Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 8: ungewollte Werbung bei Steam (https://www.trojaner-board.de/154613-windows-8-ungewollte-werbung-steam.html)

SkyMiep 01.06.2014 09:09
Windows 8: ungewollte Werbung bei Steam
 
Hallo,
Ich habe seit einigen Tagen das Problem, dass wenn ich bei Steam im Shop irgendwas anklicke,
sich ein Popup über den Steambrowser öffnet.
Ich benutze Avira und hab schon Malwarebytes durchlaufen lassen.Malwarebytes hat was gefunden, hab es aber gelöscht und kann jetzt die Logs hier nicht posten.
Hab nur das: Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 30.05.2014
Suchlauf-Zeit: 20:30:20
Logdatei: suchlauf_protokoll_malwarebytes.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.05.30.08
Rootkit Datenbank: v2014.05.21.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Hoang

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 271272
Verstrichene Zeit: 13 Min, 56 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

Schonmal Danke im Voraus.

schrauber 01.06.2014 09:28
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


SkyMiep 01.06.2014 10:19
Ich kann die Datei nicht öffnen, wurde durch Windows blockiert, weil es "schädlich" ist.:confused:

schrauber 02.06.2014 10:07
Auf mehr Informationen klicken, dann auf trotzdem ausführen.

SkyMiep 02.06.2014 14:44
Ah danke ^^,
Hier ist die FRST:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-06-2014
Ran by Hoang (administrator) on MIEP-PC on 02-06-2014 15:40:17
Running from C:\Users\Hoang\Desktop
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Pirrit\AutoUpdater.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1\3c4ee9082da815d.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1\8d9701a125fd749.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\Hoang\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Hoang\AppData\Local\Akamai\netsession_win.exe
() C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Program Files (x86)\puush\puush.exe
(ROCCAT) C:\Program Files (x86)\ROCCAT\Lua Mouse\Lua Config.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-09-19] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-19] (IDT, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [183376 2014-05-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-09] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-08] ()
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [18706176 2013-01-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Hoang\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [KPeerNexonEU] => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2013-06-03] (NEXON Inc.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-02-05] ()
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\MountPoints2: {37b830c9-7161-11e2-be6d-806e6f6e6963} - "E:\Launch.exe"
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-08] ()
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [18706176 2013-01-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Akamai NetSession Interface] => C:\Users\Hoang\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KPeerNexonEU] => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2013-06-03] (NEXON Inc.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-02-05] ()
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {01149384-1569-11e3-be93-10604b5ccc3a} - "G:\setup.exe"
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {37b830c9-7161-11e2-be6d-806e6f6e6963} - "E:\Launch.exe"
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-08] ()
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [18706176 2013-01-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Akamai NetSession Interface] => C:\Users\Hoang\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [KPeerNexonEU] => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2013-06-03] (NEXON Inc.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-02-05] ()
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {01149384-1569-11e3-be93-10604b5ccc3a} - "G:\setup.exe"
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {37b830c9-7161-11e2-be6d-806e6f6e6963} - "E:\Launch.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lua Driver.lnk
ShortcutTarget: Lua Driver.lnk -> C:\Program Files (x86)\ROCCAT\Lua Mouse\Lua Config.exe (ROCCAT)
Startup: C:\Users\Hoang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:34224
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = eseeky
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Nation Search
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM - {D17AA79F-6794-48CF-9478-3BB89D4B65B3} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = Electronics, Cars, Fashion, Collectibles, Coupons and More | eBay ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=437211471&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=437211471&q={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 - {D17AA79F-6794-48CF-9478-3BB89D4B65B3} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = Electronics, Cars, Fashion, Collectibles, Coupons and More | eBay ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {A8105727-97B2-4B68-8BA5-57150A17B1B3} URL = hxxp://eseeky.com/ws/?tbp=rst&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=437211471&q={searchTerms}
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKCU - {A8105727-97B2-4B68-8BA5-57150A17B1B3} URL = hxxp://eseeky.com/ws/?tbp=rst&q={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKCU - {D17AA79F-6794-48CF-9478-3BB89D4B65B3} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = Electronics, Cars, Fashion, Collectibles, Coupons and More | eBay ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Hoang\AppData\Roaming\Mozilla\Firefox\Profiles\ex1mu0gu.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Hoang\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Hoang\AppData\Roaming\Mozilla\Firefox\Profiles\ex1mu0gu.default\Extensions\youtubeunblocker@unblocker.yt [2014-05-24]
FF Extension: NoScript - C:\Users\Hoang\AppData\Roaming\Mozilla\Firefox\Profiles\ex1mu0gu.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-17]
FF Extension: Adblock Plus - C:\Users\Hoang\AppData\Roaming\Mozilla\Firefox\Profiles\ex1mu0gu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-17]

Chrome:
=======
CHR HomePage: hxxp://www.eseeky.com
CHR StartupUrls: "hxxp://www.eseeky.com"
CHR DefaultSearchKeyword: eseeky
CHR DefaultSearchProvider: eseeky
CHR DefaultSearchURL: hxxp://eseeky.com/ws/?tbp=rst&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-20]
CHR Extension: (Google Drive) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-20]
CHR Extension: (YouTube) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-20]
CHR Extension: (Google-Suche) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-20]
CHR Extension: (Google Wallet) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04]
CHR Extension: (Google Mail) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-20]

==================== Services (Whitelisted) =================

R2 3c4ee9082da815d.exe; C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1\3c4ee9082da815d.exe [93696 2014-05-27] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [123984 2014-05-14] (Avira Operations GmbH & Co. KG)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 PirritUpdater; C:\Program Files (x86)\Pirrit\AutoUpdater.exe [55296 2013-12-02] ()
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-02-16] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S2 d35d1fefe712838.exe; C:\Users\Hoang\AppData\Local\9c8e5f111312b248b5f48516f8664940\d35d1fefe712838.exe [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-09-07] (DT Soft Ltd)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-05-13] (LogMeIn Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 RegFltrX64; C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1\RegFltrX64.sys [18064 2014-05-27] ()
R3 tilfilter; C:\Windows\System32\drivers\TIxHCIlfilter.sys [17528 2012-11-20] (Texas Instruments, Inc.)
R3 tiufilter; C:\Windows\System32\drivers\TIxHCIufilter.sys [23184 2012-11-20] (Texas Instruments, Inc.)
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-02 15:40 - 2014-06-02 15:40 - 00027345 _____ () C:\Users\Hoang\Desktop\FRST.txt
2014-06-02 15:39 - 2014-06-02 15:40 - 00000000 ____D () C:\FRST
2014-06-01 15:54 - 2014-06-01 15:54 - 00000000 ____D () C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1
2014-06-01 11:22 - 2014-06-01 11:22 - 02067456 _____ (Farbar) C:\Users\Hoang\Desktop\FRST64.exe
2014-06-01 11:16 - 2014-06-01 11:16 - 02067456 _____ (Farbar) C:\Users\Hoang\Downloads\FRST64.exe
2014-06-01 10:00 - 2014-06-01 10:00 - 00001169 _____ () C:\Users\Hoang\Desktop\suchlauf_protokoll_malwarebytes.txt
2014-06-01 08:59 - 2014-06-01 08:59 - 00002772 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-06-01 08:59 - 2014-06-01 08:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-01 08:57 - 2014-06-01 08:57 - 04748896 _____ (Piriform Ltd) C:\Users\Hoang\Downloads\ccsetup414.exe
2014-05-31 10:25 - 2014-05-31 10:26 - 00259584 _____ (OldTimer Tools) C:\Users\Hoang\Downloads\OTH.scr
2014-05-30 19:59 - 2014-06-02 15:34 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-30 19:58 - 2014-05-30 19:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hoang\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-30 19:58 - 2014-05-30 19:58 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-30 19:58 - 2014-05-30 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-30 19:58 - 2014-05-30 19:58 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-30 19:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-05-30 19:58 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-05-30 19:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-05-29 14:46 - 2014-05-29 14:46 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Avira
2014-05-29 14:40 - 2014-05-09 11:16 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-05-29 14:40 - 2014-05-09 11:16 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-05-29 14:40 - 2014-05-09 11:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2014-05-29 14:39 - 2014-05-29 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-29 14:39 - 2014-05-29 14:40 - 00000000 ____D () C:\ProgramData\Avira
2014-05-29 14:39 - 2014-05-29 14:40 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-29 14:39 - 2014-05-29 14:39 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Hoang\Downloads\avira_de_av_4006160815__ws.exe
2014-05-29 14:29 - 2014-05-29 14:29 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hoang\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-29 14:29 - 2014-05-29 14:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 20:58 - 2014-05-28 20:58 - 00342510 _____ () C:\Users\Hoang\Downloads\OptiFine_1.4.6_HD_D5.zip
2014-05-28 19:37 - 2014-05-28 19:37 - 00006384 _____ () C:\Users\Hoang\Downloads\1k18vtgw33x6d7a.dlc
2014-05-28 18:17 - 2014-05-30 14:37 - 00000000 ____D () C:\Users\Hoang\AppData\Local\4ff68f9b611df627146909e95ab1c403
2014-05-28 14:37 - 2014-05-28 14:38 - 00000000 ____D () C:\Users\Hoang\Downloads\assets
2014-05-28 14:37 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\versions
2014-05-28 14:37 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\libraries
2014-05-28 14:14 - 2014-05-29 20:15 - 00000000 ____D () C:\Users\Hoang\AppData\Local\ftblauncher
2014-05-28 09:22 - 2014-05-28 09:22 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\StunlockStudios
2014-05-18 10:35 - 2014-05-18 10:35 - 00000000 __SHD () C:\found.001
2014-05-18 10:18 - 2014-05-18 10:18 - 00000000 __SHD () C:\found.000
2014-05-18 09:54 - 2014-05-18 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\osu!
2014-05-17 20:51 - 2014-05-17 20:51 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Awesomium
2014-05-17 20:50 - 2014-05-17 20:50 - 00002026 _____ () C:\Users\Public\Desktop\Smite.lnk
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-05-17 20:49 - 2014-05-17 20:50 - 39967251 _____ (Hi-Rez Studios) C:\Users\Hoang\Downloads\InstallHiRezGamesEnglish.exe
2014-05-17 19:58 - 2014-05-17 19:58 - 00283144 _____ (Mozilla) C:\Users\Hoang\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-17 19:58 - 2014-05-17 19:58 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-17 19:56 - 2014-05-17 19:56 - 00003114 _____ () C:\windows\System32\Tasks\{9CF79E44-3096-42FA-8501-B0888A8F8F44}
2014-05-17 15:32 - 2014-06-01 17:47 - 00000000 ____D () C:\Program Files (x86)\Steam2
2014-05-17 15:12 - 2014-05-17 15:12 - 01141680 _____ () C:\Users\Hoang\Downloads\SteamSetup.exe
2014-05-16 17:08 - 2014-05-17 10:14 - 00000000 ____D () C:\Users\Hoang\AppData\Local\Arma 3
2014-05-16 17:08 - 2014-05-16 17:08 - 00000000 ____D () C:\Users\Hoang\Documents\Arma 3
2014-05-16 17:08 - 2014-05-16 17:08 - 00000000 ____D () C:\ProgramData\Bohemia Interactive
2014-05-16 15:17 - 2014-05-17 10:49 - 00000000 ____D () C:\Users\Hoang\Documents\Wichtig
2014-05-16 14:00 - 2014-05-16 14:00 - 06111731 _____ () C:\Users\Hoang\Downloads\LAN_Win7_7077.zip
2014-05-16 13:58 - 2014-05-16 13:58 - 00155838 _____ () C:\Users\Hoang\Downloads\Lan_Realtek_7.3.522.5009_W7x64_A.zip
2014-05-16 13:49 - 2014-05-16 13:49 - 04927173 _____ () C:\Users\Hoang\Downloads\INF_10.0.14.zip
2014-05-16 13:13 - 2014-05-16 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-16 13:13 - 2014-05-16 13:13 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-15 15:48 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-15 15:48 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-05-15 15:47 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-15 15:47 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-05-15 15:47 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-15 15:47 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-15 15:47 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-05-15 15:47 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-05-15 15:47 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-05-15 15:47 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2014-05-15 15:47 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2014-05-15 15:47 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-15 15:47 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-15 15:47 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-05-15 15:47 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-05-15 15:47 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2014-05-15 15:46 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-15 15:46 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2014-05-15 15:46 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-05-15 15:46 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-05-15 15:46 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll
2014-05-15 15:46 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-05-15 15:46 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2014-05-15 15:46 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-05-15 15:46 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-05-15 15:46 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-05-15 15:46 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-05-15 15:46 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\workerdd.dll
2014-05-15 15:46 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-05-15 15:46 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-05-15 15:46 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-05-15 15:46 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-05-15 15:46 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-05-15 15:46 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-15 15:46 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2014-05-15 15:46 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-05-15 15:46 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-05-15 15:46 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-05-15 15:46 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-05-15 15:45 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-15 15:45 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-15 15:45 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-15 15:45 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-15 15:45 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-15 15:45 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-15 15:45 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-05-15 15:45 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-05-15 15:45 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\windows\system32\gpedit.dll
2014-05-15 15:45 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpedit.dll
2014-05-15 15:45 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-05-15 15:45 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-05-15 15:45 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-05-15 15:45 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-05-15 15:45 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-05-15 15:45 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys
2014-05-13 16:21 - 2014-05-13 16:28 - 05828846 _____ () C:\Users\Hoang\Downloads\01 Hört, Hört (Intro).m4a
2014-05-13 14:29 - 2014-05-13 14:29 - 00046136 ____H (LogMeIn Inc.) C:\windows\system32\Drivers\Hamdrv.sys
2014-05-10 22:04 - 2014-05-10 22:04 - 00000000 ____D () C:\Users\Hoang\Documents\Klei
2014-05-10 22:03 - 2014-05-29 14:45 - 00000000 ____D () C:\Program Files (x86)\Dont Starve Reign of Giants
2014-05-10 22:02 - 2014-05-10 22:02 - 00000000 ____D () C:\Users\Hoang\Documents\Dont.Starve.Reign.of.Giants-CODEX
2014-05-10 21:53 - 2014-05-10 21:54 - 350810614 _____ () C:\Users\Hoang\Downloads\Dont.Starve.Reign.of.Giants-CODEX.rar
2014-05-10 10:13 - 2014-05-17 19:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-06 14:30 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-05-06 14:30 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-05-06 14:30 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 14:30 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-05-06 14:30 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-04 18:47 - 2014-05-04 18:47 - 65912202 _____ () C:\Users\Hoang\Downloads\PAYDAY 2 ENDGAME 1.01.zip

