| |
| |||||||
Log-Analyse und Auswertung: Windows 7, Google Chrome, neue Tabs (Werbung) öffnet sich dauernd beim SurfenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
04.07.2014, 12:34
| #1 |
| |  Windows 7, Google Chrome, neue Tabs (Werbung) öffnet sich dauernd beim Surfen hey Leute, ich habe das Problem, dass sich dauernd neue Tabs mit Werbung öffnen. Sie öffnen sich hauptsächlich beim Öffnen von andren Seiten. D.h. der angeklickte Link + irgendeine Werbung öffnen sich. Auch wenn ich gerade neu auf www.google.de gehe, etwas eingeben möchte, öffnet sich Werbung bei nicht mal zu ende geschriebenen Suchtext. Ich habe hier auf dieser Seite mich etwas informiert und schon einen Scan durchgeführt. FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2014
Ran by Admin (administrator) on ADMIN-PC on 04-07-2014 13:23:02
Running from C:\Users\Admin\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\RrFilter\RrFilterService64.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\Admin\AppData\Local\pgcchelper\pgcchelper.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Samurize.com) C:\Program Files (x86)\Samurize\Client.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\cscript.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Sandboxie <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKU\S-1-5-21-864206691-1170183234-3533522826-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-864206691-1170183234-3533522826-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-864206691-1170183234-3533522826-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-864206691-1170183234-3533522826-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784392 2014-05-29] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-864206691-1170183234-3533522826-1000\...\Run: [SpeedUpMyComputer] => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as
HKU\S-1-5-21-864206691-1170183234-3533522826-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-864206691-1170183234-3533522826-1000\...\Run: [FixMyRegistry] => C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss
HKU\S-1-5-21-864206691-1170183234-3533522826-1000\...\Run: [pgcchelper] => C:\Users\Admin\AppData\Local\pgcchelper\pgcchelper.exe [465920 2013-08-21] ()
HKU\S-1-5-21-864206691-1170183234-3533522826-1000\...\MountPoints2: K - K:\Setup.exe
HKU\S-1-5-21-864206691-1170183234-3533522826-1000\...\MountPoints2: {9aa10367-d36e-11e1-8b2b-806e6f6e6963} - E:\setup.exe
HKU\S-1-5-21-864206691-1170183234-3533522826-1000\...\MountPoints2: {fa2e8a21-d7e2-11e1-815d-c860006274bb} - K:\setup.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [220992 2014-06-26] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [182080 2014-06-26] (Client Connect LTD)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Client - Verknüpfung.lnk
ShortcutTarget: Client - Verknüpfung.lnk -> C:\Program Files (x86)\Samurize\Client.exe (Samurize.com)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.exe.lnk
ShortcutTarget: Rainmeter.exe.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avsinit.vbs ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\bcb2init.vbs ()
==================== Internet (Whitelisted) ====================
ProxyServer: 127.0.0.1:8082
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.b1.org/?bsrc=hmior&chid=c162341
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?gd=&ctid=CT3318522&octid=EB_ORIGINAL_CTID&ISID=M84AEE799-3C92-4BB4-B3D4-1507D300FCB6&SearchSource=55&CUI=&UM=5&UP=SP0362F3D6-664B-4F53-B9E4-8B009C920A6A&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1389876884&from=amt&uid=ST3320820AS_5QF1SBP5XXXX5QF1SBP5
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Before = hxxp://www1.delta-search.com/?affID=121631&tt=gc_&babsrc=HP_ss&mntrId=7EF000FFB18F0BCF
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page Before = hxxp://search.b1.org/?bsrc=hmior&chid=c162341
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389876884&from=amt&uid=ST3320820AS_5QF1SBP5XXXX5QF1SBP5&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1389876884&from=amt&uid=ST3320820AS_5QF1SBP5XXXX5QF1SBP5
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1389876884&from=amt&uid=ST3320820AS_5QF1SBP5XXXX5QF1SBP5
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1389876884&from=amt&uid=ST3320820AS_5QF1SBP5XXXX5QF1SBP5&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389876884&from=amt&uid=ST3320820AS_5QF1SBP5XXXX5QF1SBP5&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1389876884&from=amt&uid=ST3320820AS_5QF1SBP5XXXX5QF1SBP5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1389876884&from=amt&uid=ST3320820AS_5QF1SBP5XXXX5QF1SBP5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1389876884&from=amt&uid=ST3320820AS_5QF1SBP5XXXX5QF1SBP5&q={searchTerms}
URLSearchHook: HKLM-x32 - Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1389876884&from=amt&uid=ST3320820AS_5QF1SBP5XXXX5QF1SBP5
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389876884&from=amt&uid=ST3320820AS_5QF1SBP5XXXX5QF1SBP5&q={searchTerms}
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389876884&from=amt&uid=ST3320820AS_5QF1SBP5XXXX5QF1SBP5&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389876884&from=amt&uid=ST3320820AS_5QF1SBP5XXXX5QF1SBP5&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389876884&from=amt&uid=ST3320820AS_5QF1SBP5XXXX5QF1SBP5&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3318522&octid=EB_ORIGINAL_CTID&ISID=M84AEE799-3C92-4BB4-B3D4-1507D300FCB6&SearchSource=58&CUI=&UM=5&UP=SP0362F3D6-664B-4F53-B9E4-8B009C920A6A&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3318522&octid=EB_ORIGINAL_CTID&ISID=M84AEE799-3C92-4BB4-B3D4-1507D300FCB6&SearchSource=58&CUI=&UM=5&UP=SP0362F3D6-664B-4F53-B9E4-8B009C920A6A&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://mixidj.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=7EF000FFB18F0BCF&affID=123187&tsp=4957
