| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virus, Trojaner, irgendwas habe ich jaWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
09.06.2014, 20:37
| #1 |
| |  Virus, Trojaner, irgendwas habe ich ja Seid mir gegrüßt! Ich schaue ja manchmal filme auf gewissen seiten an und seit einiger Zeit ist mir aufgefallen: 1. mein hotmail.com account sagte mir, es wurde versucht von irgendwo einzuloggen. 2. pw geändert 3. nach ein paar tagen dann war ich mal afk und dann fiel mir auf das plötzlich mein pc sich von selbst gesteuert hat.. zwar ganz langsam, aber er hats gemacht.. er hat soviel ich gesehn hab so dateien am desktop erstellt und geöffnet und irgendwas rein geschrieben.. so ne art tool war das. habs dann sofort gelöscht dieses "tool" 4. nach einer woche schreibt mir jemand, das ICH versucht habe mit ferngesteuert auf seinem pc in meinem Email Account einzuloggen??? was is das fürn zeug und wie werd ichs los? patrick Hier noch der Hijacks Log: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:30:00, on 09.06.2014 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Thunder Master\THPanel.exe C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe C:\Windows\SysWOW64\C2MP\UpdateChecker.exe C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\ProgramData\dlprotect.exe C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe C:\Users\Shorty\AppData\Local\Temp\SVCHOST.EXE C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe E:\Games\Battle.net\Battle.net.4656\Battle.net.exe C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Shorty\Downloads\HiJackThis204 (1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MCF6E9A04-AC1C-4F51-A6A1-2B197E1108C1&SearchSource=55&CUI=&UM=5&UP=SPBEE8CC4D-566F-4F5C-A2A6-88EA63B2C172&SSPV= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE.dll F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: CrossriderApp0052916 - {11111111-1111-1111-1111-110511291116} - C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-bho.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE.dll O4 - HKLM\..\Run: [RoccatKonePure] "C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE" O4 - HKLM\..\Run: [RoccatIsku] "C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [Download Protect] C:\ProgramData\dlprotect.exe O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" O4 - HKCU\..\Run: [THPanel] "C:\Program Files (x86)\Thunder Master\THPanel.exe" /A O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Shorty\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [MyComGames] "C:\Users\Shorty\AppData\Local\MyComGames\MyComGames.exe" -autostart O4 - HKCU\..\Run: [Java] C:\Users\Shorty\AppData\Roaming\Launcherr.exe O4 - Global Startup: CodecPackUpdateChecker.lnk = C:\Windows\SysWOW64\C2MP\UpdateChecker.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra 'Tools' menuitem: Sun Java-Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: Download Protect Service (DlProtectSvc) - Unknown owner - C:\Windows\System32\DlProtectSvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Modules Remotezugriff-IPv6-ARP-Treiber (Netplwi{) - Unknown owner - C:\Windows\system32\wkscli64.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe -- End of file - 10923 bytes addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-06-2014 03
Ran by Shorty at 2014-06-09 21:51:46
Running from C:\Users\Shorty\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
.NET Reflector Desktop (HKLM-x32\...\{60EDFDF5-224E-4CB3-8BE8-55A6D852C0A8}) (Version: 8.3.3.115 - Red Gate Software Ltd)
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version: - Jagex Limited)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Allods Online DE (HKCU\...\Allods Online DE) (Version: 1.15 - My.com B.V.)
Among the sleep (HKLM-x32\...\Among the sleep_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Anna - Extended Edition (HKLM-x32\...\Steam App 217690) (Version: - Dreampainters)
ASRock eXtreme Tuner v0.1.248 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version: - )
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
Badoo Desktop (HKLM-x32\...\{D0AF8BD9-79A6-45D6-8B71-25281B1300A7}) (Version: 1.6.58.1220 - Badoo)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Beat Hazard 1.3s (HKLM-x32\...\{6B76A0FE-4D7F-4BCE-8BD1-D61CAB936D40}_is1) (Version: - Cold Beam Games)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.1.30889 - BitTorrent Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Charles 3.8.3 (HKLM\...\{5CE7E4F6-039B-4A30-9F0E-A0FF90F1A018}) (Version: 3.8.3.3 - XK72 Ltd)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
CPUID CPU-Z 1.67.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Creation Kit (HKLM-x32\...\Steam App 202480) (Version: - bgs.bethsoft.com)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Diablo II (HKLM-x32\...\Diablo II) (Version: - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Diablo III Beta (HKLM-x32\...\Diablo III Beta) (Version: - Blizzard Entertainment)
Download Protect (HKCU\...\{132401a7-2006-4342-b43c-ccf5f02c2b01}) (Version: - Download Protect)
Dragon's Prophet (HKLM-x32\...\{C31556D7-F2B9-4787-B223-F7A035067E89}_is1) (Version: 2.0.1315.20 - Infernum Productions AG)
Dwarfs F2P (HKLM-x32\...\Steam App 213650) (Version: - Power of 2)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FEAR (HKLM-x32\...\{2B653229-9854-4989-B780-D978F5F13EAB}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
Forge Quest 1.0 (HKLM-x32\...\Forge Quest 1.0) (Version: 1.0 - Cat-A-Cat)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
GameRanger (HKCU\...\GameRanger) (Version: - GameRanger Technologies)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.61.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.61.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.0 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hero Editor V0.96 (HKLM-x32\...\ST6UNST #1) (Version: - )
Intel Extreme Tuning Utility (HKLM-x32\...\{162FB65C-7E55-4962-84A9-5E69C4D85C73}) (Version: 3.0.38.5 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2761 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.2.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kingdom Rush (HKLM-x32\...\S2luZ2RvbVJ1c2g=_is1) (Version: 1 - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
ManyCam 4.0.78 (HKLM-x32\...\ManyCam) (Version: 4.0.78 - Visicom Media Inc.)
Media Player Codec Pack 4.3.1 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.3.1 - Media Player Codec Pack) <==== ATTENTION
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC (Version: 4.5.50861 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual Studio 6.0 Enterprise Edition (HKLM-x32\...\Visual Studio 6.0 Enterprise Edition) (Version: - )
Microsoft VM for Java (HKLM-x32\...\MsJavaVM) (Version: - )
Microsoft Web Publishing Wizard 1.53 (HKLM-x32\...\WebPost) (Version: - )
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
My.Com GAMES (HKCU\...\MyComGames) (Version: 2.17 - BENSTAR LIMITED)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.6 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA APEX(1.2.3) PhysX(3.2) Lab(64bit) (HKLM-x32\...\NVIDIA APEX(1.2.3) PhysX(3.2) Lab(64bit)) (Version: 1.1.102.1(Beta) - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )
PlagueInc 1.0 (HKLM-x32\...\PlagueInc 1.0) (Version: 1.0 - Cat-A-Cat)
PlusSHD-9.9 (HKLM-x32\...\PlusSHD-9.9) (Version: 1.34.5.22 - PlusSHDC)
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version: - Running With Scissors)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version: - Roccat GmbH)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version: - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0002 - Roccat GmbH)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Sacred 2 Gold Edition (HKLM-x32\...\Sacred 2 Gold Edition_is1) (Version: - )
SearchMe Toolbar v9.3 (HKLM-x32\...\{2711C4F6-0B26-4C38-A615-664331CAD807}) (Version: 9.3 - Spigot, Inc.) <==== ATTENTION
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version: - Sega)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold HD (HKLM-x32\...\Steam App 40950) (Version: - FireFly Studios)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Battle for Middle-earth (tm) II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version: - Ubisoft Montreal)
The Mighty Quest For Epic Loot Version 1.223680 (HKLM-x32\...\The Mighty Quest For Epic Loot_is1) (Version: 1.223680 - )
Thief (HKLM-x32\...\VGhpZWY=_is1) (Version: 1 - )
Thunder Master v1.9 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 1.9.4.2 - Palit Microsystems Ltd.)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.2.15 - Electronic Arts)
TL-WN851ND Driver (HKLM-x32\...\{4BAE4C76-44C3-418F-B715-6BBF5A65323E}) (Version: 1.00.0000 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 2.01.0012 - TP-LINK)
Unity (HKLM-x32\...\Unity) (Version: - Unity Technologies ApS)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version: - Giant Army)
Unreal Development Kit: 2012-07 (HKLM\...\UDK-28a7a413-84bb-4723-bfeb-26ac6dd931c7) (Version: - Epic Games, Inc.)