==================== One Month Modified Files and Folders =======

2014-06-02 15:40 - 2014-06-02 15:40 - 00027345 _____ () C:\Users\Hoang\Desktop\FRST.txt
2014-06-02 15:40 - 2014-06-02 15:39 - 00000000 ____D () C:\FRST
2014-06-02 15:40 - 2013-02-08 10:24 - 00000000 ____D () C:\Users\Hoang\AppData\Local\PMB Files
2014-06-02 15:40 - 2013-02-07 22:22 - 01106790 _____ () C:\windows\WindowsUpdate.log
2014-06-02 15:40 - 2013-02-07 22:22 - 00000000 ____D () C:\Users\Hoang\AppData\Local\Temp
2014-06-02 15:38 - 2014-04-30 13:56 - 00003162 _____ () C:\windows\System32\Tasks\HPCeeScheduleForHoang
2014-06-02 15:38 - 2013-02-09 20:03 - 00000348 _____ () C:\windows\Tasks\HPCeeScheduleForHoang.job
2014-06-02 15:38 - 2013-02-07 22:22 - 00000000 ____D () C:\Users\Hoang
2014-06-02 15:35 - 2013-02-08 12:57 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Skype
2014-06-02 15:34 - 2014-05-30 19:59 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-02 15:34 - 2013-10-07 10:46 - 00000000 ____D () C:\Users\Hoang\AppData\Local\LogMeIn Hamachi
2014-06-02 15:34 - 2013-10-03 19:35 - 00000000 ____D () C:\ProgramData\Origin
2014-06-02 15:34 - 2013-10-03 19:35 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-02 15:34 - 2013-06-20 16:33 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-02 15:14 - 2013-06-20 16:33 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-02 15:12 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-06-02 15:12 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-06-01 20:22 - 2013-11-03 21:08 - 00000000 ____D () C:\Program Files (x86)\osu!
2014-06-01 20:08 - 2013-02-08 10:16 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-06-01 17:47 - 2014-05-17 15:32 - 00000000 ____D () C:\Program Files (x86)\Steam2
2014-06-01 15:54 - 2014-06-01 15:54 - 00000000 ____D () C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1
2014-06-01 15:20 - 2013-02-08 12:10 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\.minecraft
2014-06-01 11:22 - 2014-06-01 11:22 - 02067456 _____ (Farbar) C:\Users\Hoang\Desktop\FRST64.exe
2014-06-01 11:16 - 2014-06-01 11:16 - 02067456 _____ (Farbar) C:\Users\Hoang\Downloads\FRST64.exe
2014-06-01 10:00 - 2014-06-01 10:00 - 00001169 _____ () C:\Users\Hoang\Desktop\suchlauf_protokoll_malwarebytes.txt
2014-06-01 09:16 - 2013-03-09 20:01 - 00431616 ___SH () C:\Users\Hoang\Desktop\Thumbs.db
2014-06-01 09:10 - 2013-09-07 20:24 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\DAEMON Tools Lite
2014-06-01 09:10 - 2013-05-20 19:54 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\TS3Client
2014-06-01 09:10 - 2013-05-07 14:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-01 09:03 - 2014-02-24 16:00 - 00000000 ____D () C:\windows\Minidump
2014-06-01 09:03 - 2012-08-02 04:02 - 00000000 ____D () C:\windows\Panther
2014-06-01 08:59 - 2014-06-01 08:59 - 00002772 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-06-01 08:59 - 2014-06-01 08:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-01 08:57 - 2014-06-01 08:57 - 04748896 _____ (Piriform Ltd) C:\Users\Hoang\Downloads\ccsetup414.exe
2014-05-31 19:08 - 2013-02-09 20:03 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-05-31 19:08 - 2013-02-09 20:03 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-31 11:24 - 2012-12-12 14:12 - 00745562 _____ () C:\windows\system32\perfh007.dat
2014-05-31 11:24 - 2012-12-12 14:12 - 00169488 _____ () C:\windows\system32\perfc007.dat
2014-05-31 11:24 - 2012-07-26 09:28 - 01752656 _____ () C:\windows\system32\PerfStringBackup.INI
2014-05-31 11:18 - 2012-12-12 05:18 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-31 11:18 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-31 11:17 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-05-31 11:06 - 2013-09-30 18:34 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Pirrit
2014-05-31 10:26 - 2014-05-31 10:25 - 00259584 _____ (OldTimer Tools) C:\Users\Hoang\Downloads\OTH.scr
2014-05-30 19:58 - 2014-05-30 19:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hoang\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-30 19:58 - 2014-05-30 19:58 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-30 19:58 - 2014-05-30 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-30 19:58 - 2014-05-30 19:58 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-30 19:36 - 2013-02-07 22:32 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3899298961-605761135-190624624-1001
2014-05-30 14:37 - 2014-05-28 18:17 - 00000000 ____D () C:\Users\Hoang\AppData\Local\4ff68f9b611df627146909e95ab1c403
2014-05-29 20:15 - 2014-05-28 14:14 - 00000000 ____D () C:\Users\Hoang\AppData\Local\ftblauncher
2014-05-29 14:46 - 2014-05-29 14:46 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Avira
2014-05-29 14:45 - 2014-05-10 22:03 - 00000000 ____D () C:\Program Files (x86)\Dont Starve Reign of Giants
2014-05-29 14:43 - 2014-04-13 09:35 - 00000000 ____D () C:\Users\Hoang\Desktop\Unwichtig
2014-05-29 14:40 - 2014-05-29 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-29 14:40 - 2014-05-29 14:39 - 00000000 ____D () C:\ProgramData\Avira
2014-05-29 14:40 - 2014-05-29 14:39 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-29 14:39 - 2014-05-29 14:39 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Hoang\Downloads\avira_de_av_4006160815__ws.exe
2014-05-29 14:39 - 2013-07-10 16:37 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-29 14:29 - 2014-05-29 14:29 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hoang\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-29 14:29 - 2014-05-29 14:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-29 12:36 - 2013-05-07 15:10 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-28 20:58 - 2014-05-28 20:58 - 00342510 _____ () C:\Users\Hoang\Downloads\OptiFine_1.4.6_HD_D5.zip
2014-05-28 19:37 - 2014-05-28 19:37 - 00006384 _____ () C:\Users\Hoang\Downloads\1k18vtgw33x6d7a.dlc
2014-05-28 14:38 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\assets
2014-05-28 14:38 - 2013-08-17 09:52 - 00000000 ____D () C:\Users\Hoang\Downloads\FTBLite
2014-05-28 14:37 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\versions
2014-05-28 14:37 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\libraries
2014-05-28 14:37 - 2013-06-04 14:56 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\ftblauncher
2014-05-28 14:15 - 2014-02-21 16:46 - 00000000 ____D () C:\Users\Hoang\Downloads\authlib
2014-05-28 09:22 - 2014-05-28 09:22 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\StunlockStudios
2014-05-27 18:28 - 2013-10-25 18:51 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\.technic
2014-05-25 18:38 - 2013-08-21 18:03 - 00012502 _____ () C:\Users\Hoang\Documents\Praktikum-Lebenslauf.odt
2014-05-25 18:23 - 2013-06-06 17:48 - 00291128 _____ () C:\windows\SysWOW64\PnkBstrB.xtr
2014-05-25 18:23 - 2013-06-06 17:47 - 00291128 _____ () C:\windows\SysWOW64\PnkBstrB.exe
2014-05-25 18:22 - 2013-06-06 17:47 - 00291128 _____ () C:\windows\SysWOW64\PnkBstrB.ex0
2014-05-23 14:36 - 2013-05-07 19:45 - 00000000 ___HD () C:\windows\msdownld.tmp
2014-05-23 14:36 - 2013-05-07 19:45 - 00000000 ____D () C:\windows\SysWOW64\directx
2014-05-23 14:02 - 2014-04-30 18:38 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-05-18 18:44 - 2013-05-06 18:10 - 00000000 ____D () C:\Users\Hoang\Desktop\Wichtig
2014-05-18 11:48 - 2013-04-04 18:08 - 00000000 ____D () C:\Users\Hoang\Documents\My Games
2014-05-18 10:36 - 2013-02-07 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-18 10:35 - 2014-05-18 10:35 - 00000000 __SHD () C:\found.001
2014-05-18 10:18 - 2014-05-18 10:18 - 00000000 __SHD () C:\found.000
2014-05-18 09:57 - 2013-11-03 21:08 - 00000000 ____D () C:\Users\Hoang\Documents\Songs
2014-05-18 09:56 - 2013-11-03 21:08 - 00000000 ____D () C:\Users\Hoang\Documents\Skins
2014-05-18 09:54 - 2014-05-18 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\osu!
2014-05-17 20:51 - 2014-05-17 20:51 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Awesomium
2014-05-17 20:50 - 2014-05-17 20:50 - 00002026 _____ () C:\Users\Public\Desktop\Smite.lnk
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:49 - 39967251 _____ (Hi-Rez Studios) C:\Users\Hoang\Downloads\InstallHiRezGamesEnglish.exe
2014-05-17 20:50 - 2012-12-12 05:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-17 19:58 - 2014-05-17 19:58 - 00283144 _____ (Mozilla) C:\Users\Hoang\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-17 19:58 - 2014-05-17 19:58 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-17 19:58 - 2014-05-10 10:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-17 19:58 - 2013-02-07 22:30 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Mozilla
2014-05-17 19:56 - 2014-05-17 19:56 - 00003114 _____ () C:\windows\System32\Tasks\{9CF79E44-3096-42FA-8501-B0888A8F8F44}
2014-05-17 15:32 - 2013-05-07 14:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-17 15:12 - 2014-05-17 15:12 - 01141680 _____ () C:\Users\Hoang\Downloads\SteamSetup.exe
2014-05-17 10:49 - 2014-05-16 15:17 - 00000000 ____D () C:\Users\Hoang\Documents\Wichtig
2014-05-17 10:16 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\LiveKernelReports
2014-05-17 10:14 - 2014-05-16 17:08 - 00000000 ____D () C:\Users\Hoang\AppData\Local\Arma 3
2014-05-16 20:22 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-05-16 17:08 - 2014-05-16 17:08 - 00000000 ____D () C:\Users\Hoang\Documents\Arma 3
2014-05-16 17:08 - 2014-05-16 17:08 - 00000000 ____D () C:\ProgramData\Bohemia Interactive
2014-05-16 14:00 - 2014-05-16 14:00 - 06111731 _____ () C:\Users\Hoang\Downloads\LAN_Win7_7077.zip
2014-05-16 13:58 - 2014-05-16 13:58 - 00155838 _____ () C:\Users\Hoang\Downloads\Lan_Realtek_7.3.522.5009_W7x64_A.zip
2014-05-16 13:49 - 2014-05-16 13:49 - 04927173 _____ () C:\Users\Hoang\Downloads\INF_10.0.14.zip
2014-05-16 13:28 - 2013-02-07 22:24 - 00000000 ___RD () C:\Users\Hoang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 13:28 - 2013-02-07 22:24 - 00000000 ___RD () C:\Users\Hoang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 13:13 - 2014-05-16 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-16 13:13 - 2014-05-16 13:13 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\SecureBootUpdates
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-15 18:12 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-05-15 18:06 - 2013-08-14 16:27 - 00000000 ____D () C:\windows\system32\MRT
2014-05-15 18:03 - 2013-02-09 13:30 - 93223848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-05-15 18:03 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-05-13 20:09 - 2013-02-08 10:16 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 16:28 - 2014-05-13 16:21 - 05828846 _____ () C:\Users\Hoang\Downloads\01 Hört, Hört (Intro).m4a
2014-05-13 14:29 - 2014-05-13 14:29 - 00046136 ____H (LogMeIn Inc.) C:\windows\system32\Drivers\Hamdrv.sys
2014-05-12 15:48 - 2013-04-02 18:33 - 00000000 ____D () C:\Users\Hoang\Documents\uztcf
2014-05-12 07:26 - 2014-05-30 19:58 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-30 19:58 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-30 19:58 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-05-10 22:04 - 2014-05-10 22:04 - 00000000 ____D () C:\Users\Hoang\Documents\Klei
2014-05-10 22:02 - 2014-05-10 22:02 - 00000000 ____D () C:\Users\Hoang\Documents\Dont.Starve.Reign.of.Giants-CODEX
2014-05-10 21:54 - 2014-05-10 21:53 - 350810614 _____ () C:\Users\Hoang\Downloads\Dont.Starve.Reign.of.Giants-CODEX.rar
2014-05-10 09:09 - 2013-06-20 16:33 - 00004096 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-10 09:09 - 2013-06-20 16:33 - 00003860 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 11:16 - 2014-05-29 14:40 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-05-09 11:16 - 2014-05-29 14:40 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-05-09 11:16 - 2014-05-29 14:40 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2014-05-06 17:25 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-05-06 07:14 - 2014-05-15 15:45 - 19274752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-15 15:45 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-15 15:45 - 14367232 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-15 15:45 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-15 15:45 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-15 15:45 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-04 18:47 - 2014-05-04 18:47 - 65912202 _____ () C:\Users\Hoang\Downloads\PAYDAY 2 ENDGAME 1.01.zip

Some content of TEMP:
====================
C:\Users\Hoang\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-15 15:47] - [2014-04-12 11:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-26 19:48

==================== End Of Log ============================
--- --- ---
Und hier ist die Addition:FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2014
Ran by Hoang at 2014-06-02 15:40:41
Running from C:\Users\Hoang\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
ArmA 2 Free Uninstall (HKLM-x32\...\ArmA 2) (Version:  - )
Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version:  - Bohemia Interactive)
Assassin's Creed (HKLM-x32\...\Steam App 15100) (Version:  - Ubisoft Montreal)
Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version:  - Ubisoft Montreal)
Avira (HKLM-x32\...\{68e29fba-92b1-4f6f-a604-1d8679da3a9f}) (Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ Beta (HKLM-x32\...\{CFAB3721-549D-4827-A4E8-7F90192114AB}) (Version: 1.0.0.0 - Electronic Arts)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
ChatZum Toolbar (HKLM-x32\...\ChatZum Toolbar) (Version: 1.0.20 - ChatZum)
Clonk Rage (HKLM-x32\...\Clonk Rage) (Version:  - RedWolf Design GmbH)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5510 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3109 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1902 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.1.4319 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version:  - Stunlock Studios)
Dungeon Lord (v1.4) (HKLM-x32\...\Dungeon Lords_is1) (Version:  - dtp AG / Crimson Cow)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version:  - The Creative Assembly)
Forsaken World  (HKLM-x32\...\Steam App 36620) (Version:  - Perfect World Beijing)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Ghost Recon Online (EU) (HKCU\...\d8be6c3f847d7d92) (Version: 1.34.288.2 - Ubisoft)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Herrscher des Olymp - Zeus + Addon Version 1.1 (HKLM-x32\...\{5BD89EC2-9DF3-4F11-ADDA-9ECF149C2C8F}_is1) (Version: 1.1 - UGP)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Quick Start (HKLM-x32\...\{BB27C290-AB30-4D9E-A5D1-88745AAE42E9}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version:  - Hammerpoint Interactive)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217013FF}) (Version: 7.0.130 - Oracle)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Halo (HKLM-x32\...\Halo) (Version:  - Microsoft)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.2.0 (x86 de)) (Version: 24.2.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Neverwinter (HKLM-x32\...\Neverwinter) (Version:  - Cryptic Studios)
Nidhogg incl. Update 1 (HKLM-x32\...\TmlkaG9nZ2luY2xVcGRhdGUx_is1) (Version: 1 - )
NVIDIA 3D Vision Controller-Treiber 326.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 326.01 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.23 (Version: 327.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Operation Flashpoint: Red River (HKLM-x32\...\Steam App 44340) (Version:  - Codemasters Action Studio)
Origin (HKLM-x32\...\Origin) (Version: 9.3.7.2735 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Pirate Galaxy (HKCU\...\Pirate Galaxy) (Version: 12345.0.0.0 - Splitscreen Studios GmbH)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Rapider (HKLM-x32\...\Rapider) (Version: 1.1.1140 - Zugara Investments Limited)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
RIFT (HKCU\...\RIFT) (Version:  - Trion Worlds, Inc.)
Rise And Fall (remove only) (HKLM-x32\...\Rise And Fall) (Version: 1.7.0.11.2.4.3 - Midway Home Entertainment Inc.)
ROCCAT Lua Mouse Driver (HKLM-x32\...\{10E03440-9A5B-48F5-BB24-359EFE3E6C71}) (Version: 1.13 - ROCCAT GmbH)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Skype™ 6.1 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.1.129 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2151.6 - Hi-Rez Studios)
Sniper Elite: Zombie Army (HKLM-x32\...\Steam App 235700) (Version:  - Rebellion)
Starbound version Update 6 (HKLM-x32\...\{33A37C4B-D8D7-448A-8CC5-FD4A189650DD}_is1) (Version: Update 6 - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stranded II 1.0.0.1 (HKLM-x32\...\{CE0900ED-C76A-40C0-8DB4-0F68D825B283}_is1) (Version:  - Unreal Software)
Stronghold Kingdoms (HKLM-x32\...\{D1D632A2-E249-466D-A094-B1B934D37645}_is1) (Version: 1.17 - Firefly Studios)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.17396 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
TI xHCI Filter Driver 1.0.0.4 (HKLM-x32\...\TI xHCI Filter Driver) (Version: 1.0.0.4 - Texas Instruments Inc.)
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Titan Quest Immortal Throne (HKLM-x32\...\{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}) (Version: 1.00.0000 - Iron Lore)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XMedia Recode Version 3.1.7.9 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.7.9 - XMedia Recode)