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389876884&from=amt&uid=ST3320820AS_5QF1SBP5XXXX5QF1SBP5&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3318522&octid=EB_ORIGINAL_CTID&ISID=M84AEE799-3C92-4BB4-B3D4-1507D300FCB6&SearchSource=58&CUI=&UM=5&UP=SP0362F3D6-664B-4F53-B9E4-8B009C920A6A&q={searchTerms}&SSPV=
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb178/?search={searchTerms}&loc=IB_DS&a=6OyO7YrUP2&i=26
SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/search?utf8in=1&fr=ietb&q={SearchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll (SIEN)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RrSavings - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\Rr Savings\RrSavings.dll ()
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name - {8984B388-A5BB-4DF7-B274-77B879E179DB} - No File
BHO-x32: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll (SIEN)
BHO-x32: Kozaka - {a45e3fa8-5048-4372-94ad-c6661671f7fc} - C:\Program Files (x86)\Kozaka\Kozakabho.dll (Kozaka)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - loadtbs - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - C:\Users\Admin\AppData\Roaming\loadtbs\toolbar.dll (InfiniAd GmbH)
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} - No File
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3obi24th.default
FF NewTab: hxxp://search.conduit.com/?gd=&ctid=CT3318522&octid=EB_ORIGINAL_CTID&ISID=M84AEE799-3C92-4BB4-B3D4-1507D300FCB6&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP0362F3D6-664B-4F53-B9E4-8B009C920A6A
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://search.conduit.com/?gd=&ctid=CT3318522&octid=EB_ORIGINAL_CTID&ISID=M84AEE799-3C92-4BB4-B3D4-1507D300FCB6&SearchSource=55&CUI=&UM=5&UP=SP0362F3D6-664B-4F53-B9E4-8B009C920A6A&SSPV=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3obi24th.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll (InfiniAd GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3obi24th.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3obi24th.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3obi24th.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3obi24th.default\searchplugins\mailru.xml
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3obi24th.default\searchplugins\mixidj.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Fast Start - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3obi24th.default\Extensions\faststartff@gmail.com [2014-06-14]
FF Extension: RrSavings - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3obi24th.default\Extensions\RrSavings@jetpack [2014-05-08]
FF Extension: Live HTTP Headers - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3obi24th.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2013-09-17]
FF Extension: Kozaka - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3obi24th.default\Extensions\firefox@kozaka.net.xpi [2014-01-16]
FF Extension: ep - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3obi24th.default\Extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi [2014-02-20]
FF Extension: Iminent - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3obi24th.default\Extensions\webbooster@iminent.com.xpi [2013-07-28]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3obi24th.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-03]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3obi24th.default\extensions\lightningnewtab@gmail.com.xpi
FF HKCU\...\Firefox\Extensions: [{b5ad6039-a173-4149-9dcf-d04371526253}] - C:\Program Files (x86)\Lyrics_Monkey\131.xpi
FF Extension: Lyrics-Monkey - C:\Program Files (x86)\Lyrics_Monkey\131.xpi [2013-08-29]
Chrome:
=======
CHR HomePage: https://www.google.com/?hl=de
CHR StartupUrls: "https://www.google.com/?hl=de"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (LoadTubes Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll (InfiniAd GmbH)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Battlelog Game Launcher) - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.550.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U55) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (globalUpdate Update) - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
CHR Plugin: (Unity Player) - C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-10]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-10]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-10]
CHR Extension: (Extended Protection) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2014-01-16]
CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-10]
CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-22]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-10]
CHR Extension: (Extutil) - C:\Users\Admin\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-04-22]
CHR Extension: (Extended Protection) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.4_0\ [2014-04-22]
CHR Extension: (Managera) - C:\Users\Admin\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-04-22]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2014-04-22]
CHR HKLM-x32\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx [2014-04-22]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2014-04-22]