Unreal Development Kit: 2013-07 (HKLM\...\UDK-4aec8fb0-2e1c-4bbf-a418-380e6bf684f0) (Version: - Epic Games, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VB Decompiler Lite (HKLM-x32\...\VB Decompiler Lite_is1) (Version: - DotFix Software)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
Webcam Simulator 7.3 (HKLM-x32\...\WCS7.3.0_is1) (Version: 7.3.0 - Webcam Simulator)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Restore Points =========================
29-05-2014 21:33:04 Gerätetreiber-Paketinstallation: Visicom Media Inc. Audio-, Video- und Gamecontroller
29-05-2014 21:33:09 Gerätetreiber-Paketinstallation: Visicom Media Inc. Audio-, Video- und Gamecontroller
29-05-2014 21:45:40 Installed MorphVOX Junior
05-06-2014 22:00:00 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-01-12 13:42 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0B18E58D-BDA8-4FB7-B1C6-E8245CC42E24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04] (Google Inc.)
Task: {1AD8EBAA-7E00-44E8-8224-017E80AD246D} - System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-6 => C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-novainstaller.exe [2014-05-31] (PlusSHDC)
Task: {269E1536-B328-421B-BEC9-2EA2667FE34F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {2CA748E2-8790-480D-BA64-28105B024882} - System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-3 => C:\Program Files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-3.exe [2014-05-31] (PlusSHDC)
Task: {3410DB5C-D471-447D-83B0-07225DED8D9D} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {34B4E260-5459-4C2C-BCC5-A81E9FB1BBAC} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-05-31] (globalUpdate) <==== ATTENTION
Task: {35405A2E-8E1F-4F91-A3FA-7C264B88E79D} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {3AFABAA2-E4C6-4787-B749-A986AD75154B} - System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-4 => C:\Program Files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-4.exe [2014-05-31] (PlusSHDC)
Task: {4C75DD7E-2000-4488-BEDE-777C7BBCDD53} - System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-2 => C:\Program Files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-2.exe [2014-05-31] (PlusSHDC)
Task: {51495046-331E-4770-A0F1-523FB68DE152} - System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-1 => C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-codedownloader.exe [2014-05-31] (PlusSHDC)
Task: {5E2B79D7-85A6-47AD-B5AE-29525A2A88CC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-08] (Adobe Systems Incorporated)
Task: {75B4A7FA-8079-4F47-9DBE-2ED4888E267D} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-05-31] (globalUpdate) <==== ATTENTION
Task: {C6E77BCA-138D-45CA-9403-CA5F240E92EF} - System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-7 => C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-nova.exe [2014-05-31] (PlusSHDC)
Task: {D18989DE-2929-47A0-B908-97249EB95A33} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04] (Google Inc.)
Task: {EAB0B612-5E18-4F21-9250-7ACDA11D19F1} - System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-5 => C:\Program Files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-5.exe [2014-05-31] (PlusSHDC)
Task: C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-1.job => C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-codedownloader.exe
Task: C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-2.job => C:\Program Files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-2.exe
Task: C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-3.job => C:\Program Files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-3.exe
Task: C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-4.job => C:\Program Files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-4.exe
Task: C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-5.job => C:\Program Files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-5.exe
Task: C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-6.job => C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-novainstaller.exe
Task: C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-7.job => C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-nova.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Loaded Modules (whitelisted) =============
2014-05-31 22:01 - 2014-05-31 22:01 - 00123392 _____ () C:\Windows\System32\DlProtectSvc.exe
2014-05-31 22:01 - 2014-05-31 22:01 - 00119296 _____ () C:\Windows\system32\wkscli64.exe
2013-11-26 19:35 - 2014-04-30 11:37 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-11-25 21:24 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-11-25 21:10 - 2012-05-21 04:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-05-18 22:18 - 2014-05-18 22:18 - 00048712 _____ () C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
2014-05-31 22:01 - 2014-05-31 22:01 - 00012800 _____ () C:\ProgramData\dlprotect.exe
2011-12-23 11:24 - 2011-12-23 11:24 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2014-01-18 16:14 - 2012-06-23 15:54 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\hiddriver.dll
2014-01-18 16:15 - 2010-11-04 12:48 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku Keyboard\hiddriver.dll
2014-05-29 20:16 - 2014-05-29 20:16 - 26065408 _____ () E:\Games\Battle.net\Battle.net.4656\libcef.dll
2014-05-29 20:16 - 2014-05-29 20:16 - 00739840 _____ () E:\Games\Battle.net\Battle.net.4656\libglesv2.dll
2014-05-29 20:16 - 2014-05-29 20:16 - 00130048 _____ () E:\Games\Battle.net\Battle.net.4656\libegl.dll
2013-11-25 21:14 - 2013-11-25 21:14 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c0efb322f8364c8759531666774c0627\IsdiInterop.ni.dll
2013-11-25 21:14 - 2012-05-30 14:55 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-11-25 21:15 - 2012-02-21 13:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2011-08-15 21:12 - 2011-08-15 21:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2011-08-15 21:15 - 2011-08-15 21:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 17:41 - 2011-08-17 17:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-17 17:48 - 2011-08-17 17:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-11-25 14:29 - 2011-11-25 14:29 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-15 21:12 - 2011-08-15 21:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-17 17:48 - 2011-08-17 17:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 20:23 - 2011-08-15 20:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2011-11-25 14:28 - 2011-11-25 14:28 - 00484352 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2011-11-25 14:42 - 2011-11-25 14:42 - 00499976 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2011-11-25 14:26 - 2011-11-25 14:26 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2011-07-19 17:05 - 2011-07-19 17:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-07-19 17:04 - 2011-07-19 17:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2011-08-15 21:17 - 2011-08-15 21:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2014-03-15 23:08 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-06-04 01:16 - 2014-06-09 17:08 - 00012288 _____ () C:\Program Files (x86)\Google\Chrome\Application\WTSAPI32.dll
2014-05-31 22:01 - 2014-05-31 22:01 - 00122216 _____ () C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-nova.dll
2014-03-15 23:08 - 2014-03-15 02:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 23:08 - 2014-03-15 02:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-15 23:08 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 23:08 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 23:08 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-03-15 23:08 - 2014-03-15 02:50 - 13637448 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
HKU\S-1-5-21-2291643653-583422786-3033649162-1000\Software\Classes\.exe: exefile => <===== ATTENTION!
HKU\S-1-5-21-2291643653-583422786-3033649162-1000\Software\Classes\exefile: <===== ATTENTION!
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: 70e6ca8c => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Intel(R) ME Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GIGABYTE OC_GURU.lnk => C:\Windows\pss\GIGABYTE OC_GURU.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Roccat Talk.lnk => C:\Windows\pss\Roccat Talk.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Shorty^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Bf4Launcher.exe => C:\Windows\pss\Bf4Launcher.exe.Startup
MSCONFIG\startupfolder: C:^Users^Shorty^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^taskmgr.exe => C:\Windows\pss\taskmgr.exe.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Badoo Desktop => C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
MSCONFIG\startupreg: BitTorrent => "C:\Users\Shorty\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Optimizer Pro => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Steam => "E:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/09/2014 05:06:33 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (06/09/2014 05:06:32 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/08/2014 09:54:02 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (06/08/2014 09:54:02 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/08/2014 06:46:26 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (06/08/2014 06:46:26 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/07/2014 00:47:58 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (06/07/2014 00:47:57 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/06/2014 10:49:33 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (06/06/2014 06:21:07 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
System errors:
=============
Error: (06/09/2014 05:06:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (06/08/2014 09:54:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (06/08/2014 06:46:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (06/07/2014 00:47:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (06/07/2014 00:47:56 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 07.06.2014 um 00:44:28 unerwartet heruntergefahren.
Error: (06/06/2014 06:54:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/06/2014 06:54:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (06/05/2014 07:35:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 04.06.2014 um 23:50:09 unerwartet heruntergefahren.