==================== Restore Points  =========================

01-06-2014 15:08:41 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {29AD800B-65A3-4195-AC91-12397CD9F1B3} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {75F768A8-0DEE-4AE7-A4CB-8F0E6CA368AF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {7941BA63-9AEF-4BFE-8B8D-36D2CE5AF622} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {7A527F40-1A92-4D30-81F1-E1BE21BB8231} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-20] (Google Inc.)
Task: {87FC5E2D-211A-4E81-8F6C-E244FB43B460} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {959C6E7F-DB84-4C23-AF77-F5230E6CA4E6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {98E08121-DA66-4FE6-84BF-FE881A9E9F94} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-20] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B86A6C7A-F1F9-4906-9129-6C80B8AB9A75} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CFBCA82E-E79D-4994-BB16-B9B23CB77FF4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {D9EFE00A-B379-4C62-81DB-4CAEB88F5A10} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {EA7EE1F9-7D60-477B-9523-962C94FE57A3} - System32\Tasks\HPCeeScheduleForHoang => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForHoang.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2013-09-30 18:34 - 2013-12-02 15:28 - 00055296 _____ () C:\Program Files (x86)\Pirrit\AutoUpdater.exe
2013-06-06 17:47 - 2014-02-16 15:47 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2012-08-29 12:02 - 2012-08-29 12:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-08-29 12:02 - 2012-08-29 12:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-08-29 12:02 - 2012-08-29 12:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2014-06-01 15:54 - 2014-05-27 15:45 - 00093696 _____ () C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1\3c4ee9082da815d.exe
2012-12-12 05:17 - 2013-09-12 09:25 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-15 18:08 - 2014-05-15 18:08 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2014-06-01 15:54 - 2014-05-27 15:44 - 00288768 _____ () C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1\8d9701a125fd749.exe
2013-02-08 10:24 - 2013-02-08 10:24 - 03093624 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2013-06-03 16:48 - 2013-06-03 16:48 - 01992328 _____ () C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
2012-01-10 15:41 - 2014-02-05 17:55 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe
2013-02-07 22:23 - 2013-02-07 22:23 - 00120224 _____ () C:\Users\Hoang\AppData\Local\assembly\dl3\3XEMYH93.PBL\8WOZQA3L.EYD\7afc7911\0017145d_cd85cd01\HPItunesModule.DLL
2014-05-14 14:27 - 2014-05-14 14:27 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-05-14 14:27 - 2014-05-14 14:27 - 00065616 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2012-12-12 05:22 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-06-01 15:54 - 2014-03-07 20:56 - 00117262 _____ () C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1\libgcc_s_dw2-1.dll
2014-06-01 15:54 - 2014-03-07 20:56 - 00970766 _____ () C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1\libstdc++-6.dll
2014-01-29 08:28 - 2014-04-25 08:26 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-01-29 08:28 - 2014-04-25 08:26 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-01-29 08:28 - 2014-04-25 08:26 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-01-29 08:28 - 2014-04-25 08:26 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-01-29 08:28 - 2014-04-25 08:26 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-01-29 08:28 - 2014-04-25 08:26 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-01-29 08:28 - 2014-04-25 08:26 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-01-29 08:28 - 2014-04-25 08:26 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2012-12-12 05:28 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-05-29 14:41 - 2014-05-14 14:27 - 00049744 _____ () C:\Users\Hoang\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-05-17 19:58 - 2014-05-07 04:27 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/01/2014 05:08:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service a3a34f2cc6d9887.exe since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (06/01/2014 10:02:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x21a8
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Vollständiger Name des fehlerhaften Pakets: mbam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5

Error: (06/01/2014 10:02:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x1a98
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Vollständiger Name des fehlerhaften Pakets: mbam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5

Error: (05/31/2014 11:20:26 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz  konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet.  0x0.

Error: (05/31/2014 11:20:25 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (05/31/2014 11:20:25 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Error: (05/31/2014 11:17:37 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (05/30/2014 08:25:36 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz  konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet.  0x0.

Error: (05/30/2014 08:25:36 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (05/30/2014 08:25:35 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.


System errors:
=============
Error: (06/02/2014 03:34:08 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (06/01/2014 08:54:43 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (06/01/2014 03:54:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "d35d1fefe712838.exe" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/01/2014 08:54:11 AM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/31/2014 11:03:20 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/31/2014 11:22:40 AM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/31/2014 11:22:27 AM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/31/2014 11:20:07 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "PirritUpdater" wurde nicht richtig gestartet.

Error: (05/31/2014 11:20:06 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "d35d1fefe712838.exe" wurde nicht richtig gestartet.

Error: (05/31/2014 11:18:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "a3a34f2cc6d9887.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (06/01/2014 05:08:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service a3a34f2cc6d9887.exe since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (06/01/2014 10:02:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd21a801cf7d6fd5b7366aC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll20a64009-e963-11e3-bec1-10604b5ccc3a

Error: (06/01/2014 10:02:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd1a9801cf7d664a601b8aC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll0c14f9a0-e963-11e3-bec1-10604b5ccc3a

Error: (05/31/2014 11:20:26 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: WSearchIdxPiDer Vorgang wurde erfolgreich beendet.  0x0

Error: (05/31/2014 11:20:25 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog

Error: (05/31/2014 11:20:25 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description:

Error: (05/31/2014 11:17:37 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (05/30/2014 08:25:36 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: WSearchIdxPiDer Vorgang wurde erfolgreich beendet.  0x0

Error: (05/30/2014 08:25:36 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog

Error: (05/30/2014 08:25:35 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description:


==================== Memory info ===========================

Percentage of memory in use: 33%
Total physical RAM: 8147.35 MB
Available physical RAM: 5387.07 MB
Total Pagefile: 16339.35 MB
Available Pagefile: 13285.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1850.32 GB) (Free:1362.5 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:11.22 GB) (Free:1.37 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (TQGOLD) (CDROM) (Total:4.39 GB) (Free:0 GB) UDF
Drive g: (Reign of Giants) (CDROM) (Total:0.59 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 49EC6F4B)

Partition: GPT Partition Type.

==================== End Of Log ============================
--- --- ---

schrauber 03.06.2014 10:13
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

SkyMiep 03.06.2014 13:14
Das ist schonmal von AdwCleaner: (Habs es nicht auf dem Desktop gespeichert, hoffe es ist nicht so schlimm)AdwCleaner Logfile:
Code:
# AdwCleaner v3.211 - Bericht erstellt am 03/06/2014 um 14:05:01
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Hoang - MIEP-PC
# Gestartet von : C:\Users\Hoang\Downloads\adwcleaner_3.211.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : PirritUpdater

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\ChatZum Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Pirrit
Ordner Gelöscht : C:\Users\Hoang\AppData\Local\Pirrit Suggestor
Ordner Gelöscht : C:\Users\Hoang\AppData\Local\WinRST
Ordner Gelöscht : C:\Users\Hoang\AppData\LocalLow\Toolbar4
Ordner Gelöscht : C:\Users\Hoang\AppData\Roaming\Pirrit
Datei Gelöscht : C:\Users\Hoang\AppData\Roaming\Mozilla\Firefox\Profiles\y4ubgkim.default\searchplugins\eseeky-search.xml

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKCU\Software\{ADFA33FD-16F5-4355-8504-DF4D664CFE83}
Schlüssel Gelöscht : HKCU\Software\ChatZum Toolbar
Schlüssel Gelöscht : HKCU\Software\Pirrit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software
Schlüssel Gelöscht : HKLM\Software\ChatZum Toolbar
Schlüssel Gelöscht : HKLM\Software\Pirrit
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ChatZum Toolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Pirrit

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\Hoang\AppData\Roaming\Mozilla\Firefox\Profiles\ex1mu0gu.default\prefs.js ]


-\\ Google Chrome v35.0.1916.114

[ Datei : C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7672 octets] - [03/06/2014 14:04:22]
AdwCleaner[S0].txt - [7063 octets] - [03/06/2014 14:05:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7123 octets] ##########
--- --- ---

Das ist von MBAM:

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 03.06.2014
Suchlauf-Zeit: 14:12:35
Logdatei: 3-6-14-suchlauf_mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.03.04
Rootkit Datenbank: v2014.06.02.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Hoang

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 269939
Verstrichene Zeit: 8 Min, 44 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