CHR HKLM-x32\...\Chrome\Extension: [hahpjplbmicfkmoccokbjejahjjpnena] - C:\Users\Admin\AppData\Local\B1E\B1Tool.crx [2013-02-04]
CHR HKLM-x32\...\Chrome\Extension: [khialnikbocfgkohdegnebhmmaifoglp] - C:\Program Files (x86)\Lyrics_Monkey\125.crx [2013-02-04]
CHR HKLM-x32\...\Chrome\Extension: [mciekghplkkgcmofonmkmlomhkamochd] - C:\Program Files (x86)\Kozaka\mciekghplkkgcmofonmkmlomhkamochd.crx [2014-01-16]
CHR HKLM-x32\...\Chrome\Extension: [ofnnlhbgdcabppjmlijllkhekcglbjlg] - C:\Program Files (x86)\Lyrics_Monkey\131.crx [2013-08-29]
CHR HKLM-x32\...\Chrome\Extension: [pkndmigholgfjlniaohblojbhgjbkakn] - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-01-16]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2832704 2014-06-26] (Client Connect LTD)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-08] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-29] ()
R2 RrFilterService64; c:\Program Files\RrFilter\RrFilterService64.exe [171008 2014-03-06] () [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [3088192 2014-05-28] (Iminent)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2013-06-24] (Microsoft Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-09-13] (DT Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61736 2014-02-28] (NetFilterSDK.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 ScreamBAudioSvc; system32\drivers\ScreamingBAudio64.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-04 13:23 - 2014-07-04 13:24 - 00029259 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-07-04 13:22 - 2014-07-04 13:23 - 00000000 ____D () C:\FRST
2014-07-04 13:22 - 2014-07-04 13:22 - 02083840 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-07-04 12:52 - 2014-07-04 12:52 - 00052361 _____ () C:\Users\Admin\Desktop\mytodolist.gadget
2014-07-04 12:50 - 2014-07-04 12:50 - 00000035 _____ () C:\Users\Admin\Desktop\k.txt
2014-07-03 23:24 - 2014-07-03 23:24 - 00011080 _____ () C:\Users\Admin\Downloads\ninteriors.rar
2014-07-03 22:14 - 2014-07-03 22:14 - 00000000 ____D () C:\ProgramData\Fast And Safe
2014-07-02 22:19 - 2014-07-02 22:19 - 00000000 ____D () C:\ProgramData\Dybuster
2014-07-02 13:18 - 2014-07-02 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dybuster
2014-07-02 13:16 - 2014-07-02 13:16 - 00000000 ____D () C:\Program Files (x86)\Dybuster
2014-06-27 21:07 - 2014-06-27 21:07 - 00000000 ____D () C:\Users\Admin\AppData\Local\pgcchelper
2014-06-27 21:04 - 2014-06-27 21:04 - 00000326 _____ () C:\Windows\Tasks\VStart{A37B472A-8335-449F-9568-43ECC2907F06}.job
2014-06-26 14:39 - 2014-06-26 14:39 - 03510714 _____ () C:\Users\Admin\Desktop\j.psd
2014-06-24 17:08 - 2014-06-24 17:08 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-06-21 02:45 - 2014-06-28 00:33 - 00000132 _____ () C:\Users\Admin\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-06-21 01:19 - 2014-06-21 01:19 - 00284054 _____ () C:\Users\Admin\Desktop\Ich heiße Marvin..mp4
2014-06-20 14:31 - 2014-06-20 14:31 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8c83955d43ea.job
2014-06-19 23:26 - 2014-06-19 23:26 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-19 23:26 - 2014-06-19 23:26 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-06-19 17:52 - 2014-06-19 17:53 - 105870950 _____ () C:\Users\Admin\Desktop\gta_sa 2014-06-19 17-52-51-744.avi
2014-06-16 16:35 - 2014-07-02 15:42 - 00000000 ____D () C:\Users\Admin\Desktop\Finale
2014-06-13 23:41 - 2014-06-13 23:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-13 18:13 - 2014-06-13 18:13 - 01199079 _____ () C:\Windows\unins000.exe
2014-06-10 23:52 - 2014-07-03 22:14 - 00000000 ____D () C:\ProgramData\374311380
2014-06-10 23:50 - 2014-06-27 21:09 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-10 23:50 - 2014-06-27 21:08 - 00002086 _____ () C:\Users\UpdatusUser\Desktop\AppsHat.lnk
2014-06-10 23:50 - 2014-06-27 21:08 - 00002086 _____ () C:\Users\Gast\Desktop\AppsHat.lnk
2014-06-10 23:50 - 2014-06-27 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-06-10 23:50 - 2014-06-10 23:55 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2014-06-10 23:50 - 2014-06-10 23:50 - 00001428 _____ () C:\Windows\Tasks\1e4b86f6-2752-4a22-afa3-8ff12b092ef1-5.job
2014-06-10 23:50 - 2014-06-10 23:50 - 00000000 ____D () C:\Users\Admin\AppData\Local\globalUpdate
2014-06-09 03:30 - 2014-06-09 03:30 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\WorldOfSanAndreas
==================== One Month Modified Files and Folders =======
2014-07-04 13:24 - 2014-07-04 13:23 - 00029259 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-07-04 13:23 - 2014-07-04 13:22 - 00000000 ____D () C:\FRST
2014-07-04 13:23 - 2012-07-22 18:19 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype
2014-07-04 13:22 - 2014-07-04 13:22 - 02083840 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-07-04 13:22 - 2014-05-08 21:45 - 00000000 ____D () C:\Program Files\RrFilter
2014-07-04 13:06 - 2009-07-14 06:51 - 00135524 _____ () C:\Windows\setupact.log
2014-07-04 12:59 - 2014-04-07 17:33 - 00000196 _____ () C:\Windows\Tasks\SidebarExecute.job
2014-07-04 12:52 - 2014-07-04 12:52 - 00052361 _____ () C:\Users\Admin\Desktop\mytodolist.gadget
2014-07-04 12:51 - 2009-07-14 06:45 - 00023680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-04 12:51 - 2009-07-14 06:45 - 00023680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-04 12:50 - 2014-07-04 12:50 - 00000035 _____ () C:\Users\Admin\Desktop\k.txt
2014-07-04 12:47 - 2012-07-21 22:02 - 01471113 _____ () C:\Windows\WindowsUpdate.log