Error: (06/04/2014 01:18:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Update raving reyven" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/04/2014 01:17:57 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Util raving reyven" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (06/09/2014 05:06:33 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000
Error: (06/09/2014 05:06:32 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/08/2014 09:54:02 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000
Error: (06/08/2014 09:54:02 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/08/2014 06:46:26 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000
Error: (06/08/2014 06:46:26 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/07/2014 00:47:58 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000
Error: (06/07/2014 00:47:57 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/06/2014 10:49:33 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000
Error: (06/06/2014 06:21:07 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000
==================== Memory info ===========================
Percentage of memory in use: 17%
Total physical RAM: 16270.87 MB
Available physical RAM: 13481.07 MB
Total Pagefile: 32539.88 MB
Available Pagefile: 29483.72 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.57 GB) (Free:41.07 GB) NTFS
Drive e: (Volume) (Fixed) (Total:931.51 GB) (Free:518.28 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 112 GB) (Disk ID: 623D4314)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: A5465066)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-06-2014 03
Ran by Shorty (administrator) on SHORTY-PC on 09-06-2014 21:51:22
Running from C:\Users\Shorty\Downloads
Platform: Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Spigot, Inc.) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
() C:\Windows\System32\DlProtectSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\System32\wkscli64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe
() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\ProgramData\dlprotect.exe
(Spigot, Inc.) C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Users\Shorty\AppData\Local\Temp\SVCHOST.EXE
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
(Blizzard Entertainment) E:\Games\Battle.net\Battle.net.4656\Battle.net.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(PlusSHDC) C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-nova.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [RoccatKonePure] => C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE [561152 2013-10-23] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [Download Protect] => C:\ProgramData\dlprotect.exe [12800 2014-05-31] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SearchSettings] => C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [1404736 2014-05-26] (Spigot, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2291643653-583422786-3033649162-1000\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2158888 2013-05-24] (Palit Microsystems Ltd.)
HKU\S-1-5-21-2291643653-583422786-3033649162-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-2291643653-583422786-3033649162-1000\...\Run: [BitTorrent] => C:\Users\Shorty\AppData\Roaming\BitTorrent\BitTorrent.exe [1240664 2014-04-29] (BitTorrent Inc.)
HKU\S-1-5-21-2291643653-583422786-3033649162-1000\...\Run: [MyComGames] => C:\Users\Shorty\AppData\Local\MyComGames\MyComGames.exe [4395816 2014-04-25] ()
HKU\S-1-5-21-2291643653-583422786-3033649162-1000\...\Run: [Java] => C:\Users\Shorty\AppData\Roaming\Launcherr.exe [24637952 2014-05-08] (Valve Corporation)
HKU\S-1-5-21-2291643653-583422786-3033649162-1000\...\MountPoints2: {64facb41-560c-11e3-8b61-bc5ff47f61dc} - H:\setup.exe
HKU\S-1-5-21-2291643653-583422786-3033649162-1000\...\MountPoints2: {a939e20c-5603-11e3-b080-9d6ed9800837} - D:\OpenFiles.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MCF6E9A04-AC1C-4F51-A6A1-2B197E1108C1&SearchSource=55&CUI=&UM=5&UP=SPBEE8CC4D-566F-4F5C-A2A6-88EA63B2C172&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7501A24EAA0FCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
URLSearchHook: HKCU - SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE64.dll (Spigot, Inc.)
URLSearchHook: HKCU - SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE.dll (Spigot, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere
SearchScopes: HKCU - {65414F7B-B20E-4E92-96AE-67643932670D} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2849855&CUI=UN35836628171878116&UM=1
SearchScopes: HKCU - {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere
BHO: PlusSHD-9.9 - {11111111-1111-1111-1111-110511291116} - C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-bho64.dll (PlusSHDC)
BHO-x32: PlusSHD-9.9 - {11111111-1111-1111-1111-110511291116} - C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-bho.dll (PlusSHDC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE.dll (Spigot, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE64.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE.dll (Spigot, Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @my.com/Games - C:\Users\Shorty\AppData\Local\MyComGames\NPMyComDetector.dll (My.com, Inc)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Shorty\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{C941F8B9-E9A5-40A2-940B-512D8A32CA74}] - C:\Windows\Installer\{E1DFA477-0AAC-4A40-8808-E4C11743F961}\{C941F8B9-E9A5-40A2-940B-512D8A32CA74}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{E1DFA477-0AAC-4A40-8808-E4C11743F961}\{C941F8B9-E9A5-40A2-940B-512D8A32CA74}.xpi [2014-06-09]
Chrome:
=======
CHR HomePage: https://at.search.yahoo.com/?type=888596&fr=spigot-yhp-ch
CHR StartupUrls: "https://at.search.yahoo.com/?type=888596&fr=spigot-yhp-ch", "hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MCF6E9A04-AC1C-4F51-A6A1-2B197E1108C1&SearchSource=55&CUI=&UM=5&UP=SPBEE8CC4D-566F-4F5C-A2A6-88EA63B2C172&SSPV="
CHR Extension: (PlusSHD-9.9) - C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe [2014-06-08]
CHR Extension: (Google Drive) - C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-02]
CHR Extension: (YouTube) - C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-02]
CHR Extension: (Google-Suche) - C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-02]
CHR Extension: (Download Protect) - C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlaappnjcjjmkkcfodimdnafdbhjlcag [2014-06-09]
CHR Extension: (Google Wallet) - C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-02]
CHR Extension: (Google Mail) - C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-02]
CHR HKLM-x32\...\Chrome\Extension: [cikkkfooompgefbcjlgdjejfdknkheaj] - C:\Program Files (x86)\Common Files\Spigot\GC\DomainErrorHelper_1.0_0.crx [2014-04-23]
CHR HKLM-x32\...\Chrome\Extension: [gpiifgmgnfdiblgpaepbmfdkcheicgof] - C:\Program Files (x86)\Common Files\Spigot\GC\nta_1.0_0.crx [2014-04-23]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\Shorty\AppData\Local\Slick Savings\coupons.crx [2014-05-29]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
R2 DlProtectSvc; C:\Windows\System32\DlProtectSvc.exe [123392 2014-05-31] () [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-05-31] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-05-31] (globalUpdate) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S4 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 Netplwi{; C:\Windows\system32\wkscli64.exe [119296 2014-05-31] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-30] ()
S4 SkypeUpdate; E:\Program Files (x86)\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
S3 Visual Studio Analyzer RPC bridge; C:\Program Files (x86)\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe [34036 1998-06-06] (Microsoft Corporation) [File not signed]
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [14848 2011-09-12] (Intel Corporation)
==================== Drivers (Whitelisted) ====================