Das ist die JRT:JRT Logfile:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Hoang on 03.06.2014 at 14:28:03,75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D17AA79F-6794-48CF-9478-3BB89D4B65B3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{D17AA79F-6794-48CF-9478-3BB89D4B65B3}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Hoang\appdata\locallow\boost_interprocess"



~~~ FireFox

Emptied folder: C:\Users\Hoang\AppData\Roaming\mozilla\firefox\profiles\ex1mu0gu.default\minidumps [4 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.06.2014 at 14:31:45,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---

Und die frische FRST:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-06-2014
Ran by Hoang (administrator) on MIEP-PC on 03-06-2014 14:37:02
Running from C:\Users\Hoang\Desktop
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\Hoang\AppData\Local\Akamai\netsession_win.exe
() C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Program Files (x86)\puush\puush.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(ROCCAT) C:\Program Files (x86)\ROCCAT\Lua Mouse\Lua Config.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Akamai Technologies, Inc.) C:\Users\Hoang\AppData\Local\Akamai\netsession_win.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-09-19] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-19] (IDT, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [183376 2014-05-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-09] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-08] ()
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [18706176 2013-01-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Hoang\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [KPeerNexonEU] => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2013-06-03] (NEXON Inc.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-02-05] ()
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\MountPoints2: {01149384-1569-11e3-be93-10604b5ccc3a} - "G:\setup.exe"
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\MountPoints2: {37b830c9-7161-11e2-be6d-806e6f6e6963} - "E:\Launch.exe"
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-08] ()
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [18706176 2013-01-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Akamai NetSession Interface] => C:\Users\Hoang\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KPeerNexonEU] => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2013-06-03] (NEXON Inc.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-02-05] ()
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {01149384-1569-11e3-be93-10604b5ccc3a} - "G:\setup.exe"
HKU\S-1-5-21-3899298961-605761135-190624624-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {37b830c9-7161-11e2-be6d-806e6f6e6963} - "E:\Launch.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lua Driver.lnk
ShortcutTarget: Lua Driver.lnk -> C:\Program Files (x86)\ROCCAT\Lua Mouse\Lua Config.exe (ROCCAT)
Startup: C:\Users\Hoang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:34224
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.eseeky.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {D17AA79F-6794-48CF-9478-3BB89D4B65B3} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {A8105727-97B2-4B68-8BA5-57150A17B1B3} URL = hxxp://eseeky.com/ws/?tbp=rst&q={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Hoang\AppData\Roaming\Mozilla\Firefox\Profiles\ex1mu0gu.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Hoang\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Hoang\AppData\Roaming\Mozilla\Firefox\Profiles\ex1mu0gu.default\Extensions\youtubeunblocker@unblocker.yt [2014-05-24]
FF Extension: NoScript - C:\Users\Hoang\AppData\Roaming\Mozilla\Firefox\Profiles\ex1mu0gu.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-17]
FF Extension: Adblock Plus - C:\Users\Hoang\AppData\Roaming\Mozilla\Firefox\Profiles\ex1mu0gu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-17]

Chrome:
=======
CHR HomePage: hxxp://www.eseeky.com
CHR StartupUrls: "hxxp://www.eseeky.com"
CHR DefaultSearchKeyword: hxxp://www.eseeky.com
CHR DefaultSearchProvider: eseeky
CHR DefaultSearchURL: hxxp://eseeky.com/ws/?tbp=rst&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-20]
CHR Extension: (Google Drive) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-20]
CHR Extension: (YouTube) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-20]
CHR Extension: (Google-Suche) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-20]
CHR Extension: (Google Wallet) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04]
CHR Extension: (Google Mail) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-20]

==================== Services (Whitelisted) =================

S2 3c4ee9082da815d.exe; C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1\3c4ee9082da815d.exe [93696 2014-05-27] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [123984 2014-05-14] (Avira Operations GmbH & Co. KG)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-02-16] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S2 d35d1fefe712838.exe; C:\Users\Hoang\AppData\Local\9c8e5f111312b248b5f48516f8664940\d35d1fefe712838.exe [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-09-07] (DT Soft Ltd)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-05-13] (LogMeIn Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 RegFltrX64; C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1\RegFltrX64.sys [18064 2014-05-27] ()
R3 tilfilter; C:\Windows\System32\drivers\TIxHCIlfilter.sys [17528 2012-11-20] (Texas Instruments, Inc.)
R3 tiufilter; C:\Windows\System32\drivers\TIxHCIufilter.sys [23184 2012-11-20] (Texas Instruments, Inc.)
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-03 14:31 - 2014-06-03 14:31 - 00001439 _____ () C:\Users\Hoang\Desktop\JRT.txt
2014-06-03 14:28 - 2014-06-03 14:28 - 00000000 ____D () C:\windows\ERUNT
2014-06-03 14:27 - 2014-06-03 14:27 - 01016261 _____ (Thisisu) C:\Users\Hoang\Desktop\JRT.exe
2014-06-03 14:24 - 2014-06-03 14:24 - 00001151 _____ () C:\Users\Hoang\Desktop\3-6-14-suchlauf_mbam.txt
2014-06-03 14:06 - 2014-06-03 14:06 - 00000772 _____ () C:\windows\PFRO.log
2014-06-03 14:04 - 2014-06-03 14:05 - 00000000 ____D () C:\AdwCleaner
2014-06-03 14:03 - 2014-06-03 14:03 - 01327971 _____ () C:\Users\Hoang\Downloads\adwcleaner_3.211.exe
2014-06-02 19:49 - 2014-06-02 19:49 - 00000000 ____D () C:\windows\LastGood.Tmp
2014-06-02 19:49 - 2014-05-30 01:07 - 01715176 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2014-06-02 19:49 - 2014-05-30 01:07 - 01291232 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2014-06-02 19:49 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2014-06-02 19:49 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2014-06-02 19:48 - 2014-06-02 19:49 - 00000103 _____ () C:\windows\setupact.log
2014-06-02 19:48 - 2014-06-02 19:48 - 00000000 _____ () C:\windows\setuperr.log
2014-06-02 15:40 - 2014-06-03 14:37 - 00023324 _____ () C:\Users\Hoang\Desktop\FRST.txt
2014-06-02 15:40 - 2014-06-03 14:35 - 00056270 _____ () C:\Users\Hoang\Desktop\FRST1-6.txt
2014-06-02 15:40 - 2014-06-02 15:41 - 00036767 _____ () C:\Users\Hoang\Desktop\Addition.txt
2014-06-02 15:39 - 2014-06-03 14:37 - 00000000 ____D () C:\FRST
2014-06-01 15:54 - 2014-06-02 17:58 - 00000000 ____D () C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1
2014-06-01 11:22 - 2014-06-01 11:22 - 02067456 _____ (Farbar) C:\Users\Hoang\Desktop\FRST64.exe
2014-06-01 11:16 - 2014-06-01 11:16 - 02067456 _____ (Farbar) C:\Users\Hoang\Downloads\FRST64.exe
2014-06-01 10:00 - 2014-06-01 10:00 - 00001169 _____ () C:\Users\Hoang\Desktop\suchlauf_protokoll_malwarebytes.txt
2014-06-01 08:59 - 2014-06-01 08:59 - 00002772 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-06-01 08:59 - 2014-06-01 08:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-01 08:57 - 2014-06-01 08:57 - 04748896 _____ (Piriform Ltd) C:\Users\Hoang\Downloads\ccsetup414.exe
2014-05-31 10:25 - 2014-05-31 10:26 - 00259584 _____ (OldTimer Tools) C:\Users\Hoang\Downloads\OTH.scr
2014-05-30 19:59 - 2014-06-03 14:08 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-30 19:58 - 2014-05-30 19:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hoang\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-30 19:58 - 2014-05-30 19:58 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-30 19:58 - 2014-05-30 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-30 19:58 - 2014-05-30 19:58 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-30 19:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-05-30 19:58 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-05-30 19:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-05-29 14:46 - 2014-05-29 14:46 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Avira
2014-05-29 14:40 - 2014-05-09 11:16 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-05-29 14:40 - 2014-05-09 11:16 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-05-29 14:40 - 2014-05-09 11:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2014-05-29 14:39 - 2014-05-29 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-29 14:39 - 2014-05-29 14:40 - 00000000 ____D () C:\ProgramData\Avira
2014-05-29 14:39 - 2014-05-29 14:40 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-29 14:39 - 2014-05-29 14:39 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Hoang\Downloads\avira_de_av_4006160815__ws.exe
2014-05-29 14:29 - 2014-05-29 14:29 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hoang\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-29 14:29 - 2014-05-29 14:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 20:58 - 2014-05-28 20:58 - 00342510 _____ () C:\Users\Hoang\Downloads\OptiFine_1.4.6_HD_D5.zip
2014-05-28 19:37 - 2014-05-28 19:37 - 00006384 _____ () C:\Users\Hoang\Downloads\1k18vtgw33x6d7a.dlc
2014-05-28 18:17 - 2014-06-02 17:58 - 00000000 ____D () C:\Users\Hoang\AppData\Local\4ff68f9b611df627146909e95ab1c403
2014-05-28 14:37 - 2014-05-28 14:38 - 00000000 ____D () C:\Users\Hoang\Downloads\assets
2014-05-28 14:37 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\versions
2014-05-28 14:37 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\libraries
2014-05-28 14:14 - 2014-05-29 20:15 - 00000000 ____D () C:\Users\Hoang\AppData\Local\ftblauncher
2014-05-28 09:22 - 2014-05-28 09:22 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\StunlockStudios
2014-05-18 10:35 - 2014-05-18 10:35 - 00000000 __SHD () C:\found.001
2014-05-18 10:18 - 2014-05-18 10:18 - 00000000 __SHD () C:\found.000
2014-05-18 09:54 - 2014-05-18 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\osu!
2014-05-17 20:51 - 2014-05-17 20:51 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Awesomium
2014-05-17 20:50 - 2014-05-17 20:50 - 00002026 _____ () C:\Users\Public\Desktop\Smite.lnk
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-05-17 20:49 - 2014-05-17 20:50 - 39967251 _____ (Hi-Rez Studios) C:\Users\Hoang\Downloads\InstallHiRezGamesEnglish.exe
2014-05-17 19:58 - 2014-05-17 19:58 - 00283144 _____ (Mozilla) C:\Users\Hoang\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-17 19:58 - 2014-05-17 19:58 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-17 19:56 - 2014-05-17 19:56 - 00003114 _____ () C:\windows\System32\Tasks\{9CF79E44-3096-42FA-8501-B0888A8F8F44}
2014-05-17 15:32 - 2014-06-02 19:51 - 00000000 ____D () C:\Program Files (x86)\Steam2
2014-05-17 15:12 - 2014-05-17 15:12 - 01141680 _____ () C:\Users\Hoang\Downloads\SteamSetup.exe
2014-05-16 17:08 - 2014-05-17 10:14 - 00000000 ____D () C:\Users\Hoang\AppData\Local\Arma 3
2014-05-16 17:08 - 2014-05-16 17:08 - 00000000 ____D () C:\Users\Hoang\Documents\Arma 3
2014-05-16 17:08 - 2014-05-16 17:08 - 00000000 ____D () C:\ProgramData\Bohemia Interactive
2014-05-16 15:17 - 2014-05-17 10:49 - 00000000 ____D () C:\Users\Hoang\Documents\Wichtig
2014-05-16 14:00 - 2014-05-16 14:00 - 06111731 _____ () C:\Users\Hoang\Downloads\LAN_Win7_7077.zip
2014-05-16 13:58 - 2014-05-16 13:58 - 00155838 _____ () C:\Users\Hoang\Downloads\Lan_Realtek_7.3.522.5009_W7x64_A.zip
2014-05-16 13:49 - 2014-05-16 13:49 - 04927173 _____ () C:\Users\Hoang\Downloads\INF_10.0.14.zip
2014-05-16 13:13 - 2014-05-16 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-16 13:13 - 2014-05-16 13:13 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-15 15:48 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-15 15:48 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-05-15 15:47 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-15 15:47 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-05-15 15:47 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-15 15:47 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-15 15:47 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-05-15 15:47 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-05-15 15:47 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-05-15 15:47 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2014-05-15 15:47 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2014-05-15 15:47 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-15 15:47 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-15 15:47 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-05-15 15:47 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-05-15 15:47 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2014-05-15 15:46 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-15 15:46 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2014-05-15 15:46 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-05-15 15:46 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-05-15 15:46 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll
2014-05-15 15:46 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-05-15 15:46 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2014-05-15 15:46 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-05-15 15:46 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-05-15 15:46 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-05-15 15:46 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-05-15 15:46 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\workerdd.dll
2014-05-15 15:46 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-05-15 15:46 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-05-15 15:46 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-05-15 15:46 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-05-15 15:46 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-05-15 15:46 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-15 15:46 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2014-05-15 15:46 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-05-15 15:46 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-05-15 15:46 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-05-15 15:46 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-05-15 15:45 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-15 15:45 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-15 15:45 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-15 15:45 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-15 15:45 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-15 15:45 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-15 15:45 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-05-15 15:45 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-05-15 15:45 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\windows\system32\gpedit.dll
2014-05-15 15:45 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpedit.dll
2014-05-15 15:45 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-05-15 15:45 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-05-15 15:45 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-05-15 15:45 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-05-15 15:45 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-05-15 15:45 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys
2014-05-13 16:21 - 2014-05-13 16:28 - 05828846 _____ () C:\Users\Hoang\Downloads\01 Hört, Hört (Intro).m4a
2014-05-13 14:29 - 2014-05-13 14:29 - 00046136 ____H (LogMeIn Inc.) C:\windows\system32\Drivers\Hamdrv.sys
2014-05-10 22:04 - 2014-05-10 22:04 - 00000000 ____D () C:\Users\Hoang\Documents\Klei
2014-05-10 22:03 - 2014-05-29 14:45 - 00000000 ____D () C:\Program Files (x86)\Dont Starve Reign of Giants
2014-05-10 22:02 - 2014-05-10 22:02 - 00000000 ____D () C:\Users\Hoang\Documents\Dont.Starve.Reign.of.Giants-CODEX
2014-05-10 21:53 - 2014-05-10 21:54 - 350810614 _____ () C:\Users\Hoang\Downloads\Dont.Starve.Reign.of.Giants-CODEX.rar
2014-05-10 10:13 - 2014-05-17 19:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-06 14:30 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-05-06 14:30 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-05-06 14:30 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 14:30 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-05-06 14:30 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-04 18:47 - 2014-05-04 18:47 - 65912202 _____ () C:\Users\Hoang\Downloads\PAYDAY 2 ENDGAME 1.01.zip

==================== One Month Modified Files and Folders =======

2014-06-03 14:37 - 2014-06-02 15:40 - 00023324 _____ () C:\Users\Hoang\Desktop\FRST.txt
2014-06-03 14:37 - 2014-06-02 15:39 - 00000000 ____D () C:\FRST
2014-06-03 14:37 - 2013-02-08 10:24 - 00000000 ____D () C:\Users\Hoang\AppData\Local\PMB Files
2014-06-03 14:37 - 2013-02-07 22:22 - 00000000 ____D () C:\Users\Hoang\AppData\Local\Temp
2014-06-03 14:35 - 2014-06-02 15:40 - 00056270 _____ () C:\Users\Hoang\Desktop\FRST1-6.txt
2014-06-03 14:34 - 2013-02-08 12:57 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Skype
2014-06-03 14:34 - 2013-02-07 22:32 - 00003594 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3899298961-605761135-190624624-1001
