
2014-07-27 04:41 - 2014-07-27 04:41 - 00002575 _____ () C:\Users\Public\Desktop\Anvil Studio.lnk
2014-07-27 04:40 - 2014-07-27 04:40 - 03206928 _____ () C:\Users\Snippah#\Downloads\asinstall.exe
2014-07-27 04:40 - 2014-07-18 13:28 - 03471360 _____ () C:\Users\Snippah#\Downloads\astudio.msi
2014-07-27 04:40 - 2014-07-18 13:28 - 00434280 _____ () C:\Users\Snippah#\Downloads\setup.exe
2014-07-26 19:10 - 2014-07-26 19:10 - 00000000 ____D () C:\Users\Snippah#\Downloads\SUBasic
2014-07-26 18:58 - 2014-07-26 19:10 - 207776248 _____ () C:\Users\Snippah#\Downloads\SUBasic.zip
2014-07-26 18:57 - 2014-07-26 18:57 - 00000000 ____D () E:\PROGRAMS\LogMeIn Hamachi
2014-07-26 18:57 - 2014-07-26 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-05 01:21 - 2014-07-05 01:21 - 00037570 _____ () C:\Users\Snippah#\Downloads\Bread scout (1).rar
2014-07-03 18:11 - 2014-07-27 04:58 - 00042884 _____ () C:\Users\Snippah#\Desktop\Survivor - Eye Of The Tiger.mid
2014-07-03 17:56 - 2014-07-03 17:56 - 05813432 _____ () C:\Users\Snippah#\Downloads\pifm.tar.gz
2014-07-03 02:19 - 2014-07-03 02:19 - 00000000 ____D () C:\Users\Snippah#\Downloads\Bread scout
2014-07-03 01:54 - 2014-07-03 01:54 - 00037570 _____ () C:\Users\Snippah#\Downloads\Bread scout.rar
2014-07-02 22:30 - 2014-07-02 22:30 - 00813417 _____ () C:\Users\Snippah#\Desktop\2014-07-02.wmv
2014-07-02 00:19 - 2014-07-02 00:19 - 00000000 ____D () C:\tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-01 20:57 - 2014-08-01 20:56 - 00023304 _____ () C:\Users\Snippah#\Desktop\FRST.txt
2014-08-01 20:56 - 2014-05-21 23:02 - 00000000 ____D () C:\FRST
2014-08-01 20:55 - 2014-08-01 20:55 - 02094080 _____ (Farbar) C:\Users\Snippah#\Desktop\FRST64.exe
2014-08-01 20:47 - 2014-02-27 18:00 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Skype
2014-08-01 20:44 - 2014-02-28 00:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-01 20:23 - 2014-05-22 17:09 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-01 18:10 - 2014-04-15 17:51 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\vlc
2014-08-01 17:33 - 2014-07-29 16:43 - 00000000 ____D () C:\Users\Snippah#\Desktop\Treeit_3.6.2.0_Server_Cauldron
2014-08-01 15:51 - 2014-08-01 15:51 - 01315785 _____ () C:\Users\Snippah#\Desktop\ProtocolLib-3.4.0.jar
2014-08-01 15:51 - 2014-08-01 15:51 - 00044404 _____ () C:\Users\Snippah#\Desktop\BarAPI.jar
2014-08-01 15:32 - 2014-04-15 18:15 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\LogMeIn Hamachi
2014-08-01 12:48 - 2014-08-01 12:48 - 00000881 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-01 12:47 - 2014-08-01 12:47 - 24743106 _____ () C:\Users\Snippah#\Desktop\vlc-2.1.5-win32.exe
2014-08-01 12:45 - 2014-08-01 06:35 - 00000327 _____ () C:\Windows\setupact.log
2014-08-01 11:21 - 2014-02-27 22:46 - 02026978 _____ () C:\Windows\WindowsUpdate.log
2014-08-01 06:55 - 2014-08-01 06:55 - 04431200 _____ (Avira Operations GmbH & Co. KG) C:\Users\Snippah#\Desktop\avira_de_av___ws2.exe
2014-08-01 06:55 - 2014-04-28 16:01 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-01 06:45 - 2014-02-27 17:35 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Spotify
2014-08-01 06:40 - 2009-07-14 06:45 - 00036336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-01 06:40 - 2009-07-14 06:45 - 00036336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-01 06:39 - 2014-05-29 20:42 - 00000000 ____D () C:\ProgramData\Origin
2014-08-01 06:39 - 2014-03-31 22:01 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-01 06:38 - 2014-03-01 21:03 - 00000000 ___RD () C:\Users\Snippah#\Dropbox
2014-08-01 06:37 - 2014-03-01 21:01 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Dropbox
2014-08-01 06:36 - 2014-08-01 06:36 - 00003036 _____ () C:\Windows\System32\Tasks\asrRd