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-26] (Disc Soft Ltd)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [22776 2011-09-12] (Intel Corporation)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-27] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 {e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64; C:\Windows\System32\drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys [61120 2014-05-22] (StdLib)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-09 21:51 - 2014-06-09 21:51 - 01333465 _____ () C:\Users\Shorty\Downloads\adwcleaner_3.212.exe
2014-06-09 21:51 - 2014-06-09 21:51 - 00280045 _____ () C:\Users\Shorty\Downloads\Nicht bestätigt 997419.crdownload
2014-06-09 21:51 - 2014-06-09 21:51 - 00019098 _____ () C:\Users\Shorty\Downloads\FRST.txt
2014-06-09 21:51 - 2014-06-09 21:51 - 00000000 ____D () C:\FRST
2014-06-09 21:50 - 2014-06-09 21:50 - 02080768 _____ (Farbar) C:\Users\Shorty\Downloads\FRST64.exe
2014-06-09 21:30 - 2014-06-09 21:30 - 00010925 _____ () C:\Users\Shorty\Desktop\hijackthis.log
2014-06-09 21:28 - 2014-06-09 21:28 - 00003142 _____ () C:\Windows\System32\Tasks\{D24FF73B-DE36-4B62-B7E2-B4CE36598E8A}
2014-06-09 21:23 - 2014-06-09 21:30 - 00010925 _____ () C:\Users\Shorty\Downloads\hijackthis.log
2014-06-09 21:23 - 2014-06-09 21:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\Shorty\Downloads\HiJackThis204.exe
2014-06-09 21:23 - 2014-06-09 21:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\Shorty\Downloads\HiJackThis204 (1).exe
2014-06-06 23:18 - 2014-06-06 23:18 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Among the sleep
2014-06-06 23:18 - 2014-06-06 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2014-06-06 18:59 - 2014-06-06 23:13 - 00000000 ____D () C:\Users\Shorty\Downloads\[R.G. Mechanics] Among the sleep
2014-06-06 18:58 - 2014-06-06 18:58 - 00012714 _____ () C:\Users\Shorty\Downloads\[kickass.to]among.the.sleep.2014.pc.repack.by.r.g.Мechanics.torrent
2014-06-05 22:14 - 2014-06-05 22:14 - 00000000 ____D () C:\Users\Shorty\Documents\Freemake
2014-06-05 22:14 - 2014-06-05 22:14 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-05 22:14 - 2014-06-05 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-05 22:14 - 2014-06-05 22:14 - 00000000 ____D () C:\ProgramData\Freemake
2014-06-05 22:13 - 2014-06-05 22:13 - 01325576 _____ (Ellora Assets Corporation ) C:\Users\Shorty\Downloads\FreemakeVideoConverterSetup.exe
2014-06-04 22:39 - 2014-06-04 22:39 - 00000000 ____D () C:\Users\Shorty\Downloads\RgcAudio z3ta+ DXi VSTi v1.4
2014-06-04 22:30 - 2014-06-04 22:45 - 00000000 ____D () C:\Users\Shorty\Downloads\FL Studio Producer Edition 11.0.4 Signature Bundle [ChingLiu]
2014-06-04 22:30 - 2014-06-04 22:30 - 00025094 _____ () C:\Users\Shorty\Downloads\[kickass.to]fl.studio.producer.edition.11.0.4.signature.bundle.chingliu.torrent
2014-06-04 01:16 - 2014-06-09 17:08 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-03 00:48 - 2014-06-03 00:48 - 00145076 _____ () C:\Users\Shorty\Downloads\Minecraft.jar
2014-06-03 00:47 - 2014-06-03 00:47 - 01109677 _____ (TeamExtreme) C:\Users\Shorty\Downloads\Minecraft.exe
2014-06-02 23:24 - 2014-06-02 23:24 - 00000000 ____D () C:\Program Files (x86)\SearchMe Toolbar
2014-06-02 23:24 - 2014-06-02 23:24 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-05-31 23:35 - 2014-05-22 18:20 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys
2014-05-31 22:01 - 2014-06-09 21:01 - 00001336 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-7.job
2014-05-31 22:01 - 2014-06-09 17:06 - 00003796 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-3.job
2014-05-31 22:01 - 2014-06-09 17:06 - 00002236 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-4.job
2014-05-31 22:01 - 2014-06-09 17:06 - 00001486 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-5.job
2014-05-31 22:01 - 2014-06-09 17:06 - 00001406 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-6.job
2014-05-31 22:01 - 2014-06-09 17:06 - 00001390 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-1.job
2014-05-31 22:01 - 2014-06-09 17:06 - 00001386 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-2.job
2014-05-31 22:01 - 2014-06-09 17:06 - 00000918 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-05-31 22:01 - 2014-06-08 22:06 - 00000922 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-05-31 22:01 - 2014-05-31 22:01 - 00123392 _____ () C:\Windows\system32\DlProtectSvc.exe
2014-05-31 22:01 - 2014-05-31 22:01 - 00119296 _____ () C:\Windows\system32\wkscli64.exe
2014-05-31 22:01 - 2014-05-31 22:01 - 00012800 _____ () C:\ProgramData\dlprotect.exe
2014-05-31 22:01 - 2014-05-31 22:01 - 00006826 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-3
2014-05-31 22:01 - 2014-05-31 22:01 - 00005266 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-4
2014-05-31 22:01 - 2014-05-31 22:01 - 00004516 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-5
2014-05-31 22:01 - 2014-05-31 22:01 - 00004436 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-6
2014-05-31 22:01 - 2014-05-31 22:01 - 00004420 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-1
2014-05-31 22:01 - 2014-05-31 22:01 - 00004416 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-2
2014-05-31 22:01 - 2014-05-31 22:01 - 00004364 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-7
2014-05-31 22:01 - 2014-05-31 22:01 - 00003920 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-05-31 22:01 - 2014-05-31 22:01 - 00003666 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-05-31 22:01 - 2014-05-31 22:01 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\dlg
2014-05-31 22:01 - 2014-05-31 22:01 - 00000000 ____D () C:\Users\Shorty\AppData\Local\globalUpdate
2014-05-31 22:01 - 2014-05-31 22:01 - 00000000 ____D () C:\Program Files (x86)\PlusSHD-9.9
2014-05-31 22:01 - 2014-05-31 22:01 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-05-31 22:00 - 2014-06-04 01:19 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Security System 2
2014-05-31 21:59 - 2014-05-31 21:59 - 00467128 _____ () C:\Users\Shorty\Downloads\lotto-Downloader.exe
2014-05-30 18:04 - 2014-05-30 18:04 - 00232312 _____ (Fusion Install ) C:\Users\Shorty\Downloads\java_setup.exe
2014-05-30 17:43 - 2014-06-02 11:49 - 00000000 ____D () C:\Users\Shorty\Desktop\HACKING
2014-05-30 17:37 - 2014-05-30 17:37 - 00003361 _____ () C:\Users\Shorty\Downloads\[kickass.to]brutus.aet2.torrent
2014-05-30 17:32 - 2014-05-30 17:32 - 00000000 ____H () C:\Users\Shorty\Documents\Default.rdp
2014-05-30 17:21 - 2014-05-30 17:22 - 19961033 _____ () C:\Users\Shorty\Downloads\nmap-6.46-win32.zip
2014-05-30 17:13 - 2014-05-30 17:13 - 01107968 _____ () C:\Users\Shorty\Downloads\RSIT.exe
2014-05-30 17:13 - 2014-05-30 17:13 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-05-30 00:23 - 2014-05-30 00:23 - 00386459 _____ () C:\Users\Shorty\Downloads\Kuh scheißt.mp4
2014-05-30 00:19 - 2014-05-30 00:19 - 00215107 _____ () C:\Users\Shorty\Downloads\Furzende katze.mp4
2014-05-30 00:07 - 2014-05-30 00:09 - 55577752 _____ () C:\Users\Shorty\Downloads\hot-web-cam-girl.avi
2014-05-29 23:46 - 2014-05-29 23:46 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Screaming Bee
2014-05-29 23:45 - 2014-05-29 23:45 - 02970992 _____ () C:\Users\Shorty\Downloads\MorphVOXJunior_Install-1.exe
2014-05-29 23:45 - 2014-05-29 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee
2014-05-29 23:45 - 2014-05-29 23:45 - 00000000 ____D () C:\Program Files (x86)\Screaming Bee
2014-05-29 23:33 - 2014-06-04 02:55 - 00000000 ____D () C:\Users\Shorty\AppData\Local\ManyCam
2014-05-29 23:33 - 2014-05-29 23:33 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\ManyCam
2014-05-29 23:33 - 2014-05-29 23:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2014-05-29 23:33 - 2014-05-29 23:33 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-05-29 23:31 - 2014-05-29 23:31 - 00961360 _____ (Chip Digital GmbH) C:\Users\Shorty\Downloads\ManyCam - CHIP-Installer.exe
2014-05-29 23:26 - 2014-06-04 01:18 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Slick Savings
2014-05-29 23:26 - 2014-05-29 23:26 - 00000000 ____D () C:\Windows\SysWOW64\C2MP
2014-05-29 23:26 - 2014-05-29 23:26 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Slick Savings