2014-07-04 12:39 - 2012-07-22 20:48 - 00000000 ____D () C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2014-07-04 12:38 - 2012-07-21 22:33 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-03 23:32 - 2012-07-27 17:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TS3Client
2014-07-03 23:24 - 2014-07-03 23:24 - 00011080 _____ () C:\Users\Admin\Downloads\ninteriors.rar
2014-07-03 22:47 - 2012-08-31 00:02 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2014-07-03 22:14 - 2014-07-03 22:14 - 00000000 ____D () C:\ProgramData\Fast And Safe
2014-07-03 22:14 - 2014-06-10 23:52 - 00000000 ____D () C:\ProgramData\374311380
2014-07-03 16:09 - 2014-04-29 18:15 - 00000000 ____D () C:\Users\Admin\Documents\Bandicam
2014-07-02 22:19 - 2014-07-02 22:19 - 00000000 ____D () C:\ProgramData\Dybuster
2014-07-02 15:42 - 2014-06-16 16:35 - 00000000 ____D () C:\Users\Admin\Desktop\Finale
2014-07-02 13:18 - 2014-07-02 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dybuster
2014-07-02 13:16 - 2014-07-02 13:16 - 00000000 ____D () C:\Program Files (x86)\Dybuster
2014-06-30 15:56 - 2014-04-22 20:32 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-06-28 23:36 - 2014-06-01 12:54 - 00001552 _____ () C:\Windows\Sandboxie.ini
2014-06-28 12:20 - 2010-11-21 05:47 - 00823450 _____ () C:\Windows\PFRO.log
2014-06-28 00:33 - 2014-06-21 02:45 - 00000132 _____ () C:\Users\Admin\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-06-27 21:09 - 2014-06-10 23:50 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-27 21:08 - 2014-06-10 23:50 - 00002086 _____ () C:\Users\UpdatusUser\Desktop\AppsHat.lnk
2014-06-27 21:08 - 2014-06-10 23:50 - 00002086 _____ () C:\Users\Gast\Desktop\AppsHat.lnk
2014-06-27 21:08 - 2014-06-10 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-06-27 21:07 - 2014-06-27 21:07 - 00000000 ____D () C:\Users\Admin\AppData\Local\pgcchelper
2014-06-27 21:04 - 2014-06-27 21:04 - 00000326 _____ () C:\Windows\Tasks\VStart{A37B472A-8335-449F-9568-43ECC2907F06}.job
2014-06-26 14:39 - 2014-06-26 14:39 - 03510714 _____ () C:\Users\Admin\Desktop\j.psd
2014-06-26 14:08 - 2013-07-16 14:15 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-25 20:18 - 2012-08-12 22:36 - 00000000 ____D () C:\ProgramData\MTA San Andreas All
2014-06-24 17:08 - 2014-06-24 17:08 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-06-24 17:08 - 2012-07-21 23:16 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-06-24 17:08 - 2012-07-21 23:14 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-24 13:23 - 2013-08-06 13:48 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-21 18:45 - 2012-07-22 23:32 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-06-21 18:45 - 2012-07-22 23:16 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-21 18:37 - 2012-07-22 23:16 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-06-21 18:35 - 2013-08-25 00:01 - 00000000 ____D () C:\ProgramData\Origin
2014-06-21 18:35 - 2013-08-25 00:01 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-21 01:19 - 2014-06-21 01:19 - 00284054 _____ () C:\Users\Admin\Desktop\Ich heiße Marvin..mp4
2014-06-20 14:31 - 2014-06-20 14:31 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8c83955d43ea.job
2014-06-20 14:27 - 2009-07-14 06:45 - 05307544 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-20 00:01 - 2012-08-17 19:14 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TeamViewer
2014-06-19 23:48 - 2012-07-22 11:14 - 00230472 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-19 23:26 - 2014-06-19 23:26 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-19 23:26 - 2014-06-19 23:26 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-06-19 17:53 - 2014-06-19 17:52 - 105870950 _____ () C:\Users\Admin\Desktop\gta_sa 2014-06-19 17-52-51-744.avi
2014-06-18 23:41 - 2012-09-05 19:15 - 00000000 ___RD () C:\Games
2014-06-14 18:53 - 2012-09-03 19:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-13 23:41 - 2014-06-13 23:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-13 22:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Resources
2014-06-13 18:13 - 2014-06-13 18:13 - 01199079 _____ () C:\Windows\unins000.exe
2014-06-13 18:13 - 2014-04-21 14:33 - 00047177 _____ () C:\Windows\unins000.dat
2014-06-12 21:47 - 2013-08-03 12:24 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\.minecraft
2014-06-10 23:55 - 2014-06-10 23:50 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2014-06-10 23:50 - 2014-06-10 23:50 - 00001428 _____ () C:\Windows\Tasks\1e4b86f6-2752-4a22-afa3-8ff12b092ef1-5.job
2014-06-10 23:50 - 2014-06-10 23:50 - 00000000 ____D () C:\Users\Admin\AppData\Local\globalUpdate
2014-06-10 21:49 - 2014-05-08 21:44 - 00000000 ____D () C:\Program Files\002
2014-06-09 03:30 - 2014-06-09 03:30 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\WorldOfSanAndreas
2014-06-09 01:57 - 2014-05-01 01:01 - 00001456 _____ () C:\Users\Admin\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-06-07 15:43 - 2012-07-24 20:12 - 00000000 ____D () C:\Program Files\Fraps
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\557c13c533bfdd1761c174b40f524a4b.dll
C:\Users\Admin\AppData\Local\Temp\appshat_generic.exe
C:\Users\Admin\AppData\Local\Temp\audiowpm.dll
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\BackupSetup.exe
C:\Users\Admin\AppData\Local\Temp\bdfilters.dll
C:\Users\Admin\AppData\Local\Temp\Caramava_bs.exe
C:\Users\Admin\AppData\Local\Temp\dbcclient.exe
C:\Users\Admin\AppData\Local\Temp\e6507bb91ec0093513dc172b1d5b9640.dll
C:\Users\Admin\AppData\Local\Temp\f.exe
C:\Users\Admin\AppData\Local\Temp\Falcon_1151.exe
C:\Users\Admin\AppData\Local\Temp\FixMyRegistry.exe
C:\Users\Admin\AppData\Local\Temp\htmlayout.dll
C:\Users\Admin\AppData\Local\Temp\instloffer.exe
