Windows 7: Fehler Meldung auf dem Desktop und Werbe umleitung

RDC · 23.09.2014, 20:54

Hallo ich habe seit einiger Zeit das Problem, dass ich nach dem Windows Hochgefahren ist ca 30 Fenster mit dem Namen Taskeng.exe die Meldung: Fehler der angegeben Regestrierungsschlüssel bzw. Wert wurde nicht gefunden- Win 7 64.
Diese Fenster lassen sich zwar wegklicken und ich kann relativ normal weiter arbeiten aber trotzdem finde ich es mit der Zeit echt nervig... Zusätzlich habe ich in unabhängigen Zeitabschnitten ein Rattern an der Festplatte was man aber nur durch den Lautsprecher hören kann und in dieser Zeit hängt der Pc auch.
Und im Internet werde ich auch ständig auf Werbung umgeleitet und bekomme ständig die meldung "Sie sind das Surfen im Web mit Firefox und ihr Videoplayer ist veraltet bitte laden Sie für eine verbesserte Leistung die neueste Version herunter" und das Deutsch ist wirklich so schlecht bei der Meldung

Gmer funtkioniert bei mir nicht, beim 1. Scan konnte ich nicht speichern und im abgesicherten Modus kommt die Meldung: Gmer hasn´t found any system modification

defogger_disable:

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:02 on 23/09/2014 (Basti)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed

Checking for services/drivers...


-=E.O.F=-

FRST:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by Basti (administrator) on BASTI-PC on 23-09-2014 18:04:24
Running from C:\Users\Basti\Desktop
Platform: Windows 7 Ultimate (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apache Software Foundation) C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Apache Software Foundation) C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\viaaud.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Samsung) E:\Kies\External\FirmwareUpdate\KiesPDLR.exe
(BitTorrent Inc.) C:\Users\Basti\AppData\Roaming\BitTorrent\BitTorrent.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Apache Software Foundation) C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VIAAUD] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe [647280 2011-06-20] (VIA)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5199984 2011-06-20] (VIA)
HKLM-x32\...\Run: [KiesTrayAgent] => E:\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Kepard] => C:\Program Files (x86)\Kepard\Kepard.exe [746496 2013-03-05] (Kepard)
HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [283712 2013-11-26] (Filefacts.net)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7818392 2013-08-22] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [KiesPreload] => E:\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [] => E:\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [BitTorrent] => C:\Users\Basti\AppData\Roaming\BitTorrent\BitTorrent.exe [1417048 2014-09-15] (BitTorrent Inc.)
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-07-30] (Raptr, Inc)
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [Argus Monitor] => C:\Program Files (x86)\ArgusMonitor\ArgusMonitor.exe [2478688 2014-08-21] ()
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600216 2014-09-17] (Electronic Arts)
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\MountPoints2: L - L:\Install.exe
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\MountPoints2: {1ca7c5ea-f1bd-11e2-84fc-bc5ff4322554} - M:\LANLauncher.exe
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\MountPoints2: {1ca7c603-f1bd-11e2-84fc-bc5ff4322554} - N:\LANLauncher.exe
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\MountPoints2: {63f0d7b5-eb15-11e2-9271-806e6f6e6963} - L:\Autorun.exe
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\MountPoints2: {7d1eab4c-efb8-11e2-8da8-bc5ff4322554} - L:\Install.exe
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\MountPoints2: {8d631dbb-cca5-11e3-8518-bc5ff4322554} - M:\pushinst.exe
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\MountPoints2: {eb4e45ec-f7ba-11e3-a8bc-806e6f6e6963} - L:\setup.exe
IFEO\kiesagent.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\teamviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Apache Servers.lnk
ShortcutTarget: Monitor Apache Servers.lnk -> C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe (Apache Software Foundation)
Startup: C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {79292252-2B1B-485E-BC6C-30504604F227} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {79292252-2B1B-485E-BC6C-30504604F227} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - No Name - {A13C2648-91D4-4bf3-BC6D-0079707C4389} -  No File
Toolbar: HKCU - No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default
FF DefaultSearchEngine: SuchMaschine
FF SearchEngineOrder.1: SuchMaschine
FF SelectedSearchEngine: SuchMaschine
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Basti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
FF user.js: detected! => C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\user.js
FF SearchPlugin: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: video MediaPlayer - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\Extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com [2014-07-11]
FF Extension: Plus-HD-1.3c - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\Extensions\UNGEDRJW444405@LS70886362.com [2014-08-06]
FF Extension: BugMeNot Plugin - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\Extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi [2014-09-23]
FF Extension: Adblock Plus - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-23]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Modul zum Sperren von gefährlichen Webseiten - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtuelle Tastatur - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址過濾 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-21]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSearchKeyword: Default -> suchmaschine
CHR DefaultSearchProvider: Default -> SuchMaschine
CHR DefaultSearchURL: Default -> hxxp://www.sm.de/?q={searchTerms}
CHR DefaultSuggestURL: Default -> 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Unity Player) - C:\Users\Basti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Profile: C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]
CHR Extension: (Google Drive) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-15]
CHR Extension: (YouTube) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Google Search) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-09-23]
CHR Extension: (Google Wallet) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Extension: (Amazon) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2014-09-23]
CHR Extension: (Gmail) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho []
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Basti\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-09-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apache2.2; C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [20549 2013-07-10] (Apache Software Foundation) [File not signed]
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2143072 2012-05-29] (TuneUp Software)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-06-14] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ArgusMonitor; C:\Windows\SysWow64\drivers\ArgusMonitor.sys [74360 2014-02-28] (Argotronic UG (haftungsbeschraenkt))
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-04] (Disc Soft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [140352 2014-09-21] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [792128 2014-09-21] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-23] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce))
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-09-15] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-09-15] (Acronis)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-11-08] (TuneUp Software)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2009-07-14] (Microsoft Corporation)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-09-15] (Acronis International GmbH)
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 18:04 - 2014-09-23 18:05 - 00022894 _____ () C:\Users\Basti\Desktop\FRST.txt
2014-09-23 18:04 - 2014-09-23 18:04 - 00000000 ____D () C:\FRST
2014-09-23 18:03 - 2014-09-23 18:03 - 02105856 _____ (Farbar) C:\Users\Basti\Desktop\FRST64.exe
2014-09-23 18:02 - 2014-09-23 18:02 - 00000542 _____ () C:\Users\Basti\Desktop\defogger_disable.log
2014-09-23 18:02 - 2014-09-23 18:02 - 00000168 _____ () C:\Users\Basti\defogger_reenable
2014-09-23 17:59 - 2014-09-23 17:59 - 00050477 _____ () C:\Users\Basti\Desktop\Defogger.exe
2014-09-23 16:42 - 2014-09-23 16:42 - 00000133 _____ () C:\Users\Basti\AppData\Roaming\tmp_unregister.bat
2014-09-22 20:13 - 2014-09-23 05:02 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\CodeBlocks
2014-09-22 20:12 - 2014-09-22 20:13 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-09-22 20:12 - 2014-09-22 20:12 - 00000764 _____ () C:\Users\Basti\Desktop\CodeBlocks.lnk
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-09-22 19:55 - 2014-09-23 14:33 - 00000112 _____ () C:\Windows\setupact.log
2014-09-21 23:22 - 2014-09-21 23:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2F650DA1.sys
2014-09-21 21:41 - 2014-09-21 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-09-21 21:41 - 2014-09-21 21:40 - 00001147 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-09-21 21:40 - 2014-09-23 14:51 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-21 21:40 - 2014-09-21 21:47 - 00792128 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-21 21:40 - 2014-09-21 21:47 - 00140352 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-21 21:40 - 2014-09-21 21:40 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-09-21 21:40 - 2014-09-21 21:40 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-21 21:40 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-09-21 21:40 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-09-19 17:02 - 2014-09-19 17:02 - 00000202 _____ () C:\Users\Basti\Desktop\America's Army Proving Grounds Beta.url
2014-09-19 16:28 - 2014-09-19 16:28 - 00000897 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Army Men III.lnk
2014-09-19 16:21 - 2014-09-19 16:21 - 00000185 _____ () C:\Users\Basti\Desktop\Amazon.de.url
2014-09-19 16:21 - 2014-09-19 16:21 - 00000000 ____D () C:\Users\Basti\ChromeExtensions
2014-09-19 16:21 - 2014-09-19 16:21 - 00000000 ____D () C:\Users\Basti\AppData\Local\Tempaf603b23276e664f1686dea3d68db17e
2014-09-19 16:18 - 2014-09-23 16:42 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Security Systems
2014-09-19 16:18 - 2014-09-19 16:18 - 00000000 ____D () C:\Users\Basti\Downloads\Battlefield-1942
2014-09-19 16:18 - 2014-09-19 16:18 - 00000000 ____D () C:\Users\Basti\AppData\Local\Tempefae60dad426085842d9656a9d4eb204
2014-09-19 16:07 - 2014-09-19 16:12 - 00000000 ____D () C:\Users\Basti\Documents\FIFA 15 Demo
2014-09-19 16:03 - 2014-09-19 16:03 - 00000806 _____ () C:\Users\Public\Desktop\FIFA 15 Demo.lnk
2014-09-19 16:03 - 2014-09-19 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15 Demo
2014-09-17 19:55 - 2014-09-17 19:55 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
2014-09-17 19:46 - 2014-09-17 19:46 - 00000727 _____ () C:\Users\Public\Desktop\White Day.lnk
2014-09-17 19:46 - 2014-09-17 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\White Day
2014-09-16 18:14 - 2014-09-16 18:18 - 00000000 ____D () C:\AdwCleaner
2014-09-15 15:51 - 2014-09-15 15:51 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Acronis
2014-09-15 15:50 - 2014-09-15 16:57 - 00000000 ____D () C:\ProgramData\Acronis
2014-09-15 15:50 - 2014-09-15 15:50 - 01464096 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 01120032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00269600 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00183224 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00161568 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00117024 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00001205 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk
2014-09-15 15:50 - 2014-09-15 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-09-15 15:49 - 2014-09-15 15:49 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-09-15 15:45 - 2014-09-15 15:46 - 01101648 _____ () C:\Users\Basti\Downloads\Acronis True Image 2014 - CHIP-Installer(1).exe
2014-09-15 15:44 - 2014-09-15 15:45 - 01101648 _____ () C:\Users\Basti\Downloads\Acronis True Image 2014 - CHIP-Installer.exe
2014-09-12 21:04 - 2014-09-19 16:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-08 18:45 - 2014-09-18 00:34 - 00000000 ____D () C:\Users\Basti\Desktop\Neuer Ordner (2)
2014-09-03 20:15 - 2014-09-18 00:34 - 00000782 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-09-03 20:15 - 2014-09-03 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2014-09-03 20:14 - 2011-02-18 15:07 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-09-03 19:55 - 2014-09-03 20:15 - 00000000 ____D () C:\Users\Basti\Documents\Electronic Arts
2014-09-03 19:51 - 2014-09-03 19:51 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-03 19:48 - 2014-09-04 18:02 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Origin
2014-09-03 19:48 - 2014-09-03 19:51 - 00000000 ____D () C:\Users\Basti\AppData\Local\Origin
2014-09-03 19:44 - 2014-09-23 14:53 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-03 19:44 - 2014-09-03 19:44 - 17088592 _____ (Electronic Arts, Inc.) C:\Users\Basti\Downloads\OriginThinSetup.exe
2014-09-03 19:44 - 2014-09-03 19:44 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-09-03 19:44 - 2014-09-03 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-09-01 18:16 - 2014-09-01 18:16 - 00000749 _____ () C:\Users\Basti\Desktop\Call of Duty Ghosts.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 18:05 - 2014-09-23 18:04 - 00022894 _____ () C:\Users\Basti\Desktop\FRST.txt
2014-09-23 18:05 - 2013-08-22 18:22 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\BitTorrent
2014-09-23 18:05 - 2013-08-14 15:53 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-23 18:04 - 2014-09-23 18:04 - 00000000 ____D () C:\FRST
2014-09-23 18:03 - 2014-09-23 18:03 - 02105856 _____ (Farbar) C:\Users\Basti\Desktop\FRST64.exe
2014-09-23 18:02 - 2014-09-23 18:02 - 00000542 _____ () C:\Users\Basti\Desktop\defogger_disable.log
2014-09-23 18:02 - 2014-09-23 18:02 - 00000168 _____ () C:\Users\Basti\defogger_reenable
2014-09-23 18:02 - 2013-07-12 22:17 - 00000000 ____D () C:\Users\Basti
2014-09-23 17:59 - 2014-09-23 17:59 - 00050477 _____ () C:\Users\Basti\Desktop\Defogger.exe
2014-09-23 17:39 - 2014-08-07 16:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-23 17:33 - 2009-07-14 06:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-23 17:33 - 2009-07-14 06:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-23 17:22 - 2014-07-05 15:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-23 16:42 - 2014-09-23 16:42 - 00000133 _____ () C:\Users\Basti\AppData\Roaming\tmp_unregister.bat
2014-09-23 16:42 - 2014-09-19 16:18 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Security Systems
2014-09-23 16:41 - 2013-08-22 18:53 - 00000000 ____D () C:\Users\Basti\AppData\Local\CrashDumps
2014-09-23 14:54 - 2014-08-14 21:43 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Raptr
2014-09-23 14:53 - 2014-09-03 19:44 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-23 14:53 - 2013-07-25 22:00 - 00000000 ____D () C:\ProgramData\Origin
2014-09-23 14:51 - 2014-09-21 21:40 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-23 14:37 - 2013-07-12 22:17 - 00918574 _____ () C:\Windows\WindowsUpdate.log
2014-09-23 14:33 - 2014-09-22 19:55 - 00000112 _____ () C:\Windows\setupact.log
2014-09-23 14:33 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-23 05:02 - 2014-09-22 20:13 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\CodeBlocks
2014-09-22 21:07 - 2013-08-15 14:44 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 21:05 - 2013-08-14 15:53 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-22 20:13 - 2014-09-22 20:12 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-09-22 20:12 - 2014-09-22 20:12 - 00000764 _____ () C:\Users\Basti\Desktop\CodeBlocks.lnk
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-09-22 02:51 - 2014-07-08 21:23 - 00000000 ____D () C:\Program Files\F978377C-B7D4-4536-8E10-14CA97B13394
2014-09-21 23:22 - 2014-09-21 23:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2F650DA1.sys
2014-09-21 21:47 - 2014-09-21 21:40 - 00792128 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-21 21:47 - 2014-09-21 21:40 - 00140352 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-21 21:41 - 2014-09-21 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-09-21 21:40 - 2014-09-21 21:41 - 00001147 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-09-21 21:40 - 2014-09-21 21:40 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-09-21 21:40 - 2014-09-21 21:40 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-20 04:49 - 2014-07-11 19:04 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\vlc
2014-09-19 21:11 - 2014-07-30 20:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-19 21:07 - 2013-07-21 06:36 - 00000000 ____D () C:\Users\Basti\AppData\Local\JDownloader v2.0
2014-09-19 17:02 - 2014-09-19 17:02 - 00000202 _____ () C:\Users\Basti\Desktop\America's Army Proving Grounds Beta.url
2014-09-19 17:02 - 2014-07-16 18:44 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-19 16:28 - 2014-09-19 16:28 - 00000897 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Army Men III.lnk
2014-09-19 16:21 - 2014-09-19 16:21 - 00000185 _____ () C:\Users\Basti\Desktop\Amazon.de.url
2014-09-19 16:21 - 2014-09-19 16:21 - 00000000 ____D () C:\Users\Basti\ChromeExtensions
2014-09-19 16:21 - 2014-09-19 16:21 - 00000000 ____D () C:\Users\Basti\AppData\Local\Tempaf603b23276e664f1686dea3d68db17e
2014-09-19 16:18 - 2014-09-19 16:18 - 00000000 ____D () C:\Users\Basti\Downloads\Battlefield-1942
2014-09-19 16:18 - 2014-09-19 16:18 - 00000000 ____D () C:\Users\Basti\AppData\Local\Tempefae60dad426085842d9656a9d4eb204
2014-09-19 16:18 - 2014-09-12 21:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-19 16:12 - 2014-09-19 16:07 - 00000000 ____D () C:\Users\Basti\Documents\FIFA 15 Demo
2014-09-19 16:03 - 2014-09-19 16:03 - 00000806 _____ () C:\Users\Public\Desktop\FIFA 15 Demo.lnk
2014-09-19 16:03 - 2014-09-19 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15 Demo
2014-09-19 16:03 - 2014-07-06 12:11 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-19 16:03 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-18 00:34 - 2014-09-08 18:45 - 00000000 ____D () C:\Users\Basti\Desktop\Neuer Ordner (2)
2014-09-18 00:34 - 2014-09-03 20:15 - 00000782 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-09-17 19:55 - 2014-09-17 19:55 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
2014-09-17 19:46 - 2014-09-17 19:46 - 00000727 _____ () C:\Users\Public\Desktop\White Day.lnk
2014-09-17 19:46 - 2014-09-17 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\White Day
2014-09-16 18:18 - 2014-09-16 18:14 - 00000000 ____D () C:\AdwCleaner
2014-09-16 18:17 - 2014-07-04 22:29 - 00000833 _____ () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-16 12:49 - 2009-07-14 19:58 - 00710346 _____ () C:\Windows\system32\perfh007.dat
2014-09-16 12:49 - 2009-07-14 19:58 - 00154676 _____ () C:\Windows\system32\perfc007.dat
2014-09-16 12:49 - 2009-07-14 07:13 - 01651118 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-15 16:57 - 2014-09-15 15:50 - 00000000 ____D () C:\ProgramData\Acronis
2014-09-15 15:51 - 2014-09-15 15:51 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Acronis
2014-09-15 15:50 - 2014-09-15 15:50 - 01464096 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 01120032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00269600 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00183224 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00161568 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00117024 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00001205 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk
2014-09-15 15:50 - 2014-09-15 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-09-15 15:49 - 2014-09-15 15:49 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-09-15 15:46 - 2014-09-15 15:45 - 01101648 _____ () C:\Users\Basti\Downloads\Acronis True Image 2014 - CHIP-Installer(1).exe
2014-09-15 15:45 - 2014-09-15 15:44 - 01101648 _____ () C:\Users\Basti\Downloads\Acronis True Image 2014 - CHIP-Installer.exe
2014-09-13 01:11 - 2013-08-14 15:54 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-12 20:39 - 2014-08-07 16:06 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-12 20:39 - 2014-08-07 16:06 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-12 20:39 - 2014-08-07 16:06 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-08 19:42 - 2014-01-16 02:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2011
2014-09-04 18:02 - 2014-09-03 19:48 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Origin
2014-09-03 20:15 - 2014-09-03 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2014-09-03 20:15 - 2014-09-03 19:55 - 00000000 ____D () C:\Users\Basti\Documents\Electronic Arts
2014-09-03 19:52 - 2014-02-04 19:53 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-03 19:51 - 2014-09-03 19:51 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-03 19:51 - 2014-09-03 19:48 - 00000000 ____D () C:\Users\Basti\AppData\Local\Origin
2014-09-03 19:44 - 2014-09-03 19:44 - 17088592 _____ (Electronic Arts, Inc.) C:\Users\Basti\Downloads\OriginThinSetup.exe
2014-09-03 19:44 - 2014-09-03 19:44 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-09-03 19:44 - 2014-09-03 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-09-01 18:16 - 2014-09-01 18:16 - 00000749 _____ () C:\Users\Basti\Desktop\Call of Duty Ghosts.lnk
2014-08-30 00:21 - 2013-08-01 23:14 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\.minecraft

Some content of TEMP:
====================
C:\Users\Basti\AppData\Local\Temp\amazonicon_v10.exe
C:\Users\Basti\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Basti\AppData\Local\Temp\FoxySecurity6_FF_IE_Setup-GIGA.exe
C:\Users\Basti\AppData\Local\Temp\proxy_vole697362977601663179.dll
C:\Users\Basti\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Basti\AppData\Local\Temp\sdapskill.exe
C:\Users\Basti\AppData\Local\Temp\sdaspwn.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 22:36

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

mbam:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 23.09.2014
Suchlauf-Zeit: 17:22:02
Logdatei: Anti-Malware.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.09.23.07
Rootkit Datenbank: v2014.09.19.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7
CPU: x64
Dateisystem: NTFS
Benutzer: Basti

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 327997
Verstrichene Zeit: 23 Min, 32 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 2
PUP.Optional.SupraSavings.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, , [4441965985f6da5c1747002d25dec838], 
PUP.Optional.MediaPlayer.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\video MediaPlay-Air, , [d7ae5798adce65d1455f373b09fb15eb], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 15
Rogue.Multiple, C:\ProgramData\374311380, , [394c2ac54338b87ed75c1eab1ae86997], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\defaults, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\defaults\preferences, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\userCode, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\locale, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\locale\en-US, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air, , [f1947679205bec4a2bce757bd32ffa06], 

Dateien: 119
PUP.Optional.crossRider.A, C:\Program Files (x86)\video MediaPlay-Air\utils.exe, , [99ec7f706219f73f8e8cde62c937e21e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome.manifest, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\install.rdf, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\1dd992f7547eaf260bbf0a9e0517918c.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\1fda79d48c677c6a9d4295f529363a56.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\7a196fad243d198f4842bf14cde09737.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\950c7948444ea8bb81cd209054ed63a9.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\background.html, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\browser.xul, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\dialog.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\e1346409931b21a15bf5d3f5a9f22dea.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\ffCoreFilesIndex.txt, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\options.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\options.xul, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\search_dialog.xul, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\8623b23401314f7495be5866af8a11ed.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\0d05fea51e80d2cc1ee15684caee7520.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\3910fa8b5d4d106029ef02cfa9ca4f9e.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\3e0825f39af44cfaf82801e5ec0cf483.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\3e227fc05f9e42bbed4baa830f3bd634.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\4d6a14a5fdc28da660e781af0b4f0595.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\660fa44abcca7df384078b8945ec8e28.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\73ce35de0a853979b2bed30aa0ddb360.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\7402aa93aa68b986a18a86450fdc341a.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\94f86605aa021b604d96875d7c9b24d7.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\a330613fff5a34d444d12b4f93e36ac0.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\c501b3b2c86d3efdde5af18c789bf9cf.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\cdc15b2c9a9071af7a38accd13957408.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\eac7a804043bce810a0a0a123ae91b3a.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\f3ab7c114d1500b19f93e49dd70307e9.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\f43c1e846844190c0193ce821e776348.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\c1c42625ab21624602b62517257ebe2d.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\06765c282564279d6bc61392624b66dd.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\1a79392951235ceae811c90920878c25.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\1bd0a625e63d863fded3849ba7f6bce1.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\500e0b294c3aef319ad174cf7e1bf614.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\515efbc8c17f0f877e456c6c668ca4e2.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\54fca094089f467d010bc0268264a76b.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\6c3e5a825cca034d7d2ddcda9cdb68a6.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\8948f3bb9a3fbb7cd902c3abb71be147.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\8cb5f37ced37a7428ddd6c2afcb53e51.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\a1b4d5c34e6817cdb89eefcf96a27b17.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\b06d944c5188d6d276de572ffa4703a9.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\b58da866eaeb0963681626792c7cc94c.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\bc6421f2ba7c777d0136037d978ce6b7.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\cda63fe3cb2a8a7ed48dbb611e8691ad.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\e08b19a832188082537401648ab27a36.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\f0d771fa5a6aba655cd3f7afe859063a.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\f403476889d58c8a688d374c9cb903aa.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\f5276deaac41b98bf5ac3fc5e67eaf03.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\f82e73ea7f196d8ed6bacffb38b30375.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\installer.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\defaults\preferences\prefs.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\manifest.xml, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\1.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\102.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\104.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\13.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\14.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\16.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\17.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\177.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\182.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\183.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\184.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\191.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\193.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\195.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\207.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\21.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\211.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\22.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\220.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\221.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\226.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\242.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\244.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\246.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\262.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\263.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\268.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\28.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\281.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\287.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\4.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\47.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\64.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\7.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\72.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\78.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\9.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\91.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\93.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\98.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\userCode\background.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\userCode\extension.js, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\locale\en-US\translations.dtd, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\button2.png, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\button3.png, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\button4.png, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\button5.png, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\crossrider_statusbar.png, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\icon128.png, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\icon16.png, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\icon24.png, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\icon48.png, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\panelarrow-up.png, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\popup.html, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\skin.css, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\update.css, , [0085806f0b705cda3717c5196e94fe02], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air\1293297481.mxaddon, , [f1947679205bec4a2bce757bd32ffa06], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air\360-59599.crx, , [f1947679205bec4a2bce757bd32ffa06], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air\59599.crx, , [f1947679205bec4a2bce757bd32ffa06], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air\59599.xpi, , [f1947679205bec4a2bce757bd32ffa06], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air\608a5b6e-31bc-437c-b648-74f74d890961.crx, , [f1947679205bec4a2bce757bd32ffa06], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air\background.html, , [f1947679205bec4a2bce757bd32ffa06], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air\bgNova.html, , [f1947679205bec4a2bce757bd32ffa06], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air\Uninstall.exe, , [f1947679205bec4a2bce757bd32ffa06], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air.ico, , [f1947679205bec4a2bce757bd32ffa06], 

Physische Sektoren: 0
(No malicious items detected)


(end)

Ich weiß jetz nicht ob das so richtig war aber ich musste die Addition.txt anhöngen da sie zu groß war.

Ich bedanke mich jetz schonmal für die Hilfe

schrauber · 23.09.2014, 20:57

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

RDC · 23.09.2014, 22:11

Tut mir leid, ich hatte das nur angehängt da mein beitrag zu viele Zeichen hatte und ich den kleiner machen sollte, kommt nicht wieder vor

Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2014 01
Ran by Basti at 2014-09-23 18:05:49
Running from C:\Users\Basti\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Anti-Virus (Enabled - Out of date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7 Gates 1.0 (HKLM-x32\...\7 Gates) (Version: 1.0 - Immanitas Games)
Acronis True Image 2014 (HKLM-x32\...\{E2FEBE7F-2CB0-4B45-87BA-619C1422B113}Visible) (Version: 17.0.5560 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.5560 - Acronis) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.2.0.3 - Aerosoft)
aerosoft's - OMSI 2 - Drei Generationen (HKLM-x32\...\{C88376AA-BF64-40F4-9AD6-F8A18DA394F2}) (Version: 1.00 - aerosoft)
aerosoft's - OMSI 2 - Hamburg (HKLM-x32\...\{5BF6B590-F7F5-46B5-B5F4-B0CA93423AD6}) (Version: 2.00 - aerosoft)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
America's Army: Proving Grounds Beta (HKLM-x32\...\Steam App 203290) (Version:  - U.S. Army)
Apache HTTP Server 2.2.25 (HKLM-x32\...\{85262A06-2D8C-4BC1-B6ED-5A705D09CFFC}) (Version: 2.2.25 - Apache Software Foundation)
ArgusMonitor (HKLM-x32\...\ArgusMonitor) (Version:  - )
Army Men III (HKLM\...\UDK-d9c2887f-ad51-4bb5-9415-20ff55170cf1) (Version:  - Epic Games, Inc.)
ASRock InstantBoot v1.29 (HKLM-x32\...\ASRock InstantBoot_is1) (Version:  - )
ASRock OC Tuner v2.4.70 (HKLM-x32\...\ASRock OC Tuner_is1) (Version:  - )
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.33876 - BitTorrent Inc.)
Call of Duty Ghosts MULTI-2 Incl. Update 7 1.0.0.1 (HKLM-x32\...\Call of Duty Ghosts MULTI-2 Incl. Update 7 1.0.0.1) (Version:  - )
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Chrome SpecForce (HKLM-x32\...\InstallShield_{5233A5FC-F083-4317-96F8-58FBB4020B3A}) (Version: 1.0.0 - Techland)
Chrome SpecForce (x32 Version: 1.0.0 - Techland) Hidden
Citybus Simulator Munich (HKLM-x32\...\{7ABA5F78-0EFE-4144-A918-1ACBC7552EC0}) (Version: 1.20 - aerosoft)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
CodeBlocks (HKCU\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Crawler Radio & MP3 Player (HKLM-x32\...\{C461FBFE-C0DE-4757-89DD-A5A833B9AC1F}_is1) (Version: 1.0.5.78 - Crawler, LLC)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.625.10 - Electronic Arts Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
Eisenbahn.exe Professional 7.0 (HKLM-x32\...\{8CB0014C-FE4C-461D-A387-76828BD70E19}) (Version: 7.00.0000 - Trend)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Farming Simulator 2013 (HKLM-x32\...\Steam App 220260) (Version:  - Giants Software)
Fast Lane Carnage (HKLM-x32\...\FastLaneCarnage) (Version:  - )
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Flight Simulator X (HKLM-x32\...\RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Free Screen Video Recorder version 2.5.30.717 (HKLM-x32\...\Free Screen Video Recorder_is1) (Version: 2.5.30.717 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.12.827 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.12.827 - DVDVideoSoft Ltd.)
GIANTS Editor 4.1.7 (HKLM-x32\...\giants_editor_4.1.7_is1) (Version: 4.1.7 - GIANTS Software GmbH)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Gtk# for .Net 2.12.10 (HKLM-x32\...\{550B72C4-F404-4812-971F-947E835A877E}) (Version: 2.12.10 - Novell, Inc.)
HF pAppLoc version 1.0 (HKLM-x32\...\{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1) (Version: 1.0 - Inquisitor)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
IsoBuster 3.3 (HKLM-x32\...\IsoBuster3_is1) (Version: 3.3 - Smart Projects)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JMB36X Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
Kabel Deutschland Installations-Software (x32 Version: 3.6.0.0 - Kabel Deutschland Vertrieb und Services GmbH) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Kepard (HKLM-x32\...\Kepard) (Version:  - Kepard)
Landwirtschafts Simulator 2013 Hagensted Modified 2013 (HKLM-x32\...\{F09E06EB-D878-4E4E-9190-84E3C4C1DC27}_is1) (Version: Landwirtschafts Simulator 2013 Hagensted Modified 3.2.0 - Black Panther Group)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (HKLM-x32\...\MAGIX_{4554434F-61A1-4346-BEF8-60810064B089}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Premium (HKLM-x32\...\MX.{BB514EEA-B3EB-4713-8DD2-B76CA5619F11}) (Version: 20.0.2.35 - MAGIX AG)
MAGIX Music Maker 2014 Premium (Version: 20.0.2.35 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker Tait Eita Powered by Harris & KD Supier (HKLM-x32\...\MAGIX_{31194E92-7345-4144-90D5-840D252D60C8}) (Version: 17.0.2.6 - MAGIX AG)
MAGIX Music Maker Tait Eita Powered by Harris & KD Supier (Version: 17.0.2.6 - MAGIX AG) Hidden
MAGIX Music Maker Tait Eita Powered by Harris & KD Supier Trial (Soundpaket) (HKLM-x32\...\{9BE24D06-F44C-4E62-A321-ED4F1E7BECAB}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker Techno Edition 5 (HKLM-x32\...\MAGIX_{83533189-F4F8-44DE-866C-23037D09C6D5}) (Version: 19.0.5.57 - MAGIX AG)
MAGIX Music Maker Techno Edition 5 (Version: 19.0.5.57 - MAGIX AG) Hidden
MAGIX Music Maker Techno Edition 5 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{44CD9DB4-74FD-41BD-A138-AC8F279E6959}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Flight Simulator X (x32 Version: 10.0.60905 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration (x32 Version: 10.0.61637.0 - Microsoft Game Studios) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{6F29F195-B11C-3EAD-B883-997BB29DFA17}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Mozilla Firefox 32.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 de)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
OpenVPN 2.3.2-I003  (HKLM\...\OpenVPN) (Version: 2.3.2-I003 - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
piaip AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Polarity version 1.0 (HKLM-x32\...\{FE5BB6CA-7A9B-4CCE-90BC-470D06BDFAA9}_is1) (Version: 1.0 - GP Games)
Politik Simulator 2 - Rulers of Nations (HKLM-x32\...\RON 2010 GERMAN) (Version: 4.16 - Eversim)
Pro Evolution Soccer 2011 (HKLM-x32\...\{1148E85C-E1AF-48E0-A29C-68DACE07E054}) (Version: 1.00.0000 - KONAMI)
ProTrain Perfect 2 - Addon9 Hamburg - Berlin - (HKLM-x32\...\{1350B50D-E596-4C53-A912-5C9F1FC5A6CD}) (Version: 1.0 - Blue Sky Interactive)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.1 - Rockstar Games)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Smart File Advisor 1.2.0 (HKLM-x32\...\Smart File Advisor_is1) (Version: 1.2.0 - Filefacts.net)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Strassenbau Simulator 1.2.16 (HKLM-x32\...\{852019C5-8AF7-4ECF-BB25-79AE53FBD245}_is1) (Version:  - UIG GmbH)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.20202 - TeamViewer)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
TuneUp Utilities 2012 (HKLM-x32\...\TuneUp Utilities 2012) (Version: 12.0.3600.73 - TuneUp Software)
TuneUp Utilities 2012 (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VirtualDJ PRO Full (HKLM-x32\...\{311545C7-3432-4EB3-9229-D5E8DB10AE8A}) (Version: 7.2 - Atomix Productions)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
White Day (HKLM-x32\...\White Day) (Version:  - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Yahoo Community Smartbar Engine (HKCU\...\{c84bcc99-d395-4d8e-a9a7-d8261e459927}) (Version: 11.63.66.17714 - Linkury Inc.) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2013-07-21 16:26 - 00000856 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {005F9681-3144-4DFD-B64F-0B614B0AB4C8} - System32\Tasks\difkhmjo => C:\Users\Basti\AppData\Local\difkhmjo.bat [2014-07-05] ()
Task: {00B26BB7-FF34-4926-93AD-BA6CB21C1941} - System32\Tasks\jfqlokv => C:\Users\Basti\AppData\Local\jfqlokv.bat [2014-07-04] ()
Task: {01E3DD55-CD67-4ED2-B9A3-B0DCC68C96E2} - System32\Tasks\gnmummts => C:\Users\Basti\AppData\Local\gnmummts.bat [2014-07-05] ()
Task: {0302C28C-4EFA-4A7E-8ABC-1DBA1E4A2E71} - System32\Tasks\buieqdxk => C:\Users\Basti\AppData\Local\buieqdxk.bat [2014-07-05] ()
Task: {04B97B87-B2C2-4522-9BCC-3969D61E45F3} - System32\Tasks\aherwbpu => C:\Users\Basti\AppData\Local\aherwbpu.bat [2014-07-05] ()
Task: {0574F539-CD09-493E-B39F-874458E422A4} - System32\Tasks\wypqzkl => C:\Users\Basti\AppData\Local\wypqzkl.bat [2014-07-05] ()
Task: {0650E219-A1E7-4DB0-9368-14B4FBB79C51} - System32\Tasks\fmfecd => C:\Users\Basti\AppData\Local\fmfecd.bat [2014-07-05] ()
Task: {0701DEA0-48D9-4EC4-9426-DD90FC1D040A} - System32\Tasks\anagznsg => C:\Users\Basti\AppData\Local\anagznsg.bat [2014-07-05] ()
Task: {074A17A2-2850-4060-9713-28DD595410FD} - System32\Tasks\zgrvbn => C:\Users\Basti\AppData\Local\zgrvbn.bat [2014-07-05] ()
Task: {07B0FCCD-2D3D-43EF-BFCE-BC7849DB344D} - System32\Tasks\ladcxv => C:\Users\Basti\AppData\Local\ladcxv.bat [2014-07-04] ()
Task: {082B2D34-907C-4C3F-B537-A0274868AADB} - System32\Tasks\owpwfh => C:\Users\Basti\AppData\Local\owpwfh.bat [2014-07-05] ()
Task: {09A98F7A-2854-4D70-AABC-EAC5D0B13CFC} - System32\Tasks\pkefi => C:\Users\Basti\AppData\Local\pkefi.bat [2014-07-05] ()
Task: {0AD4EFEA-FBC7-4542-9213-239F9F9FBBDF} - System32\Tasks\nnnuun => C:\Users\Basti\AppData\Local\nnnuun.bat [2014-07-05] ()
Task: {0B9A45B0-88F4-48AE-94E1-9F3B36905993} - System32\Tasks\gohhp => C:\Users\Basti\AppData\Local\gohhp.bat [2014-07-05] ()
Task: {0BE97765-ED38-4290-A08A-73F6A565DA3B} - System32\Tasks\aifahn => C:\Users\Basti\AppData\Local\aifahn.bat [2014-07-05] ()
Task: {0BFCBE4B-EDFE-47A8-82EF-4A1E43566A75} - System32\Tasks\pradmv => C:\Users\Basti\AppData\Local\pradmv.bat [2014-07-05] ()
Task: {0C16A145-967D-44F0-8118-48A47B31ECF2} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {0C3B5D19-0A3C-4E72-822E-4B90CDAA3D0B} - System32\Tasks\ngnnumuu => C:\Users\Basti\AppData\Local\ngnnumuu.bat [2014-07-05] ()
Task: {0CE8F6A7-57AB-4CE1-B4ED-C5817E4EC096} - System32\Tasks\abvpjdxr => C:\Users\Basti\AppData\Local\abvpjdxr.bat [2014-07-04] ()
Task: {0D2BC932-7916-4D34-8E1E-0055F5D247E8} - System32\Tasks\dtkaqawn => C:\Users\Basti\AppData\Local\dtkaqawn.bat [2014-07-05] ()
Task: {0D8DF67A-3FAD-45E8-9310-97AD5F10B186} - System32\Tasks\vmelcrhx => C:\Users\Basti\AppData\Local\vmelcrhx.bat [2014-07-05] ()
Task: {0E3D4698-253A-4374-BAB7-5F9CC34A12C6} - System32\Tasks\iterdo => C:\Users\Basti\AppData\Local\iterdo.bat [2014-07-05] ()
Task: {0E8F685C-C1A8-4879-90CF-B0E5A164BED8} - System32\Tasks\xbmwad => C:\Users\Basti\AppData\Local\xbmwad.bat [2014-07-05] ()
Task: {11B2FA06-1B10-4975-BAC9-B31304BBAFAF} - System32\Tasks\qcueqcfp => C:\Users\Basti\AppData\Local\qcueqcfp.bat [2014-07-05] ()
Task: {11FCC048-A6E6-4135-AC6B-3CA5333924C9} - System32\Tasks\dbfdaecr => C:\Users\Basti\AppData\Local\dbfdaecr.bat [2014-07-04] ()
Task: {12420A06-9954-4ED6-98DA-3A7D9B9DC3C1} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {125B30C9-F302-4668-8964-931088710729} - System32\Tasks\rvamjuil => C:\Users\Basti\AppData\Local\rvamjuil.bat [2014-07-05] ()
Task: {13F877CB-B9D1-46EF-94CE-74B1228035B0} - System32\Tasks\uedkkahh => C:\Users\Basti\AppData\Local\uedkkahh.bat [2014-07-05] ()
Task: {14092B27-CF3C-499D-9424-3AA55125380C} - System32\Tasks\fjcngy => C:\Users\Basti\AppData\Local\fjcngy.bat [2014-07-05] ()
Task: {1448CBA6-231B-43E8-AFF9-3FE59EB95473} - System32\Tasks\nmmmlllk => C:\Users\Basti\AppData\Local\nmmmlllk.bat [2014-07-05] ()
Task: {14D37519-1AC9-4504-946E-4ABD61E95FAF} - System32\Tasks\anbobv => C:\Users\Basti\AppData\Local\anbobv.bat [2014-07-05] ()
Task: {157D2B3D-0024-4E59-A16F-9A5672D5B260} - System32\Tasks\prteea => C:\Users\Basti\AppData\Local\prteea.bat [2014-07-05] ()
Task: {15ADF546-DA72-4ADF-A062-4E87BD99F2B2} - System32\Tasks\fvngfn => C:\Users\Basti\AppData\Local\fvngfn.bat [2014-07-05] ()
Task: {1667CBCD-B515-4AB6-A5CD-99E6AADBC9C8} - System32\Tasks\tciodc => C:\Users\Basti\AppData\Local\tciodc.bat [2014-07-05] ()
Task: {172B4315-C4DE-472A-9AA8-632D70DCD851} - System32\Tasks\idnhje => C:\Users\Basti\AppData\Local\idnhje.bat [2014-07-04] ()
Task: {17B0C8DE-7015-4423-B717-AC86D7C86C0F} - System32\Tasks\nvffnu => C:\Users\Basti\AppData\Local\nvffnu.bat [2014-07-05] ()
Task: {17FAA42B-4592-49C8-A16D-275F460A75C0} - System32\Tasks\wfodn => C:\Users\Basti\AppData\Local\wfodn.bat [2014-07-05] ()
Task: {1806EF1A-9A11-4336-9F8E-088404796415} - System32\Tasks\trxwebi => C:\Users\Basti\AppData\Local\trxwebi.bat [2014-07-04] ()
Task: {18087F7B-6E9D-4828-99D5-9F4D9C856CAD} - System32\Tasks\rvaehs => C:\Users\Basti\AppData\Local\rvaehs.bat [2014-07-04] ()
Task: {180E7BE5-45E3-4B5E-A57B-5FC72320DD56} - System32\Tasks\iexsoj => C:\Users\Basti\AppData\Local\iexsoj.bat [2014-07-05] ()
Task: {18914B69-D430-4EB8-8D83-432014B944BC} - System32\Tasks\dzqgfbq => C:\Users\Basti\AppData\Local\dzqgfbq.bat [2014-07-04] ()
Task: {18CBA25F-CEE4-430B-936C-1C414666FC1A} - System32\Tasks\icqdg => C:\Users\Basti\AppData\Local\icqdg.bat [2014-07-04] ()
Task: {197E30A7-01D2-4BBA-BC8F-433F085CB794} - System32\Tasks\ehqbku => C:\Users\Basti\AppData\Local\ehqbku.bat [2014-07-05] ()
Task: {19A67E23-B9E8-48C8-9D56-6AF418469A7D} - System32\Tasks\meldjb => C:\Users\Basti\AppData\Local\meldjb.bat [2014-07-05] ()
Task: {19E70546-7D30-4575-9938-5CCBE83D7F45} - System32\Tasks\wgjzjlb => C:\Users\Basti\AppData\Local\wgjzjlb.bat [2014-07-05] ()
Task: {1A60CFFF-4DD6-4E47-94E2-3678964D487A} - System32\Tasks\uucbqpg => C:\Users\Basti\AppData\Local\uucbqpg.bat [2014-07-04] ()
Task: {1AB82E10-E4CE-42CD-8304-0C0B456AAC48} - System32\Tasks\dbsba => C:\Users\Basti\AppData\Local\dbsba.bat [2014-07-05] ()
Task: {1B096980-F67A-427A-8A13-50BBC60A5CC7} - System32\Tasks\hcvdq => C:\Users\Basti\AppData\Local\hcvdq.bat [2014-07-05] ()
Task: {1B0D4E91-23F0-4188-8868-7D5294371969} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\SymErr.exe
Task: {1B517847-F3AE-474D-B691-4B9B0B63749F} - System32\Tasks\lljahev => C:\Users\Basti\AppData\Local\lljahev.bat [2014-07-05] ()
Task: {1B59D5DB-9962-4ACC-A22F-278365C089E3} - System32\Tasks\oqracdt => C:\Users\Basti\AppData\Local\oqracdt.bat [2014-07-05] ()
Task: {1B98AA91-0BB8-463B-BE13-D9BDD2F02E4B} - System32\Tasks\xrcune => C:\Users\Basti\AppData\Local\xrcune.bat [2014-07-05] ()
Task: {1C464BF7-754A-4630-B41C-34910E0D5031} - System32\Tasks\fqcug => C:\Users\Basti\AppData\Local\fqcug.bat [2014-07-05] ()
Task: {1C50533A-D626-4CEE-8F2B-29B6E1FB24C2} - System32\Tasks\yrcxb => C:\Users\Basti\AppData\Local\yrcxb.bat [2014-07-05] ()
Task: {1C74299E-1B1A-4A10-898E-DA414A58E228} - System32\Tasks\buhepdw => C:\Users\Basti\AppData\Local\buhepdw.bat [2014-07-05] ()
Task: {1CAAAA2E-9701-465B-9DF9-3D0271B7CD85} - System32\Tasks\fqcvg => C:\Users\Basti\AppData\Local\fqcvg.bat [2014-07-05] ()
Task: {1D6B7540-9A90-449D-9DE3-71773FEEE782} - System32\Tasks\wgwfxix => C:\Users\Basti\AppData\Local\wgwfxix.bat [2014-07-05] ()
Task: {1DCAF2C9-92C5-434E-8AA1-BC32D17A1814} - System32\Tasks\ffqjctmf => C:\Users\Basti\AppData\Local\ffqjctmf.bat [2014-07-05] ()
Task: {1EE1DC2A-772A-4B5E-B0C1-F8CAA3E85CC7} - System32\Tasks\uedrba => C:\Users\Basti\AppData\Local\uedrba.bat [2014-07-05] ()
Task: {1EF39F44-1078-4FCD-B9E6-DF27308B6B4E} - System32\Tasks\tbhnaa => C:\Users\Basti\AppData\Local\tbhnaa.bat [2014-07-04] ()
Task: {1F124128-F5B9-4842-BBA0-DFC8BDD746A9} - System32\Tasks\gehpq => C:\Users\Basti\AppData\Local\gehpq.bat [2014-07-05] ()
Task: {21CDE1A8-E80D-44C3-8CAA-0DA63271EDB1} - System32\Tasks\habcdcgp => C:\Users\Basti\AppData\Local\habcdcgp.bat [2014-07-05] ()
Task: {21E97B77-F044-4CAF-9232-93BFE1932F30} - System32\Tasks\flcjg => C:\Users\Basti\AppData\Local\flcjg.bat [2014-07-05] ()
Task: {21F138B7-EE85-413C-AA9A-4B545B92B6BC} - System32\Tasks\rdwcvhs => C:\Users\Basti\AppData\Local\rdwcvhs.bat [2014-07-05] ()
Task: {22DB44E1-BBB0-4897-959A-2CB1D5074C10} - System32\Tasks\mdkjpgml => C:\Users\Basti\AppData\Local\mdkjpgml.bat [2014-07-05] ()
Task: {22E10576-EA8A-4E5C-9C57-4603FBD94040} - System32\Tasks\dfoeuf => C:\Users\Basti\AppData\Local\dfoeuf.bat [2014-07-05] ()
Task: {231D9686-9CA0-421E-A199-BBDF4FB6B164} - System32\Tasks\cemcr => C:\Users\Basti\AppData\Local\cemcr.bat [2014-07-05] ()
Task: {231FCC59-F2D7-4258-8862-AF4834A3E5AF} - System32\Tasks\oghffyy => C:\Users\Basti\AppData\Local\oghffyy.bat [2014-07-04] ()
Task: {233E1E19-9196-4D31-A77B-F84AD9C71181} - System32\Tasks\wpijzsu => C:\Users\Basti\AppData\Local\wpijzsu.bat [2014-07-05] ()
Task: {2379390D-5787-4D0D-B772-1F9909554381} - System32\Tasks\cnbobvjw => C:\Users\Basti\AppData\Local\cnbobvjw.bat [2014-07-05] ()
Task: {2395BF6D-362B-4764-A868-EBB3E5664D66} - System32\Tasks\dhnaa => C:\Users\Basti\AppData\Local\dhnaa.bat [2014-07-05] ()
Task: {2460B3DD-684F-4D29-A515-2AAAAC695559} - System32\Tasks\nvnuudu => C:\Users\Basti\AppData\Local\nvnuudu.bat [2014-07-04] ()
Task: {24B37E6A-D8D8-43C5-B895-4E0E2C3C14A6} - System32\Tasks\wxiqz => C:\Users\Basti\AppData\Local\wxiqz.bat [2014-07-05] ()
Task: {2530827E-873E-41C9-9879-EDD6E71BFE39} - System32\Tasks\mljihg => C:\Users\Basti\AppData\Local\mljihg.bat [2014-07-05] ()
Task: {25753423-0AAF-42E3-8DD0-6B1B27571751} - System32\Tasks\nekkb => C:\Users\Basti\AppData\Local\nekkb.bat [2014-07-05] ()
Task: {2586A35D-91E1-4FD4-B34E-815782D85AD6} - System32\Tasks\pjdeya => C:\Users\Basti\AppData\Local\pjdeya.bat [2014-07-04] ()
Task: {26A06B49-5F38-448D-9729-7F9B5C6FC96F} - System32\Tasks\dpeyfap => C:\Users\Basti\AppData\Local\dpeyfap.bat [2014-07-05] ()
Task: {270964B0-B1AB-473A-92BA-DF639EFF4360} - System32\Tasks\kplqn => C:\Users\Basti\AppData\Local\kplqn.bat [2014-07-05] ()
Task: {270F9FA4-F0F2-45B2-ADE3-772F2E287296} - System32\Tasks\dmltdbr => C:\Users\Basti\AppData\Local\dmltdbr.bat [2014-07-05] ()
Task: {276E6758-BE69-4F60-8D56-CCB6A95B1ECF} - System32\Tasks\cyncavk => C:\Users\Basti\AppData\Local\cyncavk.bat [2014-07-05] ()
Task: {27FE6A0E-B1EF-4CBB-92BF-05F88EBABE9C} - System32\Tasks\ebaxv => C:\Users\Basti\AppData\Local\ebaxv.bat [2014-07-05] ()
Task: {287F2BA8-F00B-4041-934B-4CD2837AA69E} - System32\Tasks\uielsgc => C:\Users\Basti\AppData\Local\uielsgc.bat [2014-07-05] ()
Task: {2890C4C9-10CC-4824-A2AF-52CDBF436FEB} - System32\Tasks\lavbg => C:\Users\Basti\AppData\Local\lavbg.bat [2014-07-05] ()
Task: {28AABD81-4931-40BC-B6C7-E9B6E00F7F90} - System32\Tasks\sgtftanb => C:\Users\Basti\AppData\Local\sgtftanb.bat [2014-07-05] ()
Task: {28B7C09D-EFDF-4058-9548-C89B8B4D2015} - System32\Tasks\lredchn => C:\Users\Basti\AppData\Local\lredchn.bat
Task: {29275D26-0B4A-4FB4-B5BF-B0C7C26EC8F4} - System32\Tasks\ebcji => C:\Users\Basti\AppData\Local\ebcji.bat [2014-07-05] ()
Task: {2936FDDD-91BE-4C33-9D17-B6C4F1BEC36E} - System32\Tasks\wiktvehs => C:\Users\Basti\AppData\Local\wiktvehs.bat [2014-07-05] ()
Task: {2B116DAC-76F8-46D6-82E5-F3EE478695CA} - System32\Tasks\gnnuu => C:\Users\Basti\AppData\Local\gnnuu.bat [2014-07-05] ()
Task: {2B37C851-3AA1-476D-81C7-9F8C151DEA4B} - System32\Tasks\wgpajsjs => C:\Users\Basti\AppData\Local\wgpajsjs.bat [2014-07-05] ()
Task: {2B7AEA98-2FB8-442F-B359-4DE924E8C40F} - System32\Tasks\cckzowdl => C:\Users\Basti\AppData\Local\cckzowdl.bat [2014-07-05] ()
Task: {2C2987E3-035E-4764-B7E3-AB6A7E01ED93} - System32\Tasks\thmbouic => C:\Users\Basti\AppData\Local\thmbouic.bat [2014-07-04] ()
Task: {2C94A73F-EAF5-45ED-B5F4-A58EA37E37DE} - System32\Tasks\ruyjnqug => C:\Users\Basti\AppData\Local\ruyjnqug.bat [2014-07-05] ()
Task: {2CCD0D67-4E3D-4926-B970-466AF2CE1F6A} - System32\Tasks\gvffne => C:\Users\Basti\AppData\Local\gvffne.bat [2014-07-05] ()
Task: {2CD02978-67CF-437F-A680-7EDC8EA24179} - System32\Tasks\cdzuq => C:\Users\Basti\AppData\Local\cdzuq.bat [2014-07-05] ()
Task: {2E1D7978-4878-4A81-97A4-90787019D13C} - System32\Tasks\vdrap => C:\Users\Basti\AppData\Local\vdrap.bat [2014-07-05] ()
Task: {2E3BED15-49C6-4040-85C8-F02B366FA08E} - System32\Tasks\iztufaa => C:\Users\Basti\AppData\Local\iztufaa.bat [2014-07-05] ()
Task: {2E549614-366A-494F-A172-2AAE6C09801E} - System32\Tasks\yefkorv => C:\Users\Basti\AppData\Local\yefkorv.bat [2014-07-05] ()
Task: {2F05F233-C227-432B-B48B-534A557C1D2C} - System32\Tasks\oghopxyi => C:\Users\Basti\AppData\Local\oghopxyi.bat [2014-07-05] ()
Task: {2F1560FD-5647-4553-A786-C64C2974CF26} - System32\Tasks\gvggog => C:\Users\Basti\AppData\Local\gvggog.bat [2014-07-05] ()
Task: {2FC74A50-1E30-407F-A3DE-0C213417B5C3} - System32\Tasks\xartdo => C:\Users\Basti\AppData\Local\xartdo.bat [2014-07-05] ()
Task: {317C04BF-B963-43BF-94BD-DC04AB8A863F} - System32\Tasks\crhodzo => C:\Users\Basti\AppData\Local\crhodzo.bat [2014-07-05] ()
Task: {3210B016-6B76-4088-A626-48DA33780533} - System32\Tasks\xhrcsd => C:\Users\Basti\AppData\Local\xhrcsd.bat [2014-07-05] ()
Task: {32883EB7-9C63-4A2F-ADB8-3213BD6B6C9E} - System32\Tasks\mtbho => C:\Users\Basti\AppData\Local\mtbho.bat [2014-07-05] ()
Task: {330D5F1E-C355-48C4-A449-35449863366F} - System32\Tasks\tagtao => C:\Users\Basti\AppData\Local\tagtao.bat [2014-07-05] ()
Task: {334857DE-6A4A-49EE-8D89-504263C58405} - System32\Tasks\dajodu => C:\Users\Basti\AppData\Local\dajodu.bat [2014-07-05] ()
Task: {35BC1493-86AC-4FAC-BC3B-533DB17519B9} - System32\Tasks\fnvgfmv => C:\Users\Basti\AppData\Local\fnvgfmv.bat [2014-07-05] ()
Task: {3645553D-BD1E-4663-9DBE-CC7DEF4EA1E0} - System32\Tasks\vfftd => C:\Users\Basti\AppData\Local\vfftd.bat [2014-07-05] ()
Task: {365EB771-0CB4-46F7-A3FF-95DC6B1F2C50} - System32\Tasks\piktmoxq => C:\Users\Basti\AppData\Local\piktmoxq.bat [2014-07-05] ()
Task: {367ACCDD-1EBE-481F-8D0E-F3C48E6DE65F} - System32\Tasks\kimkpn => C:\Users\Basti\AppData\Local\kimkpn.bat [2014-07-05] ()
Task: {383B08F3-97DF-48C6-BE8F-568D66285E38} - System32\Tasks\wwhhh => C:\Users\Basti\AppData\Local\wwhhh.bat [2014-07-05] ()
Task: {385367C7-58CD-47F9-B454-FF6B4DA0E23A} - System32\Tasks\ieybgrv => C:\Users\Basti\AppData\Local\ieybgrv.bat [2014-07-05] ()
Task: {38846F7A-ED5F-4CFB-B51F-E0A695B3FD02} - System32\Tasks\ykufkvn => C:\Users\Basti\AppData\Local\ykufkvn.bat [2014-07-05] ()
Task: {38B4044A-5F9E-4F5D-BAB7-E052960650A7} - System32\Tasks\mekchf => C:\Users\Basti\AppData\Local\mekchf.bat [2014-07-05] ()
Task: {39075E00-2343-4D84-A0B7-47DDF798498F} - System32\Tasks\hikcd => C:\Users\Basti\AppData\Local\hikcd.bat [2014-07-05] ()
Task: {393B2FE4-DD33-4A64-97AD-1206246B4544} - System32\Tasks\xiteo => C:\Users\Basti\AppData\Local\xiteo.bat [2014-07-05] ()
Task: {3B4D3BC1-EC0A-4AC5-8B0B-59D55B8F5F8C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: {3C151CD2-1BF3-4B56-BAF4-7AE49AABB0C9} - System32\Tasks\dbrqgee => C:\Users\Basti\AppData\Local\dbrqgee.bat [2014-07-05] ()
Task: {3C353581-4217-4AE0-A08C-B9E81B7F681C} - System32\Tasks\czwmjxc => C:\Users\Basti\AppData\Local\czwmjxc.bat [2014-07-05] ()
Task: {3C7A8BEF-0B2F-4F4E-B3C3-B17AE07A0982} - System32\Tasks\kifcydb => C:\Users\Basti\AppData\Local\kifcydb.bat [2014-07-05] ()
Task: {3D71FCCB-D493-47D4-8A02-04E694F1A635} - System32\Tasks\ykugrd => C:\Users\Basti\AppData\Local\ykugrd.bat [2014-07-05] ()
Task: {3D8B1DD5-C87B-4BAA-9BD4-0629546F216F} - System32\Tasks\dbxushf => C:\Users\Basti\AppData\Local\dbxushf.bat [2014-07-05] ()
Task: {3DBD843A-D586-422E-A7CF-A7CB570D1EA8} - System32\Tasks\swjnb => C:\Users\Basti\AppData\Local\swjnb.bat [2014-07-05] ()
Task: {3EE03F5E-2273-413E-802C-B1065E1D8674} - System32\Tasks\idfik => C:\Users\Basti\AppData\Local\idfik.bat [2014-07-05] ()
Task: {3F3D96C3-DA9C-4785-A2C8-A806569B230C} - System32\Tasks\{A18EB256-8D8B-4CC2-B3BA-F6483A00B36A} => C:\Windows\system32\msiexec.exe [2009-07-14] (Microsoft Corporation)
Task: {407F7897-6B75-42B9-8679-E939DB6BAB81} - System32\Tasks\ognvv => C:\Users\Basti\AppData\Local\ognvv.bat [2014-07-04] ()
Task: {4144521A-7C1F-4159-A77A-CE97D85C7472} - System32\Tasks\ffqic => C:\Users\Basti\AppData\Local\ffqic.bat [2014-07-05] ()
Task: {414E1C63-96E5-4391-9436-00049F6E744E} - System32\Tasks\owgemu => C:\Users\Basti\AppData\Local\owgemu.bat [2014-07-05] ()
Task: {41A55E0A-D5B9-4BEC-9007-A77A689FAD1F} - System32\Tasks\udksah => C:\Users\Basti\AppData\Local\udksah.bat [2014-07-05] ()
Task: {41BC018E-4307-4E06-B939-FF9C01629518} - System32\Tasks\xddhknq => C:\Users\Basti\AppData\Local\xddhknq.bat [2014-07-05] ()
Task: {4295A2A0-AD2B-4993-B3F5-3245A53A7D20} - System32\Tasks\cxuiwsh => C:\Users\Basti\AppData\Local\cxuiwsh.bat [2014-07-05] ()
Task: {42D0363E-C97A-47F5-AE12-686D5CD77E2C} - System32\Tasks\zfsej => C:\Users\Basti\AppData\Local\zfsej.bat [2014-07-05] ()
Task: {42DD5AEE-A616-40FF-A271-E192DBD1127E} - System32\Tasks\laxdbge => C:\Users\Basti\AppData\Local\laxdbge.bat [2014-07-05] ()
Task: {43567E65-4A44-4DD9-8203-A0C592A05A2C} - System32\Tasks\jetwlid => C:\Users\Basti\AppData\Local\jetwlid.bat [2014-07-05] ()
Task: {442D28FA-BB10-4DE6-8CCF-D869F4D414F2} - System32\Tasks\gooiqq => C:\Users\Basti\AppData\Local\gooiqq.bat [2014-07-05] ()
Task: {45175AF5-6C22-41C1-B2D2-29D1D0BD9B60} - System32\Tasks\gyjdmeg => C:\Users\Basti\AppData\Local\gyjdmeg.bat [2014-07-05] ()
Task: {455411D9-C5F9-430B-9876-21A25F7C8853} - System32\Tasks\cgzelh => C:\Users\Basti\AppData\Local\cgzelh.bat [2014-07-05] ()
Task: {4557F706-AA3F-4E22-8CE9-4D0DE5E3FD56} - System32\Tasks\rfhlxc => C:\Users\Basti\AppData\Local\rfhlxc.bat [2014-07-05] ()
Task: {45AD97D6-46F3-42EA-95D0-D4A6116C4E09} - System32\Tasks\ujpftbpe => C:\Users\Basti\AppData\Local\ujpftbpe.bat [2014-07-05] ()
Task: {45B4B98E-81CF-4986-9061-0C769B194C99} - System32\Tasks\sxdodhty => C:\Users\Basti\AppData\Local\sxdodhty.bat [2014-07-05] ()
Task: {46ADE0F9-2956-4962-96C0-C59409708BD5} - System32\Tasks\diddyfaj => C:\Users\Basti\AppData\Local\diddyfaj.bat [2014-07-05] ()
Task: {46B51AC1-A039-4561-9BDD-7ADD9A58AAE2} - System32\Tasks\ebbihfv => C:\Users\Basti\AppData\Local\ebbihfv.bat [2014-07-05] ()
Task: {476ED557-BAD8-41BD-A1DC-97A83C42988C} - System32\Tasks\gehfxxx => C:\Users\Basti\AppData\Local\gehfxxx.bat [2014-07-05] ()
Task: {479B252D-4605-4EC7-B566-C88B0487A025} - System32\Tasks\erhvkawe => C:\Users\Basti\AppData\Local\erhvkawe.bat [2014-07-05] ()
Task: {4800BE1F-8924-49DE-BC09-0B1C8268AAE8} - System32\Tasks\tantzoui => C:\Users\Basti\AppData\Local\tantzoui.bat [2014-07-05] ()
Task: {482B9607-F9BD-4E63-A37C-03ABA66C5BBC} - System32\Tasks\ffyzr => C:\Users\Basti\AppData\Local\ffyzr.bat [2014-07-05] ()
Task: {485B99A4-FB0E-4A9C-8442-C6CE80BDA09A} - System32\Tasks\lbfdi => C:\Users\Basti\AppData\Local\lbfdi.bat [2014-07-04] ()
Task: {4939EBBD-A082-473D-8E15-5895BB240477} - System32\Tasks\gatmg => C:\Users\Basti\AppData\Local\gatmg.bat [2014-07-05] ()
Task: {49743BE8-9412-4FB7-86EE-B7331FFED45F} - System32\Tasks\xbtcgy => C:\Users\Basti\AppData\Local\xbtcgy.bat [2014-07-04] ()
Task: {49BF0DD7-0FDD-432F-BBA2-74F034925A47} - System32\Tasks\byner => C:\Users\Basti\AppData\Local\byner.bat [2014-07-04] ()
Task: {4A1D839D-2675-4FFB-9F23-1DA811977979} - System32\Tasks\evfvfv => C:\Users\Basti\AppData\Local\evfvfv.bat [2014-07-05] ()
Task: {4A330D15-47C8-461B-A950-C5DF5D7DF6EC} - System32\Tasks\rdpzlxb => C:\Users\Basti\AppData\Local\rdpzlxb.bat [2014-07-05] ()
Task: {4B1784D9-0FAF-40E1-B370-8693CC8E84E9} - System32\Tasks\fyrjc => C:\Users\Basti\AppData\Local\fyrjc.bat [2014-07-05] ()
Task: {4B682F8A-C785-47DC-A406-FC4782FBFAD3} - System32\Tasks\cocwdx => C:\Users\Basti\AppData\Local\cocwdx.bat [2014-07-05] ()
Task: {4BB854E8-FFD1-47B2-9B3E-0D8F707D9B7A} - System32\Tasks\fgnon => C:\Users\Basti\AppData\Local\fgnon.bat [2014-07-05] ()
Task: {4BC16FF7-6F36-4876-AB96-8BBF9C7B1A45} - System32\Tasks\qniehe => C:\Users\Basti\AppData\Local\qniehe.bat [2014-07-05] ()
Task: {4CA73691-20BB-4C94-94D7-251CCD220921} - System32\Tasks\oxqybbj => C:\Users\Basti\AppData\Local\oxqybbj.bat [2014-07-05] ()
Task: {4D0403F3-CBCA-441B-9C56-E907FEAC5802} - System32\Tasks\oprstuvx => C:\Users\Basti\AppData\Local\oprstuvx.bat [2014-07-05] ()
Task: {4D963CB1-9704-4CCA-981F-945F95E9151F} - System32\Tasks\tchnubh => C:\Users\Basti\AppData\Local\tchnubh.bat [2014-07-05] ()
Task: {4DCD0112-25C1-4693-A957-6E228041E34E} - System32\Tasks\ndjjpef => C:\Users\Basti\AppData\Local\ndjjpef.bat [2014-07-05] ()
Task: {4E857B53-592E-4813-B093-436CDB240A95} - System32\Tasks\pajsdmvg => C:\Users\Basti\AppData\Local\pajsdmvg.bat [2014-07-05] ()
Task: {4EAF03EF-5504-4EEC-B244-95EF25505DC2} - System32\Tasks\idwydo => C:\Users\Basti\AppData\Local\idwydo.bat [2014-07-05] ()
Task: {5057E9D0-AC70-4993-98E0-2E1030FBE1C9} - System32\Tasks\tidkhub => C:\Users\Basti\AppData\Local\tidkhub.bat [2014-07-05] ()
Task: {50D40AFB-93E4-4598-83BF-F7FE4839B8ED} - System32\Tasks\ydeilo => C:\Users\Basti\AppData\Local\ydeilo.bat [2014-07-05] ()
Task: {51BE370D-DE3C-4BBC-89BE-0530D23B708E} - System32\Tasks\ujagm => C:\Users\Basti\AppData\Local\ujagm.bat [2014-07-05] ()
Task: {51D07F5E-0198-42D9-BA5F-9195B61614AD} - System32\Tasks\atoabg => C:\Users\Basti\AppData\Local\atoabg.bat [2014-07-05] ()
Task: {52251746-FDA7-4A86-A981-9FFF886A2A01} - System32\Tasks\hqamvvfr => C:\Users\Basti\AppData\Local\hqamvvfr.bat [2014-07-05] ()
Task: {5234C7A8-B33D-496D-A056-42A83299B34B} - System32\Tasks\aztmg => C:\Users\Basti\AppData\Local\aztmg.bat [2014-07-05] ()
Task: {5234CEE8-E5F1-42FF-9006-015B8F5AFEB1} - System32\Tasks\uuttb => C:\Users\Basti\AppData\Local\uuttb.bat [2014-07-05] ()
Task: {52B865C0-8CE9-416A-B041-DFDFB1519492} - System32\Tasks\aguiuboc => C:\Users\Basti\AppData\Local\aguiuboc.bat [2014-07-05] ()
Task: {5306F4DD-1AC7-41E6-9403-BDFF73014E27} - System32\Tasks\eonxhh => C:\Users\Basti\AppData\Local\eonxhh.bat [2014-07-05] ()
Task: {53535EB0-AED2-499D-80F0-E784F58A1E13} - System32\Tasks\srddhf => C:\Users\Basti\AppData\Local\srddhf.bat [2014-07-05] ()
Task: {5387341D-62F4-485A-B5E7-DDC4C1903B6C} - System32\Tasks\ylwitgy => C:\Users\Basti\AppData\Local\ylwitgy.bat [2014-07-05] ()
Task: {53C4E101-6B38-4AF1-B0DD-329358F32BF2} - System32\Tasks\lbfvtjh => C:\Users\Basti\AppData\Local\lbfvtjh.bat [2014-07-05] ()
Task: {53E1E7F8-F27C-4330-A57C-B76989BDD7A1} - System32\Tasks\zgbua => C:\Users\Basti\AppData\Local\zgbua.bat [2014-07-05] ()
Task: {54C2495E-DA17-4B58-98B9-4E31C747F9EB} - System32\Tasks\ceahd => C:\Users\Basti\AppData\Local\ceahd.bat [2014-07-05] ()
Task: {551EBC11-5C78-4510-AA43-549A245847F9} - System32\Tasks\pasbee => C:\Users\Basti\AppData\Local\pasbee.bat [2014-07-05] ()
Task: {558BB67F-4DE1-414F-A1C2-D72D906228CA} - System32\Tasks\cmauo => C:\Users\Basti\AppData\Local\cmauo.bat [2014-07-05] ()
Task: {565A6E68-8346-4626-BDC1-92E0F8A6D9ED} - System32\Tasks\wwhhiqrb => C:\Users\Basti\AppData\Local\wwhhiqrb.bat [2014-07-05] ()
Task: {565BD81C-AE1F-4E40-9A80-D8DC472B5D0B} - System32\Tasks\thbio => C:\Users\Basti\AppData\Local\thbio.bat [2014-07-05] ()
Task: {5661FB3C-1193-450D-AA49-3DDAB3CE0C2D} - System32\Tasks\ghyzssee => C:\Users\Basti\AppData\Local\ghyzssee.bat [2014-07-05] ()
Task: {571CD842-1351-4837-9152-E61BE4531602} - System32\Tasks\celguqf => C:\Users\Basti\AppData\Local\celguqf.bat [2014-07-05] ()
Task: {57DA5B34-BA4E-43E0-8A8E-7821E48B3441} - System32\Tasks\uflsdjqg => C:\Users\Basti\AppData\Local\uflsdjqg.bat [2014-07-04] ()
Task: {58DAC40F-A0F4-4C57-8249-404EBF909185} - System32\Tasks\chdycz => C:\Users\Basti\AppData\Local\chdycz.bat [2014-07-05] ()
Task: {5912C58C-4941-46C2-BDD6-F6E875BE2007} - System32\Tasks\wijsdnwy => C:\Users\Basti\AppData\Local\wijsdnwy.bat [2014-07-05] ()
Task: {59A98901-E80E-44A5-A43C-25BDE0BC3ED9} - System32\Tasks\befcd => C:\Users\Basti\AppData\Local\befcd.bat [2014-07-05] ()
Task: {5B7F98D6-ACA2-4645-9352-EBC0F5468370} - System32\Tasks\bvjga => C:\Users\Basti\AppData\Local\bvjga.bat [2014-07-05] ()
Task: {5C3090C8-BDFB-4ED6-959C-2CCF5555367D} - System32\Tasks\algsm => C:\Users\Basti\AppData\Local\algsm.bat [2014-07-05] ()
Task: {5CB06B58-E3BA-4532-BCE7-12CBFCEE0165} - System32\Tasks\nneek => C:\Users\Basti\AppData\Local\nneek.bat [2014-07-05] ()
Task: {5D5D9D42-A185-425F-87C6-8630BE041960} - System32\Tasks\thlyerf => C:\Users\Basti\AppData\Local\thlyerf.bat [2014-07-05] ()
Task: {5DBB031B-6811-4AE4-B5A7-003EFE1E5B98} - System32\Tasks\cfmiet => C:\Users\Basti\AppData\Local\cfmiet.bat [2014-07-05] ()
Task: {5E07107A-16E9-4BD0-BEA3-B6CCCC2A118B} - System32\Tasks\wgqajs => C:\Users\Basti\AppData\Local\wgqajs.bat [2014-07-05] ()
Task: {5EF5C29A-1CD0-4CE9-B3E9-E5F3A2F718B7} - System32\Tasks\dulukbya => C:\Users\Basti\AppData\Local\dulukbya.bat [2014-07-05] ()
Task: {5F5E9ECE-60FC-4173-8086-D62EA0211B5E} - System32\Tasks\tsafljq => C:\Users\Basti\AppData\Local\tsafljq.bat [2014-07-05] ()
Task: {5F6B05A0-E847-4C03-940E-23D3597AFBBF} - System32\Tasks\cfbwzvjn => C:\Users\Basti\AppData\Local\cfbwzvjn.bat [2014-07-05] ()
Task: {5F95FC3F-8008-4010-8CE5-D63102B5E79A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {601AA6B2-10A9-418B-9B76-B5878D529D83} - System32\Tasks\khlquro => C:\Users\Basti\AppData\Local\khlquro.bat [2014-07-05] ()
Task: {60BCBBE9-3826-4FA1-A274-F5E8CC19073F} - System32\Tasks\xqtmwh => C:\Users\Basti\AppData\Local\xqtmwh.bat [2014-07-05] ()
Task: {60F8816B-ABC8-49CA-899C-1FD35ECD15A1} - System32\Tasks\chdzdz => C:\Users\Basti\AppData\Local\chdzdz.bat [2014-07-05] ()
Task: {6133DDA8-9A4A-45BF-B2BD-024BCBF45C56} - System32\Tasks\nnmmmmll => C:\Users\Basti\AppData\Local\nnmmmmll.bat [2014-07-05] ()
Task: {6148CB98-E234-4C8D-BEA6-E5A93DD87195} - System32\Tasks\noohg => C:\Users\Basti\AppData\Local\noohg.bat [2014-07-05] ()
Task: {614F6823-7402-4771-B6B0-020965C5D917} - System32\Tasks\seyexko => C:\Users\Basti\AppData\Local\seyexko.bat [2014-07-05] ()
Task: {6167B950-37CE-47E7-872A-4A38058F8B1E} - System32\Tasks\fazatun => C:\Users\Basti\AppData\Local\fazatun.bat [2014-07-05] ()
Task: {61B7E522-8622-47FF-9F2C-12547EAE4BE0} - System32\Tasks\rnjvqnyu => C:\Users\Basti\AppData\Local\rnjvqnyu.bat [2014-07-05] ()
Task: {62982365-62A8-426E-A6B5-07B40DF4C0A7} - System32\Tasks\cmembkt => C:\Users\Basti\AppData\Local\cmembkt.bat [2014-07-04] ()
Task: {62D156F3-513F-4281-8CBC-A21B3B5572C7} - System32\Tasks\jfbmi => C:\Users\Basti\AppData\Local\jfbmi.bat [2014-07-05] ()
Task: {639D67DA-E5FE-4143-8C58-34B7006E8942} - System32\Tasks\asugat => C:\Users\Basti\AppData\Local\asugat.bat [2014-07-05] ()
Task: {64BDFD76-70D1-4B1F-92D4-C4FBD08C5744} - System32\Tasks\pqrtuwx => C:\Users\Basti\AppData\Local\pqrtuwx.bat [2014-07-05] ()
Task: {6594F205-98DC-4378-867C-2B1AF9A5903C} - System32\Tasks\fumfme => C:\Users\Basti\AppData\Local\fumfme.bat [2014-07-05] ()
Task: {65F145DE-1A3B-45D7-9530-40E621EF1D7B} - System32\Tasks\aavhcd => C:\Users\Basti\AppData\Local\aavhcd.bat [2014-07-05] ()
Task: {6681C7D7-6251-4FF1-A121-59DC869029D0} - System32\Tasks\gfffeedd => C:\Users\Basti\AppData\Local\gfffeedd.bat [2014-07-05] ()
Task: {6919E0E7-C804-4241-9905-AC4E6867BF05} - System32\Tasks\mkjwutyx => C:\Users\Basti\AppData\Local\mkjwutyx.bat [2014-07-05] ()
Task: {69EC6A72-A41F-4127-AFAD-C4C53D40E1BB} - System32\Tasks\gxqbunex => C:\Users\Basti\AppData\Local\gxqbunex.bat [2014-07-05] ()
Task: {6A38509B-88FD-4613-82A1-A34C891FAA48} - System32\Tasks\iavicw => C:\Users\Basti\AppData\Local\iavicw.bat [2014-07-05] ()
Task: {6AA23F52-D414-4F9B-9AEA-92E7ADE45295} - System32\Tasks\paajl => C:\Users\Basti\AppData\Local\paajl.bat [2014-07-05] ()
Task: {6B15BA31-780B-4085-AFB1-66DBA346635A} - System32\Tasks\bqesh => C:\Users\Basti\AppData\Local\bqesh.bat [2014-07-05] ()
Task: {6B64F0D5-3ED3-435B-A21A-CEB391833423} - System32\Tasks\cyvkhvki => C:\Users\Basti\AppData\Local\cyvkhvki.bat [2014-07-05] ()
Task: {6B6EDC3F-2533-4AED-9101-4B6F4194E0D1} - System32\Tasks\eewxpph => C:\Users\Basti\AppData\Local\eewxpph.bat [2014-07-05] ()
Task: {6B701CA6-6FFC-46BE-A142-940E76AAC04F} - System32\Tasks\xogxohx => C:\Users\Basti\AppData\Local\xogxohx.bat [2014-07-05] ()
Task: {6C5029AE-B1A4-4A41-9424-8C51A4C08A0F} - System32\Tasks\zvbvbub => C:\Users\Basti\AppData\Local\zvbvbub.bat [2014-07-05] ()
Task: {6C86BB42-43B5-469E-954D-2FA12A6DBD55} - System32\Tasks\gvonw => C:\Users\Basti\AppData\Local\gvonw.bat [2014-07-05] ()
Task: {6CD53579-F0EF-4628-BBB9-55EE01F365E0} - System32\Tasks\vdraixf => C:\Users\Basti\AppData\Local\vdraixf.bat [2014-07-05] ()
Task: {6D4C8A29-89ED-45E8-8868-4AE51AD6770C} - System32\Tasks\przcm => C:\Users\Basti\AppData\Local\przcm.bat [2014-07-05] ()
Task: {6D87D4F9-B05B-4EC2-B967-9A6D8BE7D0D9} - System32\Tasks\nggef => C:\Users\Basti\AppData\Local\nggef.bat
Task: {6E67169D-71F1-49B2-9CC6-5AF7CC829B57} - System32\Tasks\qsufhkm => C:\Users\Basti\AppData\Local\qsufhkm.bat [2014-07-05] ()
Task: {6EA98D61-EF25-4982-A2C7-8ADE2962EA05} - System32\Tasks\rwafkol => C:\Users\Basti\AppData\Local\rwafkol.bat [2014-07-05] ()
Task: {6EE5E041-988B-45CE-9DE0-06363E2B504A} - System32\Tasks\nfgeeud => C:\Users\Basti\AppData\Local\nfgeeud.bat [2014-07-05] ()
Task: {6FE2A46B-7FE4-47E9-AA98-251CA5BF8434} - System32\Tasks\fcebsk => C:\Users\Basti\AppData\Local\fcebsk.bat [2014-07-05] ()
Task: {70B77988-284D-4371-9134-08602B5628D9} - System32\Tasks\qtwacm => C:\Users\Basti\AppData\Local\qtwacm.bat [2014-07-05] ()
Task: {71A34693-7D62-4997-B7AE-999D39461E66} - System32\Tasks\uuttaby => C:\Users\Basti\AppData\Local\uuttaby.bat [2014-07-05] ()
Task: {7266E7F3-B69D-4A60-A2C3-3DD33455CD3D} - System32\Tasks\sgjvb => C:\Users\Basti\AppData\Local\sgjvb.bat [2014-07-05] ()
Task: {739C0BA5-DA34-4E8B-98A8-3FA382BFDAFA} - System32\Tasks\dakax => C:\Users\Basti\AppData\Local\dakax.bat [2014-07-05] ()
Task: {74A00F3B-09AA-42CB-A513-27E56BF7AB64} - System32\Tasks\hztexr => C:\Users\Basti\AppData\Local\hztexr.bat [2014-07-05] ()
Task: {7779D692-435E-4A60-AB5A-27B54353FFAB} - System32\Tasks\jgjfb => C:\Users\Basti\AppData\Local\jgjfb.bat [2014-07-05] ()
Task: {7A2C08E3-F2E7-412B-879D-0FE3ABDD79FB} - System32\Tasks\fwogepoe => C:\Users\Basti\AppData\Local\fwogepoe.bat [2014-07-05] ()
Task: {7A385FB3-DBD8-4A54-9CE9-24AF42910138} - System32\Tasks\udkygwe => C:\Users\Basti\AppData\Local\udkygwe.bat [2014-07-05] ()
Task: {7B7167BB-4FC6-44BF-99BD-ABE286F7D6A0} - System32\Tasks\mucbioov => C:\Users\Basti\AppData\Local\mucbioov.bat [2014-07-05] ()
Task: {7BB61123-C703-4C3A-85B0-2017DC8061D7} - System32\Tasks\rdhbfk => C:\Users\Basti\AppData\Local\rdhbfk.bat [2014-07-04] ()
Task: {7BE23BEB-603C-4C8C-A109-D128F12A2212} - System32\Tasks\ovovwg => C:\Users\Basti\AppData\Local\ovovwg.bat [2014-07-05] ()
Task: {7C72A57E-A540-4532-B102-E0FBA42FF708} - System32\Tasks\difkhm => C:\Users\Basti\AppData\Local\difkhm.bat [2014-07-05] ()
Task: {7C9C2BE5-FF7E-40D3-BBEB-208D163EFA64} - System32\Tasks\acewb => C:\Users\Basti\AppData\Local\acewb.bat [2014-07-05] ()
Task: {7CE1D4CE-9E2F-430C-81F0-24650F09619D} - System32\Tasks\linsxvzh => C:\Users\Basti\AppData\Local\linsxvzh.bat [2014-07-05] ()