2014-05-29 23:26 - 2014-05-29 23:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack
2014-05-29 23:24 - 2014-05-29 23:24 - 00929416 _____ (CNET Download.com) C:\Users\Shorty\Downloads\cbsidlm-cbsi188-Media_Player_Codec_Pack-BP-10749065.exe
2014-05-29 23:24 - 2014-05-29 23:24 - 00929416 _____ (CNET Download.com) C:\Users\Shorty\Downloads\cbsidlm-cbsi188-Media_Player_Codec_Pack-BP-10749065 (1).exe
2014-05-29 23:23 - 2014-05-29 23:23 - 00960566 _____ () C:\Users\Shorty\Downloads\Real Scary Ghost!.mp4
2014-05-29 23:18 - 2014-05-29 23:18 - 05210816 _____ (Webcam Simulator ) C:\Users\Shorty\Downloads\setup.exe
2014-05-29 23:18 - 2014-05-29 23:18 - 05210816 _____ (Webcam Simulator ) C:\Users\Shorty\Downloads\setup (1).exe
2014-05-29 23:18 - 2014-05-29 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webcam Simulator 7.3
2014-05-29 23:16 - 2014-05-29 23:16 - 00244320 _____ () C:\Users\Shorty\Downloads\ManyCamWebInstaller (1).exe
2014-05-29 23:15 - 2014-05-29 23:15 - 00244320 _____ () C:\Users\Shorty\Downloads\ManyCamWebInstaller.exe
2014-05-28 22:59 - 2014-05-28 22:59 - 00287448 _____ () C:\Users\Shorty\Downloads\jomgegar Crypter by DzkiLLeR.rar
2014-05-28 12:31 - 2014-05-28 13:30 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Ubisoft Game Launcher
2014-05-28 12:31 - 2014-05-28 12:31 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-05-28 12:31 - 2014-05-28 12:31 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-05-28 11:13 - 2014-05-31 22:01 - 00000000 ___RD () C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-22 18:22 - 2014-05-28 11:09 - 00000000 ____D () C:\Users\Shorty\Downloads\Postal 3
2014-05-22 18:22 - 2014-05-22 18:22 - 00027850 _____ () C:\Users\Shorty\Downloads\[kickass.to]postal.3.torrent
2014-05-21 20:58 - 2014-05-21 20:58 - 00001449 _____ () C:\Users\Shorty\AppData\Local\recently-used.xbel
2014-05-18 22:18 - 2014-05-18 22:18 - 00045400 _____ () C:\Windows\SysWOW64\DiscHandler.exe
2014-05-18 13:49 - 2014-05-18 13:49 - 03535741 _____ () C:\Users\Shorty\Downloads\[www.OldSchoolHack.de]_MW3 .NET External ESP v3.9 by master131 (1).rar
2014-05-18 12:28 - 2014-05-18 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-18 12:28 - 2014-05-18 12:28 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-17 20:16 - 2014-05-17 20:16 - 01349667 _____ () C:\Users\Shorty\Downloads\Trololololo (1).7z
2014-05-17 20:15 - 2014-05-17 20:15 - 13005312 _____ () C:\Users\Shorty\AppData\Local\LbhprVWVzG6XeKnqgHErMwacUiHRBgBVZwOHHhG1UT8lA9Q1puAGTI2c9T6wLpC4as4aREHOoSTH2vFOaGw7H6EbHIYKt73bCEEOBk1Qpv3gt7ZmW5.exe
2014-05-17 20:13 - 2014-05-17 20:13 - 02296980 _____ () C:\Users\Shorty\Downloads\MrEpiclolface trololo.zip
2014-05-17 20:11 - 2014-05-17 20:11 - 01349667 _____ () C:\Users\Shorty\Downloads\Trololololo.7z
2014-05-13 17:05 - 2014-05-13 17:05 - 04374528 _____ () C:\Windows\system32\ffdshow.ax
2014-05-13 17:05 - 2014-05-13 17:05 - 04009984 _____ () C:\Windows\system32\ffmpeg.dll
2014-05-13 17:05 - 2014-05-13 17:05 - 00474624 _____ () C:\Windows\system32\ff_kernelDeint.dll
2014-05-13 17:05 - 2014-05-13 17:05 - 00127488 _____ () C:\Windows\system32\ff_vfw.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 01532928 _____ () C:\Windows\system32\ff_samplerate.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00631296 _____ () C:\Windows\system32\TomsMoComp_ff.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00222720 _____ () C:\Windows\system32\ff_libdts.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00190464 _____ () C:\Windows\system32\libmpeg2_ff.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00183296 _____ () C:\Windows\system32\ff_unrar.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00156672 _____ () C:\Windows\system32\ff_libmad.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00116224 _____ () C:\Windows\system32\ff_liba52.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00114688 _____ () C:\Windows\system32\ff_wmv9.dll
2014-05-13 17:02 - 2014-05-13 17:02 - 03916288 _____ () C:\Windows\SysWOW64\ffmpeg.dll
2014-05-13 17:01 - 2014-05-13 17:01 - 03502592 _____ () C:\Windows\SysWOW64\ffdshow.ax
2014-05-13 17:01 - 2014-05-13 17:01 - 00271360 _____ () C:\Windows\SysWOW64\TomsMoComp_ff.dll
2014-05-13 17:01 - 2014-05-13 17:01 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 01525760 _____ () C:\Windows\SysWOW64\ff_samplerate.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00211968 _____ () C:\Windows\SysWOW64\ff_libdts.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00157184 _____ () C:\Windows\SysWOW64\ff_unrar.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00147456 _____ () C:\Windows\SysWOW64\ff_libmad.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00136704 _____ () C:\Windows\SysWOW64\libmpeg2_ff.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00114688 _____ () C:\Windows\SysWOW64\ff_liba52.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00099840 _____ () C:\Windows\SysWOW64\ff_wmv9.dll
2014-05-11 15:57 - 2014-05-11 15:57 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Ascaron Entertainment
2014-05-11 15:29 - 2014-05-11 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2014-05-10 00:23 - 2014-05-10 00:29 - 00000000 __SHD () C:\Users\Shorty\AppData\Roaming\wyUpdate AU
2014-05-10 00:23 - 2014-05-10 00:29 - 00000000 ____D () C:\Users\Shorty\Documents\Universe Sandbox
2014-05-10 00:23 - 2014-05-10 00:23 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\System
2014-05-10 00:23 - 2014-05-10 00:23 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Universe Sandbox
2014-05-10 00:21 - 2014-05-10 00:22 - 00000000 ____D () C:\Users\Shorty\Downloads\Beat Hazard
==================== One Month Modified Files and Folders =======
2014-06-09 21:51 - 2014-06-09 21:51 - 01333465 _____ () C:\Users\Shorty\Downloads\adwcleaner_3.212.exe
2014-06-09 21:51 - 2014-06-09 21:51 - 00280045 _____ () C:\Users\Shorty\Downloads\Nicht bestätigt 997419.crdownload
2014-06-09 21:51 - 2014-06-09 21:51 - 00019098 _____ () C:\Users\Shorty\Downloads\FRST.txt
2014-06-09 21:51 - 2014-06-09 21:51 - 00000000 ____D () C:\FRST
2014-06-09 21:51 - 2013-11-25 21:00 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Temp
2014-06-09 21:50 - 2014-06-09 21:50 - 02080768 _____ (Farbar) C:\Users\Shorty\Downloads\FRST64.exe
2014-06-09 21:48 - 2013-12-05 01:26 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Battle.net
2014-06-09 21:30 - 2014-06-09 21:30 - 00010925 _____ () C:\Users\Shorty\Desktop\hijackthis.log
2014-06-09 21:30 - 2014-06-09 21:23 - 00010925 _____ () C:\Users\Shorty\Downloads\hijackthis.log
2014-06-09 21:28 - 2014-06-09 21:28 - 00003142 _____ () C:\Windows\System32\Tasks\{D24FF73B-DE36-4B62-B7E2-B4CE36598E8A}
2014-06-09 21:23 - 2014-06-09 21:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\Shorty\Downloads\HiJackThis204.exe
2014-06-09 21:23 - 2014-06-09 21:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\Shorty\Downloads\HiJackThis204 (1).exe
2014-06-09 21:01 - 2014-05-31 22:01 - 00001336 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-7.job
2014-06-09 18:49 - 2014-01-13 15:17 - 00889812 _____ () C:\Windows\WindowsUpdate.log
2014-06-09 17:27 - 2013-11-25 21:15 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-06-09 17:12 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-06-09 17:12 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-06-09 17:12 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-09 17:08 - 2014-06-04 01:16 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-09 17:06 - 2014-05-31 22:01 - 00003796 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-3.job
2014-06-09 17:06 - 2014-05-31 22:01 - 00002236 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-4.job
2014-06-09 17:06 - 2014-05-31 22:01 - 00001486 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-5.job
2014-06-09 17:06 - 2014-05-31 22:01 - 00001406 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-6.job
2014-06-09 17:06 - 2014-05-31 22:01 - 00001390 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-1.job
2014-06-09 17:06 - 2014-05-31 22:01 - 00001386 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-2.job