2014-08-01 06:36 - 2014-05-29 20:42 - 00000000 ____D () E:\PROGRAMS\Origin
2014-08-01 06:35 - 2014-08-01 06:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-01 06:35 - 2014-05-22 17:09 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-01 06:35 - 2014-02-27 22:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-01 06:35 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-01 06:35 - 2009-07-14 06:45 - 00536056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-01 06:33 - 2014-08-01 06:33 - 00265394 _____ () C:\Windows\PFRO.log
2014-08-01 06:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-01 05:55 - 2014-02-28 07:41 - 00696878 _____ () C:\Windows\system32\perfh007.dat
2014-08-01 05:55 - 2014-02-28 07:41 - 00148174 _____ () C:\Windows\system32\perfc007.dat
2014-08-01 05:55 - 2009-07-14 07:13 - 01634596 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-01 05:54 - 2014-03-11 19:09 - 01590498 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-01 05:48 - 2014-08-01 05:48 - 00263814 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-08-01 05:47 - 2014-05-31 22:23 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Winamp
2014-08-01 05:08 - 2014-04-01 21:04 - 00000000 ____D () C:\Windows\Minidump
2014-08-01 04:36 - 2014-04-10 20:58 - 00000000 ____D () E:\PROGRAMS\Avira
2014-08-01 04:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-07-31 22:42 - 2014-03-14 19:27 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4F372E70-9CBF-4970-A680-9F7B6BF7B9F1}
2014-07-31 21:19 - 2014-06-26 00:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter
2014-07-31 16:51 - 2014-05-25 15:04 - 00000000 ____D () C:\AdwCleaner
2014-07-31 16:50 - 2014-07-31 16:50 - 01361309 _____ () C:\Users\Snippah#\Desktop\adwcleaner_3.302.exe
2014-07-31 16:44 - 2014-07-31 16:44 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\NVIDIA
2014-07-31 16:40 - 2014-07-31 16:40 - 00001082 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-07-31 16:40 - 2014-07-31 16:39 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\NVIDIA Corporation
2014-07-31 16:40 - 2014-07-31 16:39 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\NVIDIA
2014-07-31 16:40 - 2014-02-27 22:55 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-07-31 16:39 - 2014-07-31 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-31 16:39 - 2014-02-27 22:55 - 00000000 ____D () E:\PROGRAMS\NVIDIA Corporation
2014-07-31 16:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-07-31 16:33 - 2014-07-31 16:16 - 337127848 _____ (NVIDIA Corporation) C:\Users\Snippah#\Desktop\340.52-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-07-31 16:27 - 2014-07-31 16:27 - 00033990 _____ () C:\Users\Snippah#\Desktop\mbamlöog.txt
2014-07-31 16:14 - 2014-07-31 16:14 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-31 16:14 - 2014-04-19 13:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-31 16:14 - 2014-04-19 13:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-31 16:14 - 2014-04-19 13:20 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-31 16:14 - 2014-04-16 15:11 - 00000000 ____D () E:\PROGRAMS\Java
2014-07-31 16:14 - 2014-03-29 22:40 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-31 16:10 - 2014-07-31 16:10 - 00000889 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-31 16:10 - 2014-07-31 16:09 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Snippah#\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-31 16:10 - 2014-05-25 14:20 - 00000000 ____D () E:\PROGRAMS\ Malwarebytes Anti-Malware 
2014-07-31 16:10 - 2014-05-25 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-31 15:59 - 2014-05-15 18:35 - 00011776 _____ () C:\Users\Snippah#\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-31 15:57 - 2014-06-24 06:39 - 00003094 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-07-31 05:18 - 2014-07-31 05:13 - 50753804 _____ () C:\Users\Snippah#\Desktop\Isabella II FTB 1.6 v03.zip