C:\Users\Admin\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.4-R2.0-2-g7e1ac0a-b2923jnks.dll
C:\Users\Admin\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Admin\AppData\Local\Temp\Launcher_i268223180.exe
C:\Users\Admin\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\Admin\AppData\Local\Temp\maBr.dll
C:\Users\Admin\AppData\Local\Temp\mltmp.exe
C:\Users\Admin\AppData\Local\Temp\NGE_Uninstall.exe
C:\Users\Admin\AppData\Local\Temp\nsd5C63.exe
C:\Users\Admin\AppData\Local\Temp\nse8E76.exe
C:\Users\Admin\AppData\Local\Temp\nse9FDB.exe
C:\Users\Admin\AppData\Local\Temp\nseDEFD.exe
C:\Users\Admin\AppData\Local\Temp\nsf568.exe
C:\Users\Admin\AppData\Local\Temp\nsj53AB.exe
C:\Users\Admin\AppData\Local\Temp\nsj57F0.exe
C:\Users\Admin\AppData\Local\Temp\nsj69A1.exe
C:\Users\Admin\AppData\Local\Temp\nsj6D4A.exe
C:\Users\Admin\AppData\Local\Temp\nsoA2D8.exe
C:\Users\Admin\AppData\Local\Temp\nsp865.exe
C:\Users\Admin\AppData\Local\Temp\nspDC2F.exe
C:\Users\Admin\AppData\Local\Temp\nspE1AD.exe
C:\Users\Admin\AppData\Local\Temp\nst717F.exe
C:\Users\Admin\AppData\Local\Temp\nst9192.exe
C:\Users\Admin\AppData\Local\Temp\nst9CDD.exe
C:\Users\Admin\AppData\Local\Temp\nsy950C.exe
C:\Users\Admin\AppData\Local\Temp\nsz1ED.exe
C:\Users\Admin\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Admin\AppData\Local\Temp\PreExe_ID_13667.exe
C:\Users\Admin\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\Admin\AppData\Local\Temp\sonarinst.exe
C:\Users\Admin\AppData\Local\Temp\sp-downloader.exe
C:\Users\Admin\AppData\Local\Temp\SpeedUpMyComputer.exe
C:\Users\Admin\AppData\Local\Temp\SPSetup.exe
C:\Users\Admin\AppData\Local\Temp\toolbar.exe
C:\Users\Admin\AppData\Local\Temp\toolbar4772273.exe
C:\Users\Admin\AppData\Local\Temp\Uninstall.exe
C:\Users\Admin\AppData\Local\Temp\Uninstaller-3016.exe
C:\Users\Admin\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Admin\AppData\Local\Temp\utt634B.tmp.exe
C:\Users\Admin\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Admin\AppData\Local\Temp\vstub.exe
C:\Users\Admin\AppData\Local\Temp\VuuPC.exe
C:\Users\Test\AppData\Local\Temp\AskSLib.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2012-12-25 13:49
==================== End Of Log ============================
ADDITION FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2014
Ran by Admin at 2014-07-04 13:24:49
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
«Sleeping Dogs - Limited Edition» v.2.0.434913 (HKLM-x32\...\«Sleeping Dogs - Limited Edition»_is1) (Version: - SQUARE ENIX)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30740 - BitTorrent Inc.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29625 - BitTorrent Inc.)
3DMark06 (HKLM-x32\...\{1AE27FE6-05DB-40CB-A29E-2945980ACE27}) (Version: 1.0.2 - Futuremark)
4Story DE 4.2.191 (HKLM-x32\...\4Story_DE_is1) (Version: - )
Ad4You (HKCU\...\Ad4You) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.3.0.3670 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Alliance of Valiant Arms DE (HKLM-x32\...\Alliance of Valiant Arms DE) (Version: - )
APB Reloaded (HKLM-x32\...\APB Reloaded) (Version: 1.6.1.603578 - )
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
Auto Install version 0.5 (HKLM-x32\...\{F9DDB483-E350-4782-9527-59D7ABA4B994}_is1) (Version: 0.5 - Mad Penguin Productions)
AutoHotkey 1.1.13.00 (HKLM\...\AutoHotkey) (Version: 1.1.13.00 - Lexikos)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.0.397 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Brother MFL-Pro Suite DCP-7010 (HKLM-x32\...\{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Camtasia Studio 8 (HKLM-x32\...\{8F6F7194-0734-4CDA-8C04-6B766F2241A6}) (Version: 8.0.4.1060 - TechSmith Corporation)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
CLEO v3.0.950 (HKLM-x32\...\{8FB91814-FE42-4B62-9B54-4B677A420715}_is1) (Version: - Seemann (www.sannybuilder.com))
CPUID CPU-Z 1.61.3 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version: - Crytek Studios)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Dybuster OrthographSLde (HKLM-x32\...\{59F17596-7D86-46B2-9824-9E4284E24B91}) (Version: 1.6.1.5 - Dybuster AG)
Eden4SDE version 33852 (HKLM-x32\...\{6C918475-3898-4192-81D4-E083A3DAA871}_is1) (Version: 33852 - Eden4S, Inc.)
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.02.01 - )
FilesFrog Update Checker (HKLM-x32\...\FilesFrog Update Checker) (Version: - ) <==== ATTENTION
FixMyRegistry (HKLM-x32\...\FixMyRegistry) (Version: 38.1 - SmartTweak Software) <==== ATTENTION
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Ghost Recon Phantoms - EU (HKCU\...\d8be6c3f847d7d92) (Version: 1.35.7490.1 - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
GTA San Andreas SA-MP Addon, âåðñèÿ 1.31 (HKLM-x32\...\{47E4F6A3-F01C-4538-9925-CAE42C1CF7216}_is1) (Version: 1.31 - SAMP)
IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
Iminent (HKLM-x32\...\IMBoosterARP) (Version: 6.27.21.0 - Iminent) <==== ATTENTION
Iminent (x32 Version: 6.27.21.0 - Iminent) Hidden <==== ATTENTION
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
K-Lite Codec Pack 7.1.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.1.0 - )
Kozaka (HKLM\...\Kozaka) (Version: 2014.01.16.002256 - Kozaka) <==== ATTENTION
LibreOffice 4.2 Help Pack (German) (HKLM-x32\...\{DA6AF414-24FA-4815-A4FB-5EFD6173E6F5}) (Version: 4.2.4.2 - The Document Foundation)
LibreOffice 4.2.4.2 (HKLM-x32\...\{6B4977CB-5B9F-4B24-8310-3BA527A8AF22}) (Version: 4.2.4.2 - The Document Foundation)
loadtbs-3.0 (HKLM-x32\...\loadtbs-3.0) (Version: - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