2014-06-09 17:06 - 2014-05-31 22:01 - 00000918 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-06-09 17:06 - 2014-04-25 13:35 - 00000000 ____D () C:\Users\Shorty\AppData\Local\MyComGames
2014-06-09 17:06 - 2014-03-16 14:55 - 00000000 ____D () C:\Users\Shorty\AppData\Local\LogMeIn Hamachi
2014-06-09 17:06 - 2014-01-13 15:17 - 00055580 _____ () C:\Windows\setupact.log
2014-06-09 17:06 - 2013-11-25 21:48 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\BitTorrent
2014-06-09 17:06 - 2013-11-25 21:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-09 17:06 - 2013-11-25 21:15 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-06-09 17:06 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-08 22:29 - 2014-01-30 19:43 - 00000000 ____D () C:\Users\Shorty\Desktop\Bilder
2014-06-08 22:06 - 2014-05-31 22:01 - 00000922 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-06-08 22:06 - 2013-11-26 18:29 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Skype
2014-06-07 00:34 - 2013-12-18 20:37 - 00000000 ____D () C:\Users\Shorty\Desktop\Spiele
2014-06-06 23:18 - 2014-06-06 23:18 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Among the sleep
2014-06-06 23:18 - 2014-06-06 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2014-06-06 23:13 - 2014-06-06 18:59 - 00000000 ____D () C:\Users\Shorty\Downloads\[R.G. Mechanics] Among the sleep
2014-06-06 18:58 - 2014-06-06 18:58 - 00012714 _____ () C:\Users\Shorty\Downloads\[kickass.to]among.the.sleep.2014.pc.repack.by.r.g.Мechanics.torrent
2014-06-06 13:59 - 2014-01-31 19:44 - 00012958 _____ () C:\Windows\PFRO.log
2014-06-05 22:14 - 2014-06-05 22:14 - 00000000 ____D () C:\Users\Shorty\Documents\Freemake
2014-06-05 22:14 - 2014-06-05 22:14 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-05 22:14 - 2014-06-05 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-05 22:14 - 2014-06-05 22:14 - 00000000 ____D () C:\ProgramData\Freemake
2014-06-05 22:13 - 2014-06-05 22:13 - 01325576 _____ (Ellora Assets Corporation ) C:\Users\Shorty\Downloads\FreemakeVideoConverterSetup.exe
2014-06-04 22:45 - 2014-06-04 22:30 - 00000000 ____D () C:\Users\Shorty\Downloads\FL Studio Producer Edition 11.0.4 Signature Bundle [ChingLiu]
2014-06-04 22:39 - 2014-06-04 22:39 - 00000000 ____D () C:\Users\Shorty\Downloads\RgcAudio z3ta+ DXi VSTi v1.4
2014-06-04 22:30 - 2014-06-04 22:30 - 00025094 _____ () C:\Users\Shorty\Downloads\[kickass.to]fl.studio.producer.edition.11.0.4.signature.bundle.chingliu.torrent
2014-06-04 02:55 - 2014-05-29 23:33 - 00000000 ____D () C:\Users\Shorty\AppData\Local\ManyCam
2014-06-04 01:19 - 2014-05-31 22:00 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Security System 2
2014-06-04 01:18 - 2014-05-29 23:26 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Slick Savings
2014-06-04 01:16 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-04 01:15 - 2009-07-14 04:34 - 00000541 _____ () C:\Windows\win.ini
2014-06-03 01:35 - 2009-07-14 06:45 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-03 01:35 - 2009-07-14 06:45 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-03 01:00 - 2013-11-26 00:45 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\.minecraft
2014-06-03 00:48 - 2014-06-03 00:48 - 00145076 _____ () C:\Users\Shorty\Downloads\Minecraft.jar
2014-06-03 00:47 - 2014-06-03 00:47 - 01109677 _____ (TeamExtreme) C:\Users\Shorty\Downloads\Minecraft.exe
2014-06-02 23:24 - 2014-06-02 23:24 - 00000000 ____D () C:\Program Files (x86)\SearchMe Toolbar
2014-06-02 23:24 - 2014-06-02 23:24 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-06-02 23:19 - 2013-12-04 17:35 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\TS3Client
2014-06-02 11:49 - 2014-05-30 17:43 - 00000000 ____D () C:\Users\Shorty\Desktop\HACKING
2014-06-02 11:48 - 2014-04-06 15:33 - 00000000 ____D () C:\ProgramData\Origin
2014-05-31 22:01 - 2014-05-31 22:01 - 00123392 _____ () C:\Windows\system32\DlProtectSvc.exe
2014-05-31 22:01 - 2014-05-31 22:01 - 00119296 _____ () C:\Windows\system32\wkscli64.exe
2014-05-31 22:01 - 2014-05-31 22:01 - 00012800 _____ () C:\ProgramData\dlprotect.exe
2014-05-31 22:01 - 2014-05-31 22:01 - 00006826 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-3
2014-05-31 22:01 - 2014-05-31 22:01 - 00005266 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-4
2014-05-31 22:01 - 2014-05-31 22:01 - 00004516 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-5
2014-05-31 22:01 - 2014-05-31 22:01 - 00004436 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-6
2014-05-31 22:01 - 2014-05-31 22:01 - 00004420 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-1
2014-05-31 22:01 - 2014-05-31 22:01 - 00004416 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-2
2014-05-31 22:01 - 2014-05-31 22:01 - 00004364 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-7
2014-05-31 22:01 - 2014-05-31 22:01 - 00003920 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-05-31 22:01 - 2014-05-31 22:01 - 00003666 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-05-31 22:01 - 2014-05-31 22:01 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\dlg
2014-05-31 22:01 - 2014-05-31 22:01 - 00000000 ____D () C:\Users\Shorty\AppData\Local\globalUpdate
2014-05-31 22:01 - 2014-05-31 22:01 - 00000000 ____D () C:\Program Files (x86)\PlusSHD-9.9
2014-05-31 22:01 - 2014-05-31 22:01 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-05-31 22:01 - 2014-05-28 11:13 - 00000000 ___RD () C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-31 22:01 - 2014-03-19 06:29 - 00290816 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2014-05-31 21:59 - 2014-05-31 21:59 - 00467128 _____ () C:\Users\Shorty\Downloads\lotto-Downloader.exe
2014-05-30 18:04 - 2014-05-30 18:04 - 00232312 _____ (Fusion Install ) C:\Users\Shorty\Downloads\java_setup.exe
2014-05-30 17:44 - 2014-05-02 17:28 - 00000000 ____D () C:\Users\Shorty\Desktop\Virus Things
2014-05-30 17:37 - 2014-05-30 17:37 - 00003361 _____ () C:\Users\Shorty\Downloads\[kickass.to]brutus.aet2.torrent
2014-05-30 17:32 - 2014-05-30 17:32 - 00000000 ____H () C:\Users\Shorty\Documents\Default.rdp
2014-05-30 17:22 - 2014-05-30 17:21 - 19961033 _____ () C:\Users\Shorty\Downloads\nmap-6.46-win32.zip
2014-05-30 17:13 - 2014-05-30 17:13 - 01107968 _____ () C:\Users\Shorty\Downloads\RSIT.exe
2014-05-30 17:13 - 2014-05-30 17:13 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-05-30 00:23 - 2014-05-30 00:23 - 00386459 _____ () C:\Users\Shorty\Downloads\Kuh scheißt.mp4
2014-05-30 00:19 - 2014-05-30 00:19 - 00215107 _____ () C:\Users\Shorty\Downloads\Furzende katze.mp4
2014-05-30 00:09 - 2014-05-30 00:07 - 55577752 _____ () C:\Users\Shorty\Downloads\hot-web-cam-girl.avi
2014-05-29 23:46 - 2014-05-29 23:46 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Screaming Bee
2014-05-29 23:45 - 2014-05-29 23:45 - 02970992 _____ () C:\Users\Shorty\Downloads\MorphVOXJunior_Install-1.exe
2014-05-29 23:45 - 2014-05-29 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee
2014-05-29 23:45 - 2014-05-29 23:45 - 00000000 ____D () C:\Program Files (x86)\Screaming Bee
2014-05-29 23:33 - 2014-05-29 23:33 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\ManyCam
2014-05-29 23:33 - 2014-05-29 23:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2014-05-29 23:33 - 2014-05-29 23:33 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-05-29 23:31 - 2014-05-29 23:31 - 00961360 _____ (Chip Digital GmbH) C:\Users\Shorty\Downloads\ManyCam - CHIP-Installer.exe
2014-05-29 23:26 - 2014-05-29 23:26 - 00000000 ____D () C:\Windows\SysWOW64\C2MP
2014-05-29 23:26 - 2014-05-29 23:26 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Slick Savings
2014-05-29 23:26 - 2014-05-29 23:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack
2014-05-29 23:26 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-29 23:24 - 2014-05-29 23:24 - 00929416 _____ (CNET Download.com) C:\Users\Shorty\Downloads\cbsidlm-cbsi188-Media_Player_Codec_Pack-BP-10749065.exe
2014-05-29 23:24 - 2014-05-29 23:24 - 00929416 _____ (CNET Download.com) C:\Users\Shorty\Downloads\cbsidlm-cbsi188-Media_Player_Codec_Pack-BP-10749065 (1).exe
2014-05-29 23:23 - 2014-05-29 23:23 - 00960566 _____ () C:\Users\Shorty\Downloads\Real Scary Ghost!.mp4