2014-07-31 05:05 - 2014-07-31 05:05 - 00428068 _____ () C:\Users\Snippah#\Desktop\OptiFine_1.6.4_HD_U_D1.jar
2014-07-30 21:47 - 2014-07-30 21:47 - 05445823 _____ () C:\Users\Snippah#\Desktop\DimensionalDoors-2.2.3-336.jar
2014-07-30 16:51 - 2014-02-27 17:35 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Spotify
2014-07-29 23:21 - 2014-07-29 23:20 - 00002626 _____ () C:\Users\Snippah#\Desktop\fuckherrightinthepussypewds_mp4.HDP
2014-07-29 23:21 - 2014-07-29 13:02 - 02918060 _____ () C:\Users\Snippah#\Desktop\fuckherrightinthepussypewds_mp4.H0
2014-07-29 23:20 - 2014-07-29 23:20 - 00179812 _____ () C:\Users\Snippah#\Desktop\fuck her right in the pussy pewds.MVP
2014-07-29 23:20 - 2014-07-28 23:30 - 00000000 ____D () C:\Users\Snippah#\Desktop\360mlgpro
2014-07-29 23:20 - 2014-07-27 23:58 - 00000000 ____D () C:\Users\Snippah#\Desktop\magix fertig
2014-07-29 17:43 - 2014-07-29 17:43 - 02346942 _____ () C:\Users\Snippah#\Desktop\TechnicLauncher.exe
2014-07-29 17:34 - 2014-03-10 15:34 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\.minecraft
2014-07-29 16:27 - 2014-07-29 16:18 - 191728963 _____ () C:\Users\Snippah#\Desktop\Treeit_3.6.2.0_Server_Cauldron.zip
2014-07-29 15:45 - 2014-07-29 15:44 - 05532231 _____ () C:\Users\Snippah#\Desktop\45cb6cbbff2d7fc1daefbd85b031fd9dcfc70e7b.ogg
2014-07-29 15:08 - 2014-07-29 15:07 - 05468843 _____ () C:\Users\Snippah#\Desktop\6254527d626a2c7d80901cc2e62dce3ba4bd81f6.ogg
2014-07-29 02:04 - 2014-07-29 02:03 - 17013507 _____ () C:\Users\Snippah#\Desktop\blame youtube.wmv
2014-07-29 01:51 - 2014-07-28 23:30 - 00000000 ____D () C:\Users\Snippah#\Desktop\Neuer Ordner
2014-07-29 01:04 - 2014-07-29 01:04 - 00000000 ____D () E:\PROGRAMS\Core Temp
2014-07-29 01:04 - 2014-07-29 01:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2014-07-29 01:03 - 2014-07-29 01:03 - 00000000 ____D () C:\ProgramData\APN
2014-07-29 01:02 - 2014-07-29 01:02 - 00787392 _____ ( ) C:\Users\Snippah#\Desktop\coretemp_d7632790_CB-DL-Manager.exe
2014-07-28 23:37 - 2014-07-29 02:36 - 403719453 _____ () C:\Users\Snippah#\Desktop\fuckherrightinthepussypewds.mp4
2014-07-28 23:35 - 2014-05-21 22:55 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\CrashDumps
2014-07-28 23:35 - 2014-05-03 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-07-28 23:33 - 2014-07-28 03:51 - 00000000 ____D () C:\Users\Snippah#\Desktop\Porn
2014-07-28 20:31 - 2014-07-28 20:31 - 00000861 _____ () C:\Users\Snippah#\AppData\Local\recently-used.xbel
2014-07-28 20:31 - 2014-06-16 05:23 - 00000000 ____D () C:\Users\Snippah#\AppData\Local\Paint.NET
2014-07-28 20:31 - 2014-06-06 16:29 - 00000000 ____D () C:\Users\Snippah#\.gimp-2.8
2014-07-28 03:50 - 2014-07-28 02:26 - 605990161 _____ () C:\Users\Snippah#\Desktop\Porn.rar
2014-07-28 03:46 - 2014-07-28 03:46 - 02389423 _____ () C:\Users\Snippah#\Desktop\2014-07-28.wmv
2014-07-28 00:55 - 2014-02-28 15:44 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Audacity
2014-07-28 00:46 - 2014-07-28 00:11 - 00096590 _____ () C:\Users\Snippah#\Desktop\darude-sandstorm.mid
2014-07-27 22:47 - 2014-05-03 13:37 - 00000000 ____D () E:\PROGRAMS\DVDVideoSoft
2014-07-27 22:45 - 2014-05-03 13:36 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\DVDVideoSoft
2014-07-27 20:59 - 2014-07-27 20:59 - 00067810 _____ () C:\Users\Snippah#\Desktop\jason_derulo-wiggle_ft_snoop_dogg.mid
2014-07-27 20:00 - 2014-07-27 20:00 - 00035965 _____ () C:\Users\Snippah#\Desktop\Flim Flam Brothers.mid
2014-07-27 19:58 - 2014-07-27 19:58 - 00015589 _____ () C:\Users\Snippah#\Desktop\Becoming Popular Transcription.mid