Task: {7CEF8338-F69F-4D50-B366-9A440BC200C5} - System32\Tasks\itesepd => C:\Users\Basti\AppData\Local\itesepd.bat [2014-07-05] ()
Task: {7D3D4411-E9FA-420E-B3CB-D885483E5157} - System32\Tasks\kawmc => C:\Users\Basti\AppData\Local\kawmc.bat [2014-07-05] ()
Task: {7D7E8D5A-C0B5-412E-9B13-F0AB8E742CBD} - System32\Tasks\quebmpb => C:\Users\Basti\AppData\Local\quebmpb.bat [2014-07-05] ()
Task: {7DA02994-7BAD-4686-82D8-603D1AB66746} - System32\Tasks\aiekxubh => C:\Users\Basti\AppData\Local\aiekxubh.bat [2014-07-05] ()
Task: {7DC299EB-53E2-4F56-9842-2F851549106A} - System32\Tasks\bzolax => C:\Users\Basti\AppData\Local\bzolax.bat [2014-07-05] ()
Task: {7DD20934-3BCF-4C9F-A39F-EACE8690A435} - System32\Tasks\zlxkdp => C:\Users\Basti\AppData\Local\zlxkdp.bat [2014-07-05] ()
Task: {7EF61FB7-E98E-4542-8968-138BF2B16B8C} - System32\Tasks\owpxa => C:\Users\Basti\AppData\Local\owpxa.bat [2014-07-05] ()
Task: {7F490C5C-2505-4A85-AC06-BF9732180E2B} - System32\Tasks\wbadf => C:\Users\Basti\AppData\Local\wbadf.bat [2014-07-05] ()
Task: {7F76710F-840A-41BF-86F8-E60EA3834147} - System32\Tasks\pjrtnwar => C:\Users\Basti\AppData\Local\pjrtnwar.bat [2014-07-05] ()
Task: {7F7878AA-82AB-40A4-A23A-9A735D44C2E7} - System32\Tasks\hcdxb => C:\Users\Basti\AppData\Local\hcdxb.bat [2014-07-05] ()
Task: {7FDF8C08-5311-44B7-8078-09FA791BF4ED} - System32\Tasks\sgdxvinc => C:\Users\Basti\AppData\Local\sgdxvinc.bat [2014-07-05] ()
Task: {7FFF89AC-48E4-4E6C-8F97-E1E62BFDF842} - System32\Tasks\oqrcbvv => C:\Users\Basti\AppData\Local\oqrcbvv.bat [2014-07-05] ()
Task: {806B6C7E-6290-4BED-B035-072245A22FA2} - System32\Tasks\jfbeau => C:\Users\Basti\AppData\Local\jfbeau.bat [2014-07-05] ()
Task: {812C87ED-8979-4FB5-8907-BDE36381FE6E} - System32\Tasks\nmlcbba => C:\Users\Basti\AppData\Local\nmlcbba.bat [2014-07-05] ()
Task: {819BDCA3-A619-4D7E-A369-42B804D88993} - System32\Tasks\hbcde => C:\Users\Basti\AppData\Local\hbcde.bat [2014-07-05] ()
Task: {81E4465A-5A30-4431-AA90-13F4F2B7032B} - System32\Tasks\jfida => C:\Users\Basti\AppData\Local\jfida.bat [2014-07-05] ()
Task: {824A78B1-F8EC-491D-8DD8-47C96479F763} - System32\Tasks\nnnfum => C:\Users\Basti\AppData\Local\nnnfum.bat [2014-07-05] ()
Task: {82C89923-84E8-4CDD-83A4-76491F8713C6} - System32\Tasks\lbhfk => C:\Users\Basti\AppData\Local\lbhfk.bat [2014-07-05] ()
Task: {82D4BCF0-0888-4AE9-9AA8-08B6359D5557} - System32\Tasks\dfoeggg => C:\Users\Basti\AppData\Local\dfoeggg.bat [2014-07-05] ()
Task: {8384CC9E-F5A7-4E82-B04F-F9C82BBAF763} - System32\Tasks\xhyctd => C:\Users\Basti\AppData\Local\xhyctd.bat [2014-07-05] ()
Task: {83D22F54-82FD-4CD5-AEF5-8654EE0A5BE9} - System32\Tasks\rwbgkv => C:\Users\Basti\AppData\Local\rwbgkv.bat [2014-07-05] ()
Task: {856BB06D-D00A-4FCA-B4B3-6C8B7BD8356E} - System32\Tasks\frcdo => C:\Users\Basti\AppData\Local\frcdo.bat [2014-07-05] ()
Task: {85CCBE6D-5E66-458F-802C-AACAAE24EC3F} - System32\Tasks\hbbvpjdf => C:\Users\Basti\AppData\Local\hbbvpjdf.bat [2014-07-05] ()
Task: {86397510-5238-4F34-A678-F10C83A31248} - System32\Tasks\ullcqa => C:\Users\Basti\AppData\Local\ullcqa.bat [2014-07-05] ()
Task: {86CA84DA-71D5-42F4-940C-2DC663751098} - System32\Tasks\jmaead => C:\Users\Basti\AppData\Local\jmaead.bat
Task: {86CAB150-29FD-4937-84BA-03590DE8D44B} - System32\Tasks\eekaa => C:\Users\Basti\AppData\Local\eekaa.bat [2014-07-05] ()
Task: {875A2007-89F1-4792-933F-CF7EDE2DF331} - System32\Tasks\xiscgpbc => C:\Users\Basti\AppData\Local\xiscgpbc.bat [2014-07-05] ()
Task: {87648989-6E8E-4F94-A671-67FCF9F03124} - System32\Tasks\goxir => C:\Users\Basti\AppData\Local\goxir.bat [2014-07-05] ()
Task: {8852B220-2BDF-4774-8CE2-1D7550A4B499} - System32\Tasks\cxmbx => C:\Users\Basti\AppData\Local\cxmbx.bat [2014-07-05] ()
Task: {88590079-C760-4621-993C-1633317E9B58} - System32\Tasks\flcjbpeg => C:\Users\Basti\AppData\Local\flcjbpeg.bat [2014-07-05] ()
Task: {88E855D2-3A88-4875-8F3B-180B5CB52806} - System32\Tasks\zercimyd => C:\Users\Basti\AppData\Local\zercimyd.bat [2014-07-05] ()
Task: {8953468A-EA89-48C5-B68E-A318B8814464} - System32\Tasks\cxuqfbet => C:\Users\Basti\AppData\Local\cxuqfbet.bat [2014-07-05] ()
Task: {8956E88B-38AB-4291-91F1-CD9428AD1D0C} - System32\Tasks\ibwylf => C:\Users\Basti\AppData\Local\ibwylf.bat [2014-07-04] ()
Task: {89B642E9-74DF-4006-9843-E5D4EEFF8764} - System32\Tasks\kotimq => C:\Users\Basti\AppData\Local\kotimq.bat [2014-07-05] ()
Task: {8A318339-FA06-499F-82E3-C24C50162192} - System32\Tasks\edvgfg => C:\Users\Basti\AppData\Local\edvgfg.bat [2014-07-05] ()
Task: {8B5F946F-309A-4F9B-A173-18B6A2F2C508} - System32\Tasks\advyd => C:\Users\Basti\AppData\Local\advyd.bat [2014-07-05] ()
Task: {8B61F2C8-1E77-4E20-B3F7-A9A9E43FAEDE} - System32\Tasks\oowhgopw => C:\Users\Basti\AppData\Local\oowhgopw.bat [2014-07-05] ()
Task: {8BA83850-D55D-483B-A805-EF7F731A82DB} - System32\Tasks\fdsrphfd => C:\Users\Basti\AppData\Local\fdsrphfd.bat [2014-07-04] ()
Task: {8BB65AA1-693A-42A4-B4A1-39E2663AC03A} - System32\Tasks\gxqias => C:\Users\Basti\AppData\Local\gxqias.bat [2014-07-05] ()
Task: {8BD75D3E-3F2F-4FA5-BBC8-EF3EF8B2AB9E} - System32\Tasks\etjawgd => C:\Users\Basti\AppData\Local\etjawgd.bat [2014-07-05] ()
Task: {8C2B3FF1-B366-4165-B31F-FB922A15A4A6} - System32\Tasks\mkqwcba => C:\Users\Basti\AppData\Local\mkqwcba.bat [2014-07-05] ()
Task: {8C77B3E2-9C69-48BF-A8BB-EB0602BEDC30} - System32\Tasks\hajcd => C:\Users\Basti\AppData\Local\hajcd.bat [2014-07-05] ()
Task: {8E11AAFE-BE69-4599-8758-C48EFCC6F38A} - System32\Tasks\lcbpgdb => C:\Users\Basti\AppData\Local\lcbpgdb.bat [2014-07-05] ()
Task: {8EA464E8-96CB-40CC-B164-2BD17389678D} - System32\Tasks\wfndm => C:\Users\Basti\AppData\Local\wfndm.bat [2014-07-05] ()
Task: {8ED8DB9D-D5E1-4665-91E9-7548D1FE4208} - System32\Tasks\dumdtk => C:\Users\Basti\AppData\Local\dumdtk.bat [2014-07-05] ()
Task: {8EE473C2-68A1-4425-9C96-71846E9074F3} - System32\Tasks\bvqlflgc => C:\Users\Basti\AppData\Local\bvqlflgc.bat [2014-07-05] ()
Task: {8F4A703E-87C4-4A83-AB1A-22EA43E8E237} - System32\Tasks\syeqvb => C:\Users\Basti\AppData\Local\syeqvb.bat [2014-07-05] ()
Task: {8FF53C63-C671-44D8-A2B7-06DC62D9FB6D} - System32\Tasks\izmfxrdd => C:\Users\Basti\AppData\Local\izmfxrdd.bat [2014-07-05] ()
Task: {9088E356-BA3A-4F11-9490-7F20298A58EE} - System32\Tasks\dspfvsa => C:\Users\Basti\AppData\Local\dspfvsa.bat [2014-07-05] ()
Task: {90ED642F-3171-4B3A-B859-20CDFD153748} - System32\Tasks\hhizabb => C:\Users\Basti\AppData\Local\hhizabb.bat [2014-07-05] ()
Task: {9190AA85-9AAA-4808-BF86-C4DFF5F259D5} - System32\Tasks\spurebgd => C:\Users\Basti\AppData\Local\spurebgd.bat [2014-07-05] ()
Task: {9252D4CF-AF40-49AD-BA62-F1522735AA08} - System32\Tasks\rvalo => C:\Users\Basti\AppData\Local\rvalo.bat [2014-07-04] ()
Task: {92839F0C-E391-4989-9073-A3F38D0E694D} - System32\Tasks\iehdx => C:\Users\Basti\AppData\Local\iehdx.bat [2014-07-05] ()
Task: {92CEFFA6-1282-4A4B-A907-BCD161322686} - System32\Tasks\xyprblde => C:\Users\Basti\AppData\Local\xyprblde.bat [2014-07-05] ()
Task: {941299B0-3E1F-44A8-93E1-BC0CC5E08E61} - System32\Tasks\kpbaf => C:\Users\Basti\AppData\Local\kpbaf.bat [2014-07-05] ()
Task: {94432D13-4BB1-4869-93D0-56D0D959535D} - System32\Tasks\fdnmdf => C:\Users\Basti\AppData\Local\fdnmdf.bat [2014-07-05] ()
Task: {94F2FB51-105E-4058-AD46-94129C34E18F} - System32\Tasks\whqaqbs => C:\Users\Basti\AppData\Local\whqaqbs.bat [2014-07-05] ()
Task: {9548BFE2-A600-49A4-93DF-637283CFA14C} - System32\Tasks\kodhei => C:\Users\Basti\AppData\Local\kodhei.bat [2014-07-05] ()
Task: {95600537-5CBC-4288-A9F3-0B9EE8052629} - System32\Tasks\aavaivd => C:\Users\Basti\AppData\Local\aavaivd.bat [2014-07-05] ()
Task: {958FCB48-23BC-4235-950F-6DC7CAFCD424} - System32\Tasks\mlkcahff => C:\Users\Basti\AppData\Local\mlkcahff.bat [2014-07-05] ()
Task: {95C650B1-78F9-4E02-AA80-64B7C93BF11C} - System32\Tasks\fdovf => C:\Users\Basti\AppData\Local\fdovf.bat [2014-07-05] ()
Task: {95F070F9-52B9-455D-A5C8-FC6B3E5C7B99} - System32\Tasks\tifsqdcp => C:\Users\Basti\AppData\Local\tifsqdcp.bat [2014-07-05] ()
Task: {9638DDFF-C2C1-49F4-90B3-DFEB2C460AEB} - System32\Tasks\apdqeyn => C:\Users\Basti\AppData\Local\apdqeyn.bat [2014-07-05] ()
Task: {96EE0D90-9427-4CC3-BD0B-140C531AC4C7} - System32\Tasks\yjneb => C:\Users\Basti\AppData\Local\yjneb.bat [2014-07-05] ()
Task: {976940D8-54B3-4E6F-8F9D-8F3F0605E9BC} - System32\Tasks\kvadpseb => C:\Users\Basti\AppData\Local\kvadpseb.bat [2014-07-05] ()
Task: {97810E4A-E409-4595-ACB5-8B030C5D1E98} - System32\Tasks\codrds => C:\Users\Basti\AppData\Local\codrds.bat [2014-07-05] ()
Task: {97AAF933-D04D-4667-8C5C-75868A5FB732} - System32\Tasks\gykfdp => C:\Users\Basti\AppData\Local\gykfdp.bat [2014-07-05] ()
Task: {97ED39E9-BB35-49CC-9C21-AB273B15524A} - System32\Tasks\aauhb => C:\Users\Basti\AppData\Local\aauhb.bat [2014-07-05] ()
Task: {9910E4AF-406B-49B4-B828-B96D4272CFAE} - System32\Tasks\oiccwxya => C:\Users\Basti\AppData\Local\oiccwxya.bat [2014-07-05] ()
Task: {996361EF-95F0-41A4-B1E1-DAAAE4ABAAF2} - System32\Tasks\clcjyhpm => C:\Users\Basti\AppData\Local\clcjyhpm.bat [2014-07-05] ()
Task: {99785FD4-BF63-4E0C-AB3B-D91912A76030} - System32\Tasks\vwxyaa => C:\Users\Basti\AppData\Local\vwxyaa.bat [2014-07-04] ()
Task: {99D43977-5E93-4293-B679-6800C823350E} - System32\Tasks\koswbos => C:\Users\Basti\AppData\Local\koswbos.bat [2014-07-05] ()
Task: {9A221AD9-38CF-46A7-BF21-D049903CA8E6} - System32\Tasks\gvonfon => C:\Users\Basti\AppData\Local\gvonfon.bat [2014-07-05] ()
Task: {9AE9E115-FC77-493D-93F2-A42ABF805C7D} - System32\Tasks\wnwnwn => C:\Users\Basti\AppData\Local\wnwnwn.bat [2014-07-05] ()
Task: {9C6CB459-40DC-45F9-A703-738413E1D4FA} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: {9C812086-F0A0-4DF7-929F-6817F24AD61B} - System32\Tasks\nmmml => C:\Users\Basti\AppData\Local\nmmml.bat [2014-07-05] ()
Task: {9D7DCDC0-91A3-453A-94C4-B3801FA10739} - System32\Tasks\qdfsoaep => C:\Users\Basti\AppData\Local\qdfsoaep.bat [2014-07-05] ()
Task: {9E13CAF1-28D3-44EE-8641-7218C5198FB5} - System32\Tasks\dmktr => C:\Users\Basti\AppData\Local\dmktr.bat [2014-07-05] ()
Task: {9E7AA17D-7540-4372-8834-DF42D9384035} - System32\Tasks\vvkksaa => C:\Users\Basti\AppData\Local\vvkksaa.bat [2014-07-04] ()
Task: {9E87E0C9-1A99-4754-BB10-505F0F9AFCA9} - System32\Tasks\fjugqjt => C:\Users\Basti\AppData\Local\fjugqjt.bat [2014-07-05] ()
Task: {9F28A335-4CCB-4A57-B048-085C04BB711B} - System32\Tasks\mmssraxg => C:\Users\Basti\AppData\Local\mmssraxg.bat [2014-07-05] ()
Task: {9F2DDB56-04EE-4023-B6AC-87FAABC899C4} - System32\Tasks\rvbfq => C:\Users\Basti\AppData\Local\rvbfq.bat [2014-07-05] ()
Task: {9F6757CF-098B-4127-B6D6-7F86B635370B} - System32\Tasks\ebbxomli => C:\Users\Basti\AppData\Local\ebbxomli.bat [2014-07-04] ()
Task: {9F6A30E0-28D5-4E71-BAEC-A0664612F729} - System32\Tasks\reykgr => C:\Users\Basti\AppData\Local\reykgr.bat [2014-07-05] ()
Task: {9F70E6DA-08DA-44FE-9CFF-74025B70C56B} - System32\Tasks\mekjpgn => C:\Users\Basti\AppData\Local\mekjpgn.bat [2014-07-05] ()
Task: {9F7509D7-ADC5-4EA0-9865-285C6DD01A58} - System32\Tasks\cxfbe => C:\Users\Basti\AppData\Local\cxfbe.bat [2014-07-05] ()
Task: {9F9F66A7-1989-47AA-BBDC-03BE2C7A8DDF} - System32\Tasks\kpmrcseu => C:\Users\Basti\AppData\Local\kpmrcseu.bat [2014-07-05] ()
Task: {9FF31ACF-C97A-4215-9870-804B69437AB0} - System32\Tasks\jnzfz => C:\Users\Basti\AppData\Local\jnzfz.bat [2014-07-05] ()
Task: {9FF3B21A-345D-4603-9B1C-9809D83ED474} - System32\Tasks\hauga => C:\Users\Basti\AppData\Local\hauga.bat [2014-07-05] ()
Task: {A002810D-B690-47A6-B452-62504AB92575} - System32\Tasks\nvfmuudl => C:\Users\Basti\AppData\Local\nvfmuudl.bat [2014-07-04] ()
Task: {A0843133-3115-46E2-AF0F-51C4F655F3DD} - System32\Tasks\gfibaat => C:\Users\Basti\AppData\Local\gfibaat.bat [2014-07-05] ()
Task: {A087B91B-051C-4191-89A0-02D5D5949AF6} - System32\Tasks\qtvyjlor => C:\Users\Basti\AppData\Local\qtvyjlor.bat [2014-07-05] ()
Task: {A0AF201A-53A6-4656-BFD4-87394352D299} - System32\Tasks\hjcen => C:\Users\Basti\AppData\Local\hjcen.bat [2014-07-05] ()
Task: {A196A545-27D4-4AB5-8C9C-E06B3CA8DA5F} - System32\Tasks\pabnxzc => C:\Users\Basti\AppData\Local\pabnxzc.bat [2014-07-05] ()
Task: {A2D5287C-9018-4D0A-804A-00DDF698377A} - System32\Tasks\yrlewqjt => C:\Users\Basti\AppData\Local\yrlewqjt.bat [2014-07-05] ()
Task: {A2FB8C6A-2AEE-4215-9AED-1A374C3E96AF} - System32\Tasks\itvqce => C:\Users\Basti\AppData\Local\itvqce.bat [2014-07-05] ()
Task: {A391C679-C076-4CD7-BB85-E782CCC91062} - System32\Tasks\elsbi => C:\Users\Basti\AppData\Local\elsbi.bat [2014-07-05] ()
Task: {A39B5368-B80B-4ED0-BDBF-4602EB0415E1} - System32\Tasks\ghpqrsad => C:\Users\Basti\AppData\Local\ghpqrsad.bat [2014-07-05] ()
Task: {A45698DD-8075-4DD4-B46E-5BBCC69BAFA8} - System32\Tasks\timsfmb => C:\Users\Basti\AppData\Local\timsfmb.bat [2014-07-04] ()
Task: {A57011CA-7A5C-40FA-A2D9-7BCB572B2254} - System32\Tasks\qcueqbm => C:\Users\Basti\AppData\Local\qcueqbm.bat [2014-07-05] ()
Task: {A58092C6-BB19-4582-BC8C-15E7552A29D7} - System32\Tasks\oqxbbc => C:\Users\Basti\AppData\Local\oqxbbc.bat [2014-07-05] ()
Task: {A6286F05-80C9-494D-B286-E7F8A111432B} - System32\Tasks\bnzgs => C:\Users\Basti\AppData\Local\bnzgs.bat [2014-07-05] ()
Task: {A653F52B-B131-4835-9B0A-1F9E89F1C29B} - System32\Tasks\mddazf => C:\Users\Basti\AppData\Local\mddazf.bat [2014-07-05] ()
Task: {A681FAAA-34DE-44ED-A27E-8604A8F46734} - System32\Tasks\mtbah => C:\Users\Basti\AppData\Local\mtbah.bat [2014-07-05] ()
Task: {A771C106-5498-4920-8896-EDE9F1ED7623} - System32\Tasks\iklnpr => C:\Users\Basti\AppData\Local\iklnpr.bat [2014-07-05] ()
Task: {A8A10C71-9D1B-491F-B5C9-2F1A9028E523} - System32\Tasks\pqacduwx => C:\Users\Basti\AppData\Local\pqacduwx.bat [2014-07-05] ()
Task: {A8E25691-3130-45C7-813A-E3DBE9750338} - System32\Tasks\accdqkmg => C:\Users\Basti\AppData\Local\accdqkmg.bat [2014-07-05] ()
Task: {A8E96BFF-F32D-4239-8502-305C055FB67D} - System32\Tasks\nwwgfoix => C:\Users\Basti\AppData\Local\nwwgfoix.bat [2014-07-05] ()
Task: {A92C37E1-07CD-4388-B711-0E894DE4E93F} - System32\Tasks\vksiwf => C:\Users\Basti\AppData\Local\vksiwf.bat [2014-07-05] ()
Task: {A9E5DFC3-D8C5-4932-90C5-21986CA4416F} - System32\Tasks\cmksqa => C:\Users\Basti\AppData\Local\cmksqa.bat [2014-07-05] ()
Task: {AA2E61F8-6FA4-40E1-BB99-1CAA873A8E75} - System32\Tasks\wfnwehp => C:\Users\Basti\AppData\Local\wfnwehp.bat [2014-07-05] ()
Task: {AA9F0AA9-66E8-49B5-A0DB-2A2E398E0B37} - System32\Tasks\lkiom => C:\Users\Basti\AppData\Local\lkiom.bat [2014-07-05] ()
Task: {AAD85056-FB99-4899-8422-518EEC146B7F} - System32\Tasks\dhejf => C:\Users\Basti\AppData\Local\dhejf.bat [2014-07-05] ()
Task: {AAF6A6B3-680B-413E-8CF9-55B45167E89D} - System32\Tasks\oyirbkt => C:\Users\Basti\AppData\Local\oyirbkt.bat [2014-07-05] ()
Task: {AB406ED3-FA0C-4244-97E6-253A8ADBA454} - System32\Tasks\lkpouty => C:\Users\Basti\AppData\Local\ljomr.bat [2014-07-05] ()
Task: {AB9DA712-F8BF-4B9C-9D0D-EECB6F1CA56D} - System32\Tasks\qceqde => C:\Users\Basti\AppData\Local\qceqde.bat [2014-07-05] ()
Task: {ABEA5CDB-526A-45B1-9857-ABC614B82CC3} - System32\Tasks\bqeshc => C:\Users\Basti\AppData\Local\bqeshc.bat [2014-07-05] ()
Task: {ABFEECFE-E956-4020-A16D-81DB8ABEAA7C} - System32\Tasks\fzslf => C:\Users\Basti\AppData\Local\fzslf.bat [2014-07-05] ()
Task: {AC2B4087-02CC-461C-9BFA-2A6332E08EB3} - System32\Tasks\cdbapem => C:\Users\Basti\AppData\Local\cdbapem.bat [2014-07-05] ()
Task: {ACC59B1B-373D-4380-8F32-C38C6DBD46FB} - System32\Tasks\ofmtudlc => C:\Users\Basti\AppData\Local\ofmtudlc.bat [2014-07-05] ()
Task: {ACFDAA2C-7C7D-4E37-8F47-8A0E5FF566B3} - System32\Tasks\ilhkui => C:\Users\Basti\AppData\Local\ilhkui.bat [2014-07-05] ()
Task: {AD15D66A-2A10-4CC8-B1C5-3486EB3E209A} - System32\Tasks\epaakb => C:\Users\Basti\AppData\Local\epaakb.bat [2014-07-05] ()
Task: {AD7D23F1-BB2E-48CC-9CE5-66298D5790CF} - System32\Tasks\korvk => C:\Users\Basti\AppData\Local\korvk.bat [2014-07-05] ()
Task: {ADE16A13-572D-431F-943E-87D7E87E2859} - System32\Tasks\ahwdxes => C:\Users\Basti\AppData\Local\ahwdxes.bat [2014-07-05] ()
Task: {AF79FB21-CF15-43E8-A2FD-CD20508D4161} - System32\Tasks\juqtpcwa => C:\Users\Basti\AppData\Local\juqtpcwa.bat [2014-07-05] ()
Task: {AFE23F61-2763-44E6-AB19-2EBBE86415F0} - System32\Tasks\droebqe => C:\Users\Basti\AppData\Local\droebqe.bat [2014-07-05] ()
Task: {B039BD87-8158-4CE8-825B-37095A91B001} - System32\Tasks\yefkor => C:\Users\Basti\AppData\Local\yefkor.bat [2014-07-05] ()
Task: {B04C31EA-4E69-43E8-9F50-14EE1453E46D} - System32\Tasks\znamymy => C:\Users\Basti\AppData\Local\znamymy.bat [2014-07-05] ()
Task: {B0A7E31B-4163-4DEB-BF93-E2B023F12403} - System32\Tasks\mdcyxo => C:\Users\Basti\AppData\Local\mdcyxo.bat
Task: {B26F9A37-658D-4102-9481-E4A289B9C3CF} - System32\Tasks\dyoecqf => C:\Users\Basti\AppData\Local\dyoecqf.bat [2014-07-05] ()
Task: {B2BFFCCE-BF2B-48FB-833B-593555018FBF} - System32\Tasks\cpkyu => C:\Users\Basti\AppData\Local\cpkyu.bat [2014-07-05] ()
Task: {B3F52FD3-9974-448B-8058-0600C56F1C2B} - System32\Tasks\ubbpv => C:\Users\Basti\AppData\Local\ubbpv.bat [2014-07-04] ()
Task: {B3FCE6AF-F093-4AEC-BC91-D58A56569EA2} - System32\Tasks\mdiafdcz => C:\Users\Basti\AppData\Local\mdiafdcz.bat [2014-07-05] ()
Task: {B4C6A1D3-384B-42C7-B7D2-B6ACB8ECE5F3} - System32\Tasks\dngvfvue => C:\Users\Basti\AppData\Local\dngvfvue.bat [2014-07-05] ()
Task: {B5D61CBD-21C8-48F3-A448-D2CAF4EEB164} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\SymErr.exe
Task: {B5DF5D09-FD52-4090-8B45-C9B14A885BBE} - System32\Tasks\fepharyj => C:\Users\Basti\AppData\Local\fepharyj.bat [2014-07-05] ()
Task: {B6DE23D7-8512-4E1A-9C1B-DDC42F467DDD} - System32\Tasks\qbcmvfj => C:\Users\Basti\AppData\Local\qbcmvfj.bat [2014-07-05] ()
Task: {B6DEBFEC-F80A-4951-97A8-54E8A8441A91} - System32\Tasks\4680 => Wscript.exe C:\Users\Basti\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {B74CDCDE-91EB-4E73-A863-76764920E680} - System32\Tasks\qtvyb => C:\Users\Basti\AppData\Local\qtvyb.bat [2014-07-05] ()
Task: {B756B24A-B718-4AF5-AEBD-DCD528751097} - System32\Tasks\caebgar => C:\Users\Basti\AppData\Local\caebgar.bat [2014-07-05] ()
Task: {B759D8D9-E413-453F-BE3B-63D80777C1FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: {B791EF72-E543-4CD7-BD75-EE74E1F10969} - System32\Tasks\cgbxmqfb => C:\Users\Basti\AppData\Local\cgbxmqfb.bat [2014-07-05] ()
Task: {B7CFAC87-C605-4223-8F8A-CFEABC961E44} - System32\Tasks\hboadwib => C:\Users\Basti\AppData\Local\hboadwib.bat [2014-07-05] ()
Task: {B84BA775-AAF9-43B6-826D-BF4DAA5F0105} - System32\Tasks\ljoukq => C:\Users\Basti\AppData\Local\ljoukq.bat [2014-07-05] ()
Task: {B8888C34-34F4-4C9D-969F-8C018F111AB8} - System32\Tasks\aiwdrx => C:\Users\Basti\AppData\Local\aiwdrx.bat [2014-07-05] ()
Task: {B99ABFE6-7652-4374-8342-280AFCB803AD} - System32\Tasks\rvbmquym => C:\Users\Basti\AppData\Local\rvbmquym.bat [2014-07-05] ()
Task: {B9A41E1D-2D9C-424B-8E84-4F2452666FB7} - System32\Tasks\hanisfyt => C:\Users\Basti\AppData\Local\hanisfyt.bat [2014-07-05] ()
Task: {BAB682B6-BBFC-4E25-8BC4-0ADE1C48AD76} - System32\Tasks\ruycgqu => C:\Users\Basti\AppData\Local\ruycgqu.bat [2014-07-05] ()
Task: {BBA3299D-25E2-4B1E-9570-4523A4F81A88} - System32\Tasks\lbxdjhu => C:\Users\Basti\AppData\Local\lbxdjhu.bat [2014-07-05] ()
Task: {BC05DFBA-8890-4A48-8C53-D3F95420D8AA} - System32\Tasks\lbeuzx => C:\Users\Basti\AppData\Local\lbeuzx.bat [2014-07-05] ()
Task: {BC20BFD8-C1C5-4772-8791-CA7E3D17AC8D} - System32\Tasks\kaebwb => C:\Users\Basti\AppData\Local\kaebwb.bat [2014-07-05] ()
Task: {BC20CDF4-ECB6-4E01-BE1A-8112F150E668} - System32\Tasks\piqscudg => C:\Users\Basti\AppData\Local\piqscudg.bat [2014-07-05] ()
Task: {BCC59AD6-6FA2-4130-A147-33D191F23577} - System32\Tasks\axebgbxe => C:\Users\Basti\AppData\Local\axebgbxe.bat
Task: {BD0F8B7E-3B0B-43B5-ADA9-2D63D2FCFF11} - System32\Tasks\qbewzdgb => C:\Users\Basti\AppData\Local\qbewzdgb.bat [2014-07-05] ()
Task: {BD594A36-2EF2-4D2B-B94A-2F84B76D9ED9} - System32\Tasks\bncpbp => C:\Users\Basti\AppData\Local\bncpbp.bat [2014-07-05] ()
Task: {BDC84873-C788-4972-8AC5-616546117784} - System32\Tasks\bqguje => C:\Users\Basti\AppData\Local\bqguje.bat [2014-07-05] ()
Task: {BEA0FA42-4444-4056-9211-75E52CC6C2B8} - System32\Tasks\vmofnff => C:\Users\Basti\AppData\Local\vmofnff.bat [2014-07-05] ()
Task: {BEB57153-2423-44A4-B05A-DF0A83349D41} - System32\Tasks\ckcieme => C:\Users\Basti\AppData\Local\ckcieme.bat [2014-07-05] ()
Task: {BF7ABAB7-668B-4A60-B29C-FD3A90FA6111} - System32\Tasks\noooop => C:\Users\Basti\AppData\Local\noooop.bat [2014-07-05] ()
Task: {BFB59BC8-D613-42FA-85E9-D23478DC510F} - System32\Tasks\mddsj => C:\Users\Basti\AppData\Local\mddsj.bat [2014-07-04] ()
Task: {C00CBE3B-4B1F-4300-8EBE-756D145139C7} - System32\Tasks\wbaknwgj => C:\Users\Basti\AppData\Local\wbaknwgj.bat [2014-07-05] ()
Task: {C120A91C-CECC-433F-A4B0-E96B9D6A00B0} - System32\Tasks\ulcjf => C:\Users\Basti\AppData\Local\ulcjf.bat [2014-07-05] ()
Task: {C1777FCC-BB4C-4899-B259-525C91D454EB} - System32\Tasks\bnbwkw => C:\Users\Basti\AppData\Local\bnbwkw.bat [2014-07-05] ()
Task: {C17C0E2E-29CB-4F85-8A9F-003424C23289} - System32\Tasks\vvfettbb => C:\Users\Basti\AppData\Local\vvfettbb.bat [2014-07-05] ()
Task: {C1DD108C-C0E0-4E45-B734-BFD7E637C6ED} - System32\Tasks\xarscn => C:\Users\Basti\AppData\Local\xarscn.bat [2014-07-05] ()
Task: {C1F045DF-F13B-4938-97A7-E36B4EF6FBE3} - System32\Tasks\msjput => C:\Users\Basti\AppData\Local\msjput.bat [2014-07-05] ()
Task: {C27A5490-A990-41F6-BD9B-02181D023A09} - System32\Tasks\jnxdejn => C:\Users\Basti\AppData\Local\jnxdejn.bat [2014-07-05] ()
Task: {C4F58F8D-D32F-4636-A228-9F0B63E7D593} - System32\Tasks\ujagcjyo => C:\Users\Basti\AppData\Local\ujagcjyo.bat [2014-07-05] ()
Task: {C53863A9-65FA-40FD-A9A5-F67CA71FF9E2} - System32\Tasks\mbfejx => C:\Users\Basti\AppData\Local\mbfejx.bat [2014-07-05] ()
Task: {C5BF1E0D-2204-4B7D-BA17-9DC83B876ED3} - System32\Tasks\gnnfmmem => C:\Users\Basti\AppData\Local\gnnfmmem.bat [2014-07-05] ()
Task: {C66479CF-C17E-4291-A5CF-26DE1448048B} - System32\Tasks\pqstvx => C:\Users\Basti\AppData\Local\pqstvx.bat [2014-07-04] ()
Task: {C69A52D5-8349-49FE-8712-72628A28C7F6} - System32\Tasks\ikcezb => C:\Users\Basti\AppData\Local\ikcezb.bat [2014-07-05] ()
Task: {C6BB8058-D85B-4AC2-8530-6E9EF0CE9EE3} - System32\Tasks\ntlsya => C:\Users\Basti\AppData\Local\ntlsya.bat [2014-07-04] ()
Task: {C7507750-CF15-42D3-A866-4BA1B36E2D8C} - System32\Tasks\xybsbdgx => C:\Users\Basti\AppData\Local\xybsbdgx.bat [2014-07-05] ()
Task: {C79B1DD4-78A8-46F8-804C-EC4A438D8631} - System32\Tasks\nejqff => C:\Users\Basti\AppData\Local\nejqff.bat [2014-07-05] ()
Task: {C834CCF2-1676-4A52-B515-9696DE21D1E5} - System32\Tasks\lkonsrp => C:\Users\Basti\AppData\Local\lkonsrp.bat [2014-07-05] ()
Task: {C8AA94E7-4D84-44FB-92D3-213DF6E04C29} - System32\Tasks\esjbhen => C:\Users\Basti\AppData\Local\esjbhen.bat [2014-07-05] ()
Task: {C9311851-A604-4644-B327-00408B26BD84} - System32\Tasks\thdqca => C:\Users\Basti\AppData\Local\thdqca.bat [2014-07-05] ()
Task: {C9E454E6-4780-4789-88A9-FFDA6991C8EC} - System32\Tasks\azsgxrbv => C:\Users\Basti\AppData\Local\azsgxrbv.bat [2014-07-05] ()
Task: {CA6DAE81-523E-4198-9813-565593D1522F} - System32\Tasks\bdanjmjw => C:\Users\Basti\AppData\Local\bdanjmjw.bat [2014-07-05] ()
Task: {CA88621B-8839-470B-81E1-EC4522871D91} - System32\Tasks\bdebu => C:\Users\Basti\AppData\Local\bdebu.bat [2014-07-05] ()
Task: {CA8AAD1F-F46C-42F9-9DCF-81DF0A7D592B} - System32\Tasks\tyfrhlye => C:\Users\Basti\AppData\Local\tyfrhlye.bat [2014-07-05] ()
Task: {CC2DE09A-A06B-425F-865D-F71ECB3FC2EA} - System32\Tasks\bqftidsi => C:\Users\Basti\AppData\Local\bqftidsi.bat [2014-07-05] ()
Task: {CC4C4918-75B4-43D8-B558-EFFE644ECC29} - System32\Tasks\crhwmb => C:\Users\Basti\AppData\Local\crhwmb.bat [2014-07-05] ()
Task: {CCB2670E-8EA1-430D-A759-786BB785EBEB} - System32\Tasks\yfpsfj => C:\Users\Basti\AppData\Local\yfpsfj.bat [2014-07-05] ()
Task: {CDC77E5B-21B7-4F8A-8C83-E72CDD53F86B} - System32\Tasks\ecaeb => C:\Users\Basti\AppData\Local\ecaeb.bat [2014-07-05] ()
Task: {CE8DC016-64E0-4029-8B1D-C61057495C09} - System32\Tasks\ajtfib => C:\Users\Basti\AppData\Local\ajtfib.bat [2014-07-05] ()
Task: {CE9DCD78-B46E-4E41-91BB-659D9E11F18F} - System32\Tasks\xphyqjar => C:\Users\Basti\AppData\Local\xphyqjar.bat [2014-07-05] ()
Task: {CF6E98E7-8B91-4CAF-A900-022827F6FC51} - System32\Tasks\qluqkvp => C:\Users\Basti\AppData\Local\qluqkvp.bat [2014-07-04] ()
Task: {CFA8E8CC-EC4B-437D-8CDE-DF8BD713A502} - System32\Tasks\gaabcb => C:\Users\Basti\AppData\Local\gaabcb.bat [2014-07-05] ()
Task: {CFCDAC6E-D258-4ABC-BA4F-C6B6F07A0E65} - System32\Tasks\kvavalpl => C:\Users\Basti\AppData\Local\kvavalpl.bat [2014-07-05] ()
Task: {D0DD7914-98E8-4DF3-A457-C397B9736015} - System32\Tasks\sqnlqv => C:\Users\Basti\AppData\Local\sqnlqv.bat [2014-07-05] ()
Task: {D12B3B35-5472-4231-B4DA-840395A20DEE} - System32\Tasks\wfodnfnc => C:\Users\Basti\AppData\Local\wfodnfnc.bat [2014-07-05] ()
Task: {D14F3D18-C754-4E9E-8BB4-BE5A7CCF9485} - System32\Tasks\icwrmgb => C:\Users\Basti\AppData\Local\icwrmgb.bat [2014-07-05] ()
Task: {D15D398B-358A-4F58-A998-849CC2793608} - System32\Tasks\bwdgshc => C:\Users\Basti\AppData\Local\bwdgshc.bat [2014-07-05] ()
Task: {D26B8E83-2EA1-4F2E-95D9-79A56170114F} - System32\Tasks\yldibny => C:\Users\Basti\AppData\Local\yldibny.bat [2014-07-05] ()
Task: {D34F9D12-550F-48CD-9F13-EEC89B8A0D04} - System32\Tasks\dblbsj => C:\Users\Basti\AppData\Local\dblbsj.bat [2014-07-05] ()
Task: {D423E78B-6783-4EE7-99D5-45F0A6AD0412} - System32\Tasks\zuhuh => C:\Users\Basti\AppData\Local\zuhuh.bat [2014-07-05] ()
Task: {D499325D-BAC7-4AF5-8A83-018E919444B2} - System32\Tasks\bdxsuidx => C:\Users\Basti\AppData\Local\bdxsuidx.bat [2014-07-05] ()
Task: {D4D349FA-5ACD-49B3-B5C9-999892236028} - System32\Tasks\ebeczxu => C:\Users\Basti\AppData\Local\ebeczxu.bat [2014-07-05] ()
Task: {D4E0B46E-A032-492D-A8F2-46DB5D945757} - System32\Tasks\xparkat => C:\Users\Basti\AppData\Local\xparkat.bat [2014-07-05] ()
Task: {D55AC550-6949-4BFD-9D66-AF9E333BADD7} - System32\Tasks\abwydfad => C:\Users\Basti\AppData\Local\abwydfad.bat [2014-07-05] ()
Task: {D6D8825F-9CBA-4151-BAA4-320D78B0734C} - System32\Tasks\dzhecq => C:\Users\Basti\AppData\Local\dzhecq.bat [2014-07-05] ()
Task: {D6FD2B64-1FE9-4832-9239-9BAE02476E2E} - System32\Tasks\qlfbd => C:\Users\Basti\AppData\Local\qlfbd.bat [2014-07-05] ()
Task: {D739E78E-1CF0-47C7-927B-FDA5DD40C077} - System32\Tasks\wxhoxy => C:\Users\Basti\AppData\Local\wxhoxy.bat [2014-07-05] ()
Task: {D82F6FAD-4F50-4EBD-89B4-316CDA801866} - System32\Tasks\hyrrlvvo => C:\Users\Basti\AppData\Local\hyrrlvvo.bat [2014-07-04] ()
Task: {D84989EA-41AE-4566-A7D6-7B2F8232FC85} - System32\Tasks\izste => C:\Users\Basti\AppData\Local\izste.bat [2014-07-05] ()
Task: {D86BE97B-74D7-49F2-B958-3234E4FBCB3D} - System32\Tasks\qsvxbknp => C:\Users\Basti\AppData\Local\qsvxbknp.bat [2014-07-05] ()
Task: {D8777C9C-3929-4362-AE39-C103616E5921} - System32\Tasks\lbfcaxur => C:\Users\Basti\AppData\Local\lbfcaxur.bat [2014-07-05] ()
Task: {D92A95B5-C808-4E4E-9528-7F0D2A3B1F74} - System32\Tasks\uucapofc => C:\Users\Basti\AppData\Local\uucapofc.bat [2014-07-05] ()
Task: {D95DB20A-86B2-46E1-97B5-2D5AE6472DBC} - System32\Tasks\cgafnanb => C:\Users\Basti\AppData\Local\cgafnanb.bat [2014-07-04] ()
Task: {D9E54CE1-C1C0-401C-BB77-54C30E9D10FA} - System32\Tasks\kheqm => C:\Users\Basti\AppData\Local\kheqm.bat [2014-07-05] ()
Task: {DA4562EF-87A8-4A59-BE53-548EB33B70ED} - System32\Tasks\cljrpd => C:\Users\Basti\AppData\Local\cljrpd.bat [2014-07-05] ()
Task: {DAA22B6D-3D87-42BC-9166-484570743B77} - System32\Tasks\ekbaxdus => C:\Users\Basti\AppData\Local\ekbaxdus.bat [2014-07-05] ()
Task: {DC5DFB37-1AD9-4D75-B56E-BF2C2C37D0CD} - System32\Tasks\rnjfj => C:\Users\Basti\AppData\Local\rnjfj.bat [2014-07-05] ()
Task: {DC691991-5481-4595-ABCD-2DFB97A70B6C} - System32\Tasks\czwlaxm => C:\Users\Basti\AppData\Local\czwlaxm.bat [2014-07-05] ()
Task: {DCBD767E-C421-49A4-B114-63EC98807835} - System32\Tasks\hqjtu => C:\Users\Basti\AppData\Local\hqjtu.bat [2014-07-05] ()
Task: {DCEBD5D5-1BA9-4DB5-A058-A657D5943F33} - System32\Tasks\zvbvc => C:\Users\Basti\AppData\Local\zvbvc.bat [2014-07-05] ()
Task: {DD4C4EF1-9BDF-4794-BAE1-914D41EE294E} - System32\Tasks\sxeqfjvb => C:\Users\Basti\AppData\Local\sxeqfjvb.bat [2014-07-05] ()
Task: {DD7F1F5F-E637-45FA-8DAC-441BD3B8FD2F} - System32\Tasks\qtdht => C:\Users\Basti\AppData\Local\qtdht.bat [2014-07-05] ()
Task: {DE191F96-8962-4BE7-893A-07A6826FD606} - System32\Tasks\abbcw => C:\Users\Basti\AppData\Local\abbcw.bat [2014-07-05] ()
Task: {DEE323B4-C475-4C1A-9409-E081EF31CC62} - System32\Tasks\owfwfngn => C:\Users\Basti\AppData\Local\owfwfngn.bat [2014-07-05] ()
Task: {DEFB0374-B3F1-45D5-AC7A-FC9FA34B45EA} - System32\Tasks\bbxcryn => C:\Users\Basti\AppData\Local\bbxcryn.bat [2014-07-05] ()
Task: {DF27E26C-9D3B-4A94-A75F-9C958282B18F} - System32\Tasks\kigcieea => C:\Users\Basti\AppData\Local\kigcieea.bat [2014-07-05] ()
Task: {DFEF790F-7FFE-46B0-B84B-B78C4E10EEEE} - System32\Tasks\cygdqe => C:\Users\Basti\AppData\Local\cygdqe.bat [2014-07-05] ()
Task: {DFFA22D2-B6B1-44F6-88FA-241055E3D513} - System32\Tasks\haughc => C:\Users\Basti\AppData\Local\haughc.bat [2014-07-05] ()
Task: {E08D7EB1-7E72-4721-93BE-CB4A05EB8526} - System32\Tasks\wayik => C:\Users\Basti\AppData\Local\wayik.bat [2014-07-05] ()
Task: {E0D8CA43-06F2-4CD9-B92D-640622E9606A} - System32\Tasks\bocpkx => C:\Users\Basti\AppData\Local\bocpkx.bat [2014-07-05] ()
Task: {E123E611-9C0D-4C1B-AC23-2B6FC97C009E} - System32\Tasks\qcnxjue => C:\Users\Basti\AppData\Local\qcnxjue.bat [2014-07-05] ()
Task: {E159EF97-6E8B-4BBF-A1ED-B153C18CE903} - System32\Tasks\aheqe => C:\Users\Basti\AppData\Local\aheqe.bat [2014-07-05] ()
Task: {E215A941-BAEE-4DFA-88DB-9E33E41AEC7B} - System32\Tasks\jmpruxc => C:\Users\Basti\AppData\Local\jmpruxc.bat [2014-07-05] ()
Task: {E2FD88C8-E4EC-410F-AABB-DE431DCE0004} - System32\Tasks\bperg => C:\Users\Basti\AppData\Local\bperg.bat [2014-07-05] ()
Task: {E32AD157-9DEC-4653-978E-52C7DBFCB42C} - System32\Tasks\rozwbgjf => C:\Users\Basti\AppData\Local\rozwbgjf.bat [2014-07-05] ()
Task: {E380B911-E352-4A9F-9752-8EE210DB9837} - System32\Tasks\gwhhpirq => C:\Users\Basti\AppData\Local\gwhhpirq.bat [2014-07-05] ()
Task: {E387B2A5-4BE5-402C-902F-0B0192F7BFC1} - System32\Tasks\crhoe => C:\Users\Basti\AppData\Local\crhoe.bat [2014-07-05] ()
Task: {E45273A6-7336-4518-999D-DE0E177B9F99} - System32\Tasks\wfhwahi => C:\Users\Basti\AppData\Local\wfhwahi.bat [2014-07-05] ()
Task: {E51CD699-6D66-43C9-9442-A56F960692E9} - System32\Tasks\recvsf => C:\Users\Basti\AppData\Local\recvsf.bat [2014-07-05] ()
Task: {E55D857C-E829-41A6-9112-785FF6F00978} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {E5BBE7E2-CBD2-4540-980D-6720484D9EFD} - System32\Tasks\uejqaf => C:\Users\Basti\AppData\Local\uejqaf.bat [2014-07-05] ()
Task: {E66AAD33-896C-4DD6-93A3-1E4D1691C6D0} - System32\Tasks\ljigtr => C:\Users\Basti\AppData\Local\ljigtr.bat [2014-07-05] ()
Task: {E693D6A2-16DA-4E91-9551-02A5EA882486} - System32\Tasks\lcaxvl => C:\Users\Basti\AppData\Local\lcaxvl.bat [2014-07-05] ()
Task: {E6A87921-46D1-42C1-A91C-4985CE484B2A} - System32\Tasks\qbceoys => C:\Users\Basti\AppData\Local\qbceoys.bat [2014-07-05] ()
Task: {E83476D8-E7C3-411E-84BA-899E651EC18A} - System32\Tasks\fegdv => C:\Users\Basti\AppData\Local\fegdv.bat [2014-07-04] ()
Task: {E8C32CF0-EDC9-422F-96DE-F3E5E9020228} - System32\Tasks\ilnac => C:\Users\Basti\AppData\Local\ilnac.bat [2014-07-05] ()
Task: {E9EB0E15-5AA8-4CAF-9B44-CE5A5D2BDD1D} - System32\Tasks\hpzsc => C:\Users\Basti\AppData\Local\hpzsc.bat [2014-07-05] ()
Task: {EAEA3E67-A6DC-40BA-BFEA-6F9CEC6478EC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe [2012-05-29] (TuneUp Software)
Task: {EB271BCF-53A5-4A38-8DB8-8C68117A9E7B} - System32\Tasks\eqbblc => C:\Users\Basti\AppData\Local\eqbblc.bat [2014-07-05] ()
Task: {EB58EE2A-DD51-4802-AA27-71ED6B7532C6} - System32\Tasks\awjfco => C:\Users\Basti\AppData\Local\awjfco.bat [2014-07-05] ()
Task: {EBC7AD4A-A24D-4998-BC74-5EB8A75A92ED} - System32\Tasks\ttrqw => C:\Users\Basti\AppData\Local\ttrqw.bat [2014-07-05] ()
Task: {EC9ECA81-CAB8-4921-BD1F-560582C5F1D1} - System32\Tasks\acfqt => C:\Users\Basti\AppData\Local\acfqt.bat [2014-07-05] ()
Task: {EE2E98CA-088E-4A7A-A4EF-609DA0F553F3} - System32\Tasks\bfycpdo => C:\Users\Basti\AppData\Local\bfycpdo.bat [2014-07-05] ()
Task: {EF6BC834-2072-4198-8920-9A7860FC9DFD} - System32\Tasks\owxhp => C:\Users\Basti\AppData\Local\owxhp.bat [2014-07-05] ()
Task: {EFC2EA28-1437-4AC3-868C-AA54F0F0E809} - System32\Tasks\xhraenx => C:\Users\Basti\AppData\Local\xhraenx.bat [2014-07-05] ()
Task: {F0584815-6460-4061-819E-1FB24FCCC179} - System32\Tasks\wgpehq => C:\Users\Basti\AppData\Local\wgpehq.bat [2014-07-05] ()
Task: {F0C9E158-E078-46DA-A8C6-36833C9437E1} - System32\Tasks\xactce => C:\Users\Basti\AppData\Local\xactce.bat [2014-07-05] ()
Task: {F127C56B-C1A3-4EBC-ADF7-263B883DD7E2} - System32\Tasks\edettk => C:\Users\Basti\AppData\Local\edettk.bat [2014-07-05] ()
Task: {F17D9EFC-23F8-4FB8-8D5C-12091C24E680} - System32\Tasks\nnneedd => C:\Users\Basti\AppData\Local\nnneedd.bat [2014-07-05] ()
Task: {F1AC37E1-85A4-4C22-AD0C-352190387655} - System32\Tasks\agchupv => C:\Users\Basti\AppData\Local\agchupv.bat [2014-07-05] ()
Task: {F1DAF2B4-74EA-4610-B2E6-8477E0AC7702} - System32\Tasks\adgrdg => C:\Users\Basti\AppData\Local\adgrdg.bat [2014-07-04] ()
Task: {F244E76A-2777-42FA-A90E-A7F5521B7E09} - System32\Tasks\pirtm => C:\Users\Basti\AppData\Local\pirtm.bat [2014-07-05] ()
Task: {F25035BA-42D5-4162-82AB-9779DD2E18D6} - System32\Tasks\jfimplh => C:\Users\Basti\AppData\Local\jfimplh.bat [2014-07-05] ()
Task: {F4565C81-BC6A-4CC3-BC9E-3BB6D5AA4C8C} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {F4FEA218-4351-4430-94AF-753074B5898F} - System32\Tasks\zmrei => C:\Users\Basti\AppData\Local\zmrei.bat [2014-07-05] ()
Task: {F6DFCFA7-14B5-41B9-B583-17ECA6B22175} - System32\Tasks\jfqmpk => C:\Users\Basti\AppData\Local\jfqmpk.bat [2014-07-05] ()
Task: {F71D0068-05D7-4183-B0BF-AA13A97EFC5C} - System32\Tasks\rwinaej => C:\Users\Basti\AppData\Local\rwinaej.bat [2014-07-05] ()
Task: {F7994A9D-9D32-4520-A62B-08DDAEED0DFD} - System32\Tasks\trpntrp => C:\Users\Basti\AppData\Local\trpntrp.bat [2014-07-05] ()
Task: {F7B12CBE-1B58-4F55-A124-8A2E1303F5F0} - System32\Tasks\pasbk => C:\Users\Basti\AppData\Local\pasbk.bat [2014-07-05] ()
Task: {F7C2CB3B-461A-4005-8C8F-35F47C541D7D} - System32\Tasks\hirtt => C:\Users\Basti\AppData\Local\hirtt.bat [2014-07-05] ()
Task: {F9155335-4A87-401A-8FA1-6BA5C09DF833} - System32\Tasks\vltjyh => C:\Users\Basti\AppData\Local\vltjyh.bat [2014-07-05] ()
Task: {F9E8F6F4-4144-41EA-B979-48EE68E0C6D1} - System32\Tasks\spurw => C:\Users\Basti\AppData\Local\spurw.bat [2014-07-05] ()
Task: {FB69B3E2-8B18-4EF8-BCFE-683E7D718A52} - System32\Tasks\biwery => C:\Users\Basti\AppData\Local\biwery.bat [2014-07-05] ()
Task: {FB853B70-DD60-42A4-87F6-548945DBBD59} - System32\Tasks\erhfbrg => C:\Users\Basti\AppData\Local\erhfbrg.bat [2014-07-05] ()
Task: {FD2C84E9-B8F5-4A21-98BE-294A9A2B77F9} - System32\Tasks\yefrv => C:\Users\Basti\AppData\Local\yefrv.bat [2014-07-05] ()
Task: {FD52F25C-08AB-479C-ABB8-73EFCBF9D27A} - System32\Tasks\paalgxsc => C:\Users\Basti\AppData\Local\paalgxsc.bat [2014-07-05] ()
Task: {FD63E042-B990-4787-A479-35703D04AF10} - System32\Tasks\znamat => C:\Users\Basti\AppData\Local\znamat.bat [2014-07-05] ()
Task: {FDD55135-4472-4F79-BE78-176B0FB75398} - System32\Tasks\aupjdas => C:\Users\Basti\AppData\Local\aupjdas.bat [2014-07-05] ()
Task: {FE23E41C-AAC1-46B5-BCC1-2CC16067C9D3} - System32\Tasks\aauoiu => C:\Users\Basti\AppData\Local\aauoiu.bat [2014-07-05] ()
Task: {FE24DA0B-2DC2-4AC9-A926-49F4F5AFB21C} - System32\Tasks\wxiiiy => C:\Users\Basti\AppData\Local\wxiiiy.bat [2014-07-04] ()
Task: {FE6D8FBA-C225-4D94-8CD7-DA0F5616E4F4} - System32\Tasks\ttrqx => C:\Users\Basti\AppData\Local\ttrqx.bat [2014-07-05] ()
Task: {FE83967D-124F-4CB9-9F49-9C84C3D702A3} - System32\Tasks\regrbg => C:\Users\Basti\AppData\Local\regrbg.bat [2014-07-05] ()
Task: {FEA6F03A-9CF1-4DAA-92C6-BAF9126113BF} - System32\Tasks\pjlfhbd => C:\Users\Basti\AppData\Local\pjlfhbd.bat [2014-07-05] ()
Task: {FEB463DD-0970-42B7-87C7-80540ED4A7A2} - System32\Tasks\xqasl => C:\Users\Basti\AppData\Local\xqasl.bat [2014-07-05] ()
Task: {FF94778D-DEC3-4DCA-A75B-7862BF512310} - System32\Tasks\cedcyh => C:\Users\Basti\AppData\Local\cedcyh.bat [2014-07-05] ()
Task: {FFBE9865-E365-4187-8D79-87977238992D} - System32\Tasks\ucjxx => C:\Users\Basti\AppData\Local\ucjxx.bat [2014-07-05] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-07-17 20:41 - 2011-06-20 16:28 - 00078448 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-07-17 20:41 - 2011-06-20 16:28 - 00386160 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2013-07-17 20:41 - 2011-06-20 16:28 - 00621168 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2014-04-17 22:29 - 2014-04-17 22:29 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\kpcengine.2.3.dll
2013-08-22 12:52 - 2013-08-22 12:52 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-08-22 12:53 - 2013-08-22 12:53 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-09-03 19:48 - 2014-09-17 16:08 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-09-03 19:48 - 2014-09-17 16:08 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-09-03 19:48 - 2014-09-17 16:08 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-09-03 19:48 - 2014-09-17 16:08 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-09-03 19:48 - 2014-09-17 16:08 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-09-03 19:48 - 2014-09-17 16:08 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-09-03 19:48 - 2014-09-17 16:08 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-09-03 19:48 - 2014-09-17 16:08 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2013-08-22 12:51 - 2013-08-22 12:51 - 00036672 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2013-01-10 13:43 - 2013-01-10 13:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-09-12 21:04 - 2014-09-19 16:18 - 03734640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00699072 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-09-12 20:39 - 2014-09-12 20:39 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
2013-08-07 17:07 - 2013-08-07 17:07 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\Basti\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Basti\AppData\Roaming:NT