2014-05-29 23:18 - 2014-05-29 23:18 - 05210816 _____ (Webcam Simulator ) C:\Users\Shorty\Downloads\setup.exe
2014-05-29 23:18 - 2014-05-29 23:18 - 05210816 _____ (Webcam Simulator ) C:\Users\Shorty\Downloads\setup (1).exe
2014-05-29 23:18 - 2014-05-29 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webcam Simulator 7.3
2014-05-29 23:16 - 2014-05-29 23:16 - 00244320 _____ () C:\Users\Shorty\Downloads\ManyCamWebInstaller (1).exe
2014-05-29 23:15 - 2014-05-29 23:15 - 00244320 _____ () C:\Users\Shorty\Downloads\ManyCamWebInstaller.exe
2014-05-28 22:59 - 2014-05-28 22:59 - 00287448 _____ () C:\Users\Shorty\Downloads\jomgegar Crypter by DzkiLLeR.rar
2014-05-28 13:30 - 2014-05-28 12:31 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Ubisoft Game Launcher
2014-05-28 13:21 - 2014-02-02 12:37 - 00000000 ____D () C:\Users\Shorty\Documents\My Games
2014-05-28 12:31 - 2014-05-28 12:31 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-05-28 12:31 - 2014-05-28 12:31 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-05-28 12:30 - 2014-02-22 00:26 - 00214191 _____ () C:\Windows\DirectX.log
2014-05-28 12:23 - 2013-11-25 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-05-28 12:22 - 2013-11-25 21:24 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-28 11:09 - 2014-05-22 18:22 - 00000000 ____D () C:\Users\Shorty\Downloads\Postal 3
2014-05-25 17:42 - 2013-11-26 19:35 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-25 17:42 - 2013-11-26 19:35 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-22 20:32 - 2014-01-30 19:43 - 00000000 ____D () C:\Users\Shorty\Desktop\Musik
2014-05-22 18:22 - 2014-05-22 18:22 - 00027850 _____ () C:\Users\Shorty\Downloads\[kickass.to]postal.3.torrent
2014-05-22 18:20 - 2014-05-31 23:35 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys
2014-05-22 16:25 - 2013-12-04 19:03 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-05-21 22:49 - 2014-05-07 19:18 - 00000000 ____D () C:\Users\Shorty\Desktop\maps
2014-05-21 22:49 - 2013-12-18 16:50 - 00000000 ____D () C:\Users\Shorty\Desktop\PC
2014-05-21 20:58 - 2014-05-21 20:58 - 00001449 _____ () C:\Users\Shorty\AppData\Local\recently-used.xbel
2014-05-21 20:58 - 2014-04-27 12:09 - 00000000 ____D () C:\Users\Shorty\AppData\Local\gtk-2.0
2014-05-21 20:58 - 2014-02-20 23:37 - 00000000 ____D () C:\Users\Shorty\.gimp-2.8
2014-05-20 04:44 - 2014-05-28 12:20 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-20 04:44 - 2014-05-28 12:20 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-20 04:44 - 2014-05-28 12:20 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-20 04:44 - 2014-05-28 12:20 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-20 04:44 - 2014-05-28 12:20 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-20 04:44 - 2014-05-28 12:20 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-20 04:44 - 2014-05-28 12:20 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-20 04:44 - 2014-05-28 12:20 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-05-20 04:44 - 2014-05-28 12:20 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-20 04:44 - 2014-05-28 12:20 - 00335704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-05-20 04:44 - 2014-05-28 12:20 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-20 04:44 - 2013-11-25 21:24 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44 - 2013-11-25 21:24 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-20 04:44 - 2013-11-25 21:24 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-20 04:44 - 2013-11-25 21:24 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-20 04:44 - 2013-11-25 21:24 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-05-20 04:44 - 2013-11-25 21:24 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-20 04:44 - 2013-11-25 21:24 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-20 04:44 - 2013-11-25 21:24 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-05-20 03:25 - 2013-11-25 21:24 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-20 03:25 - 2013-11-25 21:24 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25 - 2013-11-25 21:24 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25 - 2013-11-25 21:24 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25 - 2013-11-25 21:24 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-20 03:25 - 2013-11-25 21:24 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-05-20 01:10 - 2014-05-28 12:22 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-18 22:18 - 2014-05-18 22:18 - 00045400 _____ () C:\Windows\SysWOW64\DiscHandler.exe
2014-05-18 13:49 - 2014-05-18 13:49 - 03535741 _____ () C:\Users\Shorty\Downloads\[www.OldSchoolHack.de]_MW3 .NET External ESP v3.9 by master131 (1).rar
2014-05-18 12:28 - 2014-05-18 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-18 12:28 - 2014-05-18 12:28 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-17 20:16 - 2014-05-17 20:16 - 01349667 _____ () C:\Users\Shorty\Downloads\Trololololo (1).7z
2014-05-17 20:15 - 2014-05-17 20:15 - 13005312 _____ () C:\Users\Shorty\AppData\Local\LbhprVWVzG6XeKnqgHErMwacUiHRBgBVZwOHHhG1UT8lA9Q1puAGTI2c9T6wLpC4as4aREHOoSTH2vFOaGw7H6EbHIYKt73bCEEOBk1Qpv3gt7ZmW5.exe
2014-05-17 20:13 - 2014-05-17 20:13 - 02296980 _____ () C:\Users\Shorty\Downloads\MrEpiclolface trololo.zip
2014-05-17 20:11 - 2014-05-17 20:11 - 01349667 _____ () C:\Users\Shorty\Downloads\Trololololo.7z
2014-05-15 01:49 - 2013-11-25 21:24 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-05-13 17:05 - 2014-05-13 17:05 - 04374528 _____ () C:\Windows\system32\ffdshow.ax
2014-05-13 17:05 - 2014-05-13 17:05 - 04009984 _____ () C:\Windows\system32\ffmpeg.dll
2014-05-13 17:05 - 2014-05-13 17:05 - 00474624 _____ () C:\Windows\system32\ff_kernelDeint.dll
2014-05-13 17:05 - 2014-05-13 17:05 - 00127488 _____ () C:\Windows\system32\ff_vfw.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 01532928 _____ () C:\Windows\system32\ff_samplerate.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00631296 _____ () C:\Windows\system32\TomsMoComp_ff.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00222720 _____ () C:\Windows\system32\ff_libdts.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00190464 _____ () C:\Windows\system32\libmpeg2_ff.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00183296 _____ () C:\Windows\system32\ff_unrar.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00156672 _____ () C:\Windows\system32\ff_libmad.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00116224 _____ () C:\Windows\system32\ff_liba52.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00114688 _____ () C:\Windows\system32\ff_wmv9.dll
2014-05-13 17:02 - 2014-05-13 17:02 - 03916288 _____ () C:\Windows\SysWOW64\ffmpeg.dll
2014-05-13 17:01 - 2014-05-13 17:01 - 03502592 _____ () C:\Windows\SysWOW64\ffdshow.ax
2014-05-13 17:01 - 2014-05-13 17:01 - 00271360 _____ () C:\Windows\SysWOW64\TomsMoComp_ff.dll
2014-05-13 17:01 - 2014-05-13 17:01 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 01525760 _____ () C:\Windows\SysWOW64\ff_samplerate.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00211968 _____ () C:\Windows\SysWOW64\ff_libdts.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00157184 _____ () C:\Windows\SysWOW64\ff_unrar.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00147456 _____ () C:\Windows\SysWOW64\ff_libmad.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00136704 _____ () C:\Windows\SysWOW64\libmpeg2_ff.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00114688 _____ () C:\Windows\SysWOW64\ff_liba52.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00099840 _____ () C:\Windows\SysWOW64\ff_wmv9.dll
2014-05-11 15:57 - 2014-05-11 15:57 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Ascaron Entertainment
2014-05-11 15:29 - 2014-05-11 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2014-05-10 00:29 - 2014-05-10 00:23 - 00000000 __SHD () C:\Users\Shorty\AppData\Roaming\wyUpdate AU
2014-05-10 00:29 - 2014-05-10 00:23 - 00000000 ____D () C:\Users\Shorty\Documents\Universe Sandbox
2014-05-10 00:23 - 2014-05-10 00:23 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\System