2014-07-27 19:58 - 2014-07-27 19:58 - 00009136 _____ () C:\Users\Snippah#\Desktop\Celestias Ballad.mid
2014-07-27 19:57 - 2014-07-27 19:57 - 00018032 _____ () C:\Users\Snippah#\Desktop\True True Friend.mid
2014-07-27 05:44 - 2014-03-03 12:39 - 00000566 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-27 05:17 - 2014-07-27 05:14 - 00030943 _____ () C:\Users\Snippah#\Desktop\This Day Aria.mid
2014-07-27 05:14 - 2014-07-27 05:14 - 00010527 _____ () C:\Users\Snippah#\Downloads\This Day Aria.mid
2014-07-27 05:13 - 2014-07-27 05:14 - 00007424 _____ () C:\Users\Snippah#\Desktop\The Six-hooved Stallion.mid
2014-07-27 05:13 - 2014-07-27 05:13 - 00016882 _____ () C:\Users\Snippah#\Downloads\maythebestpetwin Reedmace Star.midi
2014-07-27 05:13 - 2014-07-27 05:13 - 00016882 _____ () C:\Users\Snippah#\Desktop\maythebestpetwin Reedmace Star.midi
2014-07-27 05:13 - 2014-07-27 05:13 - 00007424 _____ () C:\Users\Snippah#\Downloads\The Six-hooved Stallion.mid
2014-07-27 05:13 - 2014-07-27 05:13 - 00004781 _____ () C:\Users\Snippah#\Downloads\circleoffriends by Reedmace Star.midi
2014-07-27 05:13 - 2014-07-27 05:13 - 00004781 _____ () C:\Users\Snippah#\Desktop\circleoffriends by Reedmace Star.midi
2014-07-27 05:11 - 2014-07-27 05:11 - 00004749 _____ () C:\Users\Snippah#\Downloads\Ive Got to Find a Way.mid
2014-07-27 05:11 - 2014-07-27 05:11 - 00004749 _____ () C:\Users\Snippah#\Desktop\Ive Got to Find a Way.mid
2014-07-27 05:10 - 2014-07-27 05:07 - 00043239 _____ () C:\Users\Snippah#\Desktop\BABSSEED.MID
2014-07-27 05:07 - 2014-07-27 05:07 - 00035669 _____ () C:\Users\Snippah#\Downloads\Raise This Barn Minor.mid
2014-07-27 05:07 - 2014-07-27 05:07 - 00035669 _____ () C:\Users\Snippah#\Desktop\Raise This Barn Minor.mid
2014-07-27 05:06 - 2014-07-27 05:07 - 00024175 _____ () C:\Users\Snippah#\Desktop\applesfull.mid
2014-07-27 05:06 - 2014-07-27 05:06 - 00043193 _____ () C:\Users\Snippah#\Downloads\BABSSEED.MID
2014-07-27 05:06 - 2014-07-27 05:06 - 00024175 _____ () C:\Users\Snippah#\Downloads\applesfull.mid
2014-07-27 04:58 - 2014-07-03 18:11 - 00042884 _____ () C:\Users\Snippah#\Desktop\Survivor - Eye Of The Tiger.mid
2014-07-27 04:41 - 2014-07-27 04:41 - 00002575 _____ () C:\Users\Public\Desktop\Anvil Studio.lnk
2014-07-27 04:41 - 2014-04-17 17:33 - 00002587 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvil Studio.lnk
2014-07-27 04:41 - 2014-03-08 01:16 - 00000000 ____D () E:\PROGRAMS\Anvil Studio 2013
2014-07-27 04:40 - 2014-07-27 04:40 - 03206928 _____ () C:\Users\Snippah#\Downloads\asinstall.exe
2014-07-27 03:26 - 2014-03-03 15:14 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-07-27 00:20 - 2014-02-27 22:38 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-26 19:44 - 2014-02-28 00:25 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-26 19:44 - 2014-02-28 00:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-26 19:44 - 2014-02-28 00:25 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-26 19:10 - 2014-07-26 19:10 - 00000000 ____D () C:\Users\Snippah#\Downloads\SUBasic
2014-07-26 19:10 - 2014-07-26 18:58 - 207776248 _____ () C:\Users\Snippah#\Downloads\SUBasic.zip
2014-07-26 19:05 - 2014-04-10 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-26 19:01 - 2014-04-11 21:19 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-26 18:59 - 2014-03-01 21:02 - 00000000 ____D () C:\Users\Snippah#\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-26 18:57 - 2014-07-26 18:57 - 00000000 ____D () E:\PROGRAMS\LogMeIn Hamachi
2014-07-26 18:57 - 2014-07-26 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-25 16:01 - 2014-07-31 16:39 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-07-25 16:01 - 2014-07-31 16:39 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-07-25 16:01 - 2014-07-31 16:39 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-07-25 16:01 - 2014-07-31 16:39 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-07-18 13:28 - 2014-07-27 04:40 - 03471360 _____ () C:\Users\Snippah#\Downloads\astudio.msi