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/23/2014 06:05:25 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\DealPlyLiveHelper.msi

Error: (09/23/2014 05:05:01 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\DealPlyLiveHelper.msi

Error: (09/23/2014 04:41:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.2.5373, Zeitstempel: 0x541a8277
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.2.5373, Zeitstempel: 0x541a4d44
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1a24
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (09/23/2014 04:41:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.2.5373, Zeitstempel: 0x541a8277
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.2.5373, Zeitstempel: 0x541a4d44
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0xe60
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (09/23/2014 04:41:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.2.5373, Zeitstempel: 0x541a8277
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.2.5373, Zeitstempel: 0x541a4d44
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x14ec
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (09/23/2014 04:05:03 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\DealPlyLiveHelper.msi

Error: (09/23/2014 03:05:10 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\DealPlyLiveHelper.msi

Error: (09/23/2014 04:05:01 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\DealPlyLiveHelper.msi

Error: (09/23/2014 03:05:01 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\DealPlyLiveHelper.msi

Error: (09/23/2014 02:05:06 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\DealPlyLiveHelper.msi


System errors:
=============
Error: (09/23/2014 02:33:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sfdrv01a

Error: (09/23/2014 02:32:54 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber sfdrv01a.sys konnte nicht geladen werden.

Error: (09/22/2014 08:01:40 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Acronis Sync Agent Service" wurde nicht richtig gestartet.

Error: (09/22/2014 07:56:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sfdrv01a

Error: (09/22/2014 07:55:31 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber sfdrv01a.sys konnte nicht geladen werden.

Error: (09/21/2014 08:40:40 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Acronis Sync Agent Service" wurde nicht richtig gestartet.

Error: (09/21/2014 08:36:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sfdrv01a

Error: (09/21/2014 08:35:22 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber sfdrv01a.sys konnte nicht geladen werden.

Error: (09/19/2014 11:21:13 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk2\DR2.

Error: (09/19/2014 09:56:48 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.