2014-05-10 00:23 - 2014-05-10 00:23 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Universe Sandbox
2014-05-10 00:22 - 2014-05-10 00:21 - 00000000 ____D () C:\Users\Shorty\Downloads\Beat Hazard
Files to move or delete:
====================
C:\ProgramData\dlprotect.exe
Some content of TEMP:
====================
C:\Users\Shorty\AppData\Local\Temp\4iy0RcPYtf.exe
C:\Users\Shorty\AppData\Local\Temp\98gzdQAGEO.exe
C:\Users\Shorty\AppData\Local\Temp\binkw32.dll
C:\Users\Shorty\AppData\Local\Temp\d2l_Install.exe
C:\Users\Shorty\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.1.exe
C:\Users\Shorty\AppData\Local\Temp\i4jdel0.exe
C:\Users\Shorty\AppData\Local\Temp\instloffer.exe
C:\Users\Shorty\AppData\Local\Temp\jj2RNx61w3.exe
C:\Users\Shorty\AppData\Local\Temp\LAUNCHER.EXE
C:\Users\Shorty\AppData\Local\Temp\N5PxROC8M5.exe
C:\Users\Shorty\AppData\Local\Temp\nsi17E5.exe
C:\Users\Shorty\AppData\Local\Temp\nsi1A3.exe
C:\Users\Shorty\AppData\Local\Temp\nst1601.exe
C:\Users\Shorty\AppData\Local\Temp\nstFFBF.exe
C:\Users\Shorty\AppData\Local\Temp\nsw8614.exe
C:\Users\Shorty\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Shorty\AppData\Local\Temp\nvStInst.exe
C:\Users\Shorty\AppData\Local\Temp\ot9Lapa2oX.exe
C:\Users\Shorty\AppData\Local\Temp\setup.exe
C:\Users\Shorty\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Shorty\AppData\Local\Temp\sonarinst.exe
C:\Users\Shorty\AppData\Local\Temp\SVCHOST.EXE
C:\Users\Shorty\AppData\Local\Temp\vs60wiz.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-08 19:28
==================== End Of Log ============================
* nvidia dateien weg sonst zu viel zeichen adw cleaner: Code:
ATTFilter # AdwCleaner v3.212 - Bericht erstellt am 09/06/2014 um 21:53:07
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium (64 bits)
# Benutzername : Shorty - SHORTY-PC
# Gestartet von : C:\Users\Shorty\Downloads\adwcleaner_3.212.exe
# Option : Suchen
***** [ Dienste ] *****
Dienst Gefunden : Application Updater
Dienst Gefunden : globalUpdate
Dienst Gefunden : globalUpdatem
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gefunden : C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gefunden : C:\Windows\System32\roboot64.exe
Datei Gefunden : C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-1
Datei Gefunden : C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-2
Datei Gefunden : C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-3
Datei Gefunden : C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-4
Datei Gefunden : C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-5
Datei Gefunden : C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-6
Datei Gefunden : C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-7
Datei Gefunden : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
Datei Gefunden : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
Datei Gefunden : C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-1.job
Datei Gefunden : C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-2.job
Datei Gefunden : C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-3.job
Datei Gefunden : C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-4.job
Datei Gefunden : C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-5.job
Datei Gefunden : C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-6.job
Datei Gefunden : C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-7.job
Datei Gefunden : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
Datei Gefunden : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
Ordner Gefunden : C:\Program Files (x86)\Application Updater
Ordner Gefunden : C:\Program Files (x86)\Common Files\Spigot
Ordner Gefunden : C:\Program Files (x86)\globalUpdate
Ordner Gefunden : C:\Program Files (x86)\SearchMe Toolbar
Ordner Gefunden : C:\ProgramData\Trymedia
Ordner Gefunden : C:\Users\Shorty\AppData\Local\globalUpdate
Ordner Gefunden : C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe
Ordner Gefunden : C:\Users\Shorty\AppData\Local\Slick Savings
Ordner Gefunden : C:\Users\Shorty\AppData\Local\Temp\OCS
Ordner Gefunden : C:\Users\Shorty\AppData\Local\Temp\raving reyven
Ordner Gefunden : C:\Users\Shorty\AppData\LocalLow\Search Settings
Ordner Gefunden : C:\Users\Shorty\AppData\Roaming\Slick Savings
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Show-Password
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\installedbrowserextensions
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\Search Settings
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\installedbrowserextensions
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\Search Settings
Schlüssel Gefunden : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\Software\Application Updater
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522292216}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{4A40A2A9-DD1C-11CE-B7A6-00AA006EC3D4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0052916.BHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0052916.BHO.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0052916.Sandbox
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0052916.Sandbox.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555295516}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566296616}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544294416}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Schlüssel Gefunden : HKLM\Software\installedbrowserextensions
Schlüssel Gefunden : HKLM\Software\InstallIQ
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-245486970
Schlüssel Gefunden : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gefunden : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gefunden : HKLM\Software\Search Settings
Schlüssel Gefunden : HKLM\Software\SProtector
Schlüssel Gefunden : HKLM\Software\systweak
Schlüssel Gefunden : HKLM\Software\Vittalia
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522292216}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555295516}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566296616}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\installedbrowserextensions
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291116}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B9C767DD-F66A-40B4-8F12-4199A9A4393C}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B9C767DD-F66A-40B4-8F12-4199A9A4393C}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B9C767DD-F66A-40B4-8F12-4199A9A4393C}]
***** [ Browser ] *****
-\\ Internet Explorer v8.0.7600.16385
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MCF6E9A04-AC1C-4F51-A6A1-2B197E1108C1&SearchSource=55&CUI=&UM=5&UP=SPBEE8CC4D-566F-4F5C-A2A6-88EA63B2C172&SSPV=
-\\ Google Chrome v33.0.1750.154
[ Datei : C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gefunden [Startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MCF6E9A04-AC1C-4F51-A6A1-2B197E1108C1&SearchSource=55&CUI=&UM=5&UP=SPBEE8CC4D-566F-4F5C-A2A6-88EA63B2C172&SSPV=
Gefunden [Extension] : aaipilfmheplbcghignccoiiebekkdhe
Gefunden [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gefunden [Extension] : cikkkfooompgefbcjlgdjejfdknkheaj
Gefunden [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gefunden [Extension] : gpiifgmgnfdiblgpaepbmfdkcheicgof
Gefunden [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Gefunden [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Gefunden [Extension] : pfndaklgolladniicklehhancnlgocpp
*************************
AdwCleaner[R0].txt - [11337 octets] - [09/06/2014 21:53:07]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [11398 octets] ##########
Geändert von Azzuros (09.06.2014 um 20:56 Uhr) |
| Themen zu Virus, Trojaner, irgendwas habe ich ja |
| 4d36e972-e325-11ce-bfc1-08002be10318, association, backdoor.agent.dcrsagen, battle.net, bluestacks, conduitsearch, conduitsearch entfernen, cpu-z, crypter, dateien, explorer, ferngesteuert, genesis, hijackthis, internet, internet explorer, langsam, lsass.exe, malware.trace, microsoft, preferences, registrierungsdatenbank, security, seiten, software, stolen.data, teredo, trojan.downloader, trojaner, windows |
Baum-Darstellung