2014-06-03 14:31 - 2014-06-03 14:31 - 00001439 _____ () C:\Users\Hoang\Desktop\JRT.txt
2014-06-03 14:28 - 2014-06-03 14:28 - 00000000 ____D () C:\windows\ERUNT
2014-06-03 14:27 - 2014-06-03 14:27 - 01016261 _____ (Thisisu) C:\Users\Hoang\Desktop\JRT.exe
2014-06-03 14:24 - 2014-06-03 14:24 - 00001151 _____ () C:\Users\Hoang\Desktop\3-6-14-suchlauf_mbam.txt
2014-06-03 14:14 - 2013-06-20 16:33 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-03 14:12 - 2012-12-12 14:12 - 00745562 _____ () C:\windows\system32\perfh007.dat
2014-06-03 14:12 - 2012-12-12 14:12 - 00169488 _____ () C:\windows\system32\perfc007.dat
2014-06-03 14:12 - 2012-07-26 09:28 - 01752656 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-03 14:09 - 2013-10-07 10:46 - 00000000 ____D () C:\Users\Hoang\AppData\Local\LogMeIn Hamachi
2014-06-03 14:09 - 2013-10-03 19:35 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-03 14:08 - 2014-05-30 19:59 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-03 14:08 - 2013-02-08 10:16 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-06-03 14:07 - 2013-06-20 16:33 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-03 14:06 - 2014-06-03 14:06 - 00000772 _____ () C:\windows\PFRO.log
2014-06-03 14:06 - 2013-02-09 20:03 - 00000348 _____ () C:\windows\Tasks\HPCeeScheduleForHoang.job
2014-06-03 14:06 - 2012-12-12 05:18 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-03 14:06 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-03 14:06 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-06-03 14:05 - 2014-06-03 14:04 - 00000000 ____D () C:\AdwCleaner
2014-06-03 14:05 - 2013-02-07 22:22 - 01126208 _____ () C:\windows\WindowsUpdate.log
2014-06-03 14:03 - 2014-06-03 14:03 - 01327971 _____ () C:\Users\Hoang\Downloads\adwcleaner_3.211.exe
2014-06-03 14:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-06-03 13:53 - 2013-10-03 19:35 - 00000000 ____D () C:\ProgramData\Origin
2014-06-02 19:53 - 2013-11-03 21:08 - 00000000 ____D () C:\Program Files (x86)\osu!
2014-06-02 19:51 - 2014-05-17 15:32 - 00000000 ____D () C:\Program Files (x86)\Steam2
2014-06-02 19:49 - 2014-06-02 19:49 - 00000000 ____D () C:\windows\LastGood.Tmp
2014-06-02 19:49 - 2014-06-02 19:48 - 00000103 _____ () C:\windows\setupact.log
2014-06-02 19:49 - 2013-11-12 20:30 - 00000000 ____D () C:\Users\Hoang\AppData\Local\NVIDIA Corporation
2014-06-02 19:49 - 2012-12-12 05:17 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-02 19:49 - 2012-12-12 05:16 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-02 19:49 - 2012-12-12 05:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-02 19:48 - 2014-06-02 19:48 - 00000000 _____ () C:\windows\setuperr.log
2014-06-02 17:58 - 2014-06-01 15:54 - 00000000 ____D () C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1
2014-06-02 17:58 - 2014-05-28 18:17 - 00000000 ____D () C:\Users\Hoang\AppData\Local\4ff68f9b611df627146909e95ab1c403
2014-06-02 16:55 - 2013-02-08 12:10 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\.minecraft
2014-06-02 15:41 - 2014-06-02 15:40 - 00036767 _____ () C:\Users\Hoang\Desktop\Addition.txt
2014-06-02 15:38 - 2014-04-30 13:56 - 00003162 _____ () C:\windows\System32\Tasks\HPCeeScheduleForHoang
2014-06-02 15:38 - 2013-02-07 22:22 - 00000000 ____D () C:\Users\Hoang
2014-06-02 15:12 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-06-01 11:22 - 2014-06-01 11:22 - 02067456 _____ (Farbar) C:\Users\Hoang\Desktop\FRST64.exe
2014-06-01 11:16 - 2014-06-01 11:16 - 02067456 _____ (Farbar) C:\Users\Hoang\Downloads\FRST64.exe
2014-06-01 10:00 - 2014-06-01 10:00 - 00001169 _____ () C:\Users\Hoang\Desktop\suchlauf_protokoll_malwarebytes.txt
2014-06-01 09:16 - 2013-03-09 20:01 - 00431616 ___SH () C:\Users\Hoang\Desktop\Thumbs.db
2014-06-01 09:10 - 2013-09-07 20:24 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\DAEMON Tools Lite
2014-06-01 09:10 - 2013-05-20 19:54 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\TS3Client
2014-06-01 09:10 - 2013-05-07 14:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-01 09:03 - 2014-02-24 16:00 - 00000000 ____D () C:\windows\Minidump
2014-06-01 09:03 - 2012-08-02 04:02 - 00000000 ____D () C:\windows\Panther
2014-06-01 08:59 - 2014-06-01 08:59 - 00002772 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-06-01 08:59 - 2014-06-01 08:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-01 08:57 - 2014-06-01 08:57 - 04748896 _____ (Piriform Ltd) C:\Users\Hoang\Downloads\ccsetup414.exe
2014-05-31 19:08 - 2013-02-09 20:03 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-05-31 19:08 - 2013-02-09 20:03 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-31 10:26 - 2014-05-31 10:25 - 00259584 _____ (OldTimer Tools) C:\Users\Hoang\Downloads\OTH.scr
2014-05-30 19:58 - 2014-05-30 19:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hoang\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-30 19:58 - 2014-05-30 19:58 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-30 19:58 - 2014-05-30 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-30 19:58 - 2014-05-30 19:58 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-30 01:07 - 2014-06-02 19:49 - 01715176 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2014-05-30 01:07 - 2014-06-02 19:49 - 01291232 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2014-05-30 01:07 - 2013-10-29 18:15 - 01279480 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2014-05-30 01:07 - 2013-10-29 18:15 - 01122312 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2014-05-29 20:15 - 2014-05-28 14:14 - 00000000 ____D () C:\Users\Hoang\AppData\Local\ftblauncher
2014-05-29 14:46 - 2014-05-29 14:46 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Avira
2014-05-29 14:45 - 2014-05-10 22:03 - 00000000 ____D () C:\Program Files (x86)\Dont Starve Reign of Giants
2014-05-29 14:43 - 2014-04-13 09:35 - 00000000 ____D () C:\Users\Hoang\Desktop\Unwichtig
2014-05-29 14:40 - 2014-05-29 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-29 14:40 - 2014-05-29 14:39 - 00000000 ____D () C:\ProgramData\Avira
2014-05-29 14:40 - 2014-05-29 14:39 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-29 14:39 - 2014-05-29 14:39 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Hoang\Downloads\avira_de_av_4006160815__ws.exe
2014-05-29 14:39 - 2013-07-10 16:37 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-29 14:29 - 2014-05-29 14:29 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hoang\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-29 14:29 - 2014-05-29 14:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-29 12:36 - 2013-05-07 15:10 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-28 20:58 - 2014-05-28 20:58 - 00342510 _____ () C:\Users\Hoang\Downloads\OptiFine_1.4.6_HD_D5.zip
2014-05-28 19:37 - 2014-05-28 19:37 - 00006384 _____ () C:\Users\Hoang\Downloads\1k18vtgw33x6d7a.dlc
2014-05-28 14:38 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\assets
2014-05-28 14:38 - 2013-08-17 09:52 - 00000000 ____D () C:\Users\Hoang\Downloads\FTBLite
2014-05-28 14:37 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\versions
2014-05-28 14:37 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\libraries
2014-05-28 14:37 - 2013-06-04 14:56 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\ftblauncher
2014-05-28 14:15 - 2014-02-21 16:46 - 00000000 ____D () C:\Users\Hoang\Downloads\authlib
2014-05-28 09:22 - 2014-05-28 09:22 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\StunlockStudios
2014-05-27 18:28 - 2013-10-25 18:51 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\.technic
2014-05-25 18:38 - 2013-08-21 18:03 - 00012502 _____ () C:\Users\Hoang\Documents\Praktikum-Lebenslauf.odt
2014-05-25 18:23 - 2013-06-06 17:48 - 00291128 _____ () C:\windows\SysWOW64\PnkBstrB.xtr
2014-05-25 18:23 - 2013-06-06 17:47 - 00291128 _____ () C:\windows\SysWOW64\PnkBstrB.exe
2014-05-25 18:22 - 2013-06-06 17:47 - 00291128 _____ () C:\windows\SysWOW64\PnkBstrB.ex0
2014-05-23 14:36 - 2013-05-07 19:45 - 00000000 ___HD () C:\windows\msdownld.tmp
2014-05-23 14:36 - 2013-05-07 19:45 - 00000000 ____D () C:\windows\SysWOW64\directx
2014-05-23 14:02 - 2014-04-30 18:38 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-05-18 18:44 - 2013-05-06 18:10 - 00000000 ____D () C:\Users\Hoang\Desktop\Wichtig
2014-05-18 11:48 - 2013-04-04 18:08 - 00000000 ____D () C:\Users\Hoang\Documents\My Games
2014-05-18 10:36 - 2013-02-07 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-18 10:35 - 2014-05-18 10:35 - 00000000 __SHD () C:\found.001
2014-05-18 10:18 - 2014-05-18 10:18 - 00000000 __SHD () C:\found.000
2014-05-18 09:57 - 2013-11-03 21:08 - 00000000 ____D () C:\Users\Hoang\Documents\Songs
2014-05-18 09:56 - 2013-11-03 21:08 - 00000000 ____D () C:\Users\Hoang\Documents\Skins
2014-05-18 09:54 - 2014-05-18 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\osu!
2014-05-17 20:51 - 2014-05-17 20:51 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Awesomium
2014-05-17 20:50 - 2014-05-17 20:50 - 00002026 _____ () C:\Users\Public\Desktop\Smite.lnk
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:49 - 39967251 _____ (Hi-Rez Studios) C:\Users\Hoang\Downloads\InstallHiRezGamesEnglish.exe
2014-05-17 20:50 - 2012-12-12 05:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-17 19:58 - 2014-05-17 19:58 - 00283144 _____ (Mozilla) C:\Users\Hoang\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-17 19:58 - 2014-05-17 19:58 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-17 19:58 - 2014-05-10 10:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-17 19:58 - 2013-02-07 22:30 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Mozilla
2014-05-17 19:56 - 2014-05-17 19:56 - 00003114 _____ () C:\windows\System32\Tasks\{9CF79E44-3096-42FA-8501-B0888A8F8F44}
2014-05-17 15:32 - 2013-05-07 14:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-17 15:12 - 2014-05-17 15:12 - 01141680 _____ () C:\Users\Hoang\Downloads\SteamSetup.exe
2014-05-17 10:49 - 2014-05-16 15:17 - 00000000 ____D () C:\Users\Hoang\Documents\Wichtig
2014-05-17 10:16 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\LiveKernelReports
2014-05-17 10:14 - 2014-05-16 17:08 - 00000000 ____D () C:\Users\Hoang\AppData\Local\Arma 3
2014-05-16 20:22 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-05-16 17:08 - 2014-05-16 17:08 - 00000000 ____D () C:\Users\Hoang\Documents\Arma 3
2014-05-16 17:08 - 2014-05-16 17:08 - 00000000 ____D () C:\ProgramData\Bohemia Interactive
2014-05-16 14:00 - 2014-05-16 14:00 - 06111731 _____ () C:\Users\Hoang\Downloads\LAN_Win7_7077.zip
2014-05-16 13:58 - 2014-05-16 13:58 - 00155838 _____ () C:\Users\Hoang\Downloads\Lan_Realtek_7.3.522.5009_W7x64_A.zip
2014-05-16 13:49 - 2014-05-16 13:49 - 04927173 _____ () C:\Users\Hoang\Downloads\INF_10.0.14.zip
2014-05-16 13:28 - 2013-02-07 22:24 - 00000000 ___RD () C:\Users\Hoang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 13:28 - 2013-02-07 22:24 - 00000000 ___RD () C:\Users\Hoang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 13:13 - 2014-05-16 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-16 13:13 - 2014-05-16 13:13 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\SecureBootUpdates
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-15 18:12 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-05-15 18:06 - 2013-08-14 16:27 - 00000000 ____D () C:\windows\system32\MRT
2014-05-15 18:03 - 2013-02-09 13:30 - 93223848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-05-15 18:03 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-05-13 20:09 - 2013-02-08 10:16 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 16:28 - 2014-05-13 16:21 - 05828846 _____ () C:\Users\Hoang\Downloads\01 Hört, Hört (Intro).m4a
2014-05-13 14:29 - 2014-05-13 14:29 - 00046136 ____H (LogMeIn Inc.) C:\windows\system32\Drivers\Hamdrv.sys
2014-05-12 15:48 - 2013-04-02 18:33 - 00000000 ____D () C:\Users\Hoang\Documents\uztcf
2014-05-12 07:26 - 2014-05-30 19:58 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-30 19:58 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-30 19:58 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-05-10 22:04 - 2014-05-10 22:04 - 00000000 ____D () C:\Users\Hoang\Documents\Klei
2014-05-10 22:02 - 2014-05-10 22:02 - 00000000 ____D () C:\Users\Hoang\Documents\Dont.Starve.Reign.of.Giants-CODEX
2014-05-10 21:54 - 2014-05-10 21:53 - 350810614 _____ () C:\Users\Hoang\Downloads\Dont.Starve.Reign.of.Giants-CODEX.rar
2014-05-10 09:09 - 2013-06-20 16:33 - 00004096 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-10 09:09 - 2013-06-20 16:33 - 00003860 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 11:16 - 2014-05-29 14:40 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-05-09 11:16 - 2014-05-29 14:40 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-05-09 11:16 - 2014-05-29 14:40 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2014-05-06 17:25 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-05-06 07:14 - 2014-05-15 15:45 - 19274752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-15 15:45 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-15 15:45 - 14367232 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-15 15:45 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-15 15:45 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-15 15:45 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-04 18:47 - 2014-05-04 18:47 - 65912202 _____ () C:\Users\Hoang\Downloads\PAYDAY 2 ENDGAME 1.01.zip

Some content of TEMP:
====================
C:\Users\Hoang\AppData\Local\Temp\avgnt.exe
C:\Users\Hoang\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-15 15:47] - [2014-04-12 11:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-26 19:48

==================== End Of Log ============================
--- --- ---

schrauber 04.06.2014 08:24

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

SkyMiep 04.06.2014 14:55
Eset Online Scanner kann die Updates nicht runterladen. >_>
Da steht: Updates funktionieren nicht. Ist ein Proxy eingerichtet?

schrauber 05.06.2014 11:59
Lass ESET weg und mach dafür nen Vollscan mit deinem AV Programm.

SkyMiep 05.06.2014 13:26
Security Check:

Results of screen317's Security Check version 0.99.83
x64 (UAC is enabled)
Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Windows Defender
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 13
Java version out of Date!
Adobe Flash Player 13.0.0.214
Mozilla Firefox (29.0.1)
Mozilla Thunderbird (24.2.0)
Google Chrome 34.0.1847.137
Google Chrome 35.0.1916.114
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

FRST:
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-06-2014
Ran by Hoang (administrator) on MIEP-PC on 05-06-2014 14:14:09
Running from C:\Users\Hoang\Desktop
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1\3c4ee9082da815d.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\Hoang\AppData\Local\Akamai\netsession_win.exe
() C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Program Files (x86)\puush\puush.exe
(ROCCAT) C:\Program Files (x86)\ROCCAT\Lua Mouse\Lua Config.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Akamai Technologies, Inc.) C:\Users\Hoang\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-09-19] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-19] (IDT, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [183376 2014-05-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-09] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-08] ()
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [18706176 2013-01-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Hoang\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [KPeerNexonEU] => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2013-06-03] (NEXON Inc.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-02-05] ()
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\MountPoints2: {37b830c9-7161-11e2-be6d-806e6f6e6963} - "E:\Launch.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lua Driver.lnk
ShortcutTarget: Lua Driver.lnk -> C:\Program Files (x86)\ROCCAT\Lua Mouse\Lua Config.exe (ROCCAT)
Startup: C:\Users\Hoang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:34224
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = eseeky
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {D17AA79F-6794-48CF-9478-3BB89D4B65B3} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = Electronics, Cars, Fashion, Collectibles, Coupons and More | eBay ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = Electronics, Cars, Fashion, Collectibles, Coupons and More | eBay ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Bing
SearchScopes: HKCU - {A8105727-97B2-4B68-8BA5-57150A17B1B3} URL = hxxp://eseeky.com/ws/?tbp=rst&q={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = Electronics, Cars, Fashion, Collectibles, Coupons and More | eBay ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Hoang\AppData\Roaming\Mozilla\Firefox\Profiles\ex1mu0gu.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Hoang\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Hoang\AppData\Roaming\Mozilla\Firefox\Profiles\ex1mu0gu.default\Extensions\youtubeunblocker@unblocker.yt [2014-05-24]
FF Extension: NoScript - C:\Users\Hoang\AppData\Roaming\Mozilla\Firefox\Profiles\ex1mu0gu.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-17]
FF Extension: Adblock Plus - C:\Users\Hoang\AppData\Roaming\Mozilla\Firefox\Profiles\ex1mu0gu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-17]

Chrome:
=======
CHR HomePage: hxxp://www.eseeky.com
CHR StartupUrls: "hxxp://www.eseeky.com"
CHR DefaultSearchKeyword: eseeky
CHR DefaultSearchProvider: eseeky
CHR DefaultSearchURL: hxxp://eseeky.com/ws/?tbp=rst&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-20]
CHR Extension: (Google Drive) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-20]
CHR Extension: (YouTube) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-20]
CHR Extension: (Google-Suche) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-20]