Microsoft Office Sessions:
=========================
Error: (09/23/2014 06:05:25 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\DealPlyLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/23/2014 05:05:01 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\DealPlyLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/23/2014 04:41:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.2.5373541a8277mozalloc.dll32.0.2.5373541a4d44800000030000141b1a2401cfd72d918f3be3C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb92bd3ef-432f-11e4-a45e-bc5ff4322554

Error: (09/23/2014 04:41:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.2.5373541a8277mozalloc.dll32.0.2.5373541a4d44800000030000141be6001cfd72d8a072c35C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb8297116-432f-11e4-a45e-bc5ff4322554

Error: (09/23/2014 04:41:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.2.5373541a8277mozalloc.dll32.0.2.5373541a4d44800000030000141b14ec01cfd72d8a237c22C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb6c252e1-432f-11e4-a45e-bc5ff4322554

Error: (09/23/2014 04:05:03 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\DealPlyLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/23/2014 03:05:10 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\DealPlyLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/23/2014 04:05:01 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\DealPlyLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/23/2014 03:05:01 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\DealPlyLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/23/2014 02:05:06 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\DealPlyLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)


==================== Memory info =========================== 

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
Percentage of memory in use: 53%
Total physical RAM: 4095.24 MB
Available physical RAM: 1921.53 MB
Total Pagefile: 8188.63 MB
Available Pagefile: 5296.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:24.51 GB) (Free:1.53 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:13.67 GB) (Free:4.6 GB) NTFS
Drive g: () (Fixed) (Total:37.27 GB) (Free:29.95 GB) NTFS
Drive h: () (Fixed) (Total:29.3 GB) (Free:5.97 GB) NTFS
Drive j: () (Fixed) (Total:53.62 GB) (Free:18.77 GB) NTFS
Drive k: () (Fixed) (Total:31.48 GB) (Free:6.41 GB) NTFS
Drive m: (Volume) (Fixed) (Total:120 GB) (Free:119.91 GB) NTFS
Drive q: (Volume) (Fixed) (Total:555.35 GB) (Free:528.26 GB) NTFS
Drive r: (Volume) (Fixed) (Total:256.16 GB) (Free:89.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 38.3 GB) (Disk ID: A4FEA4FE)
Partition 1: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=24.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 114.5 GB) (Disk ID: 43422AF6)
Partition 1: (Active) - (Size=29.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=85.1 GB) - (Type=05)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 09BF8012)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42)

========================================================
Disk: 3 (Size: 37.3 GB) (Disk ID: B42DB42D)
Partition 1: (Not Active) - (Size=37.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 24.09.2014, 11:44

Zitat:

Google Update Helper

Yahoo Community Smartbar Engine (HKCU\...\{c84bcc99-d395-4d8e-a9a7-d8261e459927}) (Version: 11.63.66.17714 - Linkury Inc.) <==== ATTENTION

Adware & Co. deinstallieren

Lade Dir bitte von hier Revo Uninstaller herunter.
Installiere und starte das Programm.
Suche im Uninstallerfeld nach den Programmen, die unter:

diesen Zusatz haben:
Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

RDC · 24.09.2014, 16:15

Combofix Log:

Code:

ATTFilter

ComboFix 14-09-22.01 - Basti 24.09.2014  16:37:17.1.2 - x64
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.49.1031.18.4095.2724 [GMT 2:00]
ausgeführt von:: c:\users\Basti\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
SP: Kaspersky Anti-Virus *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\374311380
c:\users\Basti\AppData\Local\lame_enc.dll
c:\users\Basti\AppData\Local\no23xwrapper.dll
c:\users\Basti\AppData\Local\ogg.dll
c:\users\Basti\AppData\Local\vorbis.dll
c:\users\Basti\AppData\Local\vorbisenc.dll
c:\users\Basti\AppData\Local\vorbisfile.dll
c:\windows\apppatch\AppLoc.exe
c:\windows\apppatch\AppLocA.exe
c:\windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb
c:\windows\apppatch\unins000.dat
c:\windows\apppatch\unins000.exe
E:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-08-24 bis 2014-09-24  ))))))))))))))))))))))))))))))
.
.
2014-09-24 14:49 . 2014-09-24 14:49	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-09-23 16:04 . 2014-09-23 16:06	--------	d-----w-	C:\FRST
2014-09-19 14:18 . 2014-09-19 14:18	--------	d-----w-	c:\users\Basti\AppData\Local\Tempefae60dad426085842d9656a9d4eb204
2014-09-16 16:14 . 2014-09-16 16:18	--------	d-----w-	C:\AdwCleaner
2014-09-15 13:50 . 2014-09-15 13:50	367200	----a-w-	c:\windows\system32\drivers\afcdp.sys
2014-09-15 13:50 . 2014-09-15 13:50	1464096	----a-w-	c:\windows\system32\drivers\tdrpman.sys
2014-09-15 13:50 . 2014-09-15 13:50	183224	----a-w-	c:\windows\system32\drivers\tib_mounter.sys
2014-09-15 13:50 . 2014-09-15 13:50	1120032	----a-w-	c:\windows\system32\drivers\tib.sys
2014-09-15 13:50 . 2014-09-15 13:50	161568	----a-w-	c:\windows\system32\drivers\vididr.sys
2014-09-15 13:50 . 2014-09-15 13:50	117024	----a-w-	c:\windows\system32\drivers\vidsflt.sys
2014-09-15 13:50 . 2014-09-15 13:50	269600	----a-w-	c:\windows\system32\drivers\snapman.sys
2014-09-15 13:50 . 2014-09-15 13:50	116000	----a-w-	c:\windows\system32\drivers\fltsrv.sys
2014-09-15 13:49 . 2014-09-15 13:50	--------	d-----w-	c:\program files (x86)\Common Files\Acronis
2014-09-15 13:49 . 2014-09-15 13:49	--------	d-----w-	c:\program files (x86)\Acronis
2014-09-03 18:14 . 2011-02-18 13:07	447752	----a-w-	c:\windows\SysWow64\vp6vfw.dll
2014-09-03 17:51 . 2014-09-03 17:51	--------	d-----w-	c:\program files (x86)\Origin Games
2014-09-03 17:48 . 2014-09-04 16:02	--------	d-----w-	c:\users\Basti\AppData\Roaming\Origin
2014-09-03 17:48 . 2014-09-03 17:51	--------	d-----w-	c:\users\Basti\AppData\Local\Origin
2014-09-03 17:44 . 2014-09-24 13:46	--------	d-----w-	c:\program files (x86)\Origin
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-24 14:16 . 2014-07-05 13:41	122584	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-09-12 18:39 . 2014-08-07 14:06	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-12 18:39 . 2014-08-07 14:06	701104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-06 14:07 . 2014-08-06 14:07	1970176	----a-w-	c:\windows\SysWow64\D3DX9.dll
2014-07-05 14:07 . 2014-07-05 14:07	267	----a-w-	c:\users\Basti\AppData\Local\asugat.bat
2014-07-05 14:05 . 2014-07-05 14:05	267	----a-w-	c:\users\Basti\AppData\Local\nmlcbba.bat
2014-07-05 14:03 . 2014-07-05 14:03	267	----a-w-	c:\users\Basti\AppData\Local\uedkkahh.bat
2014-07-05 14:01 . 2014-07-05 14:01	267	----a-w-	c:\users\Basti\AppData\Local\bocpkx.bat
2014-07-05 13:59 . 2014-07-05 13:59	267	----a-w-	c:\users\Basti\AppData\Local\nmmml.bat
2014-07-05 13:57 . 2014-07-05 13:57	267	----a-w-	c:\users\Basti\AppData\Local\fepharyj.bat
2014-07-05 13:55 . 2014-07-05 13:55	267	----a-w-	c:\users\Basti\AppData\Local\seyexko.bat
2014-07-05 13:53 . 2014-07-05 13:53	267	----a-w-	c:\users\Basti\AppData\Local\kodhei.bat
2014-07-05 13:51 . 2014-07-05 13:51	267	----a-w-	c:\users\Basti\AppData\Local\lljahev.bat
2014-07-05 13:49 . 2014-07-05 13:49	267	----a-w-	c:\users\Basti\AppData\Local\cckzowdl.bat
2014-07-05 13:47 . 2014-07-05 13:47	267	----a-w-	c:\users\Basti\AppData\Local\piqscudg.bat
2014-07-05 13:45 . 2014-07-05 13:45	267	----a-w-	c:\users\Basti\AppData\Local\oqxbbc.bat
2014-07-05 13:43 . 2014-07-05 13:43	267	----a-w-	c:\users\Basti\AppData\Local\jfbmi.bat
2014-07-05 13:41 . 2014-07-05 13:41	267	----a-w-	c:\users\Basti\AppData\Local\wgwfxix.bat
2014-07-05 13:38 . 2014-07-05 13:38	267	----a-w-	c:\users\Basti\AppData\Local\fzslf.bat
2014-07-05 13:36 . 2014-07-05 13:36	267	----a-w-	c:\users\Basti\AppData\Local\rnjvqnyu.bat
2014-07-05 13:34 . 2014-07-05 13:34	267	----a-w-	c:\users\Basti\AppData\Local\gohhp.bat
2014-07-05 13:32 . 2014-07-05 13:32	267	----a-w-	c:\users\Basti\AppData\Local\hikcd.bat
2014-07-05 13:30 . 2014-07-05 13:30	267	----a-w-	c:\users\Basti\AppData\Local\ceahd.bat
2014-07-05 13:28 . 2014-07-05 13:28	267	----a-w-	c:\users\Basti\AppData\Local\aavaivd.bat
2014-07-05 13:26 . 2014-07-05 13:26	267	----a-w-	c:\users\Basti\AppData\Local\mdkjpgml.bat
2014-07-05 13:24 . 2014-07-05 13:24	267	----a-w-	c:\users\Basti\AppData\Local\xbmwad.bat
2014-07-05 13:22 . 2014-07-05 13:22	267	----a-w-	c:\users\Basti\AppData\Local\qtvyjlor.bat
2014-07-05 13:20 . 2014-07-05 13:20	267	----a-w-	c:\users\Basti\AppData\Local\uuttaby.bat
2014-07-05 13:18 . 2014-07-05 13:18	267	----a-w-	c:\users\Basti\AppData\Local\vdraixf.bat
2014-07-05 13:16 . 2014-07-05 13:16	267	----a-w-	c:\users\Basti\AppData\Local\dbsba.bat
2014-07-05 13:14 . 2014-07-05 13:14	267	----a-w-	c:\users\Basti\AppData\Local\swjnb.bat
2014-07-05 13:12 . 2014-07-05 13:12	267	----a-w-	c:\users\Basti\AppData\Local\ngnnumuu.bat
2014-07-05 13:10 . 2014-07-05 13:10	267	----a-w-	c:\users\Basti\AppData\Local\qniehe.bat
2014-07-05 13:07 . 2014-07-05 13:07	267	----a-w-	c:\users\Basti\AppData\Local\cljrpd.bat
2014-07-05 13:05 . 2014-07-05 13:05	267	----a-w-	c:\users\Basti\AppData\Local\fjcngy.bat
2014-07-05 13:03 . 2014-07-05 13:03	267	----a-w-	c:\users\Basti\AppData\Local\gatmg.bat
2014-07-05 13:01 . 2014-07-05 13:01	267	----a-w-	c:\users\Basti\AppData\Local\reykgr.bat
2014-07-05 12:59 . 2014-07-05 12:59	267	----a-w-	c:\users\Basti\AppData\Local\prteea.bat
2014-07-05 12:57 . 2014-07-05 12:57	267	----a-w-	c:\users\Basti\AppData\Local\lbhfk.bat
2014-07-05 12:55 . 2014-07-05 12:55	267	----a-w-	c:\users\Basti\AppData\Local\caebgar.bat
2014-07-05 12:53 . 2014-07-05 12:53	267	----a-w-	c:\users\Basti\AppData\Local\srddhf.bat
2014-07-05 12:51 . 2014-07-05 12:51	267	----a-w-	c:\users\Basti\AppData\Local\bncpbp.bat
2014-07-05 12:49 . 2014-07-05 12:49	267	----a-w-	c:\users\Basti\AppData\Local\wijsdnwy.bat
2014-07-05 12:47 . 2014-07-05 12:47	267	----a-w-	c:\users\Basti\AppData\Local\khlquro.bat
2014-07-05 12:45 . 2014-07-05 12:45	267	----a-w-	c:\users\Basti\AppData\Local\zercimyd.bat
2014-07-05 12:43 . 2014-07-05 12:43	267	----a-w-	c:\users\Basti\AppData\Local\qdfsoaep.bat
2014-07-05 12:41 . 2014-07-05 12:41	267	----a-w-	c:\users\Basti\AppData\Local\diddyfaj.bat
2014-07-05 12:39 . 2014-07-05 12:39	267	----a-w-	c:\users\Basti\AppData\Local\xqasl.bat
2014-07-05 12:37 . 2014-07-05 12:37	267	----a-w-	c:\users\Basti\AppData\Local\wgqajs.bat
2014-07-05 12:34 . 2014-07-05 12:34	267	----a-w-	c:\users\Basti\AppData\Local\owgemu.bat
2014-07-05 12:32 . 2014-07-05 12:32	267	----a-w-	c:\users\Basti\AppData\Local\wwhhh.bat
2014-07-05 12:30 . 2014-07-05 12:30	267	----a-w-	c:\users\Basti\AppData\Local\aavhcd.bat
2014-07-05 12:28 . 2014-07-05 12:28	267	----a-w-	c:\users\Basti\AppData\Local\ebaxv.bat
2014-07-05 12:26 . 2014-07-05 12:26	267	----a-w-	c:\users\Basti\AppData\Local\wnwnwn.bat
2014-07-05 12:24 . 2014-07-05 12:24	267	----a-w-	c:\users\Basti\AppData\Local\fnvgfmv.bat
2014-07-05 12:22 . 2014-07-05 12:22	267	----a-w-	c:\users\Basti\AppData\Local\dfoeuf.bat
2014-07-05 12:20 . 2014-07-05 12:20	267	----a-w-	c:\users\Basti\AppData\Local\wgjzjlb.bat
2014-07-05 12:18 . 2014-07-05 12:18	267	----a-w-	c:\users\Basti\AppData\Local\czwmjxc.bat
2014-07-05 12:16 . 2014-07-05 12:16	267	----a-w-	c:\users\Basti\AppData\Local\hqjtu.bat
2014-07-05 12:14 . 2014-07-05 12:14	267	----a-w-	c:\users\Basti\AppData\Local\qbcmvfj.bat
2014-07-05 12:12 . 2014-07-05 12:12	267	----a-w-	c:\users\Basti\AppData\Local\tyfrhlye.bat
2014-07-05 12:10 . 2014-07-05 12:10	267	----a-w-	c:\users\Basti\AppData\Local\iterdo.bat
2014-07-05 12:08 . 2014-07-05 12:08	267	----a-w-	c:\users\Basti\AppData\Local\qsufhkm.bat
2014-07-05 12:06 . 2014-07-05 12:06	267	----a-w-	c:\users\Basti\AppData\Local\esjbhen.bat
2014-07-05 12:03 . 2014-07-05 12:03	267	----a-w-	c:\users\Basti\AppData\Local\qcueqcfp.bat
2014-07-05 12:01 . 2014-07-05 12:01	267	----a-w-	c:\users\Basti\AppData\Local\ofmtudlc.bat
2014-07-05 11:59 . 2014-07-05 11:59	267	----a-w-	c:\users\Basti\AppData\Local\tchnubh.bat
2014-07-05 11:57 . 2014-07-05 11:57	267	----a-w-	c:\users\Basti\AppData\Local\befcd.bat
2014-07-05 11:55 . 2014-07-05 11:55	267	----a-w-	c:\users\Basti\AppData\Local\ndjjpef.bat
2014-07-05 11:53 . 2014-07-05 11:53	267	----a-w-	c:\users\Basti\AppData\Local\laxdbge.bat
2014-07-05 11:51 . 2014-07-05 11:51	267	----a-w-	c:\users\Basti\AppData\Local\xhyctd.bat
2014-07-05 11:49 . 2014-07-05 11:49	267	----a-w-	c:\users\Basti\AppData\Local\cnbobvjw.bat
2014-07-05 11:47 . 2014-07-05 11:47	267	----a-w-	c:\users\Basti\AppData\Local\itvqce.bat
2014-07-05 11:45 . 2014-07-05 11:45	267	----a-w-	c:\users\Basti\AppData\Local\cgbxmqfb.bat
2014-07-05 11:43 . 2014-07-05 11:43	267	----a-w-	c:\users\Basti\AppData\Local\kvavalpl.bat
2014-07-05 11:41 . 2014-07-05 11:41	267	----a-w-	c:\users\Basti\AppData\Local\ebbihfv.bat
2014-07-05 11:39 . 2014-07-05 11:39	267	----a-w-	c:\users\Basti\AppData\Local\ullcqa.bat
2014-07-05 11:37 . 2014-07-05 11:37	267	----a-w-	c:\users\Basti\AppData\Local\ucjxx.bat
2014-07-05 11:34 . 2014-07-05 11:34	267	----a-w-	c:\users\Basti\AppData\Local\cfmiet.bat
2014-07-05 11:32 . 2014-07-05 05:04	267	----a-w-	c:\users\Basti\AppData\Local\xqtmwh.bat
2014-07-05 11:30 . 2014-07-05 11:30	267	----a-w-	c:\users\Basti\AppData\Local\xparkat.bat
2014-07-05 11:28 . 2014-07-05 11:28	267	----a-w-	c:\users\Basti\AppData\Local\crhwmb.bat
2014-07-05 11:26 . 2014-07-05 11:26	267	----a-w-	c:\users\Basti\AppData\Local\hauga.bat
2014-07-05 11:24 . 2014-07-05 11:24	267	----a-w-	c:\users\Basti\AppData\Local\eqbblc.bat
2014-07-05 11:22 . 2014-07-05 11:22	267	----a-w-	c:\users\Basti\AppData\Local\bnzgs.bat
2014-07-05 11:20 . 2014-07-05 11:20	267	----a-w-	c:\users\Basti\AppData\Local\goxir.bat
2014-07-05 11:18 . 2014-07-05 11:18	267	----a-w-	c:\users\Basti\AppData\Local\koswbos.bat
2014-07-05 11:16 . 2014-07-05 11:16	267	----a-w-	c:\users\Basti\AppData\Local\cxmbx.bat
2014-07-05 11:14 . 2014-07-05 11:14	267	----a-w-	c:\users\Basti\AppData\Local\wfodn.bat
2014-07-05 11:12 . 2014-07-05 11:12	267	----a-w-	c:\users\Basti\AppData\Local\difkhmjo.bat
2014-07-05 11:10 . 2014-07-05 11:10	267	----a-w-	c:\users\Basti\AppData\Local\aiekxubh.bat
2014-07-05 11:08 . 2014-07-05 11:08	267	----a-w-	c:\users\Basti\AppData\Local\icwrmgb.bat
2014-07-05 11:06 . 2014-07-05 11:06	267	----a-w-	c:\users\Basti\AppData\Local\fwogepoe.bat
2014-07-05 11:04 . 2014-07-05 11:04	267	----a-w-	c:\users\Basti\AppData\Local\hcdxb.bat
2014-07-05 11:02 . 2014-07-05 11:02	267	----a-w-	c:\users\Basti\AppData\Local\thbio.bat
2014-07-05 11:00 . 2014-07-05 11:00	267	----a-w-	c:\users\Basti\AppData\Local\pirtm.bat
2014-07-05 10:58 . 2014-07-05 10:58	267	----a-w-	c:\users\Basti\AppData\Local\ilnac.bat
2014-07-05 10:55 . 2014-07-05 10:55	267	----a-w-	c:\users\Basti\AppData\Local\tciodc.bat
2014-07-05 10:53 . 2014-07-05 10:53	267	----a-w-	c:\users\Basti\AppData\Local\hjcen.bat
2014-07-05 10:51 . 2014-07-05 10:51	267	----a-w-	c:\users\Basti\AppData\Local\wiktvehs.bat
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="e:\kies\Kies.exe" [2013-07-26 1564016]
"BitTorrent"="c:\users\Basti\AppData\Roaming\BitTorrent\BitTorrent.exe" [2014-09-23 1417048]
"Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2014-07-30 55360]
"Argus Monitor"="c:\program files (x86)\ArgusMonitor\ArgusMonitor.exe" [2014-08-21 2478688]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-09-17 3600216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2011-06-20 5199984]
"KiesTrayAgent"="e:\kies\KiesTrayAgent.exe" [2013-07-26 311152]
"Kepard"="c:\program files (x86)\Kepard\Kepard.exe" [2013-03-05 746496]
"Smart File Advisor"="c:\program files (x86)\Smart File Advisor\sfa.exe" [2013-11-26 283712]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2014-05-28 455512]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-04-17 767200]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2013-08-22 7818392]
"AcronisTibMounterMonitor"="c:\program files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe" [2013-01-10 1105848]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
.
c:\users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2014-8-13 576000]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Monitor Apache Servers.lnk - c:\program files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe [2013-7-10 41051]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys;c:\windows\SYSNATIVE\drivers\sfdrv01a.sys [x]
R2 AVP15.0.0;Kaspersky Anti-Virus Service 15.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R3 ArgusMonitor;ArgusMonitor kernel mode driver;SysWOW64\drivers\ArgusMonitor.sys;SysWOW64\drivers\ArgusMonitor.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 usbrndis6;USB-RNDIS6-Adapter;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\windows\SYSNATIVE\DRIVERS\tib.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\DRIVERS\vidsflt.sys;c:\windows\SYSNATIVE\DRIVERS\vidsflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 Apache2.2;Apache2.2;c:\program files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe;c:\program files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-09-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-07 18:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2013-08-07 15:04	2827776	----a-w-	c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2013-08-07 15:04	2827776	----a-w-	c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2013-08-07 15:04	2827776	----a-w-	c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VIAAUD"="c:\program files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe" [2011-06-20 647280]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2013-07-18 519408]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: {{c0e8ae32-0758-4c8d-ab71-23b361fe8964} - c:\users\Basti\AppData\Local\Temp\ie_script.htm
IE: {{C461FBFE-C0DE-4757-89DD-A5A833B9AC1F} - c:\program files (x86)\Crawler\Radio\CRadio.exe
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\
FF - prefs.js: browser.search.selectedEngine - SuchMaschine
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - user.js: plugin.state.npcontentblocker - 2
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1 - c:\windows\AppPatch\unins000.exe
AddRemove-{C461FBFE-C0DE-4757-89DD-A5A833B9AC1F}_is1 - c:\program files (x86)\Crawler\Radio\unins000.exe
AddRemove-{EAC2DDAB-5035-44EE-AA13-65D40CF46FF1} - c:\programdata\{3192C226-BD81-479F-822D-6CF72EE1AB45}\Kabel Deutschland.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2003444537-1590814705-579064181-1000\Software\SecuROM\License information*]
"datasecu"=hex:5a,11,3e,eb,ab,b4,a6,94,9c,20,fe,75,fe,22,ac,24,2e,5b,4f,f7,28,
   95,4c,90,d6,d1,8b,75,a5,a3,c3,72,44,29,b5,1d,fa,c1,51,ab,8d,b4,75,b0,c6,8c,\
"rkeysecu"=hex:7a,c3,5a,b6,ed,53,31,d6,d9,e8,a9,0d,97,c6,ff,72
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-09-24  17:07:39
ComboFix-quarantined-files.txt  2014-09-24 15:07
.
Vor Suchlauf: 1.655.255.040 Bytes frei
Nach Suchlauf: 1.599.348.736 Bytes frei
.
- - End Of File - - F53555D5C00F04DDB19FCC300A77468A
A36C5E4F47E84449FF07ED3517B43A31

schrauber · 25.09.2014, 08:53

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

RDC · 25.09.2014, 19:01

mbam-log:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 25.09.2014
Suchlauf-Zeit: 17:56:12
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.09.25.08
Rootkit Datenbank: v2014.09.19.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7
CPU: x64
Dateisystem: NTFS
Benutzer: Basti

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 340638
Verstrichene Zeit: 30 Min, 48 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 2
PUP.Optional.SupraSavings.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, In Quarantäne, [e89def003e3d191d8b99bb75f90adb25], 
PUP.Optional.MediaPlayer.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\video MediaPlay-Air, In Quarantäne, [1d68ad4287f44beb5d0724513bc94bb5], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 14
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com, Löschen bei Neustart, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome, Löschen bei Neustart, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content, Löschen bei Neustart, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\defaults, Löschen bei Neustart, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\defaults\preferences, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData, Löschen bei Neustart, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\userCode, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\locale, Löschen bei Neustart, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\locale\en-US, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air, In Quarantäne, [e1a4a9468bf0b680bc632ec517eb3dc3], 

Dateien: 119
PUP.Optional.crossRider.A, C:\Program Files (x86)\video MediaPlay-Air\utils.exe, In Quarantäne, [e2a3b23dc9b21c1aaf6bc17fc73927d9], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome.manifest, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\install.rdf, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\1dd992f7547eaf260bbf0a9e0517918c.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\1fda79d48c677c6a9d4295f529363a56.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\7a196fad243d198f4842bf14cde09737.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\950c7948444ea8bb81cd209054ed63a9.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\background.html, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\browser.xul, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\dialog.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\e1346409931b21a15bf5d3f5a9f22dea.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\ffCoreFilesIndex.txt, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\options.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\options.xul, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\search_dialog.xul, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\8623b23401314f7495be5866af8a11ed.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\0d05fea51e80d2cc1ee15684caee7520.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\3910fa8b5d4d106029ef02cfa9ca4f9e.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\3e0825f39af44cfaf82801e5ec0cf483.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\3e227fc05f9e42bbed4baa830f3bd634.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\4d6a14a5fdc28da660e781af0b4f0595.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\660fa44abcca7df384078b8945ec8e28.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\73ce35de0a853979b2bed30aa0ddb360.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\7402aa93aa68b986a18a86450fdc341a.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\94f86605aa021b604d96875d7c9b24d7.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\a330613fff5a34d444d12b4f93e36ac0.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\c501b3b2c86d3efdde5af18c789bf9cf.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\cdc15b2c9a9071af7a38accd13957408.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\eac7a804043bce810a0a0a123ae91b3a.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\f3ab7c114d1500b19f93e49dd70307e9.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\api\f43c1e846844190c0193ce821e776348.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\c1c42625ab21624602b62517257ebe2d.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\06765c282564279d6bc61392624b66dd.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\1a79392951235ceae811c90920878c25.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\1bd0a625e63d863fded3849ba7f6bce1.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\500e0b294c3aef319ad174cf7e1bf614.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\515efbc8c17f0f877e456c6c668ca4e2.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\54fca094089f467d010bc0268264a76b.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\6c3e5a825cca034d7d2ddcda9cdb68a6.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\8948f3bb9a3fbb7cd902c3abb71be147.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\8cb5f37ced37a7428ddd6c2afcb53e51.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\a1b4d5c34e6817cdb89eefcf96a27b17.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\b06d944c5188d6d276de572ffa4703a9.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\b58da866eaeb0963681626792c7cc94c.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\bc6421f2ba7c777d0136037d978ce6b7.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\cda63fe3cb2a8a7ed48dbb611e8691ad.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\e08b19a832188082537401648ab27a36.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\f0d771fa5a6aba655cd3f7afe859063a.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\f403476889d58c8a688d374c9cb903aa.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\f5276deaac41b98bf5ac3fc5e67eaf03.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\f82e73ea7f196d8ed6bacffb38b30375.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\chrome\content\core\installer.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\defaults\preferences\prefs.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\manifest.xml, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\1.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\102.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\104.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\13.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\14.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\16.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\17.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\177.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\182.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\183.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\184.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\191.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\193.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\195.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\207.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\21.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\211.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\22.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\220.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\221.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\226.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\242.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\244.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\246.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\262.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\263.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\268.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\28.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\281.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\287.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\4.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\47.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\64.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\7.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\72.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\78.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\9.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\91.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\93.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\plugins\98.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\userCode\background.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\extensionData\userCode\extension.js, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\locale\en-US\translations.dtd, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\button2.png, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\button3.png, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\button4.png, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\button5.png, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\crossrider_statusbar.png, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\icon128.png, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\icon16.png, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\icon24.png, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\icon48.png, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\panelarrow-up.png, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\popup.html, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\skin.css, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.CrossRider.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com\skin\update.css, In Quarantäne, [d4b1b23db5c6bd79d89ce0009a68a25e], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air\1293297481.mxaddon, In Quarantäne, [e1a4a9468bf0b680bc632ec517eb3dc3], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air\360-59599.crx, In Quarantäne, [e1a4a9468bf0b680bc632ec517eb3dc3], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air\59599.crx, In Quarantäne, [e1a4a9468bf0b680bc632ec517eb3dc3], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air\59599.xpi, In Quarantäne, [e1a4a9468bf0b680bc632ec517eb3dc3], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air\608a5b6e-31bc-437c-b648-74f74d890961.crx, In Quarantäne, [e1a4a9468bf0b680bc632ec517eb3dc3], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air\background.html, In Quarantäne, [e1a4a9468bf0b680bc632ec517eb3dc3], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air\bgNova.html, In Quarantäne, [e1a4a9468bf0b680bc632ec517eb3dc3], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air\Uninstall.exe, In Quarantäne, [e1a4a9468bf0b680bc632ec517eb3dc3], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air.ico, In Quarantäne, [e1a4a9468bf0b680bc632ec517eb3dc3], 

Physische Sektoren: 2
Forged physical sector, Physischer Sektor #80284384auf Festplatte #0, Ersetzen bei Neustart, [22d6ad31dccc9bec32faa6c6b45b4747], 
Forged physical sector, Physischer Sektor #80284640auf Festplatte #0, Ersetzen bei Neustart, [22d6ad31dccc9bec32faa6c6b45b4747], 


(end)

adw-log:

Code:

ATTFilter

# AdwCleaner v3.310 - Bericht erstellt am 25/09/2014 um 19:38:42
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate  (64 bits)
# Benutzername : Basti - BASTI-PC
# Gestartet von : C:\Users\Basti\Desktop\AdwCleaner_3.310.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

[!] Ordner Gelöscht : C:\Users\Basti\AppData\Roaming\Security Systems
Datei Gelöscht : C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\user.js

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v8.0.7600.16385


-\\ Mozilla Firefox v32.0.2 (x86 de)

[ Datei : C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [36923 octets] - [16/09/2014 18:14:31]
AdwCleaner[R1].txt - [1226 octets] - [25/09/2014 19:32:49]
AdwCleaner[R2].txt - [1286 octets] - [25/09/2014 19:37:52]
AdwCleaner[S0].txt - [34986 octets] - [16/09/2014 18:17:41]
AdwCleaner[S1].txt - [1211 octets] - [25/09/2014 19:38:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1271 octets] ##########