Lyrics-Monkey (HKLM-x32\...\{a93e33e3-501d-4852-936c-9793e885a889}) (Version: - LyricsMonkey WebSoft) <==== ATTENTION
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{26055432-339E-4776-803B-F22240B91864}) (Version: 11.1.2 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.1.2 - Red Giant Software) Hidden
MATonline2.1.6.357 (HKLM-x32\...\Mission Against Terror Online_is1) (Version: 2.1.6.357 - Dalian Kingsoft Interactive Entertainment Co., Ltd.)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{A1C962E2-2426-49C6-A38B-9A07E40D607C}) (Version: 3.2.217.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2010 (HKLM-x32\...\{FA8E7AF5-C70E-3274-9740-9E697FBD5BB7}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{DCB46B42-723F-350E-B18A-449BC6C21636}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MinecraftAlpha (HKLM-x32\...\MinecraftAlpha) (Version: - )
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version: - DICE)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MTA:SA v1.3.5 (HKLM-x32\...\MTA:SA 1.3) (Version: v1.3.5 - Multi Theft Auto)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
New Great Effects 1.6 Uninstall (HKLM-x32\...\New Great Effects 1.6 Uninstall) (Version: - )
Nexon Game Manager (HKLM-x32\...\{289AC7E0-0AEE-4a7b-913C-709D9803D23E}) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.5 - )
NVIDIA 3D Vision Controller-Treiber 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.70 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 310.70 - NVIDIA Corporation)
NVIDIA DDS Utilities (HKLM-x32\...\{64963F0E-03F2-4B59-8D1B-1806545E7092}) (Version: 1.0 - )
NVIDIA Grafiktreiber 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.95.599 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1070 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 310.70 (Version: 310.70 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Pamela RME 2.0 (HKLM-x32\...\MoodEditor) (Version: 2.0 - Scendix Software-Vertriebsges. mbH)
PaperPort (HKLM-x32\...\{A17EABB6-D0C6-44E5-820C-72DC7F495064}) (Version: 9.02.0814 - ScanSoft, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
pgcchelper (HKCU\...\pgcchelper) (Version: - )
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
PvP4story Version 1.5 (HKLM-x32\...\{E1EF3D7C-BED0-4536-9FFA-35F5ED034A34}_is1) (Version: 1.5 - all rights on PvP4story)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 beta r2282 - )
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
RrFilter (Version: 1.0.0.0 - RrFilter) Hidden
rrsavings (HKLM\...\rrsavings) (Version: 2.0.1 - rrsavings) <==== ATTENTION
RrSavings (x32 Version: 1.0.0.0 - RrSavings) Hidden <==== ATTENTION
Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
SciTE4AutoHotkey v3.0.05.01 (HKLM-x32\...\SciTE4AutoHotkey) (Version: v3.0.05.01 - fincs)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.15.11.3 - Client Connect LTD) <==== ATTENTION
Serious Samurize (HKLM-x32\...\Serious Samurize) (Version: - )
Skype Audio Player (remove only) (HKLM-x32\...\SkypePlayer) (Version: - )
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.8 - ) <==== ATTENTION
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.12 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer)
Technitium MAC Address Changer v6.0.3 (HKLM-x32\...\TMACv6.0) (Version: 6.0.3 - Technitium)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
TS Notifier (HKLM-x32\...\{18B27ADA-8B84-46B4-8310-586C4FDDCF0A}) (Version: 1.5.5001 - Andreas Gebert)
TS3 Overlay (HKLM\...\TS3 Overlay) (Version: v3.2.0 - Rohrbacher Development)
Typograf 5.1e (HKLM-x32\...\Typograf) (Version: 5.1e - Neuber Software)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Vegas Pro 12.0 (64-bit) (HKLM\...\{EEB9EFDE-ED91-11E2-91A8-F04DA23A5C58}) (Version: 12.0.670 - Sony)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Winload Toolbar (HKLM-x32\...\Winload Toolbar) (Version: 6.8.9.0 - Winload)
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
Xfire (HKLM-x32\...\Xfire) (Version: - )
==================== Restore Points =========================
02-07-2014 11:12:16 Dybuster OrthographSLde wird installiert
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {08C860D2-6EA9-45FB-BA34-A1C705A315B5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-22] (Adobe Systems Incorporated)
Task: {4090CB00-49E0-4769-A133-A7C5287C02C1} - System32\Tasks\Lyrics-Monkey Update => C:\Program Files (x86)\Lyrics_Monkey\LyrMonkeyUpd.exe [2013-08-29] () <==== ATTENTION
Task: {7371E096-9287-4D0C-91D6-BE70715AABB5} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-06-08] () <==== ATTENTION
Task: {912CAD8F-42CB-4E00-9F3A-2B736636E2EC} - System32\Tasks\AdobeAAMUpdater-1.0-Admin-PC-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {9538EC0B-255E-4868-9B75-CA6BD06AD207} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: {C425DB65-B329-4204-9C4B-6389A5DC0FA5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {CF5FC69D-F475-4803-BEE7-E67F6D7B23F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: C:\Windows\Tasks\1e4b86f6-2752-4a22-afa3-8ff12b092ef1-5.job => C:\Program Files (x86)\Apps Hat\1e4b86f6-2752-4a22-afa3-8ff12b092ef1-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Admin\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8c83955d43ea.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Lyrics-Monkey Update.job => C:\Program Files (x86)\Lyrics_Monkey\LyrMonkeyUpd.exe <==== ATTENTION
Task: C:\Windows\Tasks\RDReminder.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\RunOW.job => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