CHR Extension: (Google Wallet) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04]
CHR Extension: (Google Mail) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-20]

==================== Services (Whitelisted) =================

R2 3c4ee9082da815d.exe; C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1\3c4ee9082da815d.exe [93696 2014-05-27] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [123984 2014-05-14] (Avira Operations GmbH & Co. KG)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-02-16] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S2 d35d1fefe712838.exe; C:\Users\Hoang\AppData\Local\9c8e5f111312b248b5f48516f8664940\d35d1fefe712838.exe [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-09-07] (DT Soft Ltd)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-05-13] (LogMeIn Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 tilfilter; C:\Windows\System32\drivers\TIxHCIlfilter.sys [17528 2012-11-20] (Texas Instruments, Inc.)
R3 tiufilter; C:\Windows\System32\drivers\TIxHCIufilter.sys [23184 2012-11-20] (Texas Instruments, Inc.)
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-05 14:09 - 2014-06-05 14:09 - 00854367 _____ () C:\Users\Hoang\Downloads\SecurityCheck.exe
2014-06-04 15:48 - 2014-06-04 15:48 - 02347384 _____ (ESET) C:\Users\Hoang\Downloads\esetsmartinstaller_deu.exe
2014-06-04 15:48 - 2014-06-04 15:48 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-03 14:31 - 2014-06-03 14:31 - 00001439 _____ () C:\Users\Hoang\Desktop\JRT.txt
2014-06-03 14:28 - 2014-06-03 14:28 - 00000000 ____D () C:\windows\ERUNT
2014-06-03 14:27 - 2014-06-03 14:27 - 01016261 _____ (Thisisu) C:\Users\Hoang\Desktop\JRT.exe
2014-06-03 14:24 - 2014-06-03 14:24 - 00001151 _____ () C:\Users\Hoang\Desktop\3-6-14-suchlauf_mbam.txt
2014-06-03 14:06 - 2014-06-03 14:06 - 00000772 _____ () C:\windows\PFRO.log
2014-06-03 14:04 - 2014-06-03 14:05 - 00000000 ____D () C:\AdwCleaner
2014-06-03 14:03 - 2014-06-03 14:03 - 01327971 _____ () C:\Users\Hoang\Downloads\adwcleaner_3.211.exe
2014-06-02 19:49 - 2014-06-02 19:49 - 00000000 ____D () C:\windows\LastGood.Tmp
2014-06-02 19:49 - 2014-05-30 01:07 - 01715176 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2014-06-02 19:49 - 2014-05-30 01:07 - 01291232 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2014-06-02 19:49 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2014-06-02 19:49 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2014-06-02 19:48 - 2014-06-02 19:49 - 00000103 _____ () C:\windows\setupact.log
2014-06-02 19:48 - 2014-06-02 19:48 - 00000000 _____ () C:\windows\setuperr.log
2014-06-02 15:40 - 2014-06-05 14:14 - 00021128 _____ () C:\Users\Hoang\Desktop\FRST.txt
2014-06-02 15:40 - 2014-06-03 14:37 - 00056454 _____ () C:\Users\Hoang\Desktop\FRST-.txt
2014-06-02 15:40 - 2014-06-03 14:35 - 00056270 _____ () C:\Users\Hoang\Desktop\FRST1-6.txt
2014-06-02 15:40 - 2014-06-02 15:41 - 00036767 _____ () C:\Users\Hoang\Desktop\Addition.txt
2014-06-02 15:39 - 2014-06-05 14:14 - 00000000 ____D () C:\FRST
2014-06-01 15:54 - 2014-06-02 17:58 - 00000000 ____D () C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1
2014-06-01 11:22 - 2014-06-01 11:22 - 02067456 _____ (Farbar) C:\Users\Hoang\Desktop\FRST64.exe
2014-06-01 11:16 - 2014-06-01 11:16 - 02067456 _____ (Farbar) C:\Users\Hoang\Downloads\FRST64.exe
2014-06-01 10:00 - 2014-06-01 10:00 - 00001169 _____ () C:\Users\Hoang\Desktop\suchlauf_protokoll_malwarebytes.txt
2014-06-01 08:59 - 2014-06-01 08:59 - 00002772 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-06-01 08:59 - 2014-06-01 08:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-01 08:57 - 2014-06-01 08:57 - 04748896 _____ (Piriform Ltd) C:\Users\Hoang\Downloads\ccsetup414.exe
2014-05-31 10:25 - 2014-05-31 10:26 - 00259584 _____ (OldTimer Tools) C:\Users\Hoang\Downloads\OTH.scr
2014-05-30 19:59 - 2014-06-05 14:05 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-30 19:58 - 2014-05-30 19:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hoang\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-30 19:58 - 2014-05-30 19:58 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-30 19:58 - 2014-05-30 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-30 19:58 - 2014-05-30 19:58 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-30 19:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-05-30 19:58 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-05-30 19:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-05-29 14:46 - 2014-05-29 14:46 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Avira
2014-05-29 14:40 - 2014-05-09 11:16 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-05-29 14:40 - 2014-05-09 11:16 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-05-29 14:40 - 2014-05-09 11:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2014-05-29 14:39 - 2014-05-29 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-29 14:39 - 2014-05-29 14:40 - 00000000 ____D () C:\ProgramData\Avira
2014-05-29 14:39 - 2014-05-29 14:40 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-29 14:39 - 2014-05-29 14:39 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Hoang\Downloads\avira_de_av_4006160815__ws.exe
2014-05-29 14:29 - 2014-05-29 14:29 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hoang\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-29 14:29 - 2014-05-29 14:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 20:58 - 2014-05-28 20:58 - 00342510 _____ () C:\Users\Hoang\Downloads\OptiFine_1.4.6_HD_D5.zip
2014-05-28 19:37 - 2014-05-28 19:37 - 00006384 _____ () C:\Users\Hoang\Downloads\1k18vtgw33x6d7a.dlc
2014-05-28 18:17 - 2014-06-02 17:58 - 00000000 ____D () C:\Users\Hoang\AppData\Local\4ff68f9b611df627146909e95ab1c403
2014-05-28 14:37 - 2014-05-28 14:38 - 00000000 ____D () C:\Users\Hoang\Downloads\assets
2014-05-28 14:37 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\versions
2014-05-28 14:37 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\libraries
2014-05-28 14:14 - 2014-06-04 19:02 - 00000000 ____D () C:\Users\Hoang\AppData\Local\ftblauncher
2014-05-28 09:22 - 2014-05-28 09:22 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\StunlockStudios
2014-05-18 10:35 - 2014-05-18 10:35 - 00000000 __SHD () C:\found.001
2014-05-18 10:18 - 2014-05-18 10:18 - 00000000 __SHD () C:\found.000
2014-05-18 09:54 - 2014-05-18 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\osu!
2014-05-17 20:51 - 2014-05-17 20:51 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Awesomium
2014-05-17 20:50 - 2014-05-17 20:50 - 00002026 _____ () C:\Users\Public\Desktop\Smite.lnk
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-05-17 20:49 - 2014-05-17 20:50 - 39967251 _____ (Hi-Rez Studios) C:\Users\Hoang\Downloads\InstallHiRezGamesEnglish.exe
2014-05-17 19:58 - 2014-05-17 19:58 - 00283144 _____ (Mozilla) C:\Users\Hoang\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-17 19:58 - 2014-05-17 19:58 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-17 19:56 - 2014-05-17 19:56 - 00003114 _____ () C:\windows\System32\Tasks\{9CF79E44-3096-42FA-8501-B0888A8F8F44}
2014-05-17 15:32 - 2014-06-04 17:17 - 00000000 ____D () C:\Program Files (x86)\Steam2
2014-05-17 15:12 - 2014-05-17 15:12 - 01141680 _____ () C:\Users\Hoang\Downloads\SteamSetup.exe
2014-05-16 17:08 - 2014-05-17 10:14 - 00000000 ____D () C:\Users\Hoang\AppData\Local\Arma 3
2014-05-16 17:08 - 2014-05-16 17:08 - 00000000 ____D () C:\Users\Hoang\Documents\Arma 3
2014-05-16 17:08 - 2014-05-16 17:08 - 00000000 ____D () C:\ProgramData\Bohemia Interactive
2014-05-16 15:17 - 2014-05-17 10:49 - 00000000 ____D () C:\Users\Hoang\Documents\Wichtig
2014-05-16 14:00 - 2014-05-16 14:00 - 06111731 _____ () C:\Users\Hoang\Downloads\LAN_Win7_7077.zip
2014-05-16 13:58 - 2014-05-16 13:58 - 00155838 _____ () C:\Users\Hoang\Downloads\Lan_Realtek_7.3.522.5009_W7x64_A.zip
2014-05-16 13:49 - 2014-05-16 13:49 - 04927173 _____ () C:\Users\Hoang\Downloads\INF_10.0.14.zip
2014-05-16 13:13 - 2014-05-16 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-16 13:13 - 2014-05-16 13:13 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-15 15:48 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-15 15:48 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-05-15 15:47 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-15 15:47 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-05-15 15:47 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-15 15:47 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-15 15:47 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-05-15 15:47 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-05-15 15:47 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-05-15 15:47 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2014-05-15 15:47 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2014-05-15 15:47 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-15 15:47 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-15 15:47 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-05-15 15:47 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-05-15 15:47 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2014-05-15 15:46 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-15 15:46 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2014-05-15 15:46 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-05-15 15:46 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-05-15 15:46 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll
2014-05-15 15:46 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-05-15 15:46 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2014-05-15 15:46 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-05-15 15:46 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-05-15 15:46 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-05-15 15:46 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-05-15 15:46 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\workerdd.dll
2014-05-15 15:46 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-05-15 15:46 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-05-15 15:46 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-05-15 15:46 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-05-15 15:46 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-05-15 15:46 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-15 15:46 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2014-05-15 15:46 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-05-15 15:46 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-05-15 15:46 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-05-15 15:46 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-05-15 15:45 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-15 15:45 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-15 15:45 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-15 15:45 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-15 15:45 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-15 15:45 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-15 15:45 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-05-15 15:45 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-05-15 15:45 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\windows\system32\gpedit.dll
2014-05-15 15:45 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpedit.dll
2014-05-15 15:45 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-05-15 15:45 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-05-15 15:45 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-05-15 15:45 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-05-15 15:45 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-05-15 15:45 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys
2014-05-13 16:21 - 2014-05-13 16:28 - 05828846 _____ () C:\Users\Hoang\Downloads\01 Hört, Hört (Intro).m4a
2014-05-13 14:29 - 2014-05-13 14:29 - 00046136 ____H (LogMeIn Inc.) C:\windows\system32\Drivers\Hamdrv.sys
2014-05-10 22:04 - 2014-05-10 22:04 - 00000000 ____D () C:\Users\Hoang\Documents\Klei
2014-05-10 22:03 - 2014-05-29 14:45 - 00000000 ____D () C:\Program Files (x86)\Dont Starve Reign of Giants
2014-05-10 22:02 - 2014-05-10 22:02 - 00000000 ____D () C:\Users\Hoang\Documents\Dont.Starve.Reign.of.Giants-CODEX
2014-05-10 21:53 - 2014-05-10 21:54 - 350810614 _____ () C:\Users\Hoang\Downloads\Dont.Starve.Reign.of.Giants-CODEX.rar
2014-05-10 10:13 - 2014-05-17 19:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-06 14:30 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-05-06 14:30 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-05-06 14:30 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 14:30 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-05-06 14:30 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

==================== One Month Modified Files and Folders =======

2014-06-05 14:14 - 2014-06-02 15:40 - 00021128 _____ () C:\Users\Hoang\Desktop\FRST.txt
2014-06-05 14:14 - 2014-06-02 15:39 - 00000000 ____D () C:\FRST
2014-06-05 14:14 - 2013-06-20 16:33 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-05 14:14 - 2013-02-08 10:24 - 00000000 ____D () C:\Users\Hoang\AppData\Local\PMB Files
2014-06-05 14:14 - 2013-02-07 22:22 - 00000000 ____D () C:\Users\Hoang\AppData\Local\Temp
2014-06-05 14:09 - 2014-06-05 14:09 - 00854367 _____ () C:\Users\Hoang\Downloads\SecurityCheck.exe
2014-06-05 14:08 - 2013-02-08 10:16 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-06-05 14:07 - 2013-02-08 12:57 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Skype
2014-06-05 14:06 - 2013-10-07 10:46 - 00000000 ____D () C:\Users\Hoang\AppData\Local\LogMeIn Hamachi
2014-06-05 14:06 - 2013-10-03 19:35 - 00000000 ____D () C:\ProgramData\Origin
2014-06-05 14:06 - 2013-10-03 19:35 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-05 14:06 - 2013-06-20 16:33 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-05 14:05 - 2014-05-30 19:59 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-04 20:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-06-04 19:02 - 2014-05-28 14:14 - 00000000 ____D () C:\Users\Hoang\AppData\Local\ftblauncher
2014-06-04 19:02 - 2013-11-03 21:08 - 00000000 ____D () C:\Program Files (x86)\osu!
2014-06-04 17:17 - 2014-05-17 15:32 - 00000000 ____D () C:\Program Files (x86)\Steam2
2014-06-04 16:34 - 2013-02-07 22:22 - 01272174 _____ () C:\windows\WindowsUpdate.log
2014-06-04 15:48 - 2014-06-04 15:48 - 02347384 _____ (ESET) C:\Users\Hoang\Downloads\esetsmartinstaller_deu.exe
2014-06-04 15:48 - 2014-06-04 15:48 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-03 18:47 - 2014-04-13 09:35 - 00000000 ____D () C:\Users\Hoang\Desktop\Unwichtig
2014-06-03 17:53 - 2013-03-09 20:01 - 00443392 ___SH () C:\Users\Hoang\Desktop\Thumbs.db
2014-06-03 17:28 - 2013-02-07 22:32 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3899298961-605761135-190624624-1001
2014-06-03 14:50 - 2013-02-08 12:10 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\.minecraft
2014-06-03 14:49 - 2012-12-12 14:12 - 00745562 _____ () C:\windows\system32\perfh007.dat
2014-06-03 14:49 - 2012-12-12 14:12 - 00169488 _____ () C:\windows\system32\perfc007.dat
2014-06-03 14:49 - 2012-07-26 09:28 - 01752656 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-03 14:43 - 2012-12-12 05:18 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-03 14:43 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-03 14:43 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-06-03 14:37 - 2014-06-02 15:40 - 00056454 _____ () C:\Users\Hoang\Desktop\FRST-.txt
2014-06-03 14:35 - 2014-06-02 15:40 - 00056270 _____ () C:\Users\Hoang\Desktop\FRST1-6.txt
2014-06-03 14:31 - 2014-06-03 14:31 - 00001439 _____ () C:\Users\Hoang\Desktop\JRT.txt
2014-06-03 14:28 - 2014-06-03 14:28 - 00000000 ____D () C:\windows\ERUNT
2014-06-03 14:27 - 2014-06-03 14:27 - 01016261 _____ (Thisisu) C:\Users\Hoang\Desktop\JRT.exe
2014-06-03 14:24 - 2014-06-03 14:24 - 00001151 _____ () C:\Users\Hoang\Desktop\3-6-14-suchlauf_mbam.txt
2014-06-03 14:06 - 2014-06-03 14:06 - 00000772 _____ () C:\windows\PFRO.log
2014-06-03 14:06 - 2013-02-09 20:03 - 00000348 _____ () C:\windows\Tasks\HPCeeScheduleForHoang.job
2014-06-03 14:05 - 2014-06-03 14:04 - 00000000 ____D () C:\AdwCleaner
2014-06-03 14:03 - 2014-06-03 14:03 - 01327971 _____ () C:\Users\Hoang\Downloads\adwcleaner_3.211.exe
2014-06-02 19:49 - 2014-06-02 19:49 - 00000000 ____D () C:\windows\LastGood.Tmp
2014-06-02 19:49 - 2014-06-02 19:48 - 00000103 _____ () C:\windows\setupact.log
2014-06-02 19:49 - 2013-11-12 20:30 - 00000000 ____D () C:\Users\Hoang\AppData\Local\NVIDIA Corporation
2014-06-02 19:49 - 2012-12-12 05:17 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-02 19:49 - 2012-12-12 05:16 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-02 19:49 - 2012-12-12 05:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-02 19:48 - 2014-06-02 19:48 - 00000000 _____ () C:\windows\setuperr.log
2014-06-02 17:58 - 2014-06-01 15:54 - 00000000 ____D () C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1
2014-06-02 17:58 - 2014-05-28 18:17 - 00000000 ____D () C:\Users\Hoang\AppData\Local\4ff68f9b611df627146909e95ab1c403
2014-06-02 15:41 - 2014-06-02 15:40 - 00036767 _____ () C:\Users\Hoang\Desktop\Addition.txt
2014-06-02 15:38 - 2014-04-30 13:56 - 00003162 _____ () C:\windows\System32\Tasks\HPCeeScheduleForHoang
2014-06-02 15:38 - 2013-02-07 22:22 - 00000000 ____D () C:\Users\Hoang
2014-06-02 15:12 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-06-01 11:22 - 2014-06-01 11:22 - 02067456 _____ (Farbar) C:\Users\Hoang\Desktop\FRST64.exe
2014-06-01 11:16 - 2014-06-01 11:16 - 02067456 _____ (Farbar) C:\Users\Hoang\Downloads\FRST64.exe
2014-06-01 10:00 - 2014-06-01 10:00 - 00001169 _____ () C:\Users\Hoang\Desktop\suchlauf_protokoll_malwarebytes.txt
2014-06-01 09:10 - 2013-09-07 20:24 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\DAEMON Tools Lite