jrt-log:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.2.0 (09.22.2014:1)
OS: Windows 7 Ultimate x64
Ran by Basti on 25.09.2014 at 19:47:54,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Users\Basti\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Basti\music\qtrax media library"



~~~ FireFox

Successfully deleted the following from C:\Users\Basti\AppData\Roaming\mozilla\firefox\profiles\rrsi464f.default\prefs.js

user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.value", "%22var%20adsDe
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"
Emptied folder: C:\Users\Basti\AppData\Roaming\mozilla\firefox\profiles\rrsi464f.default\minidumps [68 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.09.2014 at 19:52:14,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST-log:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-09-2014 01
Ran by Basti (administrator) on BASTI-PC on 25-09-2014 19:53:36
Running from C:\Users\Basti\Desktop
Loaded Profile: Basti (Available profiles: Basti)
Platform: Windows 7 Ultimate (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apache Software Foundation) C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Apache Software Foundation) C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\viaaud.exe
(Apache Software Foundation) C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VIAAUD] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe [647280 2011-06-20] (VIA)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5199984 2011-06-20] (VIA)
HKLM-x32\...\Run: [KiesTrayAgent] => E:\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Kepard] => C:\Program Files (x86)\Kepard\Kepard.exe [746496 2013-03-05] (Kepard)
HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [283712 2013-11-26] (Filefacts.net)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7818392 2013-08-22] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [KiesPreload] => E:\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [BitTorrent] => C:\Users\Basti\AppData\Roaming\BitTorrent\BitTorrent.exe [1417048 2014-09-23] (BitTorrent Inc.)
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-07-30] (Raptr, Inc)
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [Argus Monitor] => C:\Program Files (x86)\ArgusMonitor\ArgusMonitor.exe [2478688 2014-08-21] ()
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600216 2014-09-17] (Electronic Arts)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Apache Servers.lnk
ShortcutTarget: Monitor Apache Servers.lnk -> C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe (Apache Software Foundation)
Startup: C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {79292252-2B1B-485E-BC6C-30504604F227} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {79292252-2B1B-485E-BC6C-30504604F227} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - No Name - {A13C2648-91D4-4bf3-BC6D-0079707C4389} -  No File
Toolbar: HKCU - No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default
FF DefaultSearchEngine: SuchMaschine
FF SearchEngineOrder.1: SuchMaschine
FF SelectedSearchEngine: SuchMaschine
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Basti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
FF SearchPlugin: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Plus-HD-1.3c - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\Extensions\UNGEDRJW444405@LS70886362.com [2014-08-06]
FF Extension: BugMeNot Plugin - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\Extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi [2014-09-23]
FF Extension: Adblock Plus - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-23]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Modul zum Sperren von gefährlichen Webseiten - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtuelle Tastatur - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址過濾 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-21]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSearchKeyword: Default -> suchmaschine
CHR DefaultSearchURL: Default -> hxxp://www.sm.de/?q={searchTerms}
CHR DefaultSuggestURL: Default -> 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Unity Player) - C:\Users\Basti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Profile: C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]
CHR Extension: (Google Drive) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-15]
CHR Extension: (YouTube) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Google Search) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-09-23]
CHR Extension: (Google Wallet) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Extension: (Amazon) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2014-09-23]
CHR Extension: (Gmail) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho []
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Basti\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-09-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apache2.2; C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [20549 2013-07-10] (Apache Software Foundation) [File not signed]
S2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2143072 2012-05-29] (TuneUp Software)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-06-14] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ArgusMonitor; C:\Windows\SysWow64\drivers\ArgusMonitor.sys [74360 2014-02-28] (Argotronic UG (haftungsbeschraenkt))
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-04] (Disc Soft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [140352 2014-09-21] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [792128 2014-09-21] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce))
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-09-15] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-09-15] (Acronis)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-11-08] (TuneUp Software)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2009-07-14] (Microsoft Corporation)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-09-15] (Acronis International GmbH)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 19:53 - 2014-09-25 19:53 - 00020078 _____ () C:\Users\Basti\Desktop\FRST.txt
2014-09-25 19:53 - 2014-09-25 19:53 - 00000000 ____D () C:\Users\Basti\Desktop\FRST-OlderVersion
2014-09-25 19:52 - 2014-09-25 19:52 - 00001433 _____ () C:\Users\Basti\Desktop\JRT.txt
2014-09-25 19:47 - 2014-09-25 19:47 - 00000000 ____D () C:\Windows\ERUNT
2014-09-25 19:46 - 2014-09-25 19:46 - 01024790 _____ (Thisisu) C:\Users\Basti\Desktop\JRT.exe
2014-09-25 19:31 - 2014-09-25 19:31 - 01373475 _____ () C:\Users\Basti\Desktop\AdwCleaner_3.310.exe
2014-09-25 19:29 - 2014-09-25 19:29 - 00037103 _____ () C:\Users\Basti\Desktop\mbam.txt
2014-09-24 17:26 - 2014-09-25 19:40 - 00022670 _____ () C:\Windows\PFRO.log
2014-09-24 17:13 - 2014-09-24 17:13 - 00027134 _____ () C:\Users\Basti\Desktop\Combofix.txt
2014-09-24 17:07 - 2014-09-24 17:07 - 00027134 _____ () C:\ComboFix.txt
2014-09-24 16:35 - 2014-09-24 17:08 - 00000000 ____D () C:\ComboFix
2014-09-24 16:35 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-24 16:35 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-24 16:35 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-24 16:35 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-24 16:35 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-24 16:35 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-24 16:35 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-24 16:35 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-24 16:34 - 2014-09-24 17:08 - 00000000 ____D () C:\Qoobox
2014-09-24 16:33 - 2014-09-24 17:03 - 00000000 ____D () C:\Windows\erdnt
2014-09-24 16:17 - 2014-09-24 16:19 - 05579290 ____R (Swearware) C:\Users\Basti\Desktop\ComboFix.exe
2014-09-24 15:54 - 2014-09-24 15:54 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Basti\Desktop\revosetup95.exe
2014-09-24 15:54 - 2014-09-24 15:54 - 00001264 _____ () C:\Users\Basti\Desktop\Revo Uninstaller.lnk
2014-09-23 21:48 - 2014-09-23 21:48 - 00024779 _____ () C:\Users\Basti\Desktop\Addition.rar
2014-09-23 18:13 - 2014-09-23 18:13 - 00380416 _____ () C:\Users\Basti\Desktop\Gmer-19357.exe
2014-09-23 18:04 - 2014-09-25 19:53 - 00000000 ____D () C:\FRST
2014-09-23 18:03 - 2014-09-25 19:53 - 02108928 _____ (Farbar) C:\Users\Basti\Desktop\FRST64.exe
2014-09-23 18:02 - 2014-09-23 18:02 - 00000542 _____ () C:\Users\Basti\Desktop\defogger_disable.log
2014-09-23 18:02 - 2014-09-23 18:02 - 00000168 _____ () C:\Users\Basti\defogger_reenable
2014-09-23 17:59 - 2014-09-23 17:59 - 00050477 _____ () C:\Users\Basti\Desktop\Defogger.exe
2014-09-23 16:42 - 2014-09-23 16:42 - 00000133 _____ () C:\Users\Basti\AppData\Roaming\tmp_unregister.bat
2014-09-22 20:13 - 2014-09-23 05:02 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\CodeBlocks
2014-09-22 20:12 - 2014-09-22 20:13 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-09-22 20:12 - 2014-09-22 20:12 - 00000764 _____ () C:\Users\Basti\Desktop\CodeBlocks.lnk
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-09-22 19:55 - 2014-09-25 19:40 - 00000448 _____ () C:\Windows\setupact.log
2014-09-21 23:22 - 2014-09-21 23:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2F650DA1.sys
2014-09-21 21:41 - 2014-09-21 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-09-21 21:41 - 2014-09-21 21:40 - 00001147 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-09-21 21:40 - 2014-09-25 19:41 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-21 21:40 - 2014-09-21 21:47 - 00792128 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-21 21:40 - 2014-09-21 21:47 - 00140352 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-21 21:40 - 2014-09-21 21:40 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-09-21 21:40 - 2014-09-21 21:40 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-21 21:40 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-09-21 21:40 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-09-19 17:02 - 2014-09-19 17:02 - 00000202 _____ () C:\Users\Basti\Desktop\America's Army Proving Grounds Beta.url
2014-09-19 16:28 - 2014-09-19 16:28 - 00000897 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Army Men III.lnk
2014-09-19 16:21 - 2014-09-19 16:21 - 00000185 _____ () C:\Users\Basti\Desktop\Amazon.de.url
2014-09-19 16:21 - 2014-09-19 16:21 - 00000000 ____D () C:\Users\Basti\ChromeExtensions
2014-09-19 16:21 - 2014-09-19 16:21 - 00000000 ____D () C:\Users\Basti\AppData\Local\Tempaf603b23276e664f1686dea3d68db17e
2014-09-19 16:18 - 2014-09-19 16:18 - 00000000 ____D () C:\Users\Basti\Downloads\Battlefield-1942
2014-09-19 16:18 - 2014-09-19 16:18 - 00000000 ____D () C:\Users\Basti\AppData\Local\Tempefae60dad426085842d9656a9d4eb204
2014-09-19 16:07 - 2014-09-19 16:12 - 00000000 ____D () C:\Users\Basti\Documents\FIFA 15 Demo
2014-09-19 16:03 - 2014-09-19 16:03 - 00000806 _____ () C:\Users\Public\Desktop\FIFA 15 Demo.lnk
2014-09-19 16:03 - 2014-09-19 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15 Demo
2014-09-17 19:55 - 2014-09-17 19:55 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
2014-09-17 19:46 - 2014-09-17 19:46 - 00000727 _____ () C:\Users\Public\Desktop\White Day.lnk
2014-09-17 19:46 - 2014-09-17 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\White Day
2014-09-16 18:14 - 2014-09-25 19:38 - 00000000 ____D () C:\AdwCleaner
2014-09-15 15:51 - 2014-09-15 15:51 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Acronis
2014-09-15 15:50 - 2014-09-15 16:57 - 00000000 ____D () C:\ProgramData\Acronis
2014-09-15 15:50 - 2014-09-15 15:50 - 01464096 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 01120032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00269600 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00183224 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00161568 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00117024 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00001205 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk
2014-09-15 15:50 - 2014-09-15 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-09-15 15:49 - 2014-09-15 15:49 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-09-15 15:45 - 2014-09-15 15:46 - 01101648 _____ () C:\Users\Basti\Downloads\Acronis True Image 2014 - CHIP-Installer(1).exe
2014-09-15 15:44 - 2014-09-15 15:45 - 01101648 _____ () C:\Users\Basti\Downloads\Acronis True Image 2014 - CHIP-Installer.exe
2014-09-12 21:04 - 2014-09-19 16:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-08 18:45 - 2014-09-18 00:34 - 00000000 ____D () C:\Users\Basti\Desktop\Neuer Ordner (2)
2014-09-03 20:15 - 2014-09-18 00:34 - 00000782 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-09-03 20:15 - 2014-09-03 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2014-09-03 20:14 - 2011-02-18 15:07 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-09-03 19:55 - 2014-09-03 20:15 - 00000000 ____D () C:\Users\Basti\Documents\Electronic Arts
2014-09-03 19:51 - 2014-09-03 19:51 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-03 19:48 - 2014-09-04 18:02 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Origin
2014-09-03 19:48 - 2014-09-03 19:51 - 00000000 ____D () C:\Users\Basti\AppData\Local\Origin
2014-09-03 19:44 - 2014-09-25 19:42 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-03 19:44 - 2014-09-03 19:44 - 17088592 _____ (Electronic Arts, Inc.) C:\Users\Basti\Downloads\OriginThinSetup.exe
2014-09-03 19:44 - 2014-09-03 19:44 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-09-03 19:44 - 2014-09-03 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-09-01 18:16 - 2014-09-01 18:16 - 00000749 _____ () C:\Users\Basti\Desktop\Call of Duty Ghosts.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 19:54 - 2014-09-25 19:53 - 00020078 _____ () C:\Users\Basti\Desktop\FRST.txt
2014-09-25 19:53 - 2014-09-25 19:53 - 00000000 ____D () C:\Users\Basti\Desktop\FRST-OlderVersion
2014-09-25 19:53 - 2014-09-23 18:04 - 00000000 ____D () C:\FRST
2014-09-25 19:53 - 2014-09-23 18:03 - 02108928 _____ (Farbar) C:\Users\Basti\Desktop\FRST64.exe
2014-09-25 19:52 - 2014-09-25 19:52 - 00001433 _____ () C:\Users\Basti\Desktop\JRT.txt
2014-09-25 19:47 - 2014-09-25 19:47 - 00000000 ____D () C:\Windows\ERUNT
2014-09-25 19:47 - 2013-07-25 22:00 - 00000000 ____D () C:\ProgramData\Origin
2014-09-25 19:46 - 2014-09-25 19:46 - 01024790 _____ (Thisisu) C:\Users\Basti\Desktop\JRT.exe
2014-09-25 19:46 - 2014-08-14 21:43 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Raptr
2014-09-25 19:43 - 2013-08-22 18:22 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\BitTorrent
2014-09-25 19:42 - 2014-09-03 19:44 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-25 19:41 - 2014-09-21 21:40 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-25 19:40 - 2014-09-24 17:26 - 00022670 _____ () C:\Windows\PFRO.log
2014-09-25 19:40 - 2014-09-22 19:55 - 00000448 _____ () C:\Windows\setupact.log
2014-09-25 19:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-25 19:39 - 2014-08-07 16:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-25 19:39 - 2013-07-12 22:17 - 00941310 _____ () C:\Windows\WindowsUpdate.log
2014-09-25 19:39 - 2009-07-14 06:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-25 19:39 - 2009-07-14 06:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-25 19:38 - 2014-09-16 18:14 - 00000000 ____D () C:\AdwCleaner
2014-09-25 19:31 - 2014-09-25 19:31 - 01373475 _____ () C:\Users\Basti\Desktop\AdwCleaner_3.310.exe
2014-09-25 19:29 - 2014-09-25 19:29 - 00037103 _____ () C:\Users\Basti\Desktop\mbam.txt
2014-09-25 19:26 - 2014-07-05 15:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-24 17:13 - 2014-09-24 17:13 - 00027134 _____ () C:\Users\Basti\Desktop\Combofix.txt
2014-09-24 17:08 - 2014-09-24 16:35 - 00000000 ____D () C:\ComboFix
2014-09-24 17:08 - 2014-09-24 16:34 - 00000000 ____D () C:\Qoobox
2014-09-24 17:07 - 2014-09-24 17:07 - 00027134 _____ () C:\ComboFix.txt
2014-09-24 17:03 - 2014-09-24 16:33 - 00000000 ____D () C:\Windows\erdnt
2014-09-24 16:51 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-24 16:40 - 2013-07-17 18:41 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-24 16:33 - 2014-07-11 19:04 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\vlc
2014-09-24 16:19 - 2014-09-24 16:17 - 05579290 ____R (Swearware) C:\Users\Basti\Desktop\ComboFix.exe
2014-09-24 16:16 - 2013-08-14 15:53 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-24 15:54 - 2014-09-24 15:54 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Basti\Desktop\revosetup95.exe
2014-09-24 15:54 - 2014-09-24 15:54 - 00001264 _____ () C:\Users\Basti\Desktop\Revo Uninstaller.lnk
2014-09-24 15:54 - 2013-07-21 06:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-23 21:48 - 2014-09-23 21:48 - 00024779 _____ () C:\Users\Basti\Desktop\Addition.rar
2014-09-23 18:16 - 2013-08-22 18:53 - 00000000 ____D () C:\Users\Basti\AppData\Local\CrashDumps
2014-09-23 18:13 - 2014-09-23 18:13 - 00380416 _____ () C:\Users\Basti\Desktop\Gmer-19357.exe
2014-09-23 18:02 - 2014-09-23 18:02 - 00000542 _____ () C:\Users\Basti\Desktop\defogger_disable.log
2014-09-23 18:02 - 2014-09-23 18:02 - 00000168 _____ () C:\Users\Basti\defogger_reenable
2014-09-23 18:02 - 2013-07-12 22:17 - 00000000 ____D () C:\Users\Basti
2014-09-23 17:59 - 2014-09-23 17:59 - 00050477 _____ () C:\Users\Basti\Desktop\Defogger.exe
2014-09-23 16:42 - 2014-09-23 16:42 - 00000133 _____ () C:\Users\Basti\AppData\Roaming\tmp_unregister.bat
2014-09-23 05:02 - 2014-09-22 20:13 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\CodeBlocks
2014-09-22 21:07 - 2013-08-15 14:44 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 20:13 - 2014-09-22 20:12 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-09-22 20:12 - 2014-09-22 20:12 - 00000764 _____ () C:\Users\Basti\Desktop\CodeBlocks.lnk
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-09-22 02:51 - 2014-07-08 21:23 - 00000000 ____D () C:\Program Files\F978377C-B7D4-4536-8E10-14CA97B13394
2014-09-21 23:22 - 2014-09-21 23:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2F650DA1.sys
2014-09-21 21:47 - 2014-09-21 21:40 - 00792128 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-21 21:47 - 2014-09-21 21:40 - 00140352 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-21 21:41 - 2014-09-21 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-09-21 21:40 - 2014-09-21 21:41 - 00001147 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-09-21 21:40 - 2014-09-21 21:40 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-09-21 21:40 - 2014-09-21 21:40 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-19 21:11 - 2014-07-30 20:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-19 21:07 - 2013-07-21 06:36 - 00000000 ____D () C:\Users\Basti\AppData\Local\JDownloader v2.0
2014-09-19 17:02 - 2014-09-19 17:02 - 00000202 _____ () C:\Users\Basti\Desktop\America's Army Proving Grounds Beta.url
2014-09-19 17:02 - 2014-07-16 18:44 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-19 16:28 - 2014-09-19 16:28 - 00000897 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Army Men III.lnk
2014-09-19 16:21 - 2014-09-19 16:21 - 00000185 _____ () C:\Users\Basti\Desktop\Amazon.de.url
2014-09-19 16:21 - 2014-09-19 16:21 - 00000000 ____D () C:\Users\Basti\ChromeExtensions
2014-09-19 16:21 - 2014-09-19 16:21 - 00000000 ____D () C:\Users\Basti\AppData\Local\Tempaf603b23276e664f1686dea3d68db17e
2014-09-19 16:18 - 2014-09-19 16:18 - 00000000 ____D () C:\Users\Basti\Downloads\Battlefield-1942
2014-09-19 16:18 - 2014-09-19 16:18 - 00000000 ____D () C:\Users\Basti\AppData\Local\Tempefae60dad426085842d9656a9d4eb204
2014-09-19 16:18 - 2014-09-12 21:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-19 16:12 - 2014-09-19 16:07 - 00000000 ____D () C:\Users\Basti\Documents\FIFA 15 Demo
2014-09-19 16:03 - 2014-09-19 16:03 - 00000806 _____ () C:\Users\Public\Desktop\FIFA 15 Demo.lnk
2014-09-19 16:03 - 2014-09-19 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15 Demo
2014-09-19 16:03 - 2014-07-06 12:11 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-19 16:03 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-18 00:34 - 2014-09-08 18:45 - 00000000 ____D () C:\Users\Basti\Desktop\Neuer Ordner (2)
2014-09-18 00:34 - 2014-09-03 20:15 - 00000782 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-09-17 19:55 - 2014-09-17 19:55 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
2014-09-17 19:46 - 2014-09-17 19:46 - 00000727 _____ () C:\Users\Public\Desktop\White Day.lnk
2014-09-17 19:46 - 2014-09-17 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\White Day
2014-09-16 18:17 - 2014-07-04 22:29 - 00000833 _____ () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-16 12:49 - 2009-07-14 19:58 - 00710346 _____ () C:\Windows\system32\perfh007.dat
2014-09-16 12:49 - 2009-07-14 19:58 - 00154676 _____ () C:\Windows\system32\perfc007.dat
2014-09-16 12:49 - 2009-07-14 07:13 - 01651118 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-15 16:57 - 2014-09-15 15:50 - 00000000 ____D () C:\ProgramData\Acronis
2014-09-15 15:51 - 2014-09-15 15:51 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Acronis
2014-09-15 15:50 - 2014-09-15 15:50 - 01464096 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 01120032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00269600 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00183224 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00161568 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00117024 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00001205 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk
2014-09-15 15:50 - 2014-09-15 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-09-15 15:49 - 2014-09-15 15:49 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-09-15 15:46 - 2014-09-15 15:45 - 01101648 _____ () C:\Users\Basti\Downloads\Acronis True Image 2014 - CHIP-Installer(1).exe
2014-09-15 15:45 - 2014-09-15 15:44 - 01101648 _____ () C:\Users\Basti\Downloads\Acronis True Image 2014 - CHIP-Installer.exe
2014-09-12 20:39 - 2014-08-07 16:06 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-12 20:39 - 2014-08-07 16:06 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-12 20:39 - 2014-08-07 16:06 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-08 19:42 - 2014-01-16 02:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2011
2014-09-04 18:02 - 2014-09-03 19:48 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Origin
2014-09-03 20:15 - 2014-09-03 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2014-09-03 20:15 - 2014-09-03 19:55 - 00000000 ____D () C:\Users\Basti\Documents\Electronic Arts
2014-09-03 19:52 - 2014-02-04 19:53 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-03 19:51 - 2014-09-03 19:51 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-03 19:51 - 2014-09-03 19:48 - 00000000 ____D () C:\Users\Basti\AppData\Local\Origin
2014-09-03 19:44 - 2014-09-03 19:44 - 17088592 _____ (Electronic Arts, Inc.) C:\Users\Basti\Downloads\OriginThinSetup.exe
2014-09-03 19:44 - 2014-09-03 19:44 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-09-03 19:44 - 2014-09-03 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-09-01 18:16 - 2014-09-01 18:16 - 00000749 _____ () C:\Users\Basti\Desktop\Call of Duty Ghosts.lnk
2014-08-30 00:21 - 2013-08-01 23:14 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\.minecraft

Some content of TEMP:
====================
C:\Users\Basti\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 22:36

==================== End Of Log ============================

--- --- ---

schrauber · 26.09.2014, 15:30

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

RDC · 26.09.2014, 19:39

ESET:

Code:

ATTFilter

# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=b1cfe46c9af1d340a7f05e4bc87609d6
# engine=20316
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-26 05:30:00
# local_time=2014-09-26 07:30:00 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 145997699 164158271 0 0
# scanned=297589
# found=39
# cleaned=0
# scan_time=10086
sh=C49E774690E1B3DADC973307C9E0103BAB94250E ft=1 fh=10c4c814bb5d9100 vn="Variante von Win32/AdWare.EoRezo.AU Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\fst_de_88\freeSoftToday_widget.exe.vir"
sh=5BF0BED25279CA1F3F14DB1F18364EDFB9AB0C86 ft=1 fh=b14befa4627c35fa vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hotspot shield\ConduitUninstaller.exe.vir"
sh=47E1AAB49E4BBE6ED704F804A4B402ACA07D74FE ft=1 fh=d4dd8a748ee934d3 vn="MSIL/Tuguu.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\jfilemanager\LTV.exe.vir"
sh=858160754428281FB571DDD2065708DF7520FA7E ft=0 fh=0000000000000000 vn="Win32/DomaIQ.BC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\jfilemanager\update.xml.vir"
sh=BEFC0099864AA52ABB0A3B99793A5A1BF525401D ft=1 fh=64b34719c3735e0d vn="Variante von Win32/ELEX.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZipper\winzipersvc.exe.vir"
sh=9E7AC0153AF84354206451453D99AD6A430EB148 ft=0 fh=0000000000000000 vn="JS/Adware.Adpeak.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\jciibccebcogmkmcbehleciidbhbbgie\1.0_0\manifest.json.vir"
sh=91DC006B84C4F51ADCADC1BB498E3376FC40130E ft=1 fh=c3b5952672b90e6f vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=268979BC94F89E29C10C925824C49D5C9B5B1C09 ft=1 fh=029569cfdc034e29 vn="Variante von Win64/Adware.Adpeak.F Anwendung" ac=I fn="C:\Program Files (x86)\F978377C-B7D4-4536-8E10-14CA97B13394\SupraSavingsService64.exe"
sh=FE097999E974EC4847B9BB29BE3241BABE091DF1 ft=1 fh=296d7fa3332b1bb0 vn="Win32/SmartFileAdvisor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Smart File Advisor\sfa.exe"
sh=96B17C3628E458A6005D775DA2972B360AEA7DD6 ft=1 fh=6805334fb15e6a36 vn="Win32/SmartFileAdvisor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Smart File Advisor\sfa_inst.exe"
sh=F56AE9AD3EE50BEB7C244060CF7888C792C8EC50 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00097d"
sh=791DB83D9C614CAC9ECBD8225442BF11B0CD1936 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\extensions\UNGEDRJW444405@LS70886362.com\extensionData\plugins\91.js"
sh=B81622A5B9BB23083D90FAD77D0D5EEF7B6E6A8A ft=1 fh=295a60c62ef2fe00 vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Basti\Downloads\dffsetup-d3dx9.exe"
sh=44341AC3075A630346D44C97F22FE3B8DB90A2C8 ft=1 fh=03026ae03c5e9bfc vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=9B57C1B23D98E4E31E8DC947B3ED587A0CA19C39 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\566cca.msi"
sh=94F850FA5E86E6AB2BEE2552716C9491CA58354E ft=1 fh=546bb2a66f4e8a03 vn="Win32/Idmsq.A evtl. unerwünschte Anwendung" ac=I fn="E:\download\IDM2.exe"
sh=DE0F453AD7E45914C2F6E2A6BC782AFB6DB94B9D ft=1 fh=1f461786edf5f19c vn="NSIS/StartPage.CC Trojaner" ac=I fn="E:\download\vlc-2.1.3-win32.exe"
sh=6541CAB1F994DB73D4D32201587BCBD66FF7C750 ft=1 fh=00b0c2d17b2f2ff7 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="E:\Neuer Ordner (3)\RegistryCleanerSetup-1.0.0.1148.exe"
sh=1BF67F9CB4FE347EA4AA92E3ED6BF7FBF2CB154B ft=1 fh=d4d8945a92621de9 vn="Win32/Joke.ScreenMate potenziell unsichere Anwendung" ac=I fn="H:\Neuer Ordner\felix\Cat.exe"
sh=1BF67F9CB4FE347EA4AA92E3ED6BF7FBF2CB154B ft=1 fh=d4d8945a92621de9 vn="Win32/Joke.ScreenMate potenziell unsichere Anwendung" ac=I fn="H:\Program Files\ScreenMates\Cat.exe"
sh=BFBE2C4A6341C1BC25FE01FD36361E55766DDA0B ft=1 fh=3d50ea93719f2fa8 vn="Variante von Win32/Packed.VMProtect.ABD Trojaner" ac=I fn="J:\Call of Duty Ghosts MULTI-2\steam_api.dll"
sh=EF50E9B48CA05EC1423DD9C858738A2971BFB8A8 ft=1 fh=5f4591e8147a9bfd vn="Win32/StartPage.OIE Trojaner" ac=I fn="K:\Dokumente und Einstellungen\Toralf\Eigene Dateien\Downloads\vlc-1.1.11-win32.exe"
sh=FA46F2CE4278B92F5D192D297E3627C5C76BE5E0 ft=0 fh=0000000000000000 vn="Variante von Win32/HackTool.Crack.CC potenziell unsichere Anwendung" ac=I fn="K:\mods\tz-ls13.rar"
sh=3F7144E397CB89F851E939CBDAD680AA7BD4A9DF ft=1 fh=3957a5ebe12b210e vn="Win32/SuspLibLoad.A Trojaner" ac=I fn="K:\radio\OMSI 2 Bus Simulator 2013\d3dx9.dll"
sh=0841DC73043735016961DC6400CC0FB0829E0121 ft=1 fh=7f4225c88f612048 vn="Variante von Win32/Packed.VMProtect.ABD Trojaner" ac=I fn="K:\radio\OMSI 2 Bus Simulator 2013\steam_api.dll"
sh=3F7144E397CB89F851E939CBDAD680AA7BD4A9DF ft=1 fh=3957a5ebe12b210e vn="Win32/SuspLibLoad.A Trojaner" ac=I fn="K:\radio\OMSI 2"
sh=8FCCC46311F67DD17FDBC0124C5ACB91E4FD8C55 ft=1 fh=f9c15dce14dd30ee vn="Variante von Win32/Packed.VMProtect.ABD Trojaner" ac=I fn="K:\radio\OMSI 2.steam_api.dll"
sh=56852BA7C0F00F40F99BA05F7974986F0AB6FE56 ft=1 fh=c9d881e89151abbd vn="Variante von Win32/WinloadSDA.G evtl. unerwünschte Anwendung" ac=I fn="Q:\Download\Battlefield-1942-lnstall.exe"
sh=95918DF62782219EEE8FD407288C17A24C7BDCE7 ft=1 fh=ff74dd4686c9ab0a vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="R:\Datenträger I\D\musik\JDownloaderSetupNIGHTLY.exe"
sh=7A966BB587B048F6AF128F76C419BC3D9E8DE914 ft=1 fh=25160f0bdb665cda vn="Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung" ac=I fn="R:\Datenträger I\D\musik\rcsetup144.exe"
sh=13DDFA1862B74BDBBC06FC8766B36B9B73B25760 ft=1 fh=891ef6f01345cc13 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="R:\F\Foto\SetupImgBurn_2.5.7.0.exe"

SecurityCheck:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.87  
 Windows 7  x64 (UAC is enabled)  
 Out of date service pack!! 
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Anti-Virus   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Call of Duty Ghosts MULTI-2 Incl. Update 7 1.0.0.1 
 TuneUp Utilities 2012   
 TuneUp Utilities Language Pack (de-DE) 
 Java 7 Update 60  
 Java version out of Date! 
 Adobe Flash Player 15.0.0.152  
 Adobe Reader XI  
 Mozilla Firefox (32.0.3) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-09-2014 01
Ran by Basti (administrator) on BASTI-PC on 26-09-2014 19:52:37
Running from C:\Users\Basti\Desktop
Loaded Profile: Basti (Available profiles: Basti)
Platform: Windows 7 Ultimate (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apache Software Foundation) C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Apache Software Foundation) C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\wmi64.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\viaaud.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(BitTorrent Inc.) C:\Users\Basti\AppData\Roaming\BitTorrent\BitTorrent.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptrstub.exe
() C:\Program Files (x86)\ArgusMonitor\ArgusMonitor.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Apache Software Foundation) C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VIAAUD] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe [647280 2011-06-20] (VIA)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5199984 2011-06-20] (VIA)
HKLM-x32\...\Run: [KiesTrayAgent] => E:\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Kepard] => C:\Program Files (x86)\Kepard\Kepard.exe [746496 2013-03-05] (Kepard)
HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [283712 2013-11-26] (Filefacts.net)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7818392 2013-08-22] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [KiesPreload] => E:\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [BitTorrent] => C:\Users\Basti\AppData\Roaming\BitTorrent\BitTorrent.exe [1417048 2014-09-23] (BitTorrent Inc.)
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-07-30] (Raptr, Inc)
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [Argus Monitor] => C:\Program Files (x86)\ArgusMonitor\ArgusMonitor.exe [2478688 2014-08-21] ()
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600216 2014-09-17] (Electronic Arts)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Apache Servers.lnk
ShortcutTarget: Monitor Apache Servers.lnk -> C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe (Apache Software Foundation)
Startup: C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {79292252-2B1B-485E-BC6C-30504604F227} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {79292252-2B1B-485E-BC6C-30504604F227} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - No Name - {A13C2648-91D4-4bf3-BC6D-0079707C4389} -  No File
Toolbar: HKCU - No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default
FF DefaultSearchEngine: SuchMaschine
FF SearchEngineOrder.1: SuchMaschine
FF SelectedSearchEngine: SuchMaschine
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Basti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
FF SearchPlugin: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Plus-HD-1.3c - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\Extensions\UNGEDRJW444405@LS70886362.com [2014-08-06]
FF Extension: BugMeNot Plugin - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\Extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi [2014-09-23]
FF Extension: Adblock Plus - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-23]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Modul zum Sperren von gefährlichen Webseiten - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtuelle Tastatur - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址過濾 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-21]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSearchKeyword: Default -> suchmaschine
CHR DefaultSearchURL: Default -> hxxp://www.sm.de/?q={searchTerms}
CHR DefaultSuggestURL: Default -> 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Unity Player) - C:\Users\Basti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Profile: C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]
CHR Extension: (Google Drive) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-15]
CHR Extension: (YouTube) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Google Search) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-09-23]
CHR Extension: (Google Wallet) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Extension: (Amazon) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2014-09-23]
CHR Extension: (Gmail) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho []
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Basti\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-09-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apache2.2; C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [20549 2013-07-10] (Apache Software Foundation) [File not signed]
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2143072 2012-05-29] (TuneUp Software)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-06-14] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArgusMonitor; C:\Windows\SysWow64\drivers\ArgusMonitor.sys [74360 2014-02-28] (Argotronic UG (haftungsbeschraenkt))
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-04] (Disc Soft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [140352 2014-09-21] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [792128 2014-09-21] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce))
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-09-15] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-09-15] (Acronis)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-11-08] (TuneUp Software)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2009-07-14] (Microsoft Corporation)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-09-15] (Acronis International GmbH)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-26 19:42 - 2014-09-26 19:42 - 00000994 _____ () C:\Users\Basti\Desktop\checkup.txt
2014-09-26 19:35 - 2014-09-26 19:35 - 00854417 _____ () C:\Users\Basti\Desktop\SecurityCheck.exe
2014-09-26 19:33 - 2014-09-26 19:33 - 00008528 _____ () C:\Users\Basti\Desktop\ESET.txt
2014-09-26 16:37 - 2014-09-26 16:37 - 02347384 _____ (ESET) C:\Users\Basti\Desktop\esetsmartinstaller_deu.exe
2014-09-25 20:12 - 2014-09-25 20:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-25 19:53 - 2014-09-26 19:52 - 00020931 _____ () C:\Users\Basti\Desktop\FRST.txt
2014-09-25 19:53 - 2014-09-25 19:53 - 00000000 ____D () C:\Users\Basti\Desktop\FRST-OlderVersion
2014-09-25 19:52 - 2014-09-25 19:52 - 00001433 _____ () C:\Users\Basti\Desktop\JRT.txt
2014-09-25 19:47 - 2014-09-25 19:47 - 00000000 ____D () C:\Windows\ERUNT
2014-09-25 19:46 - 2014-09-25 19:46 - 01024790 _____ (Thisisu) C:\Users\Basti\Desktop\JRT.exe
2014-09-25 19:31 - 2014-09-25 19:31 - 01373475 _____ () C:\Users\Basti\Desktop\AdwCleaner_3.310.exe
2014-09-25 19:29 - 2014-09-25 19:29 - 00037103 _____ () C:\Users\Basti\Desktop\mbam.txt
2014-09-24 17:26 - 2014-09-26 19:46 - 00023504 _____ () C:\Windows\PFRO.log
2014-09-24 17:13 - 2014-09-24 17:13 - 00027134 _____ () C:\Users\Basti\Desktop\Combofix.txt
2014-09-24 17:07 - 2014-09-24 17:07 - 00027134 _____ () C:\ComboFix.txt
2014-09-24 16:35 - 2014-09-24 17:08 - 00000000 ____D () C:\ComboFix
2014-09-24 16:35 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-24 16:35 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-24 16:35 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-24 16:35 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-24 16:35 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-24 16:35 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-24 16:35 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-24 16:35 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-24 16:34 - 2014-09-24 17:08 - 00000000 ____D () C:\Qoobox
2014-09-24 16:33 - 2014-09-24 17:03 - 00000000 ____D () C:\Windows\erdnt
2014-09-24 16:17 - 2014-09-24 16:19 - 05579290 ____R (Swearware) C:\Users\Basti\Desktop\ComboFix.exe
2014-09-24 15:54 - 2014-09-24 15:54 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Basti\Desktop\revosetup95.exe
2014-09-24 15:54 - 2014-09-24 15:54 - 00001264 _____ () C:\Users\Basti\Desktop\Revo Uninstaller.lnk
2014-09-23 21:48 - 2014-09-23 21:48 - 00024779 _____ () C:\Users\Basti\Desktop\Addition.rar
2014-09-23 18:13 - 2014-09-23 18:13 - 00380416 _____ () C:\Users\Basti\Desktop\Gmer-19357.exe
2014-09-23 18:04 - 2014-09-26 19:52 - 00000000 ____D () C:\FRST
2014-09-23 18:03 - 2014-09-25 19:53 - 02108928 _____ (Farbar) C:\Users\Basti\Desktop\FRST64.exe
2014-09-23 18:02 - 2014-09-23 18:02 - 00000542 _____ () C:\Users\Basti\Desktop\defogger_disable.log
2014-09-23 18:02 - 2014-09-23 18:02 - 00000168 _____ () C:\Users\Basti\defogger_reenable
2014-09-23 17:59 - 2014-09-23 17:59 - 00050477 _____ () C:\Users\Basti\Desktop\Defogger.exe
2014-09-23 16:42 - 2014-09-23 16:42 - 00000133 _____ () C:\Users\Basti\AppData\Roaming\tmp_unregister.bat
2014-09-22 20:13 - 2014-09-23 05:02 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\CodeBlocks
2014-09-22 20:12 - 2014-09-22 20:13 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-09-22 20:12 - 2014-09-22 20:12 - 00000764 _____ () C:\Users\Basti\Desktop\CodeBlocks.lnk
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-09-22 19:55 - 2014-09-26 19:46 - 00000560 _____ () C:\Windows\setupact.log
2014-09-21 23:22 - 2014-09-21 23:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2F650DA1.sys
2014-09-21 21:41 - 2014-09-21 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-09-21 21:41 - 2014-09-21 21:40 - 00001147 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-09-21 21:40 - 2014-09-26 19:48 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-21 21:40 - 2014-09-21 21:47 - 00792128 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-21 21:40 - 2014-09-21 21:47 - 00140352 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-21 21:40 - 2014-09-21 21:40 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-09-21 21:40 - 2014-09-21 21:40 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-21 21:40 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-09-21 21:40 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-09-19 17:02 - 2014-09-19 17:02 - 00000202 _____ () C:\Users\Basti\Desktop\America's Army Proving Grounds Beta.url
2014-09-19 16:28 - 2014-09-19 16:28 - 00000897 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Army Men III.lnk
2014-09-19 16:21 - 2014-09-19 16:21 - 00000185 _____ () C:\Users\Basti\Desktop\Amazon.de.url
2014-09-19 16:21 - 2014-09-19 16:21 - 00000000 ____D () C:\Users\Basti\ChromeExtensions
2014-09-19 16:21 - 2014-09-19 16:21 - 00000000 ____D () C:\Users\Basti\AppData\Local\Tempaf603b23276e664f1686dea3d68db17e
2014-09-19 16:18 - 2014-09-19 16:18 - 00000000 ____D () C:\Users\Basti\Downloads\Battlefield-1942
2014-09-19 16:18 - 2014-09-19 16:18 - 00000000 ____D () C:\Users\Basti\AppData\Local\Tempefae60dad426085842d9656a9d4eb204
2014-09-19 16:07 - 2014-09-19 16:12 - 00000000 ____D () C:\Users\Basti\Documents\FIFA 15 Demo
2014-09-19 16:03 - 2014-09-19 16:03 - 00000806 _____ () C:\Users\Public\Desktop\FIFA 15 Demo.lnk
2014-09-19 16:03 - 2014-09-19 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15 Demo
2014-09-17 19:55 - 2014-09-17 19:55 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
2014-09-17 19:46 - 2014-09-17 19:46 - 00000727 _____ () C:\Users\Public\Desktop\White Day.lnk
2014-09-17 19:46 - 2014-09-17 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\White Day
2014-09-16 18:14 - 2014-09-25 19:38 - 00000000 ____D () C:\AdwCleaner
2014-09-15 15:51 - 2014-09-15 15:51 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Acronis
2014-09-15 15:50 - 2014-09-15 16:57 - 00000000 ____D () C:\ProgramData\Acronis
2014-09-15 15:50 - 2014-09-15 15:50 - 01464096 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 01120032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00269600 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00183224 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00161568 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00117024 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00001205 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk
2014-09-15 15:50 - 2014-09-15 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-09-15 15:49 - 2014-09-15 15:49 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-09-15 15:45 - 2014-09-15 15:46 - 01101648 _____ () C:\Users\Basti\Downloads\Acronis True Image 2014 - CHIP-Installer(1).exe
2014-09-15 15:44 - 2014-09-15 15:45 - 01101648 _____ () C:\Users\Basti\Downloads\Acronis True Image 2014 - CHIP-Installer.exe
2014-09-08 18:45 - 2014-09-18 00:34 - 00000000 ____D () C:\Users\Basti\Desktop\Neuer Ordner (2)
2014-09-03 20:15 - 2014-09-18 00:34 - 00000782 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-09-03 20:15 - 2014-09-03 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2014-09-03 20:14 - 2011-02-18 15:07 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-09-03 19:55 - 2014-09-03 20:15 - 00000000 ____D () C:\Users\Basti\Documents\Electronic Arts
2014-09-03 19:51 - 2014-09-03 19:51 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-03 19:48 - 2014-09-04 18:02 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Origin
2014-09-03 19:48 - 2014-09-03 19:51 - 00000000 ____D () C:\Users\Basti\AppData\Local\Origin
2014-09-03 19:44 - 2014-09-26 19:48 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-03 19:44 - 2014-09-03 19:44 - 17088592 _____ (Electronic Arts, Inc.) C:\Users\Basti\Downloads\OriginThinSetup.exe
2014-09-03 19:44 - 2014-09-03 19:44 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-09-03 19:44 - 2014-09-03 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-09-01 18:16 - 2014-09-01 18:16 - 00000749 _____ () C:\Users\Basti\Desktop\Call of Duty Ghosts.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-26 19:54 - 2014-09-25 19:53 - 00020931 _____ () C:\Users\Basti\Desktop\FRST.txt
2014-09-26 19:52 - 2014-09-23 18:04 - 00000000 ____D () C:\FRST
2014-09-26 19:52 - 2013-07-25 22:00 - 00000000 ____D () C:\ProgramData\Origin
2014-09-26 19:50 - 2013-08-22 18:22 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\BitTorrent
2014-09-26 19:49 - 2014-08-14 21:43 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Raptr
2014-09-26 19:48 - 2014-09-21 21:40 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-26 19:48 - 2014-09-03 19:44 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-26 19:46 - 2014-09-24 17:26 - 00023504 _____ () C:\Windows\PFRO.log
2014-09-26 19:46 - 2014-09-22 19:55 - 00000560 _____ () C:\Windows\setupact.log
2014-09-26 19:46 - 2014-07-30 20:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-26 19:46 - 2013-07-12 22:17 - 00948970 _____ () C:\Windows\WindowsUpdate.log
2014-09-26 19:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-26 19:46 - 2009-07-14 06:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-26 19:46 - 2009-07-14 06:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-26 19:45 - 2014-07-11 19:04 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\vlc
2014-09-26 19:42 - 2014-09-26 19:42 - 00000994 _____ () C:\Users\Basti\Desktop\checkup.txt
2014-09-26 19:39 - 2014-08-07 16:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-26 19:35 - 2014-09-26 19:35 - 00854417 _____ () C:\Users\Basti\Desktop\SecurityCheck.exe
2014-09-26 19:33 - 2014-09-26 19:33 - 00008528 _____ () C:\Users\Basti\Desktop\ESET.txt
2014-09-26 16:37 - 2014-09-26 16:37 - 02347384 _____ (ESET) C:\Users\Basti\Desktop\esetsmartinstaller_deu.exe
2014-09-26 16:33 - 2014-07-05 15:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-25 20:12 - 2014-09-25 20:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-25 19:53 - 2014-09-25 19:53 - 00000000 ____D () C:\Users\Basti\Desktop\FRST-OlderVersion
2014-09-25 19:53 - 2014-09-23 18:03 - 02108928 _____ (Farbar) C:\Users\Basti\Desktop\FRST64.exe
2014-09-25 19:52 - 2014-09-25 19:52 - 00001433 _____ () C:\Users\Basti\Desktop\JRT.txt
2014-09-25 19:47 - 2014-09-25 19:47 - 00000000 ____D () C:\Windows\ERUNT
2014-09-25 19:46 - 2014-09-25 19:46 - 01024790 _____ (Thisisu) C:\Users\Basti\Desktop\JRT.exe
2014-09-25 19:38 - 2014-09-16 18:14 - 00000000 ____D () C:\AdwCleaner
2014-09-25 19:31 - 2014-09-25 19:31 - 01373475 _____ () C:\Users\Basti\Desktop\AdwCleaner_3.310.exe
2014-09-25 19:29 - 2014-09-25 19:29 - 00037103 _____ () C:\Users\Basti\Desktop\mbam.txt
2014-09-24 17:13 - 2014-09-24 17:13 - 00027134 _____ () C:\Users\Basti\Desktop\Combofix.txt
2014-09-24 17:08 - 2014-09-24 16:35 - 00000000 ____D () C:\ComboFix
2014-09-24 17:08 - 2014-09-24 16:34 - 00000000 ____D () C:\Qoobox
2014-09-24 17:07 - 2014-09-24 17:07 - 00027134 _____ () C:\ComboFix.txt
2014-09-24 17:03 - 2014-09-24 16:33 - 00000000 ____D () C:\Windows\erdnt
2014-09-24 16:51 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-24 16:40 - 2013-07-17 18:41 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-24 16:19 - 2014-09-24 16:17 - 05579290 ____R (Swearware) C:\Users\Basti\Desktop\ComboFix.exe
2014-09-24 16:16 - 2013-08-14 15:53 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-24 15:54 - 2014-09-24 15:54 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Basti\Desktop\revosetup95.exe
2014-09-24 15:54 - 2014-09-24 15:54 - 00001264 _____ () C:\Users\Basti\Desktop\Revo Uninstaller.lnk
2014-09-24 15:54 - 2013-07-21 06:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-23 21:48 - 2014-09-23 21:48 - 00024779 _____ () C:\Users\Basti\Desktop\Addition.rar
2014-09-23 18:16 - 2013-08-22 18:53 - 00000000 ____D () C:\Users\Basti\AppData\Local\CrashDumps
2014-09-23 18:13 - 2014-09-23 18:13 - 00380416 _____ () C:\Users\Basti\Desktop\Gmer-19357.exe
2014-09-23 18:02 - 2014-09-23 18:02 - 00000542 _____ () C:\Users\Basti\Desktop\defogger_disable.log
2014-09-23 18:02 - 2014-09-23 18:02 - 00000168 _____ () C:\Users\Basti\defogger_reenable
2014-09-23 18:02 - 2013-07-12 22:17 - 00000000 ____D () C:\Users\Basti
2014-09-23 17:59 - 2014-09-23 17:59 - 00050477 _____ () C:\Users\Basti\Desktop\Defogger.exe
2014-09-23 16:42 - 2014-09-23 16:42 - 00000133 _____ () C:\Users\Basti\AppData\Roaming\tmp_unregister.bat
2014-09-23 05:02 - 2014-09-22 20:13 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\CodeBlocks
2014-09-22 21:07 - 2013-08-15 14:44 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 20:13 - 2014-09-22 20:12 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-09-22 20:12 - 2014-09-22 20:12 - 00000764 _____ () C:\Users\Basti\Desktop\CodeBlocks.lnk
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-09-22 02:51 - 2014-07-08 21:23 - 00000000 ____D () C:\Program Files\F978377C-B7D4-4536-8E10-14CA97B13394
2014-09-21 23:22 - 2014-09-21 23:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2F650DA1.sys
2014-09-21 21:47 - 2014-09-21 21:40 - 00792128 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-21 21:47 - 2014-09-21 21:40 - 00140352 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-21 21:41 - 2014-09-21 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-09-21 21:40 - 2014-09-21 21:41 - 00001147 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-09-21 21:40 - 2014-09-21 21:40 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-09-21 21:40 - 2014-09-21 21:40 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-19 21:07 - 2013-07-21 06:36 - 00000000 ____D () C:\Users\Basti\AppData\Local\JDownloader v2.0
2014-09-19 17:02 - 2014-09-19 17:02 - 00000202 _____ () C:\Users\Basti\Desktop\America's Army Proving Grounds Beta.url
2014-09-19 17:02 - 2014-07-16 18:44 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-19 16:28 - 2014-09-19 16:28 - 00000897 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Army Men III.lnk
2014-09-19 16:21 - 2014-09-19 16:21 - 00000185 _____ () C:\Users\Basti\Desktop\Amazon.de.url
2014-09-19 16:21 - 2014-09-19 16:21 - 00000000 ____D () C:\Users\Basti\ChromeExtensions
2014-09-19 16:21 - 2014-09-19 16:21 - 00000000 ____D () C:\Users\Basti\AppData\Local\Tempaf603b23276e664f1686dea3d68db17e
2014-09-19 16:18 - 2014-09-19 16:18 - 00000000 ____D () C:\Users\Basti\Downloads\Battlefield-1942
2014-09-19 16:18 - 2014-09-19 16:18 - 00000000 ____D () C:\Users\Basti\AppData\Local\Tempefae60dad426085842d9656a9d4eb204
2014-09-19 16:12 - 2014-09-19 16:07 - 00000000 ____D () C:\Users\Basti\Documents\FIFA 15 Demo
2014-09-19 16:03 - 2014-09-19 16:03 - 00000806 _____ () C:\Users\Public\Desktop\FIFA 15 Demo.lnk
2014-09-19 16:03 - 2014-09-19 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15 Demo
2014-09-19 16:03 - 2014-07-06 12:11 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-19 16:03 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-18 00:34 - 2014-09-08 18:45 - 00000000 ____D () C:\Users\Basti\Desktop\Neuer Ordner (2)
2014-09-18 00:34 - 2014-09-03 20:15 - 00000782 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-09-17 19:55 - 2014-09-17 19:55 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
2014-09-17 19:46 - 2014-09-17 19:46 - 00000727 _____ () C:\Users\Public\Desktop\White Day.lnk
2014-09-17 19:46 - 2014-09-17 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\White Day
2014-09-16 18:17 - 2014-07-04 22:29 - 00000833 _____ () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-16 12:49 - 2009-07-14 19:58 - 00710346 _____ () C:\Windows\system32\perfh007.dat
2014-09-16 12:49 - 2009-07-14 19:58 - 00154676 _____ () C:\Windows\system32\perfc007.dat
2014-09-16 12:49 - 2009-07-14 07:13 - 01651118 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-15 16:57 - 2014-09-15 15:50 - 00000000 ____D () C:\ProgramData\Acronis
2014-09-15 15:51 - 2014-09-15 15:51 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Acronis
2014-09-15 15:50 - 2014-09-15 15:50 - 01464096 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 01120032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00269600 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00183224 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00161568 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00117024 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00001205 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk
2014-09-15 15:50 - 2014-09-15 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-09-15 15:49 - 2014-09-15 15:49 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-09-15 15:46 - 2014-09-15 15:45 - 01101648 _____ () C:\Users\Basti\Downloads\Acronis True Image 2014 - CHIP-Installer(1).exe
2014-09-15 15:45 - 2014-09-15 15:44 - 01101648 _____ () C:\Users\Basti\Downloads\Acronis True Image 2014 - CHIP-Installer.exe
2014-09-12 20:39 - 2014-08-07 16:06 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-12 20:39 - 2014-08-07 16:06 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-12 20:39 - 2014-08-07 16:06 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-08 19:42 - 2014-01-16 02:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2011
2014-09-04 18:02 - 2014-09-03 19:48 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Origin
2014-09-03 20:15 - 2014-09-03 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2014-09-03 20:15 - 2014-09-03 19:55 - 00000000 ____D () C:\Users\Basti\Documents\Electronic Arts
2014-09-03 19:52 - 2014-02-04 19:53 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-03 19:51 - 2014-09-03 19:51 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-03 19:51 - 2014-09-03 19:48 - 00000000 ____D () C:\Users\Basti\AppData\Local\Origin
2014-09-03 19:44 - 2014-09-03 19:44 - 17088592 _____ (Electronic Arts, Inc.) C:\Users\Basti\Downloads\OriginThinSetup.exe
2014-09-03 19:44 - 2014-09-03 19:44 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-09-03 19:44 - 2014-09-03 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-09-01 18:16 - 2014-09-01 18:16 - 00000749 _____ () C:\Users\Basti\Desktop\Call of Duty Ghosts.lnk
2014-08-30 00:21 - 2013-08-01 23:14 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\.minecraft

Some content of TEMP:
====================
C:\Users\Basti\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-26 00:55

==================== End Of Log ============================

--- --- ---

Leider bestehen die Probleme auch weiterhin.
Brauchen sie vllt noch das Startprofil-log?

schrauber · 27.09.2014, 19:11

Java updaten.

Screenshot der Meldung bitte. WIndows updaten, da fehlt ein ganzes Servicepack!

RDC · 29.09.2014, 21:59

So denn Screenshot hab ich jetz angehängt wenn das so richtig war?!?
Und ich glaube ich muss das System neu aufsetzten da das Service Pack nicht mehr raufpasst, da die Partition nur 24 gb hat und der windows Ordner knapp 17gb belegt

,
und für das Service Pack benötige mindestens 8gb freien Speicherplatz

schrauber · 30.09.2014, 15:29

Öffne bitte FRST, setz nen Haken bei Addition und scanne, poste beide Logfiles.

RDC · 30.09.2014, 15:59

FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-09-2014 01
Ran by Basti (administrator) on BASTI-PC on 30-09-2014 16:51:04
Running from C:\Users\Basti\Desktop
Loaded Profile: Basti (Available profiles: Basti)
Platform: Windows 7 Ultimate (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apache Software Foundation) C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Apache Software Foundation) C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\viaaud.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
() C:\Program Files (x86)\ArgusMonitor\ArgusMonitor.exe
(Apache Software Foundation) C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AppWork GmbH) C:\Users\Basti\AppData\Local\JDownloader v2.0\JDownloader2.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VIAAUD] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe [647280 2011-06-20] (VIA)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5199984 2011-06-20] (VIA)
HKLM-x32\...\Run: [KiesTrayAgent] => E:\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Kepard] => C:\Program Files (x86)\Kepard\Kepard.exe [746496 2013-03-05] (Kepard)
HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [283712 2013-11-26] (Filefacts.net)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7818392 2013-08-22] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [KiesPreload] => E:\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [BitTorrent] => C:\Users\Basti\AppData\Roaming\BitTorrent\BitTorrent.exe [1387864 2014-09-26] (BitTorrent Inc.)
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-07-30] (Raptr, Inc)
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [Argus Monitor] => C:\Program Files (x86)\ArgusMonitor\ArgusMonitor.exe [2478688 2014-08-21] ()
HKU\S-1-5-21-2003444537-1590814705-579064181-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600216 2014-09-17] (Electronic Arts)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Apache Servers.lnk
ShortcutTarget: Monitor Apache Servers.lnk -> C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe (Apache Software Foundation)
Startup: C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {79292252-2B1B-485E-BC6C-30504604F227} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {79292252-2B1B-485E-BC6C-30504604F227} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - No Name - {A13C2648-91D4-4bf3-BC6D-0079707C4389} -  No File
Toolbar: HKCU - No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default
FF DefaultSearchEngine: SuchMaschine
FF SearchEngineOrder.1: SuchMaschine
FF SelectedSearchEngine: SuchMaschine
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Basti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
FF SearchPlugin: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Plus-HD-1.3c - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\Extensions\UNGEDRJW444405@LS70886362.com [2014-08-06]
FF Extension: BugMeNot Plugin - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\Extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi [2014-09-23]
FF Extension: Adblock Plus - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\rrsi464f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-23]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Modul zum Sperren von gefährlichen Webseiten - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtuelle Tastatur - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址過濾 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-21]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSearchKeyword: Default -> suchmaschine
CHR DefaultSearchURL: Default -> hxxp://www.sm.de/?q={searchTerms}