Task: C:\Windows\Tasks\SidebarExecute.job => C:\Program Files\Windows Sidebar\sidebar.exe
Task: C:\Windows\Tasks\SomotoUpdateCheckerAutoStart.job => C:\Users\Admin\AppData\Local\FilesFrog Update Checker\update_checker.exe
Task: C:\Windows\Tasks\VStart{A37B472A-8335-449F-9568-43ECC2907F06}.job => C:\Users\Admin\AppData\Local\Temp\vstub.exe
==================== Loaded Modules (whitelisted) =============
2012-07-21 22:31 - 2012-12-01 07:49 - 00086888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-07-25 11:16 - 2012-02-17 21:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2012-07-22 23:16 - 2014-05-29 22:43 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-03-06 15:52 - 2014-03-06 15:52 - 00171008 _____ () c:\Program Files\RrFilter\RrFilterService64.exe
2014-03-04 13:25 - 2014-03-04 13:25 - 00110080 _____ () c:\Program Files\RrFilter\nfapi.dll
2014-03-04 13:25 - 2014-03-04 13:25 - 00317952 _____ () c:\Program Files\RrFilter\ProtocolFilters.dll
2013-01-23 23:04 - 2007-09-02 14:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2013-08-21 08:37 - 2013-08-21 08:37 - 00465920 _____ () C:\Users\Admin\AppData\Local\pgcchelper\pgcchelper.exe
2014-02-23 20:14 - 2014-02-23 20:14 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2014-02-23 20:14 - 2014-02-23 20:14 - 00747192 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-02-23 20:14 - 2014-02-23 20:14 - 00055808 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.DLL
2014-02-23 20:14 - 2014-02-23 20:14 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.DLL
2014-02-23 20:14 - 2014-02-23 20:14 - 00022528 _____ () C:\Program Files\Rainmeter\Plugins\WifiStatus.DLL
2014-02-23 20:14 - 2014-02-23 20:14 - 00023040 _____ () C:\Program Files\Rainmeter\Plugins\Win7AudioPlugin.DLL
2014-02-23 20:14 - 2014-02-23 20:14 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\RecycleManager.DLL
2014-02-23 20:14 - 2014-02-23 20:14 - 00024064 _____ () C:\Program Files\Rainmeter\Plugins\QuotePlugin.DLL
2014-02-23 20:13 - 2014-02-23 20:13 - 00016896 _____ () C:\Program Files\Rainmeter\Plugins\AdvancedCPU.DLL
2014-02-23 20:14 - 2014-02-23 20:14 - 00010752 _____ () C:\Program Files\Rainmeter\Plugins\Process.DLL
2014-02-23 20:14 - 2014-02-23 20:14 - 00022528 _____ () C:\Program Files\Rainmeter\Plugins\InputText.DLL
2014-02-23 20:14 - 2014-02-23 20:14 - 00010240 _____ () C:\Program Files\Rainmeter\Plugins\WindowMessagePlugin.dll
2013-01-23 23:04 - 2007-09-02 14:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2006-05-14 15:49 - 2006-05-14 15:49 - 00176128 _____ () C:\Program Files (x86)\Samurize\plugins\SpectrumVis.dll
2014-06-12 14:04 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-12 14:04 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-12 14:04 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 14:04 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 14:04 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-06-12 14:04 - 2014-06-05 15:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
2014-07-04 13:08 - 2014-07-04 13:08 - 00014336 _____ () C:\Users\Admin\AppData\Local\Temp\WDE1CB4.tmp\ml_online.lng
2014-07-04 13:08 - 2014-07-04 13:08 - 00036352 _____ () C:\Users\Admin\AppData\Local\Temp\WDE1CB4.tmp\ombrowser.lng
2013-12-13 04:47 - 2013-12-13 04:47 - 00333824 _____ () C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Admin\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Admin\AppData\Roaming:NT
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Refresh.lnk => C:\Windows\pss\Refresh.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RocketDock.lnk => C:\Windows\pss\RocketDock.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^tClock.lnk => C:\Windows\pss\tClock.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^UberIcon.lnk => C:\Windows\pss\UberIcon.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Winroll.lnk => C:\Windows\pss\Winroll.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^YzShadow.lnk => C:\Windows\pss\YzShadow.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^tbhcn.lnk => C:\Windows\pss\tbhcn.lnk.Startup
MSCONFIG\startupreg: 4StoryPrePatch => C:\Games\4Story_DE\PrePatch.exe
MSCONFIG\startupreg: ad4you => C:\Users\Admin\AppData\Roaming\ds.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: BANDICAM => C:\Program Files (x86)\Bandicam\bdcam.exe
MSCONFIG\startupreg: BitTorrent => "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Iminent => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
MSCONFIG\startupreg: IminentMessenger => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
MSCONFIG\startupreg: IndexSearch => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe
MSCONFIG\startupreg: KPeerNexonEU => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
MSCONFIG\startupreg: LifeOfGerman => C:\Games\GTA San Andreas\Updater\logstartup.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: MoodEditor.exe => "C:\Program Files (x86)\Pamela RichMood Editor\MoodEditor.exe"
MSCONFIG\startupreg: NTRedirect => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: PaperPort PTD => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
MSCONFIG\startupreg: SSBkgdUpdate => "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
MSCONFIG\startupreg: xwidget => C:\Windows\Lion Skin Pack\xwidget\xwidget.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/04/2014 00:41:31 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT-AUTORITÄT)
Description: Product: LogMeIn Hamachi -- Error 1714. The older version of LogMeIn Hamachi cannot be removed. Contact your technical support group. System Error 1612.