2014-06-01 09:10 - 2013-05-20 19:54 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\TS3Client
2014-06-01 09:10 - 2013-05-07 14:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-01 09:03 - 2014-02-24 16:00 - 00000000 ____D () C:\windows\Minidump
2014-06-01 09:03 - 2012-08-02 04:02 - 00000000 ____D () C:\windows\Panther
2014-06-01 08:59 - 2014-06-01 08:59 - 00002772 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-06-01 08:59 - 2014-06-01 08:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-01 08:57 - 2014-06-01 08:57 - 04748896 _____ (Piriform Ltd) C:\Users\Hoang\Downloads\ccsetup414.exe
2014-05-31 19:08 - 2013-02-09 20:03 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-05-31 19:08 - 2013-02-09 20:03 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-31 10:26 - 2014-05-31 10:25 - 00259584 _____ (OldTimer Tools) C:\Users\Hoang\Downloads\OTH.scr
2014-05-30 19:58 - 2014-05-30 19:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hoang\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-30 19:58 - 2014-05-30 19:58 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-30 19:58 - 2014-05-30 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-30 19:58 - 2014-05-30 19:58 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-30 01:07 - 2014-06-02 19:49 - 01715176 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2014-05-30 01:07 - 2014-06-02 19:49 - 01291232 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2014-05-30 01:07 - 2013-10-29 18:15 - 01279480 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2014-05-30 01:07 - 2013-10-29 18:15 - 01122312 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2014-05-29 14:46 - 2014-05-29 14:46 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Avira
2014-05-29 14:45 - 2014-05-10 22:03 - 00000000 ____D () C:\Program Files (x86)\Dont Starve Reign of Giants
2014-05-29 14:40 - 2014-05-29 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-29 14:40 - 2014-05-29 14:39 - 00000000 ____D () C:\ProgramData\Avira
2014-05-29 14:40 - 2014-05-29 14:39 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-29 14:39 - 2014-05-29 14:39 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Hoang\Downloads\avira_de_av_4006160815__ws.exe
2014-05-29 14:39 - 2013-07-10 16:37 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-29 14:29 - 2014-05-29 14:29 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hoang\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-29 14:29 - 2014-05-29 14:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-29 12:36 - 2013-05-07 15:10 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-28 20:58 - 2014-05-28 20:58 - 00342510 _____ () C:\Users\Hoang\Downloads\OptiFine_1.4.6_HD_D5.zip
2014-05-28 19:37 - 2014-05-28 19:37 - 00006384 _____ () C:\Users\Hoang\Downloads\1k18vtgw33x6d7a.dlc
2014-05-28 14:38 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\assets
2014-05-28 14:38 - 2013-08-17 09:52 - 00000000 ____D () C:\Users\Hoang\Downloads\FTBLite
2014-05-28 14:37 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\versions
2014-05-28 14:37 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\libraries
2014-05-28 14:37 - 2013-06-04 14:56 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\ftblauncher
2014-05-28 14:15 - 2014-02-21 16:46 - 00000000 ____D () C:\Users\Hoang\Downloads\authlib
2014-05-28 14:14 - 2013-06-04 14:56 - 04916349 _____ () C:\Users\Hoang\Desktop\FTB_Launcher.exe
2014-05-28 09:22 - 2014-05-28 09:22 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\StunlockStudios
2014-05-27 18:28 - 2013-10-25 18:51 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\.technic
2014-05-25 18:38 - 2013-08-21 18:03 - 00012502 _____ () C:\Users\Hoang\Documents\Praktikum-Lebenslauf.odt
2014-05-25 18:23 - 2013-06-06 17:48 - 00291128 _____ () C:\windows\SysWOW64\PnkBstrB.xtr
2014-05-25 18:23 - 2013-06-06 17:47 - 00291128 _____ () C:\windows\SysWOW64\PnkBstrB.exe
2014-05-25 18:22 - 2013-06-06 17:47 - 00291128 _____ () C:\windows\SysWOW64\PnkBstrB.ex0
2014-05-23 14:36 - 2013-05-07 19:45 - 00000000 ___HD () C:\windows\msdownld.tmp
2014-05-23 14:36 - 2013-05-07 19:45 - 00000000 ____D () C:\windows\SysWOW64\directx
2014-05-23 14:02 - 2014-04-30 18:38 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-05-18 18:44 - 2013-05-06 18:10 - 00000000 ____D () C:\Users\Hoang\Desktop\Wichtig
2014-05-18 11:48 - 2013-04-04 18:08 - 00000000 ____D () C:\Users\Hoang\Documents\My Games
2014-05-18 10:36 - 2013-02-07 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-18 10:35 - 2014-05-18 10:35 - 00000000 __SHD () C:\found.001
2014-05-18 10:18 - 2014-05-18 10:18 - 00000000 __SHD () C:\found.000
2014-05-18 09:57 - 2013-11-03 21:08 - 00000000 ____D () C:\Users\Hoang\Documents\Songs
2014-05-18 09:56 - 2013-11-03 21:08 - 00000000 ____D () C:\Users\Hoang\Documents\Skins
2014-05-18 09:54 - 2014-05-18 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\osu!
2014-05-17 20:51 - 2014-05-17 20:51 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Awesomium
2014-05-17 20:50 - 2014-05-17 20:50 - 00002026 _____ () C:\Users\Public\Desktop\Smite.lnk
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:49 - 39967251 _____ (Hi-Rez Studios) C:\Users\Hoang\Downloads\InstallHiRezGamesEnglish.exe
2014-05-17 20:50 - 2012-12-12 05:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-17 19:58 - 2014-05-17 19:58 - 00283144 _____ (Mozilla) C:\Users\Hoang\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-17 19:58 - 2014-05-17 19:58 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-17 19:58 - 2014-05-10 10:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-17 19:58 - 2013-02-07 22:30 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Mozilla
2014-05-17 19:56 - 2014-05-17 19:56 - 00003114 _____ () C:\windows\System32\Tasks\{9CF79E44-3096-42FA-8501-B0888A8F8F44}
2014-05-17 15:32 - 2013-05-07 14:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-17 15:12 - 2014-05-17 15:12 - 01141680 _____ () C:\Users\Hoang\Downloads\SteamSetup.exe
2014-05-17 10:49 - 2014-05-16 15:17 - 00000000 ____D () C:\Users\Hoang\Documents\Wichtig
2014-05-17 10:16 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\LiveKernelReports
2014-05-17 10:14 - 2014-05-16 17:08 - 00000000 ____D () C:\Users\Hoang\AppData\Local\Arma 3
2014-05-16 20:22 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-05-16 17:08 - 2014-05-16 17:08 - 00000000 ____D () C:\Users\Hoang\Documents\Arma 3
2014-05-16 17:08 - 2014-05-16 17:08 - 00000000 ____D () C:\ProgramData\Bohemia Interactive
2014-05-16 14:00 - 2014-05-16 14:00 - 06111731 _____ () C:\Users\Hoang\Downloads\LAN_Win7_7077.zip
2014-05-16 13:58 - 2014-05-16 13:58 - 00155838 _____ () C:\Users\Hoang\Downloads\Lan_Realtek_7.3.522.5009_W7x64_A.zip
2014-05-16 13:49 - 2014-05-16 13:49 - 04927173 _____ () C:\Users\Hoang\Downloads\INF_10.0.14.zip
2014-05-16 13:28 - 2013-02-07 22:24 - 00000000 ___RD () C:\Users\Hoang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 13:28 - 2013-02-07 22:24 - 00000000 ___RD () C:\Users\Hoang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 13:13 - 2014-05-16 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-16 13:13 - 2014-05-16 13:13 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\SecureBootUpdates
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-15 18:12 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-05-15 18:06 - 2013-08-14 16:27 - 00000000 ____D () C:\windows\system32\MRT
2014-05-15 18:03 - 2013-02-09 13:30 - 93223848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-05-15 18:03 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-05-13 20:09 - 2013-02-08 10:16 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 16:28 - 2014-05-13 16:21 - 05828846 _____ () C:\Users\Hoang\Downloads\01 Hört, Hört (Intro).m4a
2014-05-13 14:29 - 2014-05-13 14:29 - 00046136 ____H (LogMeIn Inc.) C:\windows\system32\Drivers\Hamdrv.sys
2014-05-12 15:48 - 2013-04-02 18:33 - 00000000 ____D () C:\Users\Hoang\Documents\uztcf
2014-05-12 07:26 - 2014-05-30 19:58 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-30 19:58 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-30 19:58 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-05-10 22:04 - 2014-05-10 22:04 - 00000000 ____D () C:\Users\Hoang\Documents\Klei
2014-05-10 22:02 - 2014-05-10 22:02 - 00000000 ____D () C:\Users\Hoang\Documents\Dont.Starve.Reign.of.Giants-CODEX
2014-05-10 21:54 - 2014-05-10 21:53 - 350810614 _____ () C:\Users\Hoang\Downloads\Dont.Starve.Reign.of.Giants-CODEX.rar
2014-05-10 09:09 - 2013-06-20 16:33 - 00004096 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-10 09:09 - 2013-06-20 16:33 - 00003860 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 11:16 - 2014-05-29 14:40 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-05-09 11:16 - 2014-05-29 14:40 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-05-09 11:16 - 2014-05-29 14:40 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2014-05-06 17:25 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-05-06 07:14 - 2014-05-15 15:45 - 19274752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-15 15:45 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-15 15:45 - 14367232 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-15 15:45 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-15 15:45 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-15 15:45 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

Some content of TEMP:
====================
C:\Users\Hoang\AppData\Local\Temp\avgnt.exe
C:\Users\Hoang\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-15 15:47] - [2014-04-12 11:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-26 19:48

==================== End Of Log ============================
--- --- ---

--- --- ---

Sieht aus als würde das Problem weg sein
Danke :)

schrauber 05.06.2014 19:45
Java updatne.


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:34224
R2 3c4ee9082da815d.exe; C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1\3c4ee9082da815d.exe [93696 2014-05-27] ()
C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1\3c4ee9082da815d.exe
S2 d35d1fefe712838.exe; C:\Users\Hoang\AppData\Local\9c8e5f111312b248b5f48516f8664940\d35d1fefe712838.exe [X]
C:\Users\Hoang\AppData\Local\9c8e5f111312b248b5f48516f8664940\d35d1fefe712838.exe

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Frisches FRST log bitte.

SkyMiep 06.06.2014 13:13
Fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-06-2014
Ran by Hoang at 2014-06-06 14:07:28 Run:1
Running from C:\Users\Hoang\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:34224
R2 3c4ee9082da815d.exe; C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1\3c4ee9082da815d.exe [93696 2014-05-27] ()
C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1\3c4ee9082da815d.exe
S2 d35d1fefe712838.exe; C:\Users\Hoang\AppData\Local\9c8e5f111312b248b5f48516f8664940\d35d1fefe712838.exe [X]
C:\Users\Hoang\AppData\Local\9c8e5f111312b248b5f48516f8664940\d35d1fefe712838.exe

*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
3c4ee9082da815d.exe => Unable to stop service
3c4ee9082da815d.exe => Service deleted successfully.
C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1\3c4ee9082da815d.exe => Moved successfully.
d35d1fefe712838.exe => Service deleted successfully.
"C:\Users\Hoang\AppData\Local\9c8e5f111312b248b5f48516f8664940\d35d1fefe712838.exe" => File/Directory not found.


The system needed a reboot.

==== End of Fixlog ====

FRST:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-06-2014
Ran by Hoang (administrator) on MIEP-PC on 06-06-2014 14:14:16
Running from C:\Users\Hoang\Desktop
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\Hoang\AppData\Local\Akamai\netsession_win.exe
() C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Program Files (x86)\puush\puush.exe
(ROCCAT) C:\Program Files (x86)\ROCCAT\Lua Mouse\Lua Config.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Akamai Technologies, Inc.) C:\Users\Hoang\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-09-19] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-19] (IDT, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [183376 2014-05-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-09] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-08] ()
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [18706176 2013-01-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Hoang\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [KPeerNexonEU] => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2013-06-03] (NEXON Inc.)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-02-05] ()
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\MountPoints2: {01149384-1569-11e3-be93-10604b5ccc3a} - "G:\setup.exe"
HKU\S-1-5-21-3899298961-605761135-190624624-1001\...\MountPoints2: {37b830c9-7161-11e2-be6d-806e6f6e6963} - "E:\Launch.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lua Driver.lnk
ShortcutTarget: Lua Driver.lnk -> C:\Program Files (x86)\ROCCAT\Lua Mouse\Lua Config.exe (ROCCAT)
Startup: C:\Users\Hoang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {D17AA79F-6794-48CF-9478-3BB89D4B65B3} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {A8105727-97B2-4B68-8BA5-57150A17B1B3} URL = hxxp://eseeky.com/ws/?tbp=rst&q={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Hoang\AppData\Roaming\Mozilla\Firefox\Profiles\ex1mu0gu.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Hoang\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Hoang\AppData\Roaming\Mozilla\Firefox\Profiles\ex1mu0gu.default\Extensions\youtubeunblocker@unblocker.yt [2014-05-24]
FF Extension: NoScript - C:\Users\Hoang\AppData\Roaming\Mozilla\Firefox\Profiles\ex1mu0gu.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-17]
FF Extension: Adblock Plus - C:\Users\Hoang\AppData\Roaming\Mozilla\Firefox\Profiles\ex1mu0gu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-17]

Chrome:
=======
CHR HomePage: hxxp://www.eseeky.com
CHR StartupUrls: "hxxp://www.eseeky.com"
CHR DefaultSearchKeyword: hxxp://www.eseeky.com
CHR DefaultSearchProvider: eseeky
CHR DefaultSearchURL: hxxp://eseeky.com/ws/?tbp=rst&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-20]
CHR Extension: (Google Drive) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-20]
CHR Extension: (YouTube) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-20]
CHR Extension: (Google-Suche) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-20]
CHR Extension: (Google Wallet) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04]
CHR Extension: (Google Mail) - C:\Users\Hoang\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-20]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [123984 2014-05-14] (Avira Operations GmbH & Co. KG)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-02-16] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-09-07] (DT Soft Ltd)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-05-13] (LogMeIn Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RegFltrX64; C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1\RegFltrX64.sys [18064 2014-05-27] ()
R3 tilfilter; C:\Windows\System32\drivers\TIxHCIlfilter.sys [17528 2012-11-20] (Texas Instruments, Inc.)
R3 tiufilter; C:\Windows\System32\drivers\TIxHCIufilter.sys [23184 2012-11-20] (Texas Instruments, Inc.)
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-06 14:07 - 2014-06-06 14:07 - 00000000 ____D () C:\Users\Hoang\Desktop\FRST-OlderVersion
2014-06-05 14:35 - 2014-06-05 14:35 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2014-06-05 14:09 - 2014-06-05 14:09 - 00854367 _____ () C:\Users\Hoang\Downloads\SecurityCheck.exe
2014-06-04 15:48 - 2014-06-04 15:48 - 02347384 _____ (ESET) C:\Users\Hoang\Downloads\esetsmartinstaller_deu.exe
2014-06-04 15:48 - 2014-06-04 15:48 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-03 14:31 - 2014-06-03 14:31 - 00001439 _____ () C:\Users\Hoang\Desktop\JRT.txt
2014-06-03 14:28 - 2014-06-03 14:28 - 00000000 ____D () C:\windows\ERUNT
2014-06-03 14:27 - 2014-06-03 14:27 - 01016261 _____ (Thisisu) C:\Users\Hoang\Desktop\JRT.exe
2014-06-03 14:24 - 2014-06-03 14:24 - 00001151 _____ () C:\Users\Hoang\Desktop\3-6-14-suchlauf_mbam.txt
2014-06-03 14:06 - 2014-06-03 14:06 - 00000772 _____ () C:\windows\PFRO.log
2014-06-03 14:04 - 2014-06-03 14:05 - 00000000 ____D () C:\AdwCleaner
2014-06-03 14:03 - 2014-06-03 14:03 - 01327971 _____ () C:\Users\Hoang\Downloads\adwcleaner_3.211.exe
2014-06-02 19:49 - 2014-06-02 19:49 - 00000000 ____D () C:\windows\LastGood.Tmp
2014-06-02 19:49 - 2014-05-30 01:07 - 01715176 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2014-06-02 19:49 - 2014-05-30 01:07 - 01291232 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2014-06-02 19:49 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2014-06-02 19:49 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2014-06-02 19:48 - 2014-06-02 19:49 - 00000103 _____ () C:\windows\setupact.log
2014-06-02 19:48 - 2014-06-02 19:48 - 00000000 _____ () C:\windows\setuperr.log
2014-06-02 15:40 - 2014-06-06 14:14 - 00021303 _____ () C:\Users\Hoang\Desktop\FRST.txt
2014-06-02 15:40 - 2014-06-05 14:15 - 00054915 _____ () C:\Users\Hoang\Desktop\FRST5-6.txt
2014-06-02 15:40 - 2014-06-03 14:37 - 00056454 _____ () C:\Users\Hoang\Desktop\FRST-.txt
2014-06-02 15:40 - 2014-06-03 14:35 - 00056270 _____ () C:\Users\Hoang\Desktop\FRST1-6.txt
2014-06-02 15:40 - 2014-06-02 15:41 - 00036767 _____ () C:\Users\Hoang\Desktop\Addition.txt
2014-06-02 15:39 - 2014-06-06 14:14 - 00000000 ____D () C:\FRST
2014-06-01 15:54 - 2014-06-06 14:07 - 00000000 ____D () C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1
2014-06-01 11:22 - 2014-06-06 14:07 - 02072576 _____ (Farbar) C:\Users\Hoang\Desktop\FRST64.exe
2014-06-01 11:16 - 2014-06-01 11:16 - 02067456 _____ (Farbar) C:\Users\Hoang\Downloads\FRST64.exe
2014-06-01 10:00 - 2014-06-01 10:00 - 00001169 _____ () C:\Users\Hoang\Desktop\suchlauf_protokoll_malwarebytes.txt