CHR DefaultSuggestURL: Default -> 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Unity Player) - C:\Users\Basti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Profile: C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]
CHR Extension: (Google Drive) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-15]
CHR Extension: (YouTube) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Google Search) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-09-23]
CHR Extension: (Google Wallet) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Extension: (Amazon) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2014-09-23]
CHR Extension: (Gmail) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho []
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Basti\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-09-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apache2.2; C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [20549 2013-07-10] (Apache Software Foundation) [File not signed]
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2143072 2012-05-29] (TuneUp Software)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-06-14] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArgusMonitor; C:\Windows\SysWow64\drivers\ArgusMonitor.sys [74360 2014-02-28] (Argotronic UG (haftungsbeschraenkt))
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-04] (Disc Soft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [140352 2014-09-21] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [792128 2014-09-21] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-30] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce))
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-09-15] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-09-15] (Acronis)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-11-08] (TuneUp Software)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2009-07-14] (Microsoft Corporation)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-09-15] (Acronis International GmbH)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-30 16:45 - 2014-09-30 16:51 - 00021318 _____ () C:\Users\Basti\Desktop\FRST.txt
2014-09-30 16:45 - 2014-09-30 16:45 - 00125890 _____ () C:\Users\Basti\Desktop\Addition.txt
2014-09-30 16:44 - 2014-09-30 16:44 - 00000000 ____D () C:\AiO-Files
2014-09-30 16:05 - 2014-09-30 16:05 - 00000000 ____D () C:\Users\Basti\Documents\SimCity
2014-09-30 14:17 - 2014-09-30 14:17 - 00000056 _____ () C:\Windows\setupact.log
2014-09-30 00:40 - 2014-09-30 00:40 - 00000724 _____ () C:\Users\Basti\Desktop\Lula 3D.lnk
2014-09-30 00:35 - 2014-09-30 00:35 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lula 3D
2014-09-30 00:35 - 2014-09-30 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lula 3D
2014-09-29 23:37 - 2014-09-29 23:55 - 00000000 ____D () C:\Users\Basti\Documents\TransOcean
2014-09-29 23:28 - 2014-09-29 23:28 - 00000595 _____ () C:\Users\Public\Desktop\TransOcean - The Shipping Company.lnk
2014-09-29 23:28 - 2014-09-29 23:28 - 00000595 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TransOcean - The Shipping Company.lnk
2014-09-29 20:10 - 2014-09-29 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
2014-09-29 20:09 - 2014-09-30 00:40 - 00001045 _____ () C:\Windows\DirectX.log
2014-09-29 20:09 - 2014-09-29 20:09 - 00000541 _____ () C:\Users\Basti\Desktop\Star Wars Jedi Knight Jedi Academy spielen.lnk
2014-09-29 20:04 - 2014-09-29 20:04 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-09-29 15:39 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-09-29 15:33 - 2014-09-29 15:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-29 15:32 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-09-29 15:32 - 2011-04-09 08:45 - 05509504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-29 15:32 - 2011-04-09 08:13 - 03957632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-09-29 15:32 - 2011-04-09 08:13 - 03901824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-09-29 15:32 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-09-27 04:52 - 2014-09-27 06:24 - 00000000 ____D () C:\Users\Basti\Documents\SH5
2014-09-27 04:51 - 2014-09-27 04:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Silent Hunter 5
2014-09-27 02:02 - 2014-09-27 02:02 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2014-09-27 02:02 - 2014-09-27 02:02 - 00000000 ____D () C:\Users\Basti\AppData\Local\Vitalwerks
2014-09-27 02:02 - 2014-09-27 02:02 - 00000000 ____D () C:\Program Files (x86)\No-IP
2014-09-27 00:56 - 2014-09-27 00:56 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-27 00:56 - 2014-09-27 00:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-27 00:56 - 2014-09-27 00:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-27 00:56 - 2014-09-27 00:56 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-27 00:56 - 2014-09-27 00:56 - 00000000 ____D () C:\Program Files\Java
2014-09-26 22:12 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-26 22:12 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-26 22:12 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-26 22:12 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-26 22:11 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-26 22:11 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-26 22:11 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-26 22:11 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-26 22:11 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-26 20:46 - 2014-09-26 20:50 - 00084860 _____ () C:\info.txt
2014-09-26 19:42 - 2014-09-26 19:42 - 00000994 _____ () C:\Users\Basti\Desktop\checkup.txt
2014-09-26 19:35 - 2014-09-26 19:35 - 00854417 _____ () C:\Users\Basti\Desktop\SecurityCheck.exe
2014-09-26 19:33 - 2014-09-26 20:08 - 00006701 _____ () C:\Users\Basti\Desktop\ESET.txt
2014-09-26 16:37 - 2014-09-26 16:37 - 02347384 _____ (ESET) C:\Users\Basti\Desktop\esetsmartinstaller_deu.exe
2014-09-25 20:12 - 2014-09-25 20:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-25 19:53 - 2014-09-30 16:44 - 00000000 ____D () C:\Users\Basti\Desktop\FRST-OlderVersion
2014-09-25 19:52 - 2014-09-25 19:52 - 00001433 _____ () C:\Users\Basti\Desktop\JRT.txt
2014-09-25 19:47 - 2014-09-25 19:47 - 00000000 ____D () C:\Windows\ERUNT
2014-09-25 19:46 - 2014-09-25 19:46 - 01024790 _____ (Thisisu) C:\Users\Basti\Desktop\JRT.exe
2014-09-25 19:31 - 2014-09-25 19:31 - 01373475 _____ () C:\Users\Basti\Desktop\AdwCleaner_3.310.exe
2014-09-25 19:29 - 2014-09-25 19:29 - 00037103 _____ () C:\Users\Basti\Desktop\mbam.txt
2014-09-24 17:13 - 2014-09-24 17:13 - 00027134 _____ () C:\Users\Basti\Desktop\Combofix.txt
2014-09-24 17:07 - 2014-09-24 17:07 - 00027134 _____ () C:\ComboFix.txt
2014-09-24 16:35 - 2014-09-24 17:08 - 00000000 ____D () C:\ComboFix
2014-09-24 16:35 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-24 16:35 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-24 16:35 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-24 16:35 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-24 16:35 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-24 16:35 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-24 16:35 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-24 16:35 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-24 16:34 - 2014-09-24 17:08 - 00000000 ____D () C:\Qoobox
2014-09-24 16:33 - 2014-09-24 17:03 - 00000000 ____D () C:\Windows\erdnt
2014-09-24 16:17 - 2014-09-24 16:19 - 05579290 ____R (Swearware) C:\Users\Basti\Desktop\ComboFix.exe
2014-09-24 15:54 - 2014-09-24 15:54 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Basti\Desktop\revosetup95.exe
2014-09-24 15:54 - 2014-09-24 15:54 - 00001264 _____ () C:\Users\Basti\Desktop\Revo Uninstaller.lnk
2014-09-23 21:48 - 2014-09-23 21:48 - 00024779 _____ () C:\Users\Basti\Desktop\Addition.rar
2014-09-23 18:13 - 2014-09-23 18:13 - 00380416 _____ () C:\Users\Basti\Desktop\Gmer-19357.exe
2014-09-23 18:04 - 2014-09-30 16:51 - 00000000 ____D () C:\FRST
2014-09-23 18:03 - 2014-09-25 19:53 - 02108928 _____ (Farbar) C:\Users\Basti\Desktop\FRST64.exe
2014-09-23 18:02 - 2014-09-23 18:02 - 00000542 _____ () C:\Users\Basti\Desktop\defogger_disable.log
2014-09-23 18:02 - 2014-09-23 18:02 - 00000168 _____ () C:\Users\Basti\defogger_reenable
2014-09-23 17:59 - 2014-09-23 17:59 - 00050477 _____ () C:\Users\Basti\Desktop\Defogger.exe
2014-09-23 16:42 - 2014-09-23 16:42 - 00000133 _____ () C:\Users\Basti\AppData\Roaming\tmp_unregister.bat
2014-09-22 20:13 - 2014-09-23 05:02 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\CodeBlocks
2014-09-22 20:12 - 2014-09-22 20:13 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-09-22 20:12 - 2014-09-22 20:12 - 00000764 _____ () C:\Users\Basti\Desktop\CodeBlocks.lnk
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-09-21 23:22 - 2014-09-21 23:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2F650DA1.sys
2014-09-21 21:41 - 2014-09-21 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-09-21 21:41 - 2014-09-21 21:40 - 00001147 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-09-21 21:40 - 2014-09-30 16:36 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-21 21:40 - 2014-09-21 21:47 - 00792128 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-21 21:40 - 2014-09-21 21:47 - 00140352 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-21 21:40 - 2014-09-21 21:40 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-09-21 21:40 - 2014-09-21 21:40 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-21 21:40 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-09-21 21:40 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-09-19 16:28 - 2014-09-19 16:28 - 00000897 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Army Men III.lnk
2014-09-19 16:21 - 2014-09-19 16:21 - 00000000 ____D () C:\Users\Basti\ChromeExtensions
2014-09-19 16:21 - 2014-09-19 16:21 - 00000000 ____D () C:\Users\Basti\AppData\Local\Tempaf603b23276e664f1686dea3d68db17e
2014-09-19 16:18 - 2014-09-19 16:18 - 00000000 ____D () C:\Users\Basti\Downloads\Battlefield-1942
2014-09-19 16:18 - 2014-09-19 16:18 - 00000000 ____D () C:\Users\Basti\AppData\Local\Tempefae60dad426085842d9656a9d4eb204
2014-09-19 16:07 - 2014-09-19 16:12 - 00000000 ____D () C:\Users\Basti\Documents\FIFA 15 Demo
2014-09-19 16:03 - 2014-09-19 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15 Demo
2014-09-17 19:55 - 2014-09-17 19:55 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
2014-09-17 19:46 - 2014-09-17 19:46 - 00000727 _____ () C:\Users\Public\Desktop\White Day.lnk
2014-09-17 19:46 - 2014-09-17 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\White Day
2014-09-16 18:14 - 2014-09-25 19:38 - 00000000 ____D () C:\AdwCleaner
2014-09-15 15:51 - 2014-09-15 15:51 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Acronis
2014-09-15 15:50 - 2014-09-15 16:57 - 00000000 ____D () C:\ProgramData\Acronis
2014-09-15 15:50 - 2014-09-15 15:50 - 01464096 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 01120032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00269600 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00183224 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00161568 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00117024 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-09-15 15:49 - 2014-09-15 15:49 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-09-15 15:45 - 2014-09-15 15:46 - 01101648 _____ () C:\Users\Basti\Downloads\Acronis True Image 2014 - CHIP-Installer(1).exe
2014-09-15 15:44 - 2014-09-15 15:45 - 01101648 _____ () C:\Users\Basti\Downloads\Acronis True Image 2014 - CHIP-Installer.exe
2014-09-08 18:45 - 2014-09-18 00:34 - 00000000 ____D () C:\Users\Basti\Desktop\Neuer Ordner (2)
2014-09-03 20:15 - 2014-09-03 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2014-09-03 20:14 - 2011-02-18 15:07 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-09-03 19:55 - 2014-09-03 20:15 - 00000000 ____D () C:\Users\Basti\Documents\Electronic Arts
2014-09-03 19:51 - 2014-09-03 19:51 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-03 19:48 - 2014-09-04 18:02 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Origin
2014-09-03 19:48 - 2014-09-03 19:51 - 00000000 ____D () C:\Users\Basti\AppData\Local\Origin
2014-09-03 19:44 - 2014-09-30 14:18 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-03 19:44 - 2014-09-03 19:44 - 17088592 _____ (Electronic Arts, Inc.) C:\Users\Basti\Downloads\OriginThinSetup.exe
2014-09-03 19:44 - 2014-09-03 19:44 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-09-03 19:44 - 2014-09-03 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-09-01 18:16 - 2014-09-01 18:16 - 00000749 _____ () C:\Users\Basti\Desktop\Call of Duty Ghosts.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-30 16:51 - 2014-09-30 16:45 - 00021318 _____ () C:\Users\Basti\Desktop\FRST.txt
2014-09-30 16:51 - 2014-09-23 18:04 - 00000000 ____D () C:\FRST
2014-09-30 16:45 - 2014-09-30 16:45 - 00125890 _____ () C:\Users\Basti\Desktop\Addition.txt
2014-09-30 16:44 - 2014-09-30 16:44 - 00000000 ____D () C:\AiO-Files
2014-09-30 16:44 - 2014-09-25 19:53 - 00000000 ____D () C:\Users\Basti\Desktop\FRST-OlderVersion
2014-09-30 16:39 - 2014-08-07 16:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-30 16:36 - 2014-09-21 21:40 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-30 16:28 - 2014-07-05 15:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-30 16:09 - 2013-08-22 18:53 - 00000000 ____D () C:\Users\Basti\AppData\Local\CrashDumps
2014-09-30 16:05 - 2014-09-30 16:05 - 00000000 ____D () C:\Users\Basti\Documents\SimCity
2014-09-30 14:54 - 2013-07-12 22:17 - 01150389 _____ () C:\Windows\WindowsUpdate.log
2014-09-30 14:30 - 2013-07-21 06:36 - 00000000 ____D () C:\Users\Basti\AppData\Local\JDownloader v2.0
2014-09-30 14:23 - 2013-08-22 18:22 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\BitTorrent
2014-09-30 14:23 - 2013-07-25 22:00 - 00000000 ____D () C:\ProgramData\Origin
2014-09-30 14:22 - 2014-08-14 21:43 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Raptr
2014-09-30 14:22 - 2009-07-14 06:45 - 00022976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-30 14:22 - 2009-07-14 06:45 - 00022976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-30 14:18 - 2014-09-03 19:44 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-30 14:17 - 2014-09-30 14:17 - 00000056 _____ () C:\Windows\setupact.log
2014-09-30 14:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-30 01:55 - 2014-07-11 19:04 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\vlc
2014-09-30 00:40 - 2014-09-30 00:40 - 00000724 _____ () C:\Users\Basti\Desktop\Lula 3D.lnk
2014-09-30 00:40 - 2014-09-29 20:09 - 00001045 _____ () C:\Windows\DirectX.log
2014-09-30 00:35 - 2014-09-30 00:35 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lula 3D
2014-09-30 00:35 - 2014-09-30 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lula 3D
2014-09-29 23:55 - 2014-09-29 23:37 - 00000000 ____D () C:\Users\Basti\Documents\TransOcean
2014-09-29 23:28 - 2014-09-29 23:28 - 00000595 _____ () C:\Users\Public\Desktop\TransOcean - The Shipping Company.lnk
2014-09-29 23:28 - 2014-09-29 23:28 - 00000595 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TransOcean - The Shipping Company.lnk
2014-09-29 20:13 - 2013-07-24 01:50 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-29 20:10 - 2014-09-29 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
2014-09-29 20:10 - 2013-07-12 22:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-29 20:09 - 2014-09-29 20:09 - 00000541 _____ () C:\Users\Basti\Desktop\Star Wars Jedi Knight Jedi Academy spielen.lnk
2014-09-29 20:04 - 2014-09-29 20:04 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-09-29 15:48 - 2014-07-11 18:42 - 00000000 ____D () C:\Users\Basti\Desktop\Neuer Ordner
2014-09-29 15:38 - 2014-09-29 15:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-27 06:24 - 2014-09-27 04:52 - 00000000 ____D () C:\Users\Basti\Documents\SH5
2014-09-27 04:51 - 2014-09-27 04:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Silent Hunter 5
2014-09-27 03:26 - 2014-08-22 23:51 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\dvdcss
2014-09-27 02:37 - 2014-07-05 00:11 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\DivX
2014-09-27 02:02 - 2014-09-27 02:02 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2014-09-27 02:02 - 2014-09-27 02:02 - 00000000 ____D () C:\Users\Basti\AppData\Local\Vitalwerks
2014-09-27 02:02 - 2014-09-27 02:02 - 00000000 ____D () C:\Program Files (x86)\No-IP
2014-09-27 00:56 - 2014-09-27 00:56 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-27 00:56 - 2014-09-27 00:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-27 00:56 - 2014-09-27 00:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-27 00:56 - 2014-09-27 00:56 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-27 00:56 - 2014-09-27 00:56 - 00000000 ____D () C:\Program Files\Java
2014-09-26 20:50 - 2014-09-26 20:46 - 00084860 _____ () C:\info.txt
2014-09-26 20:08 - 2014-09-26 19:33 - 00006701 _____ () C:\Users\Basti\Desktop\ESET.txt
2014-09-26 19:46 - 2014-07-30 20:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-26 19:42 - 2014-09-26 19:42 - 00000994 _____ () C:\Users\Basti\Desktop\checkup.txt
2014-09-26 19:35 - 2014-09-26 19:35 - 00854417 _____ () C:\Users\Basti\Desktop\SecurityCheck.exe
2014-09-26 16:37 - 2014-09-26 16:37 - 02347384 _____ (ESET) C:\Users\Basti\Desktop\esetsmartinstaller_deu.exe
2014-09-25 20:12 - 2014-09-25 20:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-25 19:53 - 2014-09-23 18:03 - 02108928 _____ (Farbar) C:\Users\Basti\Desktop\FRST64.exe
2014-09-25 19:52 - 2014-09-25 19:52 - 00001433 _____ () C:\Users\Basti\Desktop\JRT.txt
2014-09-25 19:47 - 2014-09-25 19:47 - 00000000 ____D () C:\Windows\ERUNT
2014-09-25 19:46 - 2014-09-25 19:46 - 01024790 _____ (Thisisu) C:\Users\Basti\Desktop\JRT.exe
2014-09-25 19:38 - 2014-09-16 18:14 - 00000000 ____D () C:\AdwCleaner
2014-09-25 19:31 - 2014-09-25 19:31 - 01373475 _____ () C:\Users\Basti\Desktop\AdwCleaner_3.310.exe
2014-09-25 19:29 - 2014-09-25 19:29 - 00037103 _____ () C:\Users\Basti\Desktop\mbam.txt
2014-09-24 17:13 - 2014-09-24 17:13 - 00027134 _____ () C:\Users\Basti\Desktop\Combofix.txt
2014-09-24 17:08 - 2014-09-24 16:35 - 00000000 ____D () C:\ComboFix
2014-09-24 17:08 - 2014-09-24 16:34 - 00000000 ____D () C:\Qoobox
2014-09-24 17:07 - 2014-09-24 17:07 - 00027134 _____ () C:\ComboFix.txt
2014-09-24 17:03 - 2014-09-24 16:33 - 00000000 ____D () C:\Windows\erdnt
2014-09-24 16:51 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-24 16:40 - 2013-07-17 18:41 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-24 16:19 - 2014-09-24 16:17 - 05579290 ____R (Swearware) C:\Users\Basti\Desktop\ComboFix.exe
2014-09-24 16:16 - 2013-08-14 15:53 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-24 15:54 - 2014-09-24 15:54 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Basti\Desktop\revosetup95.exe
2014-09-24 15:54 - 2014-09-24 15:54 - 00001264 _____ () C:\Users\Basti\Desktop\Revo Uninstaller.lnk
2014-09-24 15:54 - 2013-07-21 06:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-23 21:48 - 2014-09-23 21:48 - 00024779 _____ () C:\Users\Basti\Desktop\Addition.rar
2014-09-23 18:13 - 2014-09-23 18:13 - 00380416 _____ () C:\Users\Basti\Desktop\Gmer-19357.exe
2014-09-23 18:02 - 2014-09-23 18:02 - 00000542 _____ () C:\Users\Basti\Desktop\defogger_disable.log
2014-09-23 18:02 - 2014-09-23 18:02 - 00000168 _____ () C:\Users\Basti\defogger_reenable
2014-09-23 18:02 - 2013-07-12 22:17 - 00000000 ____D () C:\Users\Basti
2014-09-23 17:59 - 2014-09-23 17:59 - 00050477 _____ () C:\Users\Basti\Desktop\Defogger.exe
2014-09-23 16:42 - 2014-09-23 16:42 - 00000133 _____ () C:\Users\Basti\AppData\Roaming\tmp_unregister.bat
2014-09-23 05:02 - 2014-09-22 20:13 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\CodeBlocks
2014-09-22 21:07 - 2013-08-15 14:44 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 20:13 - 2014-09-22 20:12 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-09-22 20:12 - 2014-09-22 20:12 - 00000764 _____ () C:\Users\Basti\Desktop\CodeBlocks.lnk
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-09-22 02:51 - 2014-07-08 21:23 - 00000000 ____D () C:\Program Files\F978377C-B7D4-4536-8E10-14CA97B13394
2014-09-21 23:22 - 2014-09-21 23:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2F650DA1.sys
2014-09-21 21:47 - 2014-09-21 21:40 - 00792128 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-21 21:47 - 2014-09-21 21:40 - 00140352 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-21 21:41 - 2014-09-21 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-09-21 21:40 - 2014-09-21 21:41 - 00001147 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-09-21 21:40 - 2014-09-21 21:40 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-09-21 21:40 - 2014-09-21 21:40 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-19 17:02 - 2014-07-16 18:44 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-19 16:28 - 2014-09-19 16:28 - 00000897 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Army Men III.lnk
2014-09-19 16:21 - 2014-09-19 16:21 - 00000000 ____D () C:\Users\Basti\ChromeExtensions
2014-09-19 16:21 - 2014-09-19 16:21 - 00000000 ____D () C:\Users\Basti\AppData\Local\Tempaf603b23276e664f1686dea3d68db17e
2014-09-19 16:18 - 2014-09-19 16:18 - 00000000 ____D () C:\Users\Basti\Downloads\Battlefield-1942
2014-09-19 16:18 - 2014-09-19 16:18 - 00000000 ____D () C:\Users\Basti\AppData\Local\Tempefae60dad426085842d9656a9d4eb204
2014-09-19 16:12 - 2014-09-19 16:07 - 00000000 ____D () C:\Users\Basti\Documents\FIFA 15 Demo
2014-09-19 16:03 - 2014-09-19 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15 Demo
2014-09-19 16:03 - 2014-07-06 12:11 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-19 16:03 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-18 00:34 - 2014-09-08 18:45 - 00000000 ____D () C:\Users\Basti\Desktop\Neuer Ordner (2)
2014-09-17 19:55 - 2014-09-17 19:55 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
2014-09-17 19:46 - 2014-09-17 19:46 - 00000727 _____ () C:\Users\Public\Desktop\White Day.lnk
2014-09-17 19:46 - 2014-09-17 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\White Day
2014-09-16 18:17 - 2014-07-04 22:29 - 00000833 _____ () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-16 12:49 - 2009-07-14 19:58 - 00710346 _____ () C:\Windows\system32\perfh007.dat
2014-09-16 12:49 - 2009-07-14 19:58 - 00154676 _____ () C:\Windows\system32\perfc007.dat
2014-09-16 12:49 - 2009-07-14 07:13 - 01651118 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-15 16:57 - 2014-09-15 15:50 - 00000000 ____D () C:\ProgramData\Acronis
2014-09-15 15:51 - 2014-09-15 15:51 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Acronis
2014-09-15 15:50 - 2014-09-15 15:50 - 01464096 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 01120032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00269600 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00183224 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00161568 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00117024 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2014-09-15 15:50 - 2014-09-15 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-09-15 15:49 - 2014-09-15 15:49 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-09-15 15:46 - 2014-09-15 15:45 - 01101648 _____ () C:\Users\Basti\Downloads\Acronis True Image 2014 - CHIP-Installer(1).exe
2014-09-15 15:45 - 2014-09-15 15:44 - 01101648 _____ () C:\Users\Basti\Downloads\Acronis True Image 2014 - CHIP-Installer.exe
2014-09-15 09:06 - 2010-02-10 00:35 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-12 20:39 - 2014-08-07 16:06 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-12 20:39 - 2014-08-07 16:06 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-12 20:39 - 2014-08-07 16:06 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-08 19:42 - 2014-01-16 02:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2011
2014-09-04 18:02 - 2014-09-03 19:48 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Origin
2014-09-03 20:15 - 2014-09-03 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2014-09-03 20:15 - 2014-09-03 19:55 - 00000000 ____D () C:\Users\Basti\Documents\Electronic Arts
2014-09-03 19:52 - 2014-02-04 19:53 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-03 19:51 - 2014-09-03 19:51 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-03 19:51 - 2014-09-03 19:48 - 00000000 ____D () C:\Users\Basti\AppData\Local\Origin
2014-09-03 19:44 - 2014-09-03 19:44 - 17088592 _____ (Electronic Arts, Inc.) C:\Users\Basti\Downloads\OriginThinSetup.exe
2014-09-03 19:44 - 2014-09-03 19:44 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-09-03 19:44 - 2014-09-03 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-09-01 18:16 - 2014-09-01 18:16 - 00000749 _____ () C:\Users\Basti\Desktop\Call of Duty Ghosts.lnk

Some content of TEMP:
====================
C:\Users\Basti\AppData\Local\Temp\proxy_vole747751624481204618.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-26 00:55

==================== End Of Log ============================

--- --- ---

RDC · 30.09.2014, 16:08

so Addition muss ich aufteilen da er zu groß ist.

Addition 1:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-09-2014 01
Ran by Basti at 2014-09-30 16:45:18
Running from C:\Users\Basti\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7 Gates 1.0 (HKLM-x32\...\7 Gates) (Version: 1.0 - Immanitas Games)
Acronis True Image 2014 (HKLM-x32\...\{E2FEBE7F-2CB0-4B45-87BA-619C1422B113}Visible) (Version: 17.0.5560 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.5560 - Acronis) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.2.0.3 - Aerosoft)
aerosoft's - OMSI 2 - Drei Generationen (HKLM-x32\...\{C88376AA-BF64-40F4-9AD6-F8A18DA394F2}) (Version: 1.00 - aerosoft)
aerosoft's - OMSI 2 - Hamburg (HKLM-x32\...\{5BF6B590-F7F5-46B5-B5F4-B0CA93423AD6}) (Version: 2.00 - aerosoft)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
America's Army: Proving Grounds Beta (HKLM-x32\...\Steam App 203290) (Version:  - U.S. Army)
Apache HTTP Server 2.2.25 (HKLM-x32\...\{85262A06-2D8C-4BC1-B6ED-5A705D09CFFC}) (Version: 2.2.25 - Apache Software Foundation)
ArgusMonitor (HKLM-x32\...\ArgusMonitor) (Version:  - )
Army Men III (HKLM\...\UDK-d9c2887f-ad51-4bb5-9415-20ff55170cf1) (Version:  - Epic Games, Inc.)
ASRock InstantBoot v1.29 (HKLM-x32\...\ASRock InstantBoot_is1) (Version:  - )
ASRock OC Tuner v2.4.70 (HKLM-x32\...\ASRock OC Tuner_is1) (Version:  - )
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.34312 - BitTorrent Inc.)
Call of Duty Ghosts MULTI-2 Incl. Update 7 1.0.0.1 (HKLM-x32\...\Call of Duty Ghosts MULTI-2 Incl. Update 7 1.0.0.1) (Version:  - )
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Chrome SpecForce (HKLM-x32\...\InstallShield_{5233A5FC-F083-4317-96F8-58FBB4020B3A}) (Version: 1.0.0 - Techland)
Chrome SpecForce (x32 Version: 1.0.0 - Techland) Hidden
Citybus Simulator Munich (HKLM-x32\...\{7ABA5F78-0EFE-4144-A918-1ACBC7552EC0}) (Version: 1.20 - aerosoft)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
CodeBlocks (HKCU\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Crawler Radio & MP3 Player (HKLM-x32\...\{C461FBFE-C0DE-4757-89DD-A5A833B9AC1F}_is1) (Version: 1.0.5.78 - Crawler, LLC)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.625.10 - Electronic Arts Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
Eisenbahn.exe Professional 7.0 (HKLM-x32\...\{8CB0014C-FE4C-461D-A387-76828BD70E19}) (Version: 7.00.0000 - Trend)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Farming Simulator 2013 (HKLM-x32\...\Steam App 220260) (Version:  - Giants Software)
Fast Lane Carnage (HKLM-x32\...\FastLaneCarnage) (Version:  - )
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Flight Simulator X (HKLM-x32\...\RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Free Screen Video Recorder version 2.5.30.717 (HKLM-x32\...\Free Screen Video Recorder_is1) (Version: 2.5.30.717 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.12.827 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.12.827 - DVDVideoSoft Ltd.)
GIANTS Editor 4.1.7 (HKLM-x32\...\giants_editor_4.1.7_is1) (Version: 4.1.7 - GIANTS Software GmbH)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Gtk# for .Net 2.12.10 (HKLM-x32\...\{550B72C4-F404-4812-971F-947E835A877E}) (Version: 2.12.10 - Novell, Inc.)
HF pAppLoc version 1.0 (HKLM-x32\...\{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1) (Version: 1.0 - Inquisitor)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
IsoBuster 3.3 (HKLM-x32\...\IsoBuster3_is1) (Version: 3.3 - Smart Projects)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JMB36X Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
Kabel Deutschland Installations-Software (x32 Version: 3.6.0.0 - Kabel Deutschland Vertrieb und Services GmbH) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Kepard (HKLM-x32\...\Kepard) (Version:  - Kepard)
Landwirtschafts Simulator 2013 Hagensted Modified 2013 (HKLM-x32\...\{F09E06EB-D878-4E4E-9190-84E3C4C1DC27}_is1) (Version: Landwirtschafts Simulator 2013 Hagensted Modified 3.2.0 - Black Panther Group)
Lula 3D (HKLM-x32\...\Lula 3D) (Version:  - )
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (HKLM-x32\...\MAGIX_{4554434F-61A1-4346-BEF8-60810064B089}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Premium (HKLM-x32\...\MX.{BB514EEA-B3EB-4713-8DD2-B76CA5619F11}) (Version: 20.0.2.35 - MAGIX AG)
MAGIX Music Maker 2014 Premium (Version: 20.0.2.35 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker Tait Eita Powered by Harris & KD Supier (HKLM-x32\...\MAGIX_{31194E92-7345-4144-90D5-840D252D60C8}) (Version: 17.0.2.6 - MAGIX AG)
MAGIX Music Maker Tait Eita Powered by Harris & KD Supier (Version: 17.0.2.6 - MAGIX AG) Hidden
MAGIX Music Maker Tait Eita Powered by Harris & KD Supier Trial (Soundpaket) (HKLM-x32\...\{9BE24D06-F44C-4E62-A321-ED4F1E7BECAB}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker Techno Edition 5 (HKLM-x32\...\MAGIX_{83533189-F4F8-44DE-866C-23037D09C6D5}) (Version: 19.0.5.57 - MAGIX AG)
MAGIX Music Maker Techno Edition 5 (Version: 19.0.5.57 - MAGIX AG) Hidden
MAGIX Music Maker Techno Edition 5 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{44CD9DB4-74FD-41BD-A138-AC8F279E6959}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Flight Simulator X (x32 Version: 10.0.60905 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration (x32 Version: 10.0.61637.0 - Microsoft Game Studios) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{6F29F195-B11C-3EAD-B883-997BB29DFA17}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
OpenVPN 2.3.2-I003  (HKLM\...\OpenVPN) (Version: 2.3.2-I003 - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
piaip AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Polarity version 1.0 (HKLM-x32\...\{FE5BB6CA-7A9B-4CCE-90BC-470D06BDFAA9}_is1) (Version: 1.0 - GP Games)
Politik Simulator 2 - Rulers of Nations (HKLM-x32\...\RON 2010 GERMAN) (Version: 4.16 - Eversim)
Pro Evolution Soccer 2011 (HKLM-x32\...\{1148E85C-E1AF-48E0-A29C-68DACE07E054}) (Version: 1.00.0000 - KONAMI)
ProTrain Perfect 2 - Addon9 Hamburg - Berlin - (HKLM-x32\...\{1350B50D-E596-4C53-A912-5C9F1FC5A6CD}) (Version: 1.0 - Blue Sky Interactive)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.1 - Rockstar Games)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Silent Hunter 5 Version 1.2.0 (HKLM-x32\...\Silent Hunter 5_is1) (Version: 1.2.0 - UBISoft)
Smart File Advisor 1.2.0 (HKLM-x32\...\Smart File Advisor_is1) (Version: 1.2.0 - Filefacts.net)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Star Wars Jedi Knight Jedi Academy (HKLM-x32\...\{0D994CC5-819F-4657-84DD-397B8FE1EA80}) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Strassenbau Simulator 1.2.16 (HKLM-x32\...\{852019C5-8AF7-4ECF-BB25-79AE53FBD245}_is1) (Version:  - UIG GmbH)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.20202 - TeamViewer)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
TransOcean - The Shipping Company (HKLM-x32\...\VHJhbnNPY2VhblRoZVNoaXBwaW5nQ29tcGFueQ==_is1) (Version: 1 - )
TuneUp Utilities 2012 (HKLM-x32\...\TuneUp Utilities 2012) (Version: 12.0.3600.73 - TuneUp Software)
TuneUp Utilities 2012 (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VirtualDJ PRO Full (HKLM-x32\...\{311545C7-3432-4EB3-9229-D5E8DB10AE8A}) (Version: 7.2 - Atomix Productions)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
White Day (HKLM-x32\...\White Day) (Version:  - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-09-30 16:43 - 00000067 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 validation.sls.microsoft.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {005F9681-3144-4DFD-B64F-0B614B0AB4C8} - System32\Tasks\difkhmjo => C:\Users\Basti\AppData\Local\difkhmjo.bat [2014-07-05] ()
Task: {00B26BB7-FF34-4926-93AD-BA6CB21C1941} - System32\Tasks\jfqlokv => C:\Users\Basti\AppData\Local\jfqlokv.bat [2014-07-04] ()
Task: {01E3DD55-CD67-4ED2-B9A3-B0DCC68C96E2} - System32\Tasks\gnmummts => C:\Users\Basti\AppData\Local\gnmummts.bat [2014-07-05] ()
Task: {0302C28C-4EFA-4A7E-8ABC-1DBA1E4A2E71} - System32\Tasks\buieqdxk => C:\Users\Basti\AppData\Local\buieqdxk.bat [2014-07-05] ()
Task: {04B97B87-B2C2-4522-9BCC-3969D61E45F3} - System32\Tasks\aherwbpu => C:\Users\Basti\AppData\Local\aherwbpu.bat [2014-07-05] ()
Task: {0574F539-CD09-493E-B39F-874458E422A4} - System32\Tasks\wypqzkl => C:\Users\Basti\AppData\Local\wypqzkl.bat [2014-07-05] ()
Task: {0650E219-A1E7-4DB0-9368-14B4FBB79C51} - System32\Tasks\fmfecd => C:\Users\Basti\AppData\Local\fmfecd.bat [2014-07-05] ()
Task: {0701DEA0-48D9-4EC4-9426-DD90FC1D040A} - System32\Tasks\anagznsg => C:\Users\Basti\AppData\Local\anagznsg.bat [2014-07-05] ()
Task: {074A17A2-2850-4060-9713-28DD595410FD} - System32\Tasks\zgrvbn => C:\Users\Basti\AppData\Local\zgrvbn.bat [2014-07-05] ()
Task: {07B0FCCD-2D3D-43EF-BFCE-BC7849DB344D} - System32\Tasks\ladcxv => C:\Users\Basti\AppData\Local\ladcxv.bat [2014-07-04] ()
Task: {082B2D34-907C-4C3F-B537-A0274868AADB} - System32\Tasks\owpwfh => C:\Users\Basti\AppData\Local\owpwfh.bat [2014-07-05] ()
Task: {09A98F7A-2854-4D70-AABC-EAC5D0B13CFC} - System32\Tasks\pkefi => C:\Users\Basti\AppData\Local\pkefi.bat [2014-07-05] ()
Task: {0AD4EFEA-FBC7-4542-9213-239F9F9FBBDF} - System32\Tasks\nnnuun => C:\Users\Basti\AppData\Local\nnnuun.bat [2014-07-05] ()
Task: {0B9A45B0-88F4-48AE-94E1-9F3B36905993} - System32\Tasks\gohhp => C:\Users\Basti\AppData\Local\gohhp.bat [2014-07-05] ()
Task: {0BE97765-ED38-4290-A08A-73F6A565DA3B} - System32\Tasks\aifahn => C:\Users\Basti\AppData\Local\aifahn.bat [2014-07-05] ()
Task: {0BFCBE4B-EDFE-47A8-82EF-4A1E43566A75} - System32\Tasks\pradmv => C:\Users\Basti\AppData\Local\pradmv.bat [2014-07-05] ()
Task: {0C16A145-967D-44F0-8118-48A47B31ECF2} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {0C3B5D19-0A3C-4E72-822E-4B90CDAA3D0B} - System32\Tasks\ngnnumuu => C:\Users\Basti\AppData\Local\ngnnumuu.bat [2014-07-05] ()
Task: {0CE8F6A7-57AB-4CE1-B4ED-C5817E4EC096} - System32\Tasks\abvpjdxr => C:\Users\Basti\AppData\Local\abvpjdxr.bat [2014-07-04] ()
Task: {0D2BC932-7916-4D34-8E1E-0055F5D247E8} - System32\Tasks\dtkaqawn => C:\Users\Basti\AppData\Local\dtkaqawn.bat [2014-07-05] ()
Task: {0D8DF67A-3FAD-45E8-9310-97AD5F10B186} - System32\Tasks\vmelcrhx => C:\Users\Basti\AppData\Local\vmelcrhx.bat [2014-07-05] ()
Task: {0E3D4698-253A-4374-BAB7-5F9CC34A12C6} - System32\Tasks\iterdo => C:\Users\Basti\AppData\Local\iterdo.bat [2014-07-05] ()
Task: {0E8F685C-C1A8-4879-90CF-B0E5A164BED8} - System32\Tasks\xbmwad => C:\Users\Basti\AppData\Local\xbmwad.bat [2014-07-05] ()
Task: {11B2FA06-1B10-4975-BAC9-B31304BBAFAF} - System32\Tasks\qcueqcfp => C:\Users\Basti\AppData\Local\qcueqcfp.bat [2014-07-05] ()
Task: {11FCC048-A6E6-4135-AC6B-3CA5333924C9} - System32\Tasks\dbfdaecr => C:\Users\Basti\AppData\Local\dbfdaecr.bat [2014-07-04] ()
Task: {12420A06-9954-4ED6-98DA-3A7D9B9DC3C1} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {125B30C9-F302-4668-8964-931088710729} - System32\Tasks\rvamjuil => C:\Users\Basti\AppData\Local\rvamjuil.bat [2014-07-05] ()
Task: {13F877CB-B9D1-46EF-94CE-74B1228035B0} - System32\Tasks\uedkkahh => C:\Users\Basti\AppData\Local\uedkkahh.bat [2014-07-05] ()
Task: {14092B27-CF3C-499D-9424-3AA55125380C} - System32\Tasks\fjcngy => C:\Users\Basti\AppData\Local\fjcngy.bat [2014-07-05] ()
Task: {1448CBA6-231B-43E8-AFF9-3FE59EB95473} - System32\Tasks\nmmmlllk => C:\Users\Basti\AppData\Local\nmmmlllk.bat [2014-07-05] ()
Task: {14D37519-1AC9-4504-946E-4ABD61E95FAF} - System32\Tasks\anbobv => C:\Users\Basti\AppData\Local\anbobv.bat [2014-07-05] ()
Task: {157D2B3D-0024-4E59-A16F-9A5672D5B260} - System32\Tasks\prteea => C:\Users\Basti\AppData\Local\prteea.bat [2014-07-05] ()
Task: {15ADF546-DA72-4ADF-A062-4E87BD99F2B2} - System32\Tasks\fvngfn => C:\Users\Basti\AppData\Local\fvngfn.bat [2014-07-05] ()
Task: {1667CBCD-B515-4AB6-A5CD-99E6AADBC9C8} - System32\Tasks\tciodc => C:\Users\Basti\AppData\Local\tciodc.bat [2014-07-05] ()
Task: {172B4315-C4DE-472A-9AA8-632D70DCD851} - System32\Tasks\idnhje => C:\Users\Basti\AppData\Local\idnhje.bat [2014-07-04] ()
Task: {17B0C8DE-7015-4423-B717-AC86D7C86C0F} - System32\Tasks\nvffnu => C:\Users\Basti\AppData\Local\nvffnu.bat [2014-07-05] ()
Task: {17FAA42B-4592-49C8-A16D-275F460A75C0} - System32\Tasks\wfodn => C:\Users\Basti\AppData\Local\wfodn.bat [2014-07-05] ()
Task: {1806EF1A-9A11-4336-9F8E-088404796415} - System32\Tasks\trxwebi => C:\Users\Basti\AppData\Local\trxwebi.bat [2014-07-04] ()
Task: {18087F7B-6E9D-4828-99D5-9F4D9C856CAD} - System32\Tasks\rvaehs => C:\Users\Basti\AppData\Local\rvaehs.bat [2014-07-04] ()
Task: {180E7BE5-45E3-4B5E-A57B-5FC72320DD56} - System32\Tasks\iexsoj => C:\Users\Basti\AppData\Local\iexsoj.bat [2014-07-05] ()
Task: {18914B69-D430-4EB8-8D83-432014B944BC} - System32\Tasks\dzqgfbq => C:\Users\Basti\AppData\Local\dzqgfbq.bat [2014-07-04] ()
Task: {18CBA25F-CEE4-430B-936C-1C414666FC1A} - System32\Tasks\icqdg => C:\Users\Basti\AppData\Local\icqdg.bat [2014-07-04] ()
Task: {197E30A7-01D2-4BBA-BC8F-433F085CB794} - System32\Tasks\ehqbku => C:\Users\Basti\AppData\Local\ehqbku.bat [2014-07-05] ()
Task: {19A67E23-B9E8-48C8-9D56-6AF418469A7D} - System32\Tasks\meldjb => C:\Users\Basti\AppData\Local\meldjb.bat [2014-07-05] ()
Task: {19E70546-7D30-4575-9938-5CCBE83D7F45} - System32\Tasks\wgjzjlb => C:\Users\Basti\AppData\Local\wgjzjlb.bat [2014-07-05] ()
Task: {1A60CFFF-4DD6-4E47-94E2-3678964D487A} - System32\Tasks\uucbqpg => C:\Users\Basti\AppData\Local\uucbqpg.bat [2014-07-04] ()
Task: {1AB82E10-E4CE-42CD-8304-0C0B456AAC48} - System32\Tasks\dbsba => C:\Users\Basti\AppData\Local\dbsba.bat [2014-07-05] ()
Task: {1B096980-F67A-427A-8A13-50BBC60A5CC7} - System32\Tasks\hcvdq => C:\Users\Basti\AppData\Local\hcvdq.bat [2014-07-05] ()
Task: {1B0D4E91-23F0-4188-8868-7D5294371969} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\SymErr.exe
Task: {1B517847-F3AE-474D-B691-4B9B0B63749F} - System32\Tasks\lljahev => C:\Users\Basti\AppData\Local\lljahev.bat [2014-07-05] ()
Task: {1B59D5DB-9962-4ACC-A22F-278365C089E3} - System32\Tasks\oqracdt => C:\Users\Basti\AppData\Local\oqracdt.bat [2014-07-05] ()
Task: {1B98AA91-0BB8-463B-BE13-D9BDD2F02E4B} - System32\Tasks\xrcune => C:\Users\Basti\AppData\Local\xrcune.bat [2014-07-05] ()
Task: {1C464BF7-754A-4630-B41C-34910E0D5031} - System32\Tasks\fqcug => C:\Users\Basti\AppData\Local\fqcug.bat [2014-07-05] ()
Task: {1C50533A-D626-4CEE-8F2B-29B6E1FB24C2} - System32\Tasks\yrcxb => C:\Users\Basti\AppData\Local\yrcxb.bat [2014-07-05] ()
Task: {1C74299E-1B1A-4A10-898E-DA414A58E228} - System32\Tasks\buhepdw => C:\Users\Basti\AppData\Local\buhepdw.bat [2014-07-05] ()
Task: {1CAAAA2E-9701-465B-9DF9-3D0271B7CD85} - System32\Tasks\fqcvg => C:\Users\Basti\AppData\Local\fqcvg.bat [2014-07-05] ()
Task: {1D6B7540-9A90-449D-9DE3-71773FEEE782} - System32\Tasks\wgwfxix => C:\Users\Basti\AppData\Local\wgwfxix.bat [2014-07-05] ()
Task: {1DCAF2C9-92C5-434E-8AA1-BC32D17A1814} - System32\Tasks\ffqjctmf => C:\Users\Basti\AppData\Local\ffqjctmf.bat [2014-07-05] ()
Task: {1EE1DC2A-772A-4B5E-B0C1-F8CAA3E85CC7} - System32\Tasks\uedrba => C:\Users\Basti\AppData\Local\uedrba.bat [2014-07-05] ()
Task: {1EF39F44-1078-4FCD-B9E6-DF27308B6B4E} - System32\Tasks\tbhnaa => C:\Users\Basti\AppData\Local\tbhnaa.bat [2014-07-04] ()
Task: {1F124128-F5B9-4842-BBA0-DFC8BDD746A9} - System32\Tasks\gehpq => C:\Users\Basti\AppData\Local\gehpq.bat [2014-07-05] ()
Task: {21CDE1A8-E80D-44C3-8CAA-0DA63271EDB1} - System32\Tasks\habcdcgp => C:\Users\Basti\AppData\Local\habcdcgp.bat [2014-07-05] ()
Task: {21E97B77-F044-4CAF-9232-93BFE1932F30} - System32\Tasks\flcjg => C:\Users\Basti\AppData\Local\flcjg.bat [2014-07-05] ()
Task: {21F138B7-EE85-413C-AA9A-4B545B92B6BC} - System32\Tasks\rdwcvhs => C:\Users\Basti\AppData\Local\rdwcvhs.bat [2014-07-05] ()
Task: {22DB44E1-BBB0-4897-959A-2CB1D5074C10} - System32\Tasks\mdkjpgml => C:\Users\Basti\AppData\Local\mdkjpgml.bat [2014-07-05] ()
Task: {22E10576-EA8A-4E5C-9C57-4603FBD94040} - System32\Tasks\dfoeuf => C:\Users\Basti\AppData\Local\dfoeuf.bat [2014-07-05] ()
Task: {231D9686-9CA0-421E-A199-BBDF4FB6B164} - System32\Tasks\cemcr => C:\Users\Basti\AppData\Local\cemcr.bat [2014-07-05] ()
Task: {231FCC59-F2D7-4258-8862-AF4834A3E5AF} - System32\Tasks\oghffyy => C:\Users\Basti\AppData\Local\oghffyy.bat [2014-07-04] ()
Task: {233E1E19-9196-4D31-A77B-F84AD9C71181} - System32\Tasks\wpijzsu => C:\Users\Basti\AppData\Local\wpijzsu.bat [2014-07-05] ()
Task: {2379390D-5787-4D0D-B772-1F9909554381} - System32\Tasks\cnbobvjw => C:\Users\Basti\AppData\Local\cnbobvjw.bat [2014-07-05] ()
Task: {2395BF6D-362B-4764-A868-EBB3E5664D66} - System32\Tasks\dhnaa => C:\Users\Basti\AppData\Local\dhnaa.bat [2014-07-05] ()
Task: {2460B3DD-684F-4D29-A515-2AAAAC695559} - System32\Tasks\nvnuudu => C:\Users\Basti\AppData\Local\nvnuudu.bat [2014-07-04] ()
Task: {24B37E6A-D8D8-43C5-B895-4E0E2C3C14A6} - System32\Tasks\wxiqz => C:\Users\Basti\AppData\Local\wxiqz.bat [2014-07-05] ()
Task: {2530827E-873E-41C9-9879-EDD6E71BFE39} - System32\Tasks\mljihg => C:\Users\Basti\AppData\Local\mljihg.bat [2014-07-05] ()
Task: {25753423-0AAF-42E3-8DD0-6B1B27571751} - System32\Tasks\nekkb => C:\Users\Basti\AppData\Local\nekkb.bat [2014-07-05] ()
Task: {2586A35D-91E1-4FD4-B34E-815782D85AD6} - System32\Tasks\pjdeya => C:\Users\Basti\AppData\Local\pjdeya.bat [2014-07-04] ()
Task: {26A06B49-5F38-448D-9729-7F9B5C6FC96F} - System32\Tasks\dpeyfap => C:\Users\Basti\AppData\Local\dpeyfap.bat [2014-07-05] ()
Task: {270964B0-B1AB-473A-92BA-DF639EFF4360} - System32\Tasks\kplqn => C:\Users\Basti\AppData\Local\kplqn.bat [2014-07-05] ()
Task: {270F9FA4-F0F2-45B2-ADE3-772F2E287296} - System32\Tasks\dmltdbr => C:\Users\Basti\AppData\Local\dmltdbr.bat [2014-07-05] ()
Task: {276E6758-BE69-4F60-8D56-CCB6A95B1ECF} - System32\Tasks\cyncavk => C:\Users\Basti\AppData\Local\cyncavk.bat [2014-07-05] ()
Task: {27FE6A0E-B1EF-4CBB-92BF-05F88EBABE9C} - System32\Tasks\ebaxv => C:\Users\Basti\AppData\Local\ebaxv.bat [2014-07-05] ()
Task: {287F2BA8-F00B-4041-934B-4CD2837AA69E} - System32\Tasks\uielsgc => C:\Users\Basti\AppData\Local\uielsgc.bat [2014-07-05] ()
Task: {2890C4C9-10CC-4824-A2AF-52CDBF436FEB} - System32\Tasks\lavbg => C:\Users\Basti\AppData\Local\lavbg.bat [2014-07-05] ()
Task: {28AABD81-4931-40BC-B6C7-E9B6E00F7F90} - System32\Tasks\sgtftanb => C:\Users\Basti\AppData\Local\sgtftanb.bat [2014-07-05] ()
Task: {28B7C09D-EFDF-4058-9548-C89B8B4D2015} - System32\Tasks\lredchn => C:\Users\Basti\AppData\Local\lredchn.bat
Task: {29275D26-0B4A-4FB4-B5BF-B0C7C26EC8F4} - System32\Tasks\ebcji => C:\Users\Basti\AppData\Local\ebcji.bat [2014-07-05] ()
Task: {2936FDDD-91BE-4C33-9D17-B6C4F1BEC36E} - System32\Tasks\wiktvehs => C:\Users\Basti\AppData\Local\wiktvehs.bat [2014-07-05] ()
Task: {2B116DAC-76F8-46D6-82E5-F3EE478695CA} - System32\Tasks\gnnuu => C:\Users\Basti\AppData\Local\gnnuu.bat [2014-07-05] ()
Task: {2B37C851-3AA1-476D-81C7-9F8C151DEA4B} - System32\Tasks\wgpajsjs => C:\Users\Basti\AppData\Local\wgpajsjs.bat [2014-07-05] ()
Task: {2B7AEA98-2FB8-442F-B359-4DE924E8C40F} - System32\Tasks\cckzowdl => C:\Users\Basti\AppData\Local\cckzowdl.bat [2014-07-05] ()
Task: {2C2987E3-035E-4764-B7E3-AB6A7E01ED93} - System32\Tasks\thmbouic => C:\Users\Basti\AppData\Local\thmbouic.bat [2014-07-04] ()
Task: {2C94A73F-EAF5-45ED-B5F4-A58EA37E37DE} - System32\Tasks\ruyjnqug => C:\Users\Basti\AppData\Local\ruyjnqug.bat [2014-07-05] ()
Task: {2CCD0D67-4E3D-4926-B970-466AF2CE1F6A} - System32\Tasks\gvffne => C:\Users\Basti\AppData\Local\gvffne.bat [2014-07-05] ()
Task: {2CD02978-67CF-437F-A680-7EDC8EA24179} - System32\Tasks\cdzuq => C:\Users\Basti\AppData\Local\cdzuq.bat [2014-07-05] ()
Task: {2E1D7978-4878-4A81-97A4-90787019D13C} - System32\Tasks\vdrap => C:\Users\Basti\AppData\Local\vdrap.bat [2014-07-05] ()
Task: {2E3BED15-49C6-4040-85C8-F02B366FA08E} - System32\Tasks\iztufaa => C:\Users\Basti\AppData\Local\iztufaa.bat [2014-07-05] ()
Task: {2E549614-366A-494F-A172-2AAE6C09801E} - System32\Tasks\yefkorv => C:\Users\Basti\AppData\Local\yefkorv.bat [2014-07-05] ()
Task: {2F05F233-C227-432B-B48B-534A557C1D2C} - System32\Tasks\oghopxyi => C:\Users\Basti\AppData\Local\oghopxyi.bat [2014-07-05] ()
Task: {2F1560FD-5647-4553-A786-C64C2974CF26} - System32\Tasks\gvggog => C:\Users\Basti\AppData\Local\gvggog.bat [2014-07-05] ()
Task: {2FC74A50-1E30-407F-A3DE-0C213417B5C3} - System32\Tasks\xartdo => C:\Users\Basti\AppData\Local\xartdo.bat [2014-07-05] ()
Task: {317C04BF-B963-43BF-94BD-DC04AB8A863F} - System32\Tasks\crhodzo => C:\Users\Basti\AppData\Local\crhodzo.bat [2014-07-05] ()
Task: {3210B016-6B76-4088-A626-48DA33780533} - System32\Tasks\xhrcsd => C:\Users\Basti\AppData\Local\xhrcsd.bat [2014-07-05] ()
Task: {32883EB7-9C63-4A2F-ADB8-3213BD6B6C9E} - System32\Tasks\mtbho => C:\Users\Basti\AppData\Local\mtbho.bat [2014-07-05] ()
Task: {330D5F1E-C355-48C4-A449-35449863366F} - System32\Tasks\tagtao => C:\Users\Basti\AppData\Local\tagtao.bat [2014-07-05] ()
Task: {334857DE-6A4A-49EE-8D89-504263C58405} - System32\Tasks\dajodu => C:\Users\Basti\AppData\Local\dajodu.bat [2014-07-05] ()
Task: {35BC1493-86AC-4FAC-BC3B-533DB17519B9} - System32\Tasks\fnvgfmv => C:\Users\Basti\AppData\Local\fnvgfmv.bat [2014-07-05] ()
Task: {3645553D-BD1E-4663-9DBE-CC7DEF4EA1E0} - System32\Tasks\vfftd => C:\Users\Basti\AppData\Local\vfftd.bat [2014-07-05] ()
Task: {365EB771-0CB4-46F7-A3FF-95DC6B1F2C50} - System32\Tasks\piktmoxq => C:\Users\Basti\AppData\Local\piktmoxq.bat [2014-07-05] ()
Task: {367ACCDD-1EBE-481F-8D0E-F3C48E6DE65F} - System32\Tasks\kimkpn => C:\Users\Basti\AppData\Local\kimkpn.bat [2014-07-05] ()
Task: {383B08F3-97DF-48C6-BE8F-568D66285E38} - System32\Tasks\wwhhh => C:\Users\Basti\AppData\Local\wwhhh.bat [2014-07-05] ()
Task: {385367C7-58CD-47F9-B454-FF6B4DA0E23A} - System32\Tasks\ieybgrv => C:\Users\Basti\AppData\Local\ieybgrv.bat [2014-07-05] ()
Task: {38846F7A-ED5F-4CFB-B51F-E0A695B3FD02} - System32\Tasks\ykufkvn => C:\Users\Basti\AppData\Local\ykufkvn.bat [2014-07-05] ()
Task: {38B4044A-5F9E-4F5D-BAB7-E052960650A7} - System32\Tasks\mekchf => C:\Users\Basti\AppData\Local\mekchf.bat [2014-07-05] ()
Task: {39075E00-2343-4D84-A0B7-47DDF798498F} - System32\Tasks\hikcd => C:\Users\Basti\AppData\Local\hikcd.bat [2014-07-05] ()
Task: {393B2FE4-DD33-4A64-97AD-1206246B4544} - System32\Tasks\xiteo => C:\Users\Basti\AppData\Local\xiteo.bat [2014-07-05] ()
Task: {3C151CD2-1BF3-4B56-BAF4-7AE49AABB0C9} - System32\Tasks\dbrqgee => C:\Users\Basti\AppData\Local\dbrqgee.bat [2014-07-05] ()
Task: {3C353581-4217-4AE0-A08C-B9E81B7F681C} - System32\Tasks\czwmjxc => C:\Users\Basti\AppData\Local\czwmjxc.bat [2014-07-05] ()
Task: {3C7A8BEF-0B2F-4F4E-B3C3-B17AE07A0982} - System32\Tasks\kifcydb => C:\Users\Basti\AppData\Local\kifcydb.bat [2014-07-05] ()
Task: {3D71FCCB-D493-47D4-8A02-04E694F1A635} - System32\Tasks\ykugrd => C:\Users\Basti\AppData\Local\ykugrd.bat [2014-07-05] ()
Task: {3D8B1DD5-C87B-4BAA-9BD4-0629546F216F} - System32\Tasks\dbxushf => C:\Users\Basti\AppData\Local\dbxushf.bat [2014-07-05] ()
Task: {3DBD843A-D586-422E-A7CF-A7CB570D1EA8} - System32\Tasks\swjnb => C:\Users\Basti\AppData\Local\swjnb.bat [2014-07-05] ()
Task: {3EE03F5E-2273-413E-802C-B1065E1D8674} - System32\Tasks\idfik => C:\Users\Basti\AppData\Local\idfik.bat [2014-07-05] ()
Task: {3F3D96C3-DA9C-4785-A2C8-A806569B230C} - System32\Tasks\{A18EB256-8D8B-4CC2-B3BA-F6483A00B36A} => C:\Windows\system32\msiexec.exe [2009-07-14] (Microsoft Corporation)
Task: {407F7897-6B75-42B9-8679-E939DB6BAB81} - System32\Tasks\ognvv => C:\Users\Basti\AppData\Local\ognvv.bat [2014-07-04] ()
Task: {4144521A-7C1F-4159-A77A-CE97D85C7472} - System32\Tasks\ffqic => C:\Users\Basti\AppData\Local\ffqic.bat [2014-07-05] ()
Task: {414E1C63-96E5-4391-9436-00049F6E744E} - System32\Tasks\owgemu => C:\Users\Basti\AppData\Local\owgemu.bat [2014-07-05] ()
Task: {41A55E0A-D5B9-4BEC-9007-A77A689FAD1F} - System32\Tasks\udksah => C:\Users\Basti\AppData\Local\udksah.bat [2014-07-05] ()
Task: {41BC018E-4307-4E06-B939-FF9C01629518} - System32\Tasks\xddhknq => C:\Users\Basti\AppData\Local\xddhknq.bat [2014-07-05] ()
Task: {4295A2A0-AD2B-4993-B3F5-3245A53A7D20} - System32\Tasks\cxuiwsh => C:\Users\Basti\AppData\Local\cxuiwsh.bat [2014-07-05] ()
Task: {42D0363E-C97A-47F5-AE12-686D5CD77E2C} - System32\Tasks\zfsej => C:\Users\Basti\AppData\Local\zfsej.bat [2014-07-05] ()
Task: {42DD5AEE-A616-40FF-A271-E192DBD1127E} - System32\Tasks\laxdbge => C:\Users\Basti\AppData\Local\laxdbge.bat [2014-07-05] ()
Task: {43567E65-4A44-4DD9-8203-A0C592A05A2C} - System32\Tasks\jetwlid => C:\Users\Basti\AppData\Local\jetwlid.bat [2014-07-05] ()
Task: {442D28FA-BB10-4DE6-8CCF-D869F4D414F2} - System32\Tasks\gooiqq => C:\Users\Basti\AppData\Local\gooiqq.bat [2014-07-05] ()
Task: {45175AF5-6C22-41C1-B2D2-29D1D0BD9B60} - System32\Tasks\gyjdmeg => C:\Users\Basti\AppData\Local\gyjdmeg.bat [2014-07-05] ()
Task: {455411D9-C5F9-430B-9876-21A25F7C8853} - System32\Tasks\cgzelh => C:\Users\Basti\AppData\Local\cgzelh.bat [2014-07-05] ()
Task: {4557F706-AA3F-4E22-8CE9-4D0DE5E3FD56} - System32\Tasks\rfhlxc => C:\Users\Basti\AppData\Local\rfhlxc.bat [2014-07-05] ()
Task: {45AD97D6-46F3-42EA-95D0-D4A6116C4E09} - System32\Tasks\ujpftbpe => C:\Users\Basti\AppData\Local\ujpftbpe.bat [2014-07-05] ()
Task: {45B4B98E-81CF-4986-9061-0C769B194C99} - System32\Tasks\sxdodhty => C:\Users\Basti\AppData\Local\sxdodhty.bat [2014-07-05] ()
Task: {46ADE0F9-2956-4962-96C0-C59409708BD5} - System32\Tasks\diddyfaj => C:\Users\Basti\AppData\Local\diddyfaj.bat [2014-07-05] ()
Task: {46B51AC1-A039-4561-9BDD-7ADD9A58AAE2} - System32\Tasks\ebbihfv => C:\Users\Basti\AppData\Local\ebbihfv.bat [2014-07-05] ()
Task: {476ED557-BAD8-41BD-A1DC-97A83C42988C} - System32\Tasks\gehfxxx => C:\Users\Basti\AppData\Local\gehfxxx.bat [2014-07-05] ()
Task: {479B252D-4605-4EC7-B566-C88B0487A025} - System32\Tasks\erhvkawe => C:\Users\Basti\AppData\Local\erhvkawe.bat [2014-07-05] ()
Task: {4800BE1F-8924-49DE-BC09-0B1C8268AAE8} - System32\Tasks\tantzoui => C:\Users\Basti\AppData\Local\tantzoui.bat [2014-07-05] ()
Task: {482B9607-F9BD-4E63-A37C-03ABA66C5BBC} - System32\Tasks\ffyzr => C:\Users\Basti\AppData\Local\ffyzr.bat [2014-07-05] ()
Task: {485B99A4-FB0E-4A9C-8442-C6CE80BDA09A} - System32\Tasks\lbfdi => C:\Users\Basti\AppData\Local\lbfdi.bat [2014-07-04] ()
Task: {4939EBBD-A082-473D-8E15-5895BB240477} - System32\Tasks\gatmg => C:\Users\Basti\AppData\Local\gatmg.bat [2014-07-05] ()
Task: {49743BE8-9412-4FB7-86EE-B7331FFED45F} - System32\Tasks\xbtcgy => C:\Users\Basti\AppData\Local\xbtcgy.bat [2014-07-04] ()
Task: {49BF0DD7-0FDD-432F-BBA2-74F034925A47} - System32\Tasks\byner => C:\Users\Basti\AppData\Local\byner.bat [2014-07-04] ()
Task: {4A1D839D-2675-4FFB-9F23-1DA811977979} - System32\Tasks\evfvfv => C:\Users\Basti\AppData\Local\evfvfv.bat [2014-07-05] ()
Task: {4A330D15-47C8-461B-A950-C5DF5D7DF6EC} - System32\Tasks\rdpzlxb => C:\Users\Basti\AppData\Local\rdpzlxb.bat [2014-07-05] ()
Task: {4B1784D9-0FAF-40E1-B370-8693CC8E84E9} - System32\Tasks\fyrjc => C:\Users\Basti\AppData\Local\fyrjc.bat [2014-07-05] ()
Task: {4B682F8A-C785-47DC-A406-FC4782FBFAD3} - System32\Tasks\cocwdx => C:\Users\Basti\AppData\Local\cocwdx.bat [2014-07-05] ()
Task: {4BB854E8-FFD1-47B2-9B3E-0D8F707D9B7A} - System32\Tasks\fgnon => C:\Users\Basti\AppData\Local\fgnon.bat [2014-07-05] ()
Task: {4BC16FF7-6F36-4876-AB96-8BBF9C7B1A45} - System32\Tasks\qniehe => C:\Users\Basti\AppData\Local\qniehe.bat [2014-07-05] ()
Task: {4CA73691-20BB-4C94-94D7-251CCD220921} - System32\Tasks\oxqybbj => C:\Users\Basti\AppData\Local\oxqybbj.bat [2014-07-05] ()
Task: {4D0403F3-CBCA-441B-9C56-E907FEAC5802} - System32\Tasks\oprstuvx => C:\Users\Basti\AppData\Local\oprstuvx.bat [2014-07-05] ()
Task: {4D963CB1-9704-4CCA-981F-945F95E9151F} - System32\Tasks\tchnubh => C:\Users\Basti\AppData\Local\tchnubh.bat [2014-07-05] ()
Task: {4DCD0112-25C1-4693-A957-6E228041E34E} - System32\Tasks\ndjjpef => C:\Users\Basti\AppData\Local\ndjjpef.bat [2014-07-05] ()
Task: {4E857B53-592E-4813-B093-436CDB240A95} - System32\Tasks\pajsdmvg => C:\Users\Basti\AppData\Local\pajsdmvg.bat [2014-07-05] ()
Task: {4EAF03EF-5504-4EEC-B244-95EF25505DC2} - System32\Tasks\idwydo => C:\Users\Basti\AppData\Local\idwydo.bat [2014-07-05] ()
Task: {5057E9D0-AC70-4993-98E0-2E1030FBE1C9} - System32\Tasks\tidkhub => C:\Users\Basti\AppData\Local\tidkhub.bat [2014-07-05] ()
Task: {50D40AFB-93E4-4598-83BF-F7FE4839B8ED} - System32\Tasks\ydeilo => C:\Users\Basti\AppData\Local\ydeilo.bat [2014-07-05] ()
Task: {51BE370D-DE3C-4BBC-89BE-0530D23B708E} - System32\Tasks\ujagm => C:\Users\Basti\AppData\Local\ujagm.bat [2014-07-05] ()
Task: {51D07F5E-0198-42D9-BA5F-9195B61614AD} - System32\Tasks\atoabg => C:\Users\Basti\AppData\Local\atoabg.bat [2014-07-05] ()
Task: {52251746-FDA7-4A86-A981-9FFF886A2A01} - System32\Tasks\hqamvvfr => C:\Users\Basti\AppData\Local\hqamvvfr.bat [2014-07-05] ()
Task: {5234C7A8-B33D-496D-A056-42A83299B34B} - System32\Tasks\aztmg => C:\Users\Basti\AppData\Local\aztmg.bat [2014-07-05] ()
Task: {5234CEE8-E5F1-42FF-9006-015B8F5AFEB1} - System32\Tasks\uuttb => C:\Users\Basti\AppData\Local\uuttb.bat [2014-07-05] ()
Task: {52B865C0-8CE9-416A-B041-DFDFB1519492} - System32\Tasks\aguiuboc => C:\Users\Basti\AppData\Local\aguiuboc.bat [2014-07-05] ()
Task: {5306F4DD-1AC7-41E6-9403-BDFF73014E27} - System32\Tasks\eonxhh => C:\Users\Basti\AppData\Local\eonxhh.bat [2014-07-05] ()
Task: {53535EB0-AED2-499D-80F0-E784F58A1E13} - System32\Tasks\srddhf => C:\Users\Basti\AppData\Local\srddhf.bat [2014-07-05] ()
Task: {5387341D-62F4-485A-B5E7-DDC4C1903B6C} - System32\Tasks\ylwitgy => C:\Users\Basti\AppData\Local\ylwitgy.bat [2014-07-05] ()
Task: {53C4E101-6B38-4AF1-B0DD-329358F32BF2} - System32\Tasks\lbfvtjh => C:\Users\Basti\AppData\Local\lbfvtjh.bat [2014-07-05] ()
Task: {53E1E7F8-F27C-4330-A57C-B76989BDD7A1} - System32\Tasks\zgbua => C:\Users\Basti\AppData\Local\zgbua.bat [2014-07-05] ()
Task: {54C2495E-DA17-4B58-98B9-4E31C747F9EB} - System32\Tasks\ceahd => C:\Users\Basti\AppData\Local\ceahd.bat [2014-07-05] ()
Task: {551EBC11-5C78-4510-AA43-549A245847F9} - System32\Tasks\pasbee => C:\Users\Basti\AppData\Local\pasbee.bat [2014-07-05] ()
Task: {558BB67F-4DE1-414F-A1C2-D72D906228CA} - System32\Tasks\cmauo => C:\Users\Basti\AppData\Local\cmauo.bat [2014-07-05] ()
Task: {565A6E68-8346-4626-BDC1-92E0F8A6D9ED} - System32\Tasks\wwhhiqrb => C:\Users\Basti\AppData\Local\wwhhiqrb.bat [2014-07-05] ()
Task: {565BD81C-AE1F-4E40-9A80-D8DC472B5D0B} - System32\Tasks\thbio => C:\Users\Basti\AppData\Local\thbio.bat [2014-07-05] ()
Task: {5661FB3C-1193-450D-AA49-3DDAB3CE0C2D} - System32\Tasks\ghyzssee => C:\Users\Basti\AppData\Local\ghyzssee.bat [2014-07-05] ()
Task: {571CD842-1351-4837-9152-E61BE4531602} - System32\Tasks\celguqf => C:\Users\Basti\AppData\Local\celguqf.bat [2014-07-05] ()
Task: {57DA5B34-BA4E-43E0-8A8E-7821E48B3441} - System32\Tasks\uflsdjqg => C:\Users\Basti\AppData\Local\uflsdjqg.bat [2014-07-04] ()
Task: {58DAC40F-A0F4-4C57-8249-404EBF909185} - System32\Tasks\chdycz => C:\Users\Basti\AppData\Local\chdycz.bat [2014-07-05] ()
Task: {5912C58C-4941-46C2-BDD6-F6E875BE2007} - System32\Tasks\wijsdnwy => C:\Users\Basti\AppData\Local\wijsdnwy.bat [2014-07-05] ()
Task: {59A98901-E80E-44A5-A43C-25BDE0BC3ED9} - System32\Tasks\befcd => C:\Users\Basti\AppData\Local\befcd.bat [2014-07-05] ()
Task: {5B7F98D6-ACA2-4645-9352-EBC0F5468370} - System32\Tasks\bvjga => C:\Users\Basti\AppData\Local\bvjga.bat [2014-07-05] ()
Task: {5C3090C8-BDFB-4ED6-959C-2CCF5555367D} - System32\Tasks\algsm => C:\Users\Basti\AppData\Local\algsm.bat [2014-07-05] ()
Task: {5CB06B58-E3BA-4532-BCE7-12CBFCEE0165} - System32\Tasks\nneek => C:\Users\Basti\AppData\Local\nneek.bat [2014-07-05] ()
Task: {5D5D9D42-A185-425F-87C6-8630BE041960} - System32\Tasks\thlyerf => C:\Users\Basti\AppData\Local\thlyerf.bat [2014-07-05] ()
Task: {5DBB031B-6811-4AE4-B5A7-003EFE1E5B98} - System32\Tasks\cfmiet => C:\Users\Basti\AppData\Local\cfmiet.bat [2014-07-05] ()
Task: {5E07107A-16E9-4BD0-BEA3-B6CCCC2A118B} - System32\Tasks\wgqajs => C:\Users\Basti\AppData\Local\wgqajs.bat [2014-07-05] ()
Task: {5EF5C29A-1CD0-4CE9-B3E9-E5F3A2F718B7} - System32\Tasks\dulukbya => C:\Users\Basti\AppData\Local\dulukbya.bat [2014-07-05] ()
Task: {5F5E9ECE-60FC-4173-8086-D62EA0211B5E} - System32\Tasks\tsafljq => C:\Users\Basti\AppData\Local\tsafljq.bat [2014-07-05] ()
Task: {5F6B05A0-E847-4C03-940E-23D3597AFBBF} - System32\Tasks\cfbwzvjn => C:\Users\Basti\AppData\Local\cfbwzvjn.bat [2014-07-05] ()
Task: {5F95FC3F-8008-4010-8CE5-D63102B5E79A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {601AA6B2-10A9-418B-9B76-B5878D529D83} - System32\Tasks\khlquro => C:\Users\Basti\AppData\Local\khlquro.bat [2014-07-05] ()
Task: {60BCBBE9-3826-4FA1-A274-F5E8CC19073F} - System32\Tasks\xqtmwh => C:\Users\Basti\AppData\Local\xqtmwh.bat [2014-07-05] ()
Task: {60F8816B-ABC8-49CA-899C-1FD35ECD15A1} - System32\Tasks\chdzdz => C:\Users\Basti\AppData\Local\chdzdz.bat [2014-07-05] ()