2014-07-18 13:28 - 2014-07-27 04:40 - 00434280 _____ () C:\Users\Snippah#\Downloads\setup.exe
2014-07-05 01:21 - 2014-07-05 01:21 - 00037570 _____ () C:\Users\Snippah#\Downloads\Bread scout (1).rar
2014-07-03 17:56 - 2014-07-03 17:56 - 05813432 _____ () C:\Users\Snippah#\Downloads\pifm.tar.gz
2014-07-03 02:19 - 2014-07-03 02:19 - 00000000 ____D () C:\Users\Snippah#\Downloads\Bread scout
2014-07-03 01:54 - 2014-07-03 01:54 - 00037570 _____ () C:\Users\Snippah#\Downloads\Bread scout.rar
2014-07-02 23:29 - 2014-07-31 16:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-07-02 23:29 - 2014-07-31 16:36 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-07-02 23:29 - 2014-07-31 16:36 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 18626304 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 14498552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-02 22:48 - 2014-07-31 16:36 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 03196816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 02814656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 00965312 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-07-02 22:48 - 2014-07-31 16:36 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
2014-07-02 22:30 - 2014-07-02 22:30 - 00813417 _____ () C:\Users\Snippah#\Desktop\2014-07-02.wmv
2014-07-02 20:55 - 2014-07-31 16:38 - 06783776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-07-02 20:55 - 2014-07-31 16:38 - 03522392 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-07-02 20:55 - 2014-07-31 16:38 - 02559960 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-07-02 20:55 - 2014-07-31 16:38 - 00935368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-07-02 20:55 - 2014-07-31 16:38 - 00386520 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-07-02 20:55 - 2014-07-31 16:38 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-07-02 19:44 - 2014-07-31 16:38 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-07-02 12:14 - 2014-07-31 16:38 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2014-07-02 00:46 - 2014-04-11 19:54 - 00000000 ____D () E:\PROGRAMS\MSI Afterburner
2014-07-02 00:19 - 2014-07-02 00:19 - 00000000 ____D () C:\tmp

Files to move or delete:
====================
C:\ProgramData\yiasfxw.dat
C:\Users\Snippah#\start.bat


Some content of TEMP:
====================
C:\Users\Snippah#\AppData\Local\Temp\avgnt.exe
C:\Users\Snippah#\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvizhnj.dll
C:\Users\Snippah#\AppData\Local\Temp\jansi-64.dll
C:\Users\Snippah#\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Snippah#\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Snippah#\AppData\Local\Temp\nvStInst.exe
C:\Users\Snippah#\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-28 10:44

==================== End Of Log ============================

--- --- ---

31.05.2014, 15:14	#12
schrauber /// the machine /// TB-Ausbilder	$Trojan.Agent e:\programs\\rhv\ati\7-zip\7-zip\... - Standard$ Trojan.Agent e:\programs\\rhv\ati\7-zip\7-zip\... meine Frage? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

01.08.2014, 17:51	#14
schrauber /// the machine /// TB-Ausbilder	$Trojan.Agent e:\programs\\rhv\ati\7-zip\7-zip\... - Standard$ Trojan.Agent e:\programs\\rhv\ati\7-zip\7-zip\... frisches frst log bitte. Was is Laufwerk E:? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Trojan.Agent e:\programs\\rhv\ati\7-zip\7-zip\...

Log-Analyse und Auswertung: Trojan.Agent e:\programs\\rhv\ati\7-zip\7-zip\...