Error: (07/04/2014 00:40:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/03/2014 10:47:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: gta_sa.exe, Version: 0.0.0.0, Zeitstempel: 0x427101ca
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003bc26
ID des fehlerhaften Prozesses: 0x10a4
Startzeit der fehlerhaften Anwendung: 0xgta_sa.exe0
Pfad der fehlerhaften Anwendung: gta_sa.exe1
Pfad des fehlerhaften Moduls: gta_sa.exe2
Berichtskennung: gta_sa.exe3
Error: (07/03/2014 10:45:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: gta_sa.exe, Version: 0.0.0.0, Zeitstempel: 0x427101ca
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003bc26
ID des fehlerhaften Prozesses: 0x109c
Startzeit der fehlerhaften Anwendung: 0xgta_sa.exe0
Pfad der fehlerhaften Anwendung: gta_sa.exe1
Pfad des fehlerhaften Moduls: gta_sa.exe2
Berichtskennung: gta_sa.exe3
Error: (07/03/2014 10:14:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/03/2014 03:52:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: gta_sa.exe, Version: 0.0.0.0, Zeitstempel: 0x427101ca
Name des fehlerhaften Moduls: d3d9.dll, Version: 4.3.1.4, Zeitstempel: 0x5310ea19
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00031b74
ID des fehlerhaften Prozesses: 0x11ac
Startzeit der fehlerhaften Anwendung: 0xgta_sa.exe0
Pfad der fehlerhaften Anwendung: gta_sa.exe1
Pfad des fehlerhaften Moduls: gta_sa.exe2
Berichtskennung: gta_sa.exe3
Error: (07/03/2014 02:13:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: gta_sa.exe, Version: 0.0.0.0, Zeitstempel: 0x427101ca
Name des fehlerhaften Moduls: WH03Z.asi, Version: 0.0.0.0, Zeitstempel: 0x52fcc25d
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00001cb5
ID des fehlerhaften Prozesses: 0x1658
Startzeit der fehlerhaften Anwendung: 0xgta_sa.exe0
Pfad der fehlerhaften Anwendung: gta_sa.exe1
Pfad des fehlerhaften Moduls: gta_sa.exe2
Berichtskennung: gta_sa.exe3
Error: (07/03/2014 02:01:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: gta_sa.exe, Version: 0.0.0.0, Zeitstempel: 0x427101ca
Name des fehlerhaften Moduls: d3d9.dll, Version: 4.3.1.4, Zeitstempel: 0x5310ea19
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00031b74
ID des fehlerhaften Prozesses: 0x1690
Startzeit der fehlerhaften Anwendung: 0xgta_sa.exe0
Pfad der fehlerhaften Anwendung: gta_sa.exe1
Pfad des fehlerhaften Moduls: gta_sa.exe2
Berichtskennung: gta_sa.exe3
Error: (07/03/2014 01:10:38 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT-AUTORITÄT)
Description: Product: LogMeIn Hamachi -- Error 1714. The older version of LogMeIn Hamachi cannot be removed. Contact your technical support group. System Error 1612.
Error: (07/03/2014 01:09:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/04/2014 00:43:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (07/04/2014 00:43:03 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (07/04/2014 00:40:13 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}
Error: (07/03/2014 10:15:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (07/03/2014 10:15:35 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (07/03/2014 10:13:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/03/2014 10:13:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.
Error: (07/03/2014 01:11:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (07/03/2014 01:11:21 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (07/02/2014 03:42:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Microsoft Office Sessions:
=========================
Error: (07/04/2014 00:41:31 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT-AUTORITÄT)
Description: Product: LogMeIn Hamachi -- Error 1714. The older version of LogMeIn Hamachi cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (07/04/2014 00:40:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/03/2014 10:47:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: gta_sa.exe0.0.0.0427101cantdll.dll6.1.7601.177254ec49b8fc00000050003bc2610a401cf96ffb02f6fa1C:\Games\GTA San Andreas\gta_sa.exeC:\Windows\SysWOW64\ntdll.dll33cb490f-02f3-11e4-b792-001f85bf896c
Error: (07/03/2014 10:45:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: gta_sa.exe0.0.0.0427101cantdll.dll6.1.7601.177254ec49b8fc00000050003bc26109c01cf96ff05c0dbb6C:\Games\GTA San Andreas\gta_sa.exeC:\Windows\SysWOW64\ntdll.dlle783cd22-02f2-11e4-b792-001f85bf896c
Error: (07/03/2014 10:14:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/03/2014 03:52:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: gta_sa.exe0.0.0.0427101cad3d9.dll4.3.1.45310ea19c000000500031b7411ac01cf96c51d15bd0bC:\Games\GTA San Andreas\gta_sa.exeC:\Games\GTA San Andreas\d3d9.dll3c7cd9b6-02b9-11e4-b323-001f85bf896c
Error: (07/03/2014 02:13:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: gta_sa.exe0.0.0.0427101caWH03Z.asi0.0.0.052fcc25dc000040900001cb5165801cf96b76723c6d5C:\Games\GTA San Andreas\gta_sa.exeC:\Games\GTA San Andreas\WH03Z.asi6f1ee8e4-02ab-11e4-b323-001f85bf896c
Error: (07/03/2014 02:01:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: gta_sa.exe0.0.0.0427101cad3d9.dll4.3.1.45310ea19c000000500031b74169001cf96b4bf6d16e6C:\Games\GTA San Andreas\gta_sa.exeC:\Games\GTA San Andreas\d3d9.dllbfb2aa5a-02a9-11e4-b323-001f85bf896c
Error: (07/03/2014 01:10:38 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT-AUTORITÄT)
Description: Product: LogMeIn Hamachi -- Error 1714. The older version of LogMeIn Hamachi cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (07/03/2014 01:09:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2012-10-21 19:43:32.808
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-10-21 19:43:32.789
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 64%
Total physical RAM: 4094.12 MB
Available physical RAM: 1444.65 MB
Total Pagefile: 8186.42 MB
Available Pagefile: 4525.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:268.56 GB) (Free:47.78 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:29.52 GB) (Free:24.86 GB) NTFS
Drive k: (32G) (Removable) (Total:29.69 GB) (Free:9.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 2E30FFC3)
Partition 1: (Active) - (Size=269 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=30 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 30 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=30 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
| Themen zu Windows 7, Google Chrome, neue Tabs (Werbung) öffnet sich dauernd beim Surfen |
| 4d36e972-e325-11ce-bfc1-08002be10318, antivir, antivirus, avira, cpu-z, desktop, error, failed, fast start, flash player, google, home, homepage, iexplore.exe, lightning, mozilla, neue tabs mit werbung, newtab, problem, registry, rundll, scan, security, services.exe, software, svchost.exe, system, system error, tabs mit werbung, teredo, vcredist, werbung, windows, windows xp |
Baum-Darstellung