Task: {6133DDA8-9A4A-45BF-B2BD-024BCBF45C56} - System32\Tasks\nnmmmmll => C:\Users\Basti\AppData\Local\nnmmmmll.bat [2014-07-05] ()
Task: {6148CB98-E234-4C8D-BEA6-E5A93DD87195} - System32\Tasks\noohg => C:\Users\Basti\AppData\Local\noohg.bat [2014-07-05] ()
Task: {614F6823-7402-4771-B6B0-020965C5D917} - System32\Tasks\seyexko => C:\Users\Basti\AppData\Local\seyexko.bat [2014-07-05] ()
Task: {6167B950-37CE-47E7-872A-4A38058F8B1E} - System32\Tasks\fazatun => C:\Users\Basti\AppData\Local\fazatun.bat [2014-07-05] ()
Task: {61B7E522-8622-47FF-9F2C-12547EAE4BE0} - System32\Tasks\rnjvqnyu => C:\Users\Basti\AppData\Local\rnjvqnyu.bat [2014-07-05] ()
Task: {62982365-62A8-426E-A6B5-07B40DF4C0A7} - System32\Tasks\cmembkt => C:\Users\Basti\AppData\Local\cmembkt.bat [2014-07-04] ()
Task: {62D156F3-513F-4281-8CBC-A21B3B5572C7} - System32\Tasks\jfbmi => C:\Users\Basti\AppData\Local\jfbmi.bat [2014-07-05] ()
Task: {639D67DA-E5FE-4143-8C58-34B7006E8942} - System32\Tasks\asugat => C:\Users\Basti\AppData\Local\asugat.bat [2014-07-05] ()
Task: {64BDFD76-70D1-4B1F-92D4-C4FBD08C5744} - System32\Tasks\pqrtuwx => C:\Users\Basti\AppData\Local\pqrtuwx.bat [2014-07-05] ()
Task: {6594F205-98DC-4378-867C-2B1AF9A5903C} - System32\Tasks\fumfme => C:\Users\Basti\AppData\Local\fumfme.bat [2014-07-05] ()
Task: {65F145DE-1A3B-45D7-9530-40E621EF1D7B} - System32\Tasks\aavhcd => C:\Users\Basti\AppData\Local\aavhcd.bat [2014-07-05] ()
Task: {6681C7D7-6251-4FF1-A121-59DC869029D0} - System32\Tasks\gfffeedd => C:\Users\Basti\AppData\Local\gfffeedd.bat [2014-07-05] ()
Task: {6919E0E7-C804-4241-9905-AC4E6867BF05} - System32\Tasks\mkjwutyx => C:\Users\Basti\AppData\Local\mkjwutyx.bat [2014-07-05] ()
Task: {69EC6A72-A41F-4127-AFAD-C4C53D40E1BB} - System32\Tasks\gxqbunex => C:\Users\Basti\AppData\Local\gxqbunex.bat [2014-07-05] ()
Task: {6A38509B-88FD-4613-82A1-A34C891FAA48} - System32\Tasks\iavicw => C:\Users\Basti\AppData\Local\iavicw.bat [2014-07-05] ()
Task: {6AA23F52-D414-4F9B-9AEA-92E7ADE45295} - System32\Tasks\paajl => C:\Users\Basti\AppData\Local\paajl.bat [2014-07-05] ()
Task: {6B15BA31-780B-4085-AFB1-66DBA346635A} - System32\Tasks\bqesh => C:\Users\Basti\AppData\Local\bqesh.bat [2014-07-05] ()
Task: {6B64F0D5-3ED3-435B-A21A-CEB391833423} - System32\Tasks\cyvkhvki => C:\Users\Basti\AppData\Local\cyvkhvki.bat [2014-07-05] ()
Task: {6B6EDC3F-2533-4AED-9101-4B6F4194E0D1} - System32\Tasks\eewxpph => C:\Users\Basti\AppData\Local\eewxpph.bat [2014-07-05] ()
Task: {6B701CA6-6FFC-46BE-A142-940E76AAC04F} - System32\Tasks\xogxohx => C:\Users\Basti\AppData\Local\xogxohx.bat [2014-07-05] ()
Task: {6C5029AE-B1A4-4A41-9424-8C51A4C08A0F} - System32\Tasks\zvbvbub => C:\Users\Basti\AppData\Local\zvbvbub.bat [2014-07-05] ()
Task: {6C86BB42-43B5-469E-954D-2FA12A6DBD55} - System32\Tasks\gvonw => C:\Users\Basti\AppData\Local\gvonw.bat [2014-07-05] ()
Task: {6CD53579-F0EF-4628-BBB9-55EE01F365E0} - System32\Tasks\vdraixf => C:\Users\Basti\AppData\Local\vdraixf.bat [2014-07-05] ()
Task: {6D4C8A29-89ED-45E8-8868-4AE51AD6770C} - System32\Tasks\przcm => C:\Users\Basti\AppData\Local\przcm.bat [2014-07-05] ()
Task: {6D87D4F9-B05B-4EC2-B967-9A6D8BE7D0D9} - System32\Tasks\nggef => C:\Users\Basti\AppData\Local\nggef.bat
Task: {6E67169D-71F1-49B2-9CC6-5AF7CC829B57} - System32\Tasks\qsufhkm => C:\Users\Basti\AppData\Local\qsufhkm.bat [2014-07-05] ()
Task: {6EA98D61-EF25-4982-A2C7-8ADE2962EA05} - System32\Tasks\rwafkol => C:\Users\Basti\AppData\Local\rwafkol.bat [2014-07-05] ()
Task: {6EE5E041-988B-45CE-9DE0-06363E2B504A} - System32\Tasks\nfgeeud => C:\Users\Basti\AppData\Local\nfgeeud.bat [2014-07-05] ()
Task: {6FE2A46B-7FE4-47E9-AA98-251CA5BF8434} - System32\Tasks\fcebsk => C:\Users\Basti\AppData\Local\fcebsk.bat [2014-07-05] ()
Task: {70B77988-284D-4371-9134-08602B5628D9} - System32\Tasks\qtwacm => C:\Users\Basti\AppData\Local\qtwacm.bat [2014-07-05] ()
Task: {71A34693-7D62-4997-B7AE-999D39461E66} - System32\Tasks\uuttaby => C:\Users\Basti\AppData\Local\uuttaby.bat [2014-07-05] ()
Task: {7266E7F3-B69D-4A60-A2C3-3DD33455CD3D} - System32\Tasks\sgjvb => C:\Users\Basti\AppData\Local\sgjvb.bat [2014-07-05] ()
Task: {739C0BA5-DA34-4E8B-98A8-3FA382BFDAFA} - System32\Tasks\dakax => C:\Users\Basti\AppData\Local\dakax.bat [2014-07-05] ()
Task: {74A00F3B-09AA-42CB-A513-27E56BF7AB64} - System32\Tasks\hztexr => C:\Users\Basti\AppData\Local\hztexr.bat [2014-07-05] ()
Task: {7779D692-435E-4A60-AB5A-27B54353FFAB} - System32\Tasks\jgjfb => C:\Users\Basti\AppData\Local\jgjfb.bat [2014-07-05] ()
Task: {7A2C08E3-F2E7-412B-879D-0FE3ABDD79FB} - System32\Tasks\fwogepoe => C:\Users\Basti\AppData\Local\fwogepoe.bat [2014-07-05] ()
Task: {7A385FB3-DBD8-4A54-9CE9-24AF42910138} - System32\Tasks\udkygwe => C:\Users\Basti\AppData\Local\udkygwe.bat [2014-07-05] ()
Task: {7B7167BB-4FC6-44BF-99BD-ABE286F7D6A0} - System32\Tasks\mucbioov => C:\Users\Basti\AppData\Local\mucbioov.bat [2014-07-05] ()
Task: {7BB61123-C703-4C3A-85B0-2017DC8061D7} - System32\Tasks\rdhbfk => C:\Users\Basti\AppData\Local\rdhbfk.bat [2014-07-04] ()
Task: {7BE23BEB-603C-4C8C-A109-D128F12A2212} - System32\Tasks\ovovwg => C:\Users\Basti\AppData\Local\ovovwg.bat [2014-07-05] ()
Task: {7C72A57E-A540-4532-B102-E0FBA42FF708} - System32\Tasks\difkhm => C:\Users\Basti\AppData\Local\difkhm.bat [2014-07-05] ()
Task: {7C9C2BE5-FF7E-40D3-BBEB-208D163EFA64} - System32\Tasks\acewb => C:\Users\Basti\AppData\Local\acewb.bat [2014-07-05] ()
Task: {7CE1D4CE-9E2F-430C-81F0-24650F09619D} - System32\Tasks\linsxvzh => C:\Users\Basti\AppData\Local\linsxvzh.bat [2014-07-05] ()
Task: {7CEF8338-F69F-4D50-B366-9A440BC200C5} - System32\Tasks\itesepd => C:\Users\Basti\AppData\Local\itesepd.bat [2014-07-05] ()
Task: {7D3D4411-E9FA-420E-B3CB-D885483E5157} - System32\Tasks\kawmc => C:\Users\Basti\AppData\Local\kawmc.bat [2014-07-05] ()
Task: {7D7E8D5A-C0B5-412E-9B13-F0AB8E742CBD} - System32\Tasks\quebmpb => C:\Users\Basti\AppData\Local\quebmpb.bat [2014-07-05] ()
Task: {7DA02994-7BAD-4686-82D8-603D1AB66746} - System32\Tasks\aiekxubh => C:\Users\Basti\AppData\Local\aiekxubh.bat [2014-07-05] ()
Task: {7DC299EB-53E2-4F56-9842-2F851549106A} - System32\Tasks\bzolax => C:\Users\Basti\AppData\Local\bzolax.bat [2014-07-05] ()
Task: {7DD20934-3BCF-4C9F-A39F-EACE8690A435} - System32\Tasks\zlxkdp => C:\Users\Basti\AppData\Local\zlxkdp.bat [2014-07-05] ()
Task: {7EF61FB7-E98E-4542-8968-138BF2B16B8C} - System32\Tasks\owpxa => C:\Users\Basti\AppData\Local\owpxa.bat [2014-07-05] ()
Task: {7F490C5C-2505-4A85-AC06-BF9732180E2B} - System32\Tasks\wbadf => C:\Users\Basti\AppData\Local\wbadf.bat [2014-07-05] ()
Task: {7F76710F-840A-41BF-86F8-E60EA3834147} - System32\Tasks\pjrtnwar => C:\Users\Basti\AppData\Local\pjrtnwar.bat [2014-07-05] ()
Task: {7F7878AA-82AB-40A4-A23A-9A735D44C2E7} - System32\Tasks\hcdxb => C:\Users\Basti\AppData\Local\hcdxb.bat [2014-07-05] ()
Task: {7FDF8C08-5311-44B7-8078-09FA791BF4ED} - System32\Tasks\sgdxvinc => C:\Users\Basti\AppData\Local\sgdxvinc.bat [2014-07-05] ()
Task: {7FFF89AC-48E4-4E6C-8F97-E1E62BFDF842} - System32\Tasks\oqrcbvv => C:\Users\Basti\AppData\Local\oqrcbvv.bat [2014-07-05] ()
Task: {806B6C7E-6290-4BED-B035-072245A22FA2} - System32\Tasks\jfbeau => C:\Users\Basti\AppData\Local\jfbeau.bat [2014-07-05] ()
Task: {812C87ED-8979-4FB5-8907-BDE36381FE6E} - System32\Tasks\nmlcbba => C:\Users\Basti\AppData\Local\nmlcbba.bat [2014-07-05] ()
Task: {819BDCA3-A619-4D7E-A369-42B804D88993} - System32\Tasks\hbcde => C:\Users\Basti\AppData\Local\hbcde.bat [2014-07-05] ()
Task: {81E4465A-5A30-4431-AA90-13F4F2B7032B} - System32\Tasks\jfida => C:\Users\Basti\AppData\Local\jfida.bat [2014-07-05] ()
Task: {824A78B1-F8EC-491D-8DD8-47C96479F763} - System32\Tasks\nnnfum => C:\Users\Basti\AppData\Local\nnnfum.bat [2014-07-05] ()
Task: {82C89923-84E8-4CDD-83A4-76491F8713C6} - System32\Tasks\lbhfk => C:\Users\Basti\AppData\Local\lbhfk.bat [2014-07-05] ()
Task: {82D4BCF0-0888-4AE9-9AA8-08B6359D5557} - System32\Tasks\dfoeggg => C:\Users\Basti\AppData\Local\dfoeggg.bat [2014-07-05] ()
Task: {8384CC9E-F5A7-4E82-B04F-F9C82BBAF763} - System32\Tasks\xhyctd => C:\Users\Basti\AppData\Local\xhyctd.bat [2014-07-05] ()
Task: {83D22F54-82FD-4CD5-AEF5-8654EE0A5BE9} - System32\Tasks\rwbgkv => C:\Users\Basti\AppData\Local\rwbgkv.bat [2014-07-05] ()
Task: {856BB06D-D00A-4FCA-B4B3-6C8B7BD8356E} - System32\Tasks\frcdo => C:\Users\Basti\AppData\Local\frcdo.bat [2014-07-05] ()
Task: {85CCBE6D-5E66-458F-802C-AACAAE24EC3F} - System32\Tasks\hbbvpjdf => C:\Users\Basti\AppData\Local\hbbvpjdf.bat [2014-07-05] ()
Task: {86397510-5238-4F34-A678-F10C83A31248} - System32\Tasks\ullcqa => C:\Users\Basti\AppData\Local\ullcqa.bat [2014-07-05] ()
Task: {86CA84DA-71D5-42F4-940C-2DC663751098} - System32\Tasks\jmaead => C:\Users\Basti\AppData\Local\jmaead.bat
Task: {86CAB150-29FD-4937-84BA-03590DE8D44B} - System32\Tasks\eekaa => C:\Users\Basti\AppData\Local\eekaa.bat [2014-07-05] ()
Task: {875A2007-89F1-4792-933F-CF7EDE2DF331} - System32\Tasks\xiscgpbc => C:\Users\Basti\AppData\Local\xiscgpbc.bat [2014-07-05] ()
Task: {87648989-6E8E-4F94-A671-67FCF9F03124} - System32\Tasks\goxir => C:\Users\Basti\AppData\Local\goxir.bat [2014-07-05] ()
Task: {8852B220-2BDF-4774-8CE2-1D7550A4B499} - System32\Tasks\cxmbx => C:\Users\Basti\AppData\Local\cxmbx.bat [2014-07-05] ()
Task: {88590079-C760-4621-993C-1633317E9B58} - System32\Tasks\flcjbpeg => C:\Users\Basti\AppData\Local\flcjbpeg.bat [2014-07-05] ()
Task: {88E855D2-3A88-4875-8F3B-180B5CB52806} - System32\Tasks\zercimyd => C:\Users\Basti\AppData\Local\zercimyd.bat [2014-07-05] ()
Task: {8953468A-EA89-48C5-B68E-A318B8814464} - System32\Tasks\cxuqfbet => C:\Users\Basti\AppData\Local\cxuqfbet.bat [2014-07-05] ()
Task: {8956E88B-38AB-4291-91F1-CD9428AD1D0C} - System32\Tasks\ibwylf => C:\Users\Basti\AppData\Local\ibwylf.bat [2014-07-04] ()
Task: {89B642E9-74DF-4006-9843-E5D4EEFF8764} - System32\Tasks\kotimq => C:\Users\Basti\AppData\Local\kotimq.bat [2014-07-05] ()
Task: {8A318339-FA06-499F-82E3-C24C50162192} - System32\Tasks\edvgfg => C:\Users\Basti\AppData\Local\edvgfg.bat [2014-07-05] ()
Task: {8B5F946F-309A-4F9B-A173-18B6A2F2C508} - System32\Tasks\advyd => C:\Users\Basti\AppData\Local\advyd.bat [2014-07-05] ()
Task: {8B61F2C8-1E77-4E20-B3F7-A9A9E43FAEDE} - System32\Tasks\oowhgopw => C:\Users\Basti\AppData\Local\oowhgopw.bat [2014-07-05] ()
Task: {8BA83850-D55D-483B-A805-EF7F731A82DB} - System32\Tasks\fdsrphfd => C:\Users\Basti\AppData\Local\fdsrphfd.bat [2014-07-04] ()
Task: {8BB65AA1-693A-42A4-B4A1-39E2663AC03A} - System32\Tasks\gxqias => C:\Users\Basti\AppData\Local\gxqias.bat [2014-07-05] ()
Task: {8BD75D3E-3F2F-4FA5-BBC8-EF3EF8B2AB9E} - System32\Tasks\etjawgd => C:\Users\Basti\AppData\Local\etjawgd.bat [2014-07-05] ()
Task: {8C2B3FF1-B366-4165-B31F-FB922A15A4A6} - System32\Tasks\mkqwcba => C:\Users\Basti\AppData\Local\mkqwcba.bat [2014-07-05] ()
Task: {8C77B3E2-9C69-48BF-A8BB-EB0602BEDC30} - System32\Tasks\hajcd => C:\Users\Basti\AppData\Local\hajcd.bat [2014-07-05] ()
Task: {8E11AAFE-BE69-4599-8758-C48EFCC6F38A} - System32\Tasks\lcbpgdb => C:\Users\Basti\AppData\Local\lcbpgdb.bat [2014-07-05] ()
Task: {8EA464E8-96CB-40CC-B164-2BD17389678D} - System32\Tasks\wfndm => C:\Users\Basti\AppData\Local\wfndm.bat [2014-07-05] ()
Task: {8ED8DB9D-D5E1-4665-91E9-7548D1FE4208} - System32\Tasks\dumdtk => C:\Users\Basti\AppData\Local\dumdtk.bat [2014-07-05] ()
Task: {8EE473C2-68A1-4425-9C96-71846E9074F3} - System32\Tasks\bvqlflgc => C:\Users\Basti\AppData\Local\bvqlflgc.bat [2014-07-05] ()
Task: {8F4A703E-87C4-4A83-AB1A-22EA43E8E237} - System32\Tasks\syeqvb => C:\Users\Basti\AppData\Local\syeqvb.bat [2014-07-05] ()
Task: {8FF53C63-C671-44D8-A2B7-06DC62D9FB6D} - System32\Tasks\izmfxrdd => C:\Users\Basti\AppData\Local\izmfxrdd.bat [2014-07-05] ()
Task: {9088E356-BA3A-4F11-9490-7F20298A58EE} - System32\Tasks\dspfvsa => C:\Users\Basti\AppData\Local\dspfvsa.bat [2014-07-05] ()
Task: {90ED642F-3171-4B3A-B859-20CDFD153748} - System32\Tasks\hhizabb => C:\Users\Basti\AppData\Local\hhizabb.bat [2014-07-05] ()
Task: {9190AA85-9AAA-4808-BF86-C4DFF5F259D5} - System32\Tasks\spurebgd => C:\Users\Basti\AppData\Local\spurebgd.bat [2014-07-05] ()
Task: {9252D4CF-AF40-49AD-BA62-F1522735AA08} - System32\Tasks\rvalo => C:\Users\Basti\AppData\Local\rvalo.bat [2014-07-04] ()
Task: {92839F0C-E391-4989-9073-A3F38D0E694D} - System32\Tasks\iehdx => C:\Users\Basti\AppData\Local\iehdx.bat [2014-07-05] ()
Task: {92CEFFA6-1282-4A4B-A907-BCD161322686} - System32\Tasks\xyprblde => C:\Users\Basti\AppData\Local\xyprblde.bat [2014-07-05] ()
Task: {941299B0-3E1F-44A8-93E1-BC0CC5E08E61} - System32\Tasks\kpbaf => C:\Users\Basti\AppData\Local\kpbaf.bat [2014-07-05] ()
Task: {94432D13-4BB1-4869-93D0-56D0D959535D} - System32\Tasks\fdnmdf => C:\Users\Basti\AppData\Local\fdnmdf.bat [2014-07-05] ()
Task: {94F2FB51-105E-4058-AD46-94129C34E18F} - System32\Tasks\whqaqbs => C:\Users\Basti\AppData\Local\whqaqbs.bat [2014-07-05] ()
Task: {9548BFE2-A600-49A4-93DF-637283CFA14C} - System32\Tasks\kodhei => C:\Users\Basti\AppData\Local\kodhei.bat [2014-07-05] ()
Task: {95600537-5CBC-4288-A9F3-0B9EE8052629} - System32\Tasks\aavaivd => C:\Users\Basti\AppData\Local\aavaivd.bat [2014-07-05] ()
Task: {958FCB48-23BC-4235-950F-6DC7CAFCD424} - System32\Tasks\mlkcahff => C:\Users\Basti\AppData\Local\mlkcahff.bat [2014-07-05] ()
Task: {95C650B1-78F9-4E02-AA80-64B7C93BF11C} - System32\Tasks\fdovf => C:\Users\Basti\AppData\Local\fdovf.bat [2014-07-05] ()
Task: {95F070F9-52B9-455D-A5C8-FC6B3E5C7B99} - System32\Tasks\tifsqdcp => C:\Users\Basti\AppData\Local\tifsqdcp.bat [2014-07-05] ()
Task: {9638DDFF-C2C1-49F4-90B3-DFEB2C460AEB} - System32\Tasks\apdqeyn => C:\Users\Basti\AppData\Local\apdqeyn.bat [2014-07-05] ()
Task: {96EE0D90-9427-4CC3-BD0B-140C531AC4C7} - System32\Tasks\yjneb => C:\Users\Basti\AppData\Local\yjneb.bat [2014-07-05] ()
Task: {976940D8-54B3-4E6F-8F9D-8F3F0605E9BC} - System32\Tasks\kvadpseb => C:\Users\Basti\AppData\Local\kvadpseb.bat [2014-07-05] ()
Task: {97810E4A-E409-4595-ACB5-8B030C5D1E98} - System32\Tasks\codrds => C:\Users\Basti\AppData\Local\codrds.bat [2014-07-05] ()
Task: {97AAF933-D04D-4667-8C5C-75868A5FB732} - System32\Tasks\gykfdp => C:\Users\Basti\AppData\Local\gykfdp.bat [2014-07-05] ()
Task: {97ED39E9-BB35-49CC-9C21-AB273B15524A} - System32\Tasks\aauhb => C:\Users\Basti\AppData\Local\aauhb.bat [2014-07-05] ()
Task: {9910E4AF-406B-49B4-B828-B96D4272CFAE} - System32\Tasks\oiccwxya => C:\Users\Basti\AppData\Local\oiccwxya.bat [2014-07-05] ()
Task: {996361EF-95F0-41A4-B1E1-DAAAE4ABAAF2} - System32\Tasks\clcjyhpm => C:\Users\Basti\AppData\Local\clcjyhpm.bat [2014-07-05] ()
Task: {99785FD4-BF63-4E0C-AB3B-D91912A76030} - System32\Tasks\vwxyaa => C:\Users\Basti\AppData\Local\vwxyaa.bat [2014-07-04] ()
Task: {99D43977-5E93-4293-B679-6800C823350E} - System32\Tasks\koswbos => C:\Users\Basti\AppData\Local\koswbos.bat [2014-07-05] ()
Task: {9A221AD9-38CF-46A7-BF21-D049903CA8E6} - System32\Tasks\gvonfon => C:\Users\Basti\AppData\Local\gvonfon.bat [2014-07-05] ()
Task: {9AE9E115-FC77-493D-93F2-A42ABF805C7D} - System32\Tasks\wnwnwn => C:\Users\Basti\AppData\Local\wnwnwn.bat [2014-07-05] ()
Task: {9C6CB459-40DC-45F9-A703-738413E1D4FA} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: {9C812086-F0A0-4DF7-929F-6817F24AD61B} - System32\Tasks\nmmml => C:\Users\Basti\AppData\Local\nmmml.bat [2014-07-05] ()
Task: {9D7DCDC0-91A3-453A-94C4-B3801FA10739} - System32\Tasks\qdfsoaep => C:\Users\Basti\AppData\Local\qdfsoaep.bat [2014-07-05] ()
Task: {9E13CAF1-28D3-44EE-8641-7218C5198FB5} - System32\Tasks\dmktr => C:\Users\Basti\AppData\Local\dmktr.bat [2014-07-05] ()
Task: {9E7AA17D-7540-4372-8834-DF42D9384035} - System32\Tasks\vvkksaa => C:\Users\Basti\AppData\Local\vvkksaa.bat [2014-07-04] ()
Task: {9E87E0C9-1A99-4754-BB10-505F0F9AFCA9} - System32\Tasks\fjugqjt => C:\Users\Basti\AppData\Local\fjugqjt.bat [2014-07-05] ()
Task: {9F28A335-4CCB-4A57-B048-085C04BB711B} - System32\Tasks\mmssraxg => C:\Users\Basti\AppData\Local\mmssraxg.bat [2014-07-05] ()
Task: {9F2DDB56-04EE-4023-B6AC-87FAABC899C4} - System32\Tasks\rvbfq => C:\Users\Basti\AppData\Local\rvbfq.bat [2014-07-05] ()
Task: {9F6757CF-098B-4127-B6D6-7F86B635370B} - System32\Tasks\ebbxomli => C:\Users\Basti\AppData\Local\ebbxomli.bat [2014-07-04] ()
Task: {9F6A30E0-28D5-4E71-BAEC-A0664612F729} - System32\Tasks\reykgr => C:\Users\Basti\AppData\Local\reykgr.bat [2014-07-05] ()
Task: {9F70E6DA-08DA-44FE-9CFF-74025B70C56B} - System32\Tasks\mekjpgn => C:\Users\Basti\AppData\Local\mekjpgn.bat [2014-07-05] ()
Task: {9F7509D7-ADC5-4EA0-9865-285C6DD01A58} - System32\Tasks\cxfbe => C:\Users\Basti\AppData\Local\cxfbe.bat [2014-07-05] ()
Task: {9F9F66A7-1989-47AA-BBDC-03BE2C7A8DDF} - System32\Tasks\kpmrcseu => C:\Users\Basti\AppData\Local\kpmrcseu.bat [2014-07-05] ()
Task: {9FF31ACF-C97A-4215-9870-804B69437AB0} - System32\Tasks\jnzfz => C:\Users\Basti\AppData\Local\jnzfz.bat [2014-07-05] ()
Task: {9FF3B21A-345D-4603-9B1C-9809D83ED474} - System32\Tasks\hauga => C:\Users\Basti\AppData\Local\hauga.bat [2014-07-05] ()
Task: {A002810D-B690-47A6-B452-62504AB92575} - System32\Tasks\nvfmuudl => C:\Users\Basti\AppData\Local\nvfmuudl.bat [2014-07-04] ()
Task: {A0843133-3115-46E2-AF0F-51C4F655F3DD} - System32\Tasks\gfibaat => C:\Users\Basti\AppData\Local\gfibaat.bat [2014-07-05] ()
Task: {A087B91B-051C-4191-89A0-02D5D5949AF6} - System32\Tasks\qtvyjlor => C:\Users\Basti\AppData\Local\qtvyjlor.bat [2014-07-05] ()
Task: {A0AF201A-53A6-4656-BFD4-87394352D299} - System32\Tasks\hjcen => C:\Users\Basti\AppData\Local\hjcen.bat [2014-07-05] ()
Task: {A196A545-27D4-4AB5-8C9C-E06B3CA8DA5F} - System32\Tasks\pabnxzc => C:\Users\Basti\AppData\Local\pabnxzc.bat [2014-07-05] ()
Task: {A2D5287C-9018-4D0A-804A-00DDF698377A} - System32\Tasks\yrlewqjt => C:\Users\Basti\AppData\Local\yrlewqjt.bat [2014-07-05] ()
Task: {A2FB8C6A-2AEE-4215-9AED-1A374C3E96AF} - System32\Tasks\itvqce => C:\Users\Basti\AppData\Local\itvqce.bat [2014-07-05] ()
Task: {A391C679-C076-4CD7-BB85-E782CCC91062} - System32\Tasks\elsbi => C:\Users\Basti\AppData\Local\elsbi.bat [2014-07-05] ()
Task: {A39B5368-B80B-4ED0-BDBF-4602EB0415E1} - System32\Tasks\ghpqrsad => C:\Users\Basti\AppData\Local\ghpqrsad.bat [2014-07-05] ()
Task: {A45698DD-8075-4DD4-B46E-5BBCC69BAFA8} - System32\Tasks\timsfmb => C:\Users\Basti\AppData\Local\timsfmb.bat [2014-07-04] ()
Task: {A57011CA-7A5C-40FA-A2D9-7BCB572B2254} - System32\Tasks\qcueqbm => C:\Users\Basti\AppData\Local\qcueqbm.bat [2014-07-05] ()
Task: {A58092C6-BB19-4582-BC8C-15E7552A29D7} - System32\Tasks\oqxbbc => C:\Users\Basti\AppData\Local\oqxbbc.bat [2014-07-05] ()
Task: {A6286F05-80C9-494D-B286-E7F8A111432B} - System32\Tasks\bnzgs => C:\Users\Basti\AppData\Local\bnzgs.bat [2014-07-05] ()
Task: {A653F52B-B131-4835-9B0A-1F9E89F1C29B} - System32\Tasks\mddazf => C:\Users\Basti\AppData\Local\mddazf.bat [2014-07-05] ()
Task: {A681FAAA-34DE-44ED-A27E-8604A8F46734} - System32\Tasks\mtbah => C:\Users\Basti\AppData\Local\mtbah.bat [2014-07-05] ()
Task: {A771C106-5498-4920-8896-EDE9F1ED7623} - System32\Tasks\iklnpr => C:\Users\Basti\AppData\Local\iklnpr.bat [2014-07-05] ()
Task: {A8A10C71-9D1B-491F-B5C9-2F1A9028E523} - System32\Tasks\pqacduwx => C:\Users\Basti\AppData\Local\pqacduwx.bat [2014-07-05] ()
Task: {A8E25691-3130-45C7-813A-E3DBE9750338} - System32\Tasks\accdqkmg => C:\Users\Basti\AppData\Local\accdqkmg.bat [2014-07-05] ()
Task: {A8E96BFF-F32D-4239-8502-305C055FB67D} - System32\Tasks\nwwgfoix => C:\Users\Basti\AppData\Local\nwwgfoix.bat [2014-07-05] ()
Task: {A92C37E1-07CD-4388-B711-0E894DE4E93F} - System32\Tasks\vksiwf => C:\Users\Basti\AppData\Local\vksiwf.bat [2014-07-05] ()
Task: {A9E5DFC3-D8C5-4932-90C5-21986CA4416F} - System32\Tasks\cmksqa => C:\Users\Basti\AppData\Local\cmksqa.bat [2014-07-05] ()
Task: {AA2E61F8-6FA4-40E1-BB99-1CAA873A8E75} - System32\Tasks\wfnwehp => C:\Users\Basti\AppData\Local\wfnwehp.bat [2014-07-05] ()
Task: {AA9F0AA9-66E8-49B5-A0DB-2A2E398E0B37} - System32\Tasks\lkiom => C:\Users\Basti\AppData\Local\lkiom.bat [2014-07-05] ()
Task: {AAD85056-FB99-4899-8422-518EEC146B7F} - System32\Tasks\dhejf => C:\Users\Basti\AppData\Local\dhejf.bat [2014-07-05] ()
Task: {AAF6A6B3-680B-413E-8CF9-55B45167E89D} - System32\Tasks\oyirbkt => C:\Users\Basti\AppData\Local\oyirbkt.bat [2014-07-05] ()
Task: {AB406ED3-FA0C-4244-97E6-253A8ADBA454} - System32\Tasks\lkpouty => C:\Users\Basti\AppData\Local\ljomr.bat [2014-07-05] ()
Task: {AB9DA712-F8BF-4B9C-9D0D-EECB6F1CA56D} - System32\Tasks\qceqde => C:\Users\Basti\AppData\Local\qceqde.bat [2014-07-05] ()
Task: {ABEA5CDB-526A-45B1-9857-ABC614B82CC3} - System32\Tasks\bqeshc => C:\Users\Basti\AppData\Local\bqeshc.bat [2014-07-05] ()
Task: {ABFEECFE-E956-4020-A16D-81DB8ABEAA7C} - System32\Tasks\fzslf => C:\Users\Basti\AppData\Local\fzslf.bat [2014-07-05] ()
Task: {AC2B4087-02CC-461C-9BFA-2A6332E08EB3} - System32\Tasks\cdbapem => C:\Users\Basti\AppData\Local\cdbapem.bat [2014-07-05] ()
Task: {ACC59B1B-373D-4380-8F32-C38C6DBD46FB} - System32\Tasks\ofmtudlc => C:\Users\Basti\AppData\Local\ofmtudlc.bat [2014-07-05] ()
Task: {ACFDAA2C-7C7D-4E37-8F47-8A0E5FF566B3} - System32\Tasks\ilhkui => C:\Users\Basti\AppData\Local\ilhkui.bat [2014-07-05] ()
Task: {AD15D66A-2A10-4CC8-B1C5-3486EB3E209A} - System32\Tasks\epaakb => C:\Users\Basti\AppData\Local\epaakb.bat [2014-07-05] ()
Task: {AD7D23F1-BB2E-48CC-9CE5-66298D5790CF} - System32\Tasks\korvk => C:\Users\Basti\AppData\Local\korvk.bat [2014-07-05] ()
Task: {ADE16A13-572D-431F-943E-87D7E87E2859} - System32\Tasks\ahwdxes => C:\Users\Basti\AppData\Local\ahwdxes.bat [2014-07-05] ()
Task: {AF79FB21-CF15-43E8-A2FD-CD20508D4161} - System32\Tasks\juqtpcwa => C:\Users\Basti\AppData\Local\juqtpcwa.bat [2014-07-05] ()
Task: {AFE23F61-2763-44E6-AB19-2EBBE86415F0} - System32\Tasks\droebqe => C:\Users\Basti\AppData\Local\droebqe.bat [2014-07-05] ()
Task: {B039BD87-8158-4CE8-825B-37095A91B001} - System32\Tasks\yefkor => C:\Users\Basti\AppData\Local\yefkor.bat [2014-07-05] ()
Task: {B04C31EA-4E69-43E8-9F50-14EE1453E46D} - System32\Tasks\znamymy => C:\Users\Basti\AppData\Local\znamymy.bat [2014-07-05] ()
Task: {B0A7E31B-4163-4DEB-BF93-E2B023F12403} - System32\Tasks\mdcyxo => C:\Users\Basti\AppData\Local\mdcyxo.bat
Task: {B26F9A37-658D-4102-9481-E4A289B9C3CF} - System32\Tasks\dyoecqf => C:\Users\Basti\AppData\Local\dyoecqf.bat [2014-07-05] ()
Task: {B2BFFCCE-BF2B-48FB-833B-593555018FBF} - System32\Tasks\cpkyu => C:\Users\Basti\AppData\Local\cpkyu.bat [2014-07-05] ()
Task: {B3F52FD3-9974-448B-8058-0600C56F1C2B} - System32\Tasks\ubbpv => C:\Users\Basti\AppData\Local\ubbpv.bat [2014-07-04] ()
Task: {B3FCE6AF-F093-4AEC-BC91-D58A56569EA2} - System32\Tasks\mdiafdcz => C:\Users\Basti\AppData\Local\mdiafdcz.bat [2014-07-05] ()
Task: {B4C6A1D3-384B-42C7-B7D2-B6ACB8ECE5F3} - System32\Tasks\dngvfvue => C:\Users\Basti\AppData\Local\dngvfvue.bat [2014-07-05] ()
Task: {B5D61CBD-21C8-48F3-A448-D2CAF4EEB164} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\SymErr.exe
Task: {B5DF5D09-FD52-4090-8B45-C9B14A885BBE} - System32\Tasks\fepharyj => C:\Users\Basti\AppData\Local\fepharyj.bat [2014-07-05] ()
Task: {B6DE23D7-8512-4E1A-9C1B-DDC42F467DDD} - System32\Tasks\qbcmvfj => C:\Users\Basti\AppData\Local\qbcmvfj.bat [2014-07-05] ()
Task: {B6DEBFEC-F80A-4951-97A8-54E8A8441A91} - System32\Tasks\4680 => Wscript.exe C:\Users\Basti\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {B74CDCDE-91EB-4E73-A863-76764920E680} - System32\Tasks\qtvyb => C:\Users\Basti\AppData\Local\qtvyb.bat [2014-07-05] ()
Task: {B756B24A-B718-4AF5-AEBD-DCD528751097} - System32\Tasks\caebgar => C:\Users\Basti\AppData\Local\caebgar.bat [2014-07-05] ()
Task: {B791EF72-E543-4CD7-BD75-EE74E1F10969} - System32\Tasks\cgbxmqfb => C:\Users\Basti\AppData\Local\cgbxmqfb.bat [2014-07-05] ()
Task: {B7CFAC87-C605-4223-8F8A-CFEABC961E44} - System32\Tasks\hboadwib => C:\Users\Basti\AppData\Local\hboadwib.bat [2014-07-05] ()
Task: {B84BA775-AAF9-43B6-826D-BF4DAA5F0105} - System32\Tasks\ljoukq => C:\Users\Basti\AppData\Local\ljoukq.bat [2014-07-05] ()
Task: {B8888C34-34F4-4C9D-969F-8C018F111AB8} - System32\Tasks\aiwdrx => C:\Users\Basti\AppData\Local\aiwdrx.bat [2014-07-05] ()
Task: {B99ABFE6-7652-4374-8342-280AFCB803AD} - System32\Tasks\rvbmquym => C:\Users\Basti\AppData\Local\rvbmquym.bat [2014-07-05] ()
Task: {B9A41E1D-2D9C-424B-8E84-4F2452666FB7} - System32\Tasks\hanisfyt => C:\Users\Basti\AppData\Local\hanisfyt.bat [2014-07-05] ()
Task: {BAB682B6-BBFC-4E25-8BC4-0ADE1C48AD76} - System32\Tasks\ruycgqu => C:\Users\Basti\AppData\Local\ruycgqu.bat [2014-07-05] ()
Task: {BBA3299D-25E2-4B1E-9570-4523A4F81A88} - System32\Tasks\lbxdjhu => C:\Users\Basti\AppData\Local\lbxdjhu.bat [2014-07-05] ()
Task: {BC05DFBA-8890-4A48-8C53-D3F95420D8AA} - System32\Tasks\lbeuzx => C:\Users\Basti\AppData\Local\lbeuzx.bat [2014-07-05] ()
Task: {BC20BFD8-C1C5-4772-8791-CA7E3D17AC8D} - System32\Tasks\kaebwb => C:\Users\Basti\AppData\Local\kaebwb.bat [2014-07-05] ()
Task: {BC20CDF4-ECB6-4E01-BE1A-8112F150E668} - System32\Tasks\piqscudg => C:\Users\Basti\AppData\Local\piqscudg.bat [2014-07-05] ()
Task: {BCC59AD6-6FA2-4130-A147-33D191F23577} - System32\Tasks\axebgbxe => C:\Users\Basti\AppData\Local\axebgbxe.bat
Task: {BD0F8B7E-3B0B-43B5-ADA9-2D63D2FCFF11} - System32\Tasks\qbewzdgb => C:\Users\Basti\AppData\Local\qbewzdgb.bat [2014-07-05] ()
Task: {BD594A36-2EF2-4D2B-B94A-2F84B76D9ED9} - System32\Tasks\bncpbp => C:\Users\Basti\AppData\Local\bncpbp.bat [2014-07-05] ()
Task: {BDC84873-C788-4972-8AC5-616546117784} - System32\Tasks\bqguje => C:\Users\Basti\AppData\Local\bqguje.bat [2014-07-05] ()
Task: {BEA0FA42-4444-4056-9211-75E52CC6C2B8} - System32\Tasks\vmofnff => C:\Users\Basti\AppData\Local\vmofnff.bat [2014-07-05] ()
Task: {BEB57153-2423-44A4-B05A-DF0A83349D41} - System32\Tasks\ckcieme => C:\Users\Basti\AppData\Local\ckcieme.bat [2014-07-05] ()
Task: {BF7ABAB7-668B-4A60-B29C-FD3A90FA6111} - System32\Tasks\noooop => C:\Users\Basti\AppData\Local\noooop.bat [2014-07-05] ()
Task: {BFB59BC8-D613-42FA-85E9-D23478DC510F} - System32\Tasks\mddsj => C:\Users\Basti\AppData\Local\mddsj.bat [2014-07-04] ()
Task: {C00CBE3B-4B1F-4300-8EBE-756D145139C7} - System32\Tasks\wbaknwgj => C:\Users\Basti\AppData\Local\wbaknwgj.bat [2014-07-05] ()
Task: {C120A91C-CECC-433F-A4B0-E96B9D6A00B0} - System32\Tasks\ulcjf => C:\Users\Basti\AppData\Local\ulcjf.bat [2014-07-05] ()
Task: {C1777FCC-BB4C-4899-B259-525C91D454EB} - System32\Tasks\bnbwkw => C:\Users\Basti\AppData\Local\bnbwkw.bat [2014-07-05] ()
Task: {C17C0E2E-29CB-4F85-8A9F-003424C23289} - System32\Tasks\vvfettbb => C:\Users\Basti\AppData\Local\vvfettbb.bat [2014-07-05] ()
Task: {C1DD108C-C0E0-4E45-B734-BFD7E637C6ED} - System32\Tasks\xarscn => C:\Users\Basti\AppData\Local\xarscn.bat [2014-07-05] ()
Task: {C1F045DF-F13B-4938-97A7-E36B4EF6FBE3} - System32\Tasks\msjput => C:\Users\Basti\AppData\Local\msjput.bat [2014-07-05] ()
Task: {C27A5490-A990-41F6-BD9B-02181D023A09} - System32\Tasks\jnxdejn => C:\Users\Basti\AppData\Local\jnxdejn.bat [2014-07-05] ()
Task: {C4F58F8D-D32F-4636-A228-9F0B63E7D593} - System32\Tasks\ujagcjyo => C:\Users\Basti\AppData\Local\ujagcjyo.bat [2014-07-05] ()
Task: {C53863A9-65FA-40FD-A9A5-F67CA71FF9E2} - System32\Tasks\mbfejx => C:\Users\Basti\AppData\Local\mbfejx.bat [2014-07-05] ()
Task: {C5BF1E0D-2204-4B7D-BA17-9DC83B876ED3} - System32\Tasks\gnnfmmem => C:\Users\Basti\AppData\Local\gnnfmmem.bat [2014-07-05] ()
Task: {C66479CF-C17E-4291-A5CF-26DE1448048B} - System32\Tasks\pqstvx => C:\Users\Basti\AppData\Local\pqstvx.bat [2014-07-04] ()
Task: {C69A52D5-8349-49FE-8712-72628A28C7F6} - System32\Tasks\ikcezb => C:\Users\Basti\AppData\Local\ikcezb.bat [2014-07-05] ()
Task: {C6BB8058-D85B-4AC2-8530-6E9EF0CE9EE3} - System32\Tasks\ntlsya => C:\Users\Basti\AppData\Local\ntlsya.bat [2014-07-04] ()
Task: {C7507750-CF15-42D3-A866-4BA1B36E2D8C} - System32\Tasks\xybsbdgx => C:\Users\Basti\AppData\Local\xybsbdgx.bat [2014-07-05] ()
Task: {C79B1DD4-78A8-46F8-804C-EC4A438D8631} - System32\Tasks\nejqff => C:\Users\Basti\AppData\Local\nejqff.bat [2014-07-05] ()
Task: {C834CCF2-1676-4A52-B515-9696DE21D1E5} - System32\Tasks\lkonsrp => C:\Users\Basti\AppData\Local\lkonsrp.bat [2014-07-05] ()
Task: {C8AA94E7-4D84-44FB-92D3-213DF6E04C29} - System32\Tasks\esjbhen => C:\Users\Basti\AppData\Local\esjbhen.bat [2014-07-05] ()
Task: {C9311851-A604-4644-B327-00408B26BD84} - System32\Tasks\thdqca => C:\Users\Basti\AppData\Local\thdqca.bat [2014-07-05] ()
Task: {C9E454E6-4780-4789-88A9-FFDA6991C8EC} - System32\Tasks\azsgxrbv => C:\Users\Basti\AppData\Local\azsgxrbv.bat [2014-07-05] ()
Task: {CA6DAE81-523E-4198-9813-565593D1522F} - System32\Tasks\bdanjmjw => C:\Users\Basti\AppData\Local\bdanjmjw.bat [2014-07-05] ()
Task: {CA88621B-8839-470B-81E1-EC4522871D91} - System32\Tasks\bdebu => C:\Users\Basti\AppData\Local\bdebu.bat [2014-07-05] ()
Task: {CA8AAD1F-F46C-42F9-9DCF-81DF0A7D592B} - System32\Tasks\tyfrhlye => C:\Users\Basti\AppData\Local\tyfrhlye.bat [2014-07-05] ()
Task: {CC2DE09A-A06B-425F-865D-F71ECB3FC2EA} - System32\Tasks\bqftidsi => C:\Users\Basti\AppData\Local\bqftidsi.bat [2014-07-05] ()
Task: {CC4C4918-75B4-43D8-B558-EFFE644ECC29} - System32\Tasks\crhwmb => C:\Users\Basti\AppData\Local\crhwmb.bat [2014-07-05] ()
Task: {CCB2670E-8EA1-430D-A759-786BB785EBEB} - System32\Tasks\yfpsfj => C:\Users\Basti\AppData\Local\yfpsfj.bat [2014-07-05] ()
Task: {CDC77E5B-21B7-4F8A-8C83-E72CDD53F86B} - System32\Tasks\ecaeb => C:\Users\Basti\AppData\Local\ecaeb.bat [2014-07-05] ()
Task: {CE8DC016-64E0-4029-8B1D-C61057495C09} - System32\Tasks\ajtfib => C:\Users\Basti\AppData\Local\ajtfib.bat [2014-07-05] ()
Task: {CE9DCD78-B46E-4E41-91BB-659D9E11F18F} - System32\Tasks\xphyqjar => C:\Users\Basti\AppData\Local\xphyqjar.bat [2014-07-05] ()
Task: {CF6E98E7-8B91-4CAF-A900-022827F6FC51} - System32\Tasks\qluqkvp => C:\Users\Basti\AppData\Local\qluqkvp.bat [2014-07-04] ()
Task: {CFA8E8CC-EC4B-437D-8CDE-DF8BD713A502} - System32\Tasks\gaabcb => C:\Users\Basti\AppData\Local\gaabcb.bat [2014-07-05] ()
Task: {CFCDAC6E-D258-4ABC-BA4F-C6B6F07A0E65} - System32\Tasks\kvavalpl => C:\Users\Basti\AppData\Local\kvavalpl.bat [2014-07-05] ()
Task: {D0DD7914-98E8-4DF3-A457-C397B9736015} - System32\Tasks\sqnlqv => C:\Users\Basti\AppData\Local\sqnlqv.bat [2014-07-05] ()
Task: {D12B3B35-5472-4231-B4DA-840395A20DEE} - System32\Tasks\wfodnfnc => C:\Users\Basti\AppData\Local\wfodnfnc.bat [2014-07-05] ()
Task: {D14F3D18-C754-4E9E-8BB4-BE5A7CCF9485} - System32\Tasks\icwrmgb => C:\Users\Basti\AppData\Local\icwrmgb.bat [2014-07-05] ()
Task: {D15D398B-358A-4F58-A998-849CC2793608} - System32\Tasks\bwdgshc => C:\Users\Basti\AppData\Local\bwdgshc.bat [2014-07-05] ()
Task: {D26B8E83-2EA1-4F2E-95D9-79A56170114F} - System32\Tasks\yldibny => C:\Users\Basti\AppData\Local\yldibny.bat [2014-07-05] ()
Task: {D34F9D12-550F-48CD-9F13-EEC89B8A0D04} - System32\Tasks\dblbsj => C:\Users\Basti\AppData\Local\dblbsj.bat [2014-07-05] ()
Task: {D423E78B-6783-4EE7-99D5-45F0A6AD0412} - System32\Tasks\zuhuh => C:\Users\Basti\AppData\Local\zuhuh.bat [2014-07-05] ()
Task: {D499325D-BAC7-4AF5-8A83-018E919444B2} - System32\Tasks\bdxsuidx => C:\Users\Basti\AppData\Local\bdxsuidx.bat [2014-07-05] ()
Task: {D4D349FA-5ACD-49B3-B5C9-999892236028} - System32\Tasks\ebeczxu => C:\Users\Basti\AppData\Local\ebeczxu.bat [2014-07-05] ()
Task: {D4E0B46E-A032-492D-A8F2-46DB5D945757} - System32\Tasks\xparkat => C:\Users\Basti\AppData\Local\xparkat.bat [2014-07-05] ()
Task: {D55AC550-6949-4BFD-9D66-AF9E333BADD7} - System32\Tasks\abwydfad => C:\Users\Basti\AppData\Local\abwydfad.bat [2014-07-05] ()
Task: {D6D8825F-9CBA-4151-BAA4-320D78B0734C} - System32\Tasks\dzhecq => C:\Users\Basti\AppData\Local\dzhecq.bat [2014-07-05] ()
Task: {D6FD2B64-1FE9-4832-9239-9BAE02476E2E} - System32\Tasks\qlfbd => C:\Users\Basti\AppData\Local\qlfbd.bat [2014-07-05] ()
Task: {D739E78E-1CF0-47C7-927B-FDA5DD40C077} - System32\Tasks\wxhoxy => C:\Users\Basti\AppData\Local\wxhoxy.bat [2014-07-05] ()
Task: {D82F6FAD-4F50-4EBD-89B4-316CDA801866} - System32\Tasks\hyrrlvvo => C:\Users\Basti\AppData\Local\hyrrlvvo.bat [2014-07-04] ()
Task: {D84989EA-41AE-4566-A7D6-7B2F8232FC85} - System32\Tasks\izste => C:\Users\Basti\AppData\Local\izste.bat [2014-07-05] ()
Task: {D86BE97B-74D7-49F2-B958-3234E4FBCB3D} - System32\Tasks\qsvxbknp => C:\Users\Basti\AppData\Local\qsvxbknp.bat [2014-07-05] ()
Task: {D8777C9C-3929-4362-AE39-C103616E5921} - System32\Tasks\lbfcaxur => C:\Users\Basti\AppData\Local\lbfcaxur.bat [2014-07-05] ()
Task: {D92A95B5-C808-4E4E-9528-7F0D2A3B1F74} - System32\Tasks\uucapofc => C:\Users\Basti\AppData\Local\uucapofc.bat [2014-07-05] ()
Task: {D95DB20A-86B2-46E1-97B5-2D5AE6472DBC} - System32\Tasks\cgafnanb => C:\Users\Basti\AppData\Local\cgafnanb.bat [2014-07-04] ()
Task: {D9E54CE1-C1C0-401C-BB77-54C30E9D10FA} - System32\Tasks\kheqm => C:\Users\Basti\AppData\Local\kheqm.bat [2014-07-05] ()
Task: {DA4562EF-87A8-4A59-BE53-548EB33B70ED} - System32\Tasks\cljrpd => C:\Users\Basti\AppData\Local\cljrpd.bat [2014-07-05] ()
Task: {DAA22B6D-3D87-42BC-9166-484570743B77} - System32\Tasks\ekbaxdus => C:\Users\Basti\AppData\Local\ekbaxdus.bat [2014-07-05] ()
Task: {DC5DFB37-1AD9-4D75-B56E-BF2C2C37D0CD} - System32\Tasks\rnjfj => C:\Users\Basti\AppData\Local\rnjfj.bat [2014-07-05] ()
Task: {DC691991-5481-4595-ABCD-2DFB97A70B6C} - System32\Tasks\czwlaxm => C:\Users\Basti\AppData\Local\czwlaxm.bat [2014-07-05] ()
Task: {DCBD767E-C421-49A4-B114-63EC98807835} - System32\Tasks\hqjtu => C:\Users\Basti\AppData\Local\hqjtu.bat [2014-07-05] ()
Task: {DCEBD5D5-1BA9-4DB5-A058-A657D5943F33} - System32\Tasks\zvbvc => C:\Users\Basti\AppData\Local\zvbvc.bat [2014-07-05] ()
Task: {DD4C4EF1-9BDF-4794-BAE1-914D41EE294E} - System32\Tasks\sxeqfjvb => C:\Users\Basti\AppData\Local\sxeqfjvb.bat [2014-07-05] ()
Task: {DD7F1F5F-E637-45FA-8DAC-441BD3B8FD2F} - System32\Tasks\qtdht => C:\Users\Basti\AppData\Local\qtdht.bat [2014-07-05] ()
Task: {DE191F96-8962-4BE7-893A-07A6826FD606} - System32\Tasks\abbcw => C:\Users\Basti\AppData\Local\abbcw.bat [2014-07-05] ()
Task: {DEE323B4-C475-4C1A-9409-E081EF31CC62} - System32\Tasks\owfwfngn => C:\Users\Basti\AppData\Local\owfwfngn.bat [2014-07-05] ()
Task: {DEFB0374-B3F1-45D5-AC7A-FC9FA34B45EA} - System32\Tasks\bbxcryn => C:\Users\Basti\AppData\Local\bbxcryn.bat [2014-07-05] ()
Task: {DF27E26C-9D3B-4A94-A75F-9C958282B18F} - System32\Tasks\kigcieea => C:\Users\Basti\AppData\Local\kigcieea.bat [2014-07-05] ()
Task: {DFEF790F-7FFE-46B0-B84B-B78C4E10EEEE} - System32\Tasks\cygdqe => C:\Users\Basti\AppData\Local\cygdqe.bat [2014-07-05] ()
Task: {DFFA22D2-B6B1-44F6-88FA-241055E3D513} - System32\Tasks\haughc => C:\Users\Basti\AppData\Local\haughc.bat [2014-07-05] ()
Task: {E08D7EB1-7E72-4721-93BE-CB4A05EB8526} - System32\Tasks\wayik => C:\Users\Basti\AppData\Local\wayik.bat [2014-07-05] ()
Task: {E0D8CA43-06F2-4CD9-B92D-640622E9606A} - System32\Tasks\bocpkx => C:\Users\Basti\AppData\Local\bocpkx.bat [2014-07-05] ()
Task: {E123E611-9C0D-4C1B-AC23-2B6FC97C009E} - System32\Tasks\qcnxjue => C:\Users\Basti\AppData\Local\qcnxjue.bat [2014-07-05] ()
Task: {E159EF97-6E8B-4BBF-A1ED-B153C18CE903} - System32\Tasks\aheqe => C:\Users\Basti\AppData\Local\aheqe.bat [2014-07-05] ()
Task: {E215A941-BAEE-4DFA-88DB-9E33E41AEC7B} - System32\Tasks\jmpruxc => C:\Users\Basti\AppData\Local\jmpruxc.bat [2014-07-05] ()
Task: {E2FD88C8-E4EC-410F-AABB-DE431DCE0004} - System32\Tasks\bperg => C:\Users\Basti\AppData\Local\bperg.bat [2014-07-05] ()
Task: {E32AD157-9DEC-4653-978E-52C7DBFCB42C} - System32\Tasks\rozwbgjf => C:\Users\Basti\AppData\Local\rozwbgjf.bat [2014-07-05] ()
Task: {E380B911-E352-4A9F-9752-8EE210DB9837} - System32\Tasks\gwhhpirq => C:\Users\Basti\AppData\Local\gwhhpirq.bat [2014-07-05] ()
Task: {E387B2A5-4BE5-402C-902F-0B0192F7BFC1} - System32\Tasks\crhoe => C:\Users\Basti\AppData\Local\crhoe.bat [2014-07-05] ()
Task: {E45273A6-7336-4518-999D-DE0E177B9F99} - System32\Tasks\wfhwahi => C:\Users\Basti\AppData\Local\wfhwahi.bat [2014-07-05] ()
Task: {E51CD699-6D66-43C9-9442-A56F960692E9} - System32\Tasks\recvsf => C:\Users\Basti\AppData\Local\recvsf.bat [2014-07-05] ()
Task: {E55D857C-E829-41A6-9112-785FF6F00978} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {E5BBE7E2-CBD2-4540-980D-6720484D9EFD} - System32\Tasks\uejqaf => C:\Users\Basti\AppData\Local\uejqaf.bat [2014-07-05] ()
Task: {E66AAD33-896C-4DD6-93A3-1E4D1691C6D0} - System32\Tasks\ljigtr => C:\Users\Basti\AppData\Local\ljigtr.bat [2014-07-05] ()
Task: {E693D6A2-16DA-4E91-9551-02A5EA882486} - System32\Tasks\lcaxvl => C:\Users\Basti\AppData\Local\lcaxvl.bat [2014-07-05] ()
Task: {E6A87921-46D1-42C1-A91C-4985CE484B2A} - System32\Tasks\qbceoys => C:\Users\Basti\AppData\Local\qbceoys.bat [2014-07-05] ()
Task: {E83476D8-E7C3-411E-84BA-899E651EC18A} - System32\Tasks\fegdv => C:\Users\Basti\AppData\Local\fegdv.bat [2014-07-04] ()
Task: {E8C32CF0-EDC9-422F-96DE-F3E5E9020228} - System32\Tasks\ilnac => C:\Users\Basti\AppData\Local\ilnac.bat [2014-07-05] ()
Task: {E9EB0E15-5AA8-4CAF-9B44-CE5A5D2BDD1D} - System32\Tasks\hpzsc => C:\Users\Basti\AppData\Local\hpzsc.bat [2014-07-05] ()
Task: {EAEA3E67-A6DC-40BA-BFEA-6F9CEC6478EC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe [2012-05-29] (TuneUp Software)
Task: {EB271BCF-53A5-4A38-8DB8-8C68117A9E7B} - System32\Tasks\eqbblc => C:\Users\Basti\AppData\Local\eqbblc.bat [2014-07-05] ()
Task: {EB58EE2A-DD51-4802-AA27-71ED6B7532C6} - System32\Tasks\awjfco => C:\Users\Basti\AppData\Local\awjfco.bat [2014-07-05] ()
Task: {EBC7AD4A-A24D-4998-BC74-5EB8A75A92ED} - System32\Tasks\ttrqw => C:\Users\Basti\AppData\Local\ttrqw.bat [2014-07-05] ()
Task: {EC9ECA81-CAB8-4921-BD1F-560582C5F1D1} - System32\Tasks\acfqt => C:\Users\Basti\AppData\Local\acfqt.bat [2014-07-05] ()
Task: {EE2E98CA-088E-4A7A-A4EF-609DA0F553F3} - System32\Tasks\bfycpdo => C:\Users\Basti\AppData\Local\bfycpdo.bat [2014-07-05] ()
Task: {EF6BC834-2072-4198-8920-9A7860FC9DFD} - System32\Tasks\owxhp => C:\Users\Basti\AppData\Local\owxhp.bat [2014-07-05] ()
Task: {EFC2EA28-1437-4AC3-868C-AA54F0F0E809} - System32\Tasks\xhraenx => C:\Users\Basti\AppData\Local\xhraenx.bat [2014-07-05] ()
Task: {F0584815-6460-4061-819E-1FB24FCCC179} - System32\Tasks\wgpehq => C:\Users\Basti\AppData\Local\wgpehq.bat [2014-07-05] ()
Task: {F0C9E158-E078-46DA-A8C6-36833C9437E1} - System32\Tasks\xactce => C:\Users\Basti\AppData\Local\xactce.bat [2014-07-05] ()
Task: {F127C56B-C1A3-4EBC-ADF7-263B883DD7E2} - System32\Tasks\edettk => C:\Users\Basti\AppData\Local\edettk.bat [2014-07-05] ()
Task: {F17D9EFC-23F8-4FB8-8D5C-12091C24E680} - System32\Tasks\nnneedd => C:\Users\Basti\AppData\Local\nnneedd.bat [2014-07-05] ()
Task: {F1AC37E1-85A4-4C22-AD0C-352190387655} - System32\Tasks\agchupv => C:\Users\Basti\AppData\Local\agchupv.bat [2014-07-05] ()
Task: {F1DAF2B4-74EA-4610-B2E6-8477E0AC7702} - System32\Tasks\adgrdg => C:\Users\Basti\AppData\Local\adgrdg.bat [2014-07-04] ()
Task: {F244E76A-2777-42FA-A90E-A7F5521B7E09} - System32\Tasks\pirtm => C:\Users\Basti\AppData\Local\pirtm.bat [2014-07-05] ()
Task: {F25035BA-42D5-4162-82AB-9779DD2E18D6} - System32\Tasks\jfimplh => C:\Users\Basti\AppData\Local\jfimplh.bat [2014-07-05] ()
Task: {F4565C81-BC6A-4CC3-BC9E-3BB6D5AA4C8C} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {F4FEA218-4351-4430-94AF-753074B5898F} - System32\Tasks\zmrei => C:\Users\Basti\AppData\Local\zmrei.bat [2014-07-05] ()
Task: {F6DFCFA7-14B5-41B9-B583-17ECA6B22175} - System32\Tasks\jfqmpk => C:\Users\Basti\AppData\Local\jfqmpk.bat [2014-07-05] ()
Task: {F71D0068-05D7-4183-B0BF-AA13A97EFC5C} - System32\Tasks\rwinaej => C:\Users\Basti\AppData\Local\rwinaej.bat [2014-07-05] ()
Task: {F7994A9D-9D32-4520-A62B-08DDAEED0DFD} - System32\Tasks\trpntrp => C:\Users\Basti\AppData\Local\trpntrp.bat [2014-07-05] ()
Task: {F7B12CBE-1B58-4F55-A124-8A2E1303F5F0} - System32\Tasks\pasbk => C:\Users\Basti\AppData\Local\pasbk.bat [2014-07-05] ()
Task: {F7C2CB3B-461A-4005-8C8F-35F47C541D7D} - System32\Tasks\hirtt => C:\Users\Basti\AppData\Local\hirtt.bat [2014-07-05] ()
Task: {F9155335-4A87-401A-8FA1-6BA5C09DF833} - System32\Tasks\vltjyh => C:\Users\Basti\AppData\Local\vltjyh.bat [2014-07-05] ()
Task: {F9E8F6F4-4144-41EA-B979-48EE68E0C6D1} - System32\Tasks\spurw => C:\Users\Basti\AppData\Local\spurw.bat [2014-07-05] ()
Task: {FB69B3E2-8B18-4EF8-BCFE-683E7D718A52} - System32\Tasks\biwery => C:\Users\Basti\AppData\Local\biwery.bat [2014-07-05] ()
Task: {FB853B70-DD60-42A4-87F6-548945DBBD59} - System32\Tasks\erhfbrg => C:\Users\Basti\AppData\Local\erhfbrg.bat [2014-07-05] ()
Task: {FD2C84E9-B8F5-4A21-98BE-294A9A2B77F9} - System32\Tasks\yefrv => C:\Users\Basti\AppData\Local\yefrv.bat [2014-07-05] ()
Task: {FD52F25C-08AB-479C-ABB8-73EFCBF9D27A} - System32\Tasks\paalgxsc => C:\Users\Basti\AppData\Local\paalgxsc.bat [2014-07-05] ()
Task: {FD63E042-B990-4787-A479-35703D04AF10} - System32\Tasks\znamat => C:\Users\Basti\AppData\Local\znamat.bat [2014-07-05] ()
Task: {FDD55135-4472-4F79-BE78-176B0FB75398} - System32\Tasks\aupjdas => C:\Users\Basti\AppData\Local\aupjdas.bat [2014-07-05] ()
Task: {FE23E41C-AAC1-46B5-BCC1-2CC16067C9D3} - System32\Tasks\aauoiu => C:\Users\Basti\AppData\Local\aauoiu.bat [2014-07-05] ()
Task: {FE24DA0B-2DC2-4AC9-A926-49F4F5AFB21C} - System32\Tasks\wxiiiy => C:\Users\Basti\AppData\Local\wxiiiy.bat [2014-07-04] ()
Task: {FE6D8FBA-C225-4D94-8CD7-DA0F5616E4F4} - System32\Tasks\ttrqx => C:\Users\Basti\AppData\Local\ttrqx.bat [2014-07-05] ()
Task: {FE83967D-124F-4CB9-9F49-9C84C3D702A3} - System32\Tasks\regrbg => C:\Users\Basti\AppData\Local\regrbg.bat [2014-07-05] ()
Task: {FEA6F03A-9CF1-4DAA-92C6-BAF9126113BF} - System32\Tasks\pjlfhbd => C:\Users\Basti\AppData\Local\pjlfhbd.bat [2014-07-05] ()
Task: {FEB463DD-0970-42B7-87C7-80540ED4A7A2} - System32\Tasks\xqasl => C:\Users\Basti\AppData\Local\xqasl.bat [2014-07-05] ()
Task: {FF94778D-DEC3-4DCA-A75B-7862BF512310} - System32\Tasks\cedcyh => C:\Users\Basti\AppData\Local\cedcyh.bat [2014-07-05] ()
Task: {FFBE9865-E365-4187-8D79-87977238992D} - System32\Tasks\ucjxx => C:\Users\Basti\AppData\Local\ucjxx.bat [2014-07-05] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

RDC · 30.09.2014, 16:09

addition 2:

Code:

ATTFilter

==================== Loaded Modules (whitelisted) =============

2014-08-21 19:19 - 2014-08-21 19:19 - 02478688 _____ () C:\Program Files (x86)\ArgusMonitor\ArgusMonitor.exe
2013-07-17 20:41 - 2011-06-20 16:28 - 00078448 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-07-17 20:41 - 2011-06-20 16:28 - 00386160 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2013-07-17 20:41 - 2011-06-20 16:28 - 00621168 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2014-04-17 22:29 - 2014-04-17 22:29 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-09-30 14:30 - 2014-09-30 14:30 - 00040448 ____N () C:\Users\Basti\AppData\Local\Temp\proxy_vole747751624481204618.dll
2014-09-30 14:30 - 2014-09-30 14:30 - 00566439 _____ () C:\Users\Basti\AppData\Local\JDownloader v2.0\tmp\7zip\SevenZipJBinding-FKPz9\libgcc_s_sjlj-1.dll
2014-09-30 14:30 - 2014-09-30 14:30 - 04078962 _____ () C:\Users\Basti\AppData\Local\JDownloader v2.0\tmp\7zip\SevenZipJBinding-FKPz9\lib7-Zip-JBinding.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\kpcengine.2.3.dll
2014-07-21 22:50 - 2014-07-21 22:50 - 00074872 _____ () C:\Program Files (x86)\ArgusMonitor\atiace.dll
2013-08-22 12:51 - 2013-08-22 12:51 - 00036672 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2013-08-22 12:52 - 2013-08-22 12:52 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-01-10 13:43 - 2013-01-10 13:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2013-08-22 12:53 - 2013-08-22 12:53 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00113171 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 02396179 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00268307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00027667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00031251 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00066579 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 02021395 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00100371 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00240659 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00076307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00045587 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00060947 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00531475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00708627 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00114195 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00040467 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00014867 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00133139 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 01512467 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00296979 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 01248787 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00054291 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00038419 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 11148307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00036371 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00025619 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00336403 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00016403 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00146451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00733203 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00015891 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00022035 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00021523 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00030739 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00021011 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00063507 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00036883 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00017427 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00025619 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00024595 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00064531 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00189971 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00091667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00067603 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00077331 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00291859 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00017939 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 01280019 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00018451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00344595 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00198675 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00027155 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 01371667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00013843 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00130579 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00168979 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00058899 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 01496083 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00019475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00013331 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00014355 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00014867 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00014355 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00025619 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2014-09-25 20:12 - 2014-09-25 20:12 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00699072 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-09-12 20:39 - 2014-09-12 20:39 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
2013-08-07 17:07 - 2013-08-07 17:07 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\Basti\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Basti\AppData\Roaming:NT

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2003444537-1590814705-579064181-500 - Disabled - Status: Degraded)
ASPNET (S-1-5-21-2003444537-1590814705-579064181-1003 - Enabled - Status: OK)
Basti (S-1-5-21-2003444537-1590814705-579064181-1000 - Enabled - Status: OK) => C:\Users\Basti
fbwuser9B5A (S-1-5-21-2003444537-1590814705-579064181-1007 - Enabled - Status: OK)
fbwuser9DAA (S-1-5-21-2003444537-1590814705-579064181-1008 - Enabled - Status: OK)
fbwuserA8E3 (S-1-5-21-2003444537-1590814705-579064181-1009 - Enabled - Status: OK)
fbwuserCC9F (S-1-5-21-2003444537-1590814705-579064181-1010 - Enabled - Status: OK)
fbwuserD38A (S-1-5-21-2003444537-1590814705-579064181-1011 - Enabled - Status: OK)
fbwuserF7B8 (S-1-5-21-2003444537-1590814705-579064181-1006 - Enabled - Status: OK)
Gast (S-1-5-21-2003444537-1590814705-579064181-501 - Disabled - Status: Degraded)
HomeGroupUser$ (S-1-5-21-2003444537-1590814705-579064181-1005 - Enabled - Status: OK)

==================== Faulty Device Manager Devices =============

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/30/2014 04:09:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Play.exe, Version: 10.0.0.0, Zeitstempel: 0x5318d470
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x716b0064
ID des fehlerhaften Prozesses: 0x1224
Startzeit der fehlerhaften Anwendung: 0xPlay.exe0
Pfad der fehlerhaften Anwendung: Play.exe1
Pfad des fehlerhaften Moduls: Play.exe2
Berichtskennung: Play.exe3

Error: (09/29/2014 08:10:16 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\PROGRA~2\COMMON~1\INSTAL~1\Engine\6\INTEL3~1\IKernel.exe -Embedding; Beschreibung = Installiert Star Wars Jedi Knight Jedi Academy; Fehler = 0x8004231f).

Error: (09/29/2014 03:09:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bced5
Name des fehlerhaften Moduls: VIASysFx.dll, Version: 1.0.0.0, Zeitstempel: 0x4df1f2c5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005fb4e
ID des fehlerhaften Prozesses: 0x1734
Startzeit der fehlerhaften Anwendung: 0xAUDIODG.EXE0
Pfad der fehlerhaften Anwendung: AUDIODG.EXE1
Pfad des fehlerhaften Moduls: AUDIODG.EXE2
Berichtskennung: AUDIODG.EXE3

Error: (09/29/2014 03:01:22 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "R:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (09/27/2014 02:55:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm rundll32.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: d00

Startzeit: 01cfd9ed99138355

Endzeit: 30

Anwendungspfad: C:\Windows\system32\rundll32.exe

Berichts-ID: eb26ea94-45e0-11e4-86e1-bc5ff4322554

Error: (09/26/2014 09:40:54 PM) (Source: Software Protection Platform Service) (EventID: 1012) (User: )
Description: Fehler beim Erwerb des Produktzertifikats. hr=0xC004C003
SKU-ID=a0cde89c-3304-4157-b61c-c8ad785d1fad

Error: (09/26/2014 09:40:54 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: Lizenzerwerb-Fehlerdetails. 
hr=0xC004C003

Error: (09/26/2014 07:32:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (09/26/2014 04:38:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (09/26/2014 04:37:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.


System errors:
=============
Error: (09/30/2014 02:22:26 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Acronis Sync Agent Service" wurde nicht richtig gestartet.

Error: (09/30/2014 02:18:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sfdrv01a

Error: (09/30/2014 02:17:04 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber sfdrv01a.sys konnte nicht geladen werden.

Error: (09/29/2014 10:41:44 PM) (Source: Microsoft-Windows-Service Pack Installer) (EventID: 8) (User: Basti-PC)
Description: Fehler bei der Service Pack-Installation. Fehlercode: 0x800f0828.

Error: (09/29/2014 10:41:37 PM) (Source: Microsoft-Windows-Service Pack Installer) (EventID: 5) (User: Basti-PC)
Description: Für die Installation des Service Packs ist nicht genügend freier Speicherplatz verfügbar. Erforderlich=7718 MB.

Error: (09/29/2014 08:07:00 PM) (Source: Microsoft-Windows-Service Pack Installer) (EventID: 8) (User: Basti-PC)
Description: Fehler bei der Service Pack-Installation. Fehlercode: 0x800f0828.

Error: (09/29/2014 08:06:25 PM) (Source: Microsoft-Windows-Service Pack Installer) (EventID: 5) (User: Basti-PC)
Description: Für die Installation des Service Packs ist nicht genügend freier Speicherplatz verfügbar. Erforderlich=7718 MB.

Error: (09/29/2014 04:04:22 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (09/29/2014 03:47:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Acronis Sync Agent Service" wurde nicht richtig gestartet.

Error: (09/29/2014 03:42:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%16405


Microsoft Office Sessions:
=========================
Error: (09/30/2014 04:09:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Play.exe10.0.0.05318d470unknown0.0.0.000000000c0000005716b0064122401cfdcb78538e454Q:\Filme\Sim City 2013\Play.exeunknown5e25d0ba-48ab-11e4-abd6-bc5ff4322554

Error: (09/29/2014 08:10:16 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\PROGRA~2\COMMON~1\INSTAL~1\Engine\6\INTEL3~1\IKernel.exe -EmbeddingInstalliert Star Wars Jedi Knight Jedi Academy0x8004231f

Error: (09/29/2014 03:09:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AUDIODG.EXE6.1.7600.163854a5bced5VIASysFx.dll1.0.0.04df1f2c5c0000005000000000005fb4e173401cfdbe69c72ea1cC:\Windows\system32\AUDIODG.EXEC:\Windows\system32\VIASysFx.dlle2b81074-47d9-11e4-9e99-bc5ff4322554

Error: (09/29/2014 03:01:22 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: R:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (09/27/2014 02:55:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: rundll32.exe6.1.7600.16385d0001cfd9ed9913835530C:\Windows\system32\rundll32.exeeb26ea94-45e0-11e4-86e1-bc5ff4322554

Error: (09/26/2014 09:40:54 PM) (Source: Software Protection Platform Service) (EventID: 1012) (User: )
Description: hr=0xC004C003a0cde89c-3304-4157-b61c-c8ad785d1fad

Error: (09/26/2014 09:40:54 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: hr=0xC004C00300010001(0x00000000, 21:40:53:818 - hxxp://go.microsoft.com/fwlink/?LinkID=88340)
00020001(0x00000000, 21:40:53:819)
00030001(0x00000000, 21:40:53:819 - hxxp://go.microsoft.com)
00030002(0x00000000, 21:40:53:819 - 1)
00020005(0x00000000, 21:40:53:819 - 0)
0002000C(0x00000000, 21:40:53:995 - 302)
0002000E(0x00000000, 21:40:53:995 - https://activation.sls.microsoft.com/slpkc/SLCertifyProduct.asmx)
00020001(0x00000000, 21:40:53:995)
00030001(0x00000000, 21:40:53:995 - https://activation.sls.microsoft.com)
00030002(0x00000000, 21:40:53:995 - 1)
00020005(0x00000000, 21:40:53:995 - 0)
0002000C(0x00000000, 21:40:54:241 - 500)
00010002(0x8004FC01, 21:40:54:242 - <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="hxxp://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema"><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>SoapException</faultstring><detail><HRESULT>0xC004C003</HRESULT><Messages><Message>103 (Activation) - [PA Product key blocked.  ---&gt; Product key blocked]</Message></Messages></detail></soap:Fault></soap:Body></soap:Envelope>)
00010003(0x8004FC01, 21:40:54:243)

Error: (09/26/2014 07:32:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (09/26/2014 04:38:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Basti\Desktop\esetsmartinstaller_deu.exe

Error: (09/26/2014 04:37:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Basti\Desktop\esetsmartinstaller_deu.exe


CodeIntegrity Errors:
===================================
  Date: 2014-09-25 20:35:53.738
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 20:35:53.734
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 20:35:53.730
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 20:35:53.714
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 20:35:53.710
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 20:35:53.707
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-24 16:44:02.033
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-24 16:44:02.033
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
Percentage of memory in use: 56%
Total physical RAM: 4095.24 MB
Available physical RAM: 1777.16 MB
Total Pagefile: 8188.63 MB
Available Pagefile: 5286.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:24.51 GB) (Free:0.72 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:13.67 GB) (Free:4.6 GB) NTFS
Drive g: () (Fixed) (Total:37.27 GB) (Free:29.95 GB) NTFS
Drive h: () (Fixed) (Total:29.3 GB) (Free:5.97 GB) NTFS
Drive j: () (Fixed) (Total:53.62 GB) (Free:18.95 GB) NTFS
Drive k: () (Fixed) (Total:31.48 GB) (Free:9.44 GB) NTFS
Drive m: (Volume) (Fixed) (Total:120 GB) (Free:119.91 GB) NTFS
Drive p: (GRMSP1.1_DVD) (CDROM) (Total:1.91 GB) (Free:0 GB) UDF
Drive q: (Volume) (Fixed) (Total:555.35 GB) (Free:460.04 GB) NTFS
Drive r: (Volume) (Fixed) (Total:256.16 GB) (Free:79.99 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 38.3 GB) (Disk ID: A4FEA4FE)
Partition 1: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=24.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 114.5 GB) (Disk ID: 43422AF6)
Partition 1: (Active) - (Size=29.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=85.1 GB) - (Type=05)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 09BF8012)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42)

========================================================
Disk: 3 (Size: 37.3 GB) (Disk ID: B42DB42D)
Partition 1: (Not Active) - (Size=37.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================

27.09.2014, 19:11	#10
schrauber /// the machine /// TB-Ausbilder	Windows 7: Fehler Meldung auf dem Desktop und Werbe umleitung Java updaten. Screenshot der Meldung bitte. WIndows updaten, da fehlt ein ganzes Servicepack! __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

30.09.2014, 15:29	#12
schrauber /// the machine /// TB-Ausbilder	Windows 7: Fehler Meldung auf dem Desktop und Werbe umleitung Öffne bitte FRST, setz nen Haken bei Addition und scanne, poste beide Logfiles. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Windows 7: Fehler Meldung auf dem Desktop und Werbe umleitung

Log-Analyse und Auswertung: Windows 7: Fehler Meldung auf dem Desktop und Werbe umleitung