2014-06-01 08:59 - 2014-06-01 08:59 - 00002772 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-06-01 08:59 - 2014-06-01 08:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-01 08:57 - 2014-06-01 08:57 - 04748896 _____ (Piriform Ltd) C:\Users\Hoang\Downloads\ccsetup414.exe
2014-05-31 10:25 - 2014-05-31 10:26 - 00259584 _____ (OldTimer Tools) C:\Users\Hoang\Downloads\OTH.scr
2014-05-30 19:59 - 2014-06-06 14:09 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-30 19:58 - 2014-05-30 19:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hoang\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-30 19:58 - 2014-05-30 19:58 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-30 19:58 - 2014-05-30 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-30 19:58 - 2014-05-30 19:58 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-30 19:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-05-30 19:58 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-05-30 19:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-05-29 14:46 - 2014-05-29 14:46 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Avira
2014-05-29 14:40 - 2014-05-09 11:16 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-05-29 14:40 - 2014-05-09 11:16 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-05-29 14:40 - 2014-05-09 11:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2014-05-29 14:39 - 2014-05-29 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-29 14:39 - 2014-05-29 14:40 - 00000000 ____D () C:\ProgramData\Avira
2014-05-29 14:39 - 2014-05-29 14:40 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-29 14:39 - 2014-05-29 14:39 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Hoang\Downloads\avira_de_av_4006160815__ws.exe
2014-05-29 14:29 - 2014-05-29 14:29 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hoang\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-29 14:29 - 2014-05-29 14:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 20:58 - 2014-05-28 20:58 - 00342510 _____ () C:\Users\Hoang\Downloads\OptiFine_1.4.6_HD_D5.zip
2014-05-28 19:37 - 2014-05-28 19:37 - 00006384 _____ () C:\Users\Hoang\Downloads\1k18vtgw33x6d7a.dlc
2014-05-28 18:17 - 2014-06-02 17:58 - 00000000 ____D () C:\Users\Hoang\AppData\Local\4ff68f9b611df627146909e95ab1c403
2014-05-28 14:37 - 2014-05-28 14:38 - 00000000 ____D () C:\Users\Hoang\Downloads\assets
2014-05-28 14:37 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\versions
2014-05-28 14:37 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\libraries
2014-05-28 14:14 - 2014-06-05 20:29 - 00000000 ____D () C:\Users\Hoang\AppData\Local\ftblauncher
2014-05-28 09:22 - 2014-05-28 09:22 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\StunlockStudios
2014-05-18 10:35 - 2014-05-18 10:35 - 00000000 __SHD () C:\found.001
2014-05-18 10:18 - 2014-05-18 10:18 - 00000000 __SHD () C:\found.000
2014-05-18 09:54 - 2014-05-18 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\osu!
2014-05-17 20:51 - 2014-05-17 20:51 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Awesomium
2014-05-17 20:50 - 2014-05-17 20:50 - 00002026 _____ () C:\Users\Public\Desktop\Smite.lnk
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-05-17 20:49 - 2014-05-17 20:50 - 39967251 _____ (Hi-Rez Studios) C:\Users\Hoang\Downloads\InstallHiRezGamesEnglish.exe
2014-05-17 19:58 - 2014-05-17 19:58 - 00283144 _____ (Mozilla) C:\Users\Hoang\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-17 19:58 - 2014-05-17 19:58 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-17 19:56 - 2014-05-17 19:56 - 00003114 _____ () C:\windows\System32\Tasks\{9CF79E44-3096-42FA-8501-B0888A8F8F44}
2014-05-17 15:32 - 2014-06-05 21:01 - 00000000 ____D () C:\Program Files (x86)\Steam2
2014-05-17 15:12 - 2014-05-17 15:12 - 01141680 _____ () C:\Users\Hoang\Downloads\SteamSetup.exe
2014-05-16 17:08 - 2014-05-17 10:14 - 00000000 ____D () C:\Users\Hoang\AppData\Local\Arma 3
2014-05-16 17:08 - 2014-05-16 17:08 - 00000000 ____D () C:\Users\Hoang\Documents\Arma 3
2014-05-16 17:08 - 2014-05-16 17:08 - 00000000 ____D () C:\ProgramData\Bohemia Interactive
2014-05-16 15:17 - 2014-05-17 10:49 - 00000000 ____D () C:\Users\Hoang\Documents\Wichtig
2014-05-16 14:00 - 2014-05-16 14:00 - 06111731 _____ () C:\Users\Hoang\Downloads\LAN_Win7_7077.zip
2014-05-16 13:58 - 2014-05-16 13:58 - 00155838 _____ () C:\Users\Hoang\Downloads\Lan_Realtek_7.3.522.5009_W7x64_A.zip
2014-05-16 13:49 - 2014-05-16 13:49 - 04927173 _____ () C:\Users\Hoang\Downloads\INF_10.0.14.zip
2014-05-16 13:13 - 2014-05-16 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-16 13:13 - 2014-05-16 13:13 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-15 15:48 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-15 15:48 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-05-15 15:47 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-15 15:47 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-05-15 15:47 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-15 15:47 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-15 15:47 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-05-15 15:47 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-05-15 15:47 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-05-15 15:47 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2014-05-15 15:47 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2014-05-15 15:47 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-15 15:47 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-15 15:47 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-05-15 15:47 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-05-15 15:47 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2014-05-15 15:46 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-15 15:46 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2014-05-15 15:46 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-05-15 15:46 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-05-15 15:46 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll
2014-05-15 15:46 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-05-15 15:46 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2014-05-15 15:46 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-05-15 15:46 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-05-15 15:46 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-05-15 15:46 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-05-15 15:46 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\workerdd.dll
2014-05-15 15:46 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-05-15 15:46 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-05-15 15:46 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-05-15 15:46 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-05-15 15:46 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-05-15 15:46 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-15 15:46 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2014-05-15 15:46 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-05-15 15:46 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-05-15 15:46 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-05-15 15:46 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-05-15 15:45 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-15 15:45 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-15 15:45 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-15 15:45 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-15 15:45 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-15 15:45 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-15 15:45 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-05-15 15:45 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-05-15 15:45 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\windows\system32\gpedit.dll
2014-05-15 15:45 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpedit.dll
2014-05-15 15:45 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-05-15 15:45 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-05-15 15:45 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-05-15 15:45 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-05-15 15:45 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-05-15 15:45 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys
2014-05-13 16:21 - 2014-05-13 16:28 - 05828846 _____ () C:\Users\Hoang\Downloads\01 Hört, Hört (Intro).m4a
2014-05-13 14:29 - 2014-05-13 14:29 - 00046136 ____H (LogMeIn Inc.) C:\windows\system32\Drivers\Hamdrv.sys
2014-05-10 22:04 - 2014-05-10 22:04 - 00000000 ____D () C:\Users\Hoang\Documents\Klei
2014-05-10 22:03 - 2014-05-29 14:45 - 00000000 ____D () C:\Program Files (x86)\Dont Starve Reign of Giants
2014-05-10 22:02 - 2014-05-10 22:02 - 00000000 ____D () C:\Users\Hoang\Documents\Dont.Starve.Reign.of.Giants-CODEX
2014-05-10 21:53 - 2014-05-10 21:54 - 350810614 _____ () C:\Users\Hoang\Downloads\Dont.Starve.Reign.of.Giants-CODEX.rar
2014-05-10 10:13 - 2014-05-17 19:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-06-06 14:14 - 2014-06-02 15:40 - 00021303 _____ () C:\Users\Hoang\Desktop\FRST.txt
2014-06-06 14:14 - 2014-06-02 15:39 - 00000000 ____D () C:\FRST
2014-06-06 14:14 - 2013-06-20 16:33 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-06 14:14 - 2013-02-08 10:24 - 00000000 ____D () C:\Users\Hoang\AppData\Local\PMB Files
2014-06-06 14:14 - 2013-02-07 22:22 - 00000000 ____D () C:\Users\Hoang\AppData\Local\Temp
2014-06-06 14:09 - 2014-05-30 19:59 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-06 14:09 - 2013-10-07 10:46 - 00000000 ____D () C:\Users\Hoang\AppData\Local\LogMeIn Hamachi
2014-06-06 14:09 - 2013-10-03 19:35 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-06 14:09 - 2013-06-20 16:33 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-06 14:09 - 2013-02-08 12:57 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Skype
2014-06-06 14:08 - 2012-12-12 05:18 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-06 14:08 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-06 14:08 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-06-06 14:07 - 2014-06-06 14:07 - 00000000 ____D () C:\Users\Hoang\Desktop\FRST-OlderVersion
2014-06-06 14:07 - 2014-06-01 15:54 - 00000000 ____D () C:\Users\Hoang\AppData\Local\5ccf9f5034cbd628f96dfef491f2d7b1
2014-06-06 14:07 - 2014-06-01 11:22 - 02072576 _____ (Farbar) C:\Users\Hoang\Desktop\FRST64.exe
2014-06-06 14:07 - 2013-02-07 22:22 - 01327947 _____ () C:\windows\WindowsUpdate.log
2014-06-06 14:04 - 2013-10-03 19:35 - 00000000 ____D () C:\ProgramData\Origin
2014-06-06 14:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-06-05 21:49 - 2013-11-03 21:08 - 00000000 ____D () C:\Program Files (x86)\osu!
2014-06-05 21:08 - 2013-02-08 10:16 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-06-05 21:01 - 2014-05-17 15:32 - 00000000 ____D () C:\Program Files (x86)\Steam2
2014-06-05 20:29 - 2014-05-28 14:14 - 00000000 ____D () C:\Users\Hoang\AppData\Local\ftblauncher
2014-06-05 15:42 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-06-05 14:35 - 2014-06-05 14:35 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2014-06-05 14:26 - 2012-12-12 14:12 - 00745562 _____ () C:\windows\system32\perfh007.dat
2014-06-05 14:26 - 2012-12-12 14:12 - 00169488 _____ () C:\windows\system32\perfc007.dat
2014-06-05 14:26 - 2012-07-26 09:28 - 01752656 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-05 14:15 - 2014-06-02 15:40 - 00054915 _____ () C:\Users\Hoang\Desktop\FRST5-6.txt
2014-06-05 14:09 - 2014-06-05 14:09 - 00854367 _____ () C:\Users\Hoang\Downloads\SecurityCheck.exe
2014-06-04 15:48 - 2014-06-04 15:48 - 02347384 _____ (ESET) C:\Users\Hoang\Downloads\esetsmartinstaller_deu.exe
2014-06-04 15:48 - 2014-06-04 15:48 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-03 18:47 - 2014-04-13 09:35 - 00000000 ____D () C:\Users\Hoang\Desktop\Unwichtig
2014-06-03 17:53 - 2013-03-09 20:01 - 00443392 ___SH () C:\Users\Hoang\Desktop\Thumbs.db
2014-06-03 17:28 - 2013-02-07 22:32 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3899298961-605761135-190624624-1001
2014-06-03 14:50 - 2013-02-08 12:10 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\.minecraft
2014-06-03 14:37 - 2014-06-02 15:40 - 00056454 _____ () C:\Users\Hoang\Desktop\FRST-.txt
2014-06-03 14:35 - 2014-06-02 15:40 - 00056270 _____ () C:\Users\Hoang\Desktop\FRST1-6.txt
2014-06-03 14:31 - 2014-06-03 14:31 - 00001439 _____ () C:\Users\Hoang\Desktop\JRT.txt
2014-06-03 14:28 - 2014-06-03 14:28 - 00000000 ____D () C:\windows\ERUNT
2014-06-03 14:27 - 2014-06-03 14:27 - 01016261 _____ (Thisisu) C:\Users\Hoang\Desktop\JRT.exe
2014-06-03 14:24 - 2014-06-03 14:24 - 00001151 _____ () C:\Users\Hoang\Desktop\3-6-14-suchlauf_mbam.txt
2014-06-03 14:06 - 2014-06-03 14:06 - 00000772 _____ () C:\windows\PFRO.log
2014-06-03 14:06 - 2013-02-09 20:03 - 00000348 _____ () C:\windows\Tasks\HPCeeScheduleForHoang.job
2014-06-03 14:05 - 2014-06-03 14:04 - 00000000 ____D () C:\AdwCleaner
2014-06-03 14:03 - 2014-06-03 14:03 - 01327971 _____ () C:\Users\Hoang\Downloads\adwcleaner_3.211.exe
2014-06-02 19:49 - 2014-06-02 19:49 - 00000000 ____D () C:\windows\LastGood.Tmp
2014-06-02 19:49 - 2014-06-02 19:48 - 00000103 _____ () C:\windows\setupact.log
2014-06-02 19:49 - 2013-11-12 20:30 - 00000000 ____D () C:\Users\Hoang\AppData\Local\NVIDIA Corporation
2014-06-02 19:49 - 2012-12-12 05:17 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-02 19:49 - 2012-12-12 05:16 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-02 19:49 - 2012-12-12 05:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-02 19:48 - 2014-06-02 19:48 - 00000000 _____ () C:\windows\setuperr.log
2014-06-02 17:58 - 2014-05-28 18:17 - 00000000 ____D () C:\Users\Hoang\AppData\Local\4ff68f9b611df627146909e95ab1c403
2014-06-02 15:41 - 2014-06-02 15:40 - 00036767 _____ () C:\Users\Hoang\Desktop\Addition.txt
2014-06-02 15:38 - 2014-04-30 13:56 - 00003162 _____ () C:\windows\System32\Tasks\HPCeeScheduleForHoang
2014-06-02 15:38 - 2013-02-07 22:22 - 00000000 ____D () C:\Users\Hoang
2014-06-01 11:16 - 2014-06-01 11:16 - 02067456 _____ (Farbar) C:\Users\Hoang\Downloads\FRST64.exe
2014-06-01 10:00 - 2014-06-01 10:00 - 00001169 _____ () C:\Users\Hoang\Desktop\suchlauf_protokoll_malwarebytes.txt
2014-06-01 09:10 - 2013-09-07 20:24 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\DAEMON Tools Lite
2014-06-01 09:10 - 2013-05-20 19:54 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\TS3Client
2014-06-01 09:10 - 2013-05-07 14:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-01 09:03 - 2014-02-24 16:00 - 00000000 ____D () C:\windows\Minidump
2014-06-01 09:03 - 2012-08-02 04:02 - 00000000 ____D () C:\windows\Panther
2014-06-01 08:59 - 2014-06-01 08:59 - 00002772 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-06-01 08:59 - 2014-06-01 08:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-01 08:57 - 2014-06-01 08:57 - 04748896 _____ (Piriform Ltd) C:\Users\Hoang\Downloads\ccsetup414.exe
2014-05-31 19:08 - 2013-02-09 20:03 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-05-31 19:08 - 2013-02-09 20:03 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-31 10:26 - 2014-05-31 10:25 - 00259584 _____ (OldTimer Tools) C:\Users\Hoang\Downloads\OTH.scr
2014-05-30 19:58 - 2014-05-30 19:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hoang\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-30 19:58 - 2014-05-30 19:58 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-30 19:58 - 2014-05-30 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-30 19:58 - 2014-05-30 19:58 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-30 01:07 - 2014-06-02 19:49 - 01715176 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2014-05-30 01:07 - 2014-06-02 19:49 - 01291232 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2014-05-30 01:07 - 2013-10-29 18:15 - 01279480 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2014-05-30 01:07 - 2013-10-29 18:15 - 01122312 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2014-05-29 14:46 - 2014-05-29 14:46 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Avira
2014-05-29 14:45 - 2014-05-10 22:03 - 00000000 ____D () C:\Program Files (x86)\Dont Starve Reign of Giants
2014-05-29 14:40 - 2014-05-29 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-29 14:40 - 2014-05-29 14:39 - 00000000 ____D () C:\ProgramData\Avira
2014-05-29 14:40 - 2014-05-29 14:39 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-29 14:39 - 2014-05-29 14:39 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Hoang\Downloads\avira_de_av_4006160815__ws.exe
2014-05-29 14:39 - 2013-07-10 16:37 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-29 14:29 - 2014-05-29 14:29 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hoang\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-29 14:29 - 2014-05-29 14:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-29 12:36 - 2013-05-07 15:10 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-28 20:58 - 2014-05-28 20:58 - 00342510 _____ () C:\Users\Hoang\Downloads\OptiFine_1.4.6_HD_D5.zip
2014-05-28 19:37 - 2014-05-28 19:37 - 00006384 _____ () C:\Users\Hoang\Downloads\1k18vtgw33x6d7a.dlc
2014-05-28 14:38 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\assets
2014-05-28 14:38 - 2013-08-17 09:52 - 00000000 ____D () C:\Users\Hoang\Downloads\FTBLite
2014-05-28 14:37 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\versions
2014-05-28 14:37 - 2014-05-28 14:37 - 00000000 ____D () C:\Users\Hoang\Downloads\libraries
2014-05-28 14:37 - 2013-06-04 14:56 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\ftblauncher
2014-05-28 14:15 - 2014-02-21 16:46 - 00000000 ____D () C:\Users\Hoang\Downloads\authlib
2014-05-28 14:14 - 2013-06-04 14:56 - 04916349 _____ () C:\Users\Hoang\Desktop\FTB_Launcher.exe
2014-05-28 09:22 - 2014-05-28 09:22 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\StunlockStudios
2014-05-27 18:28 - 2013-10-25 18:51 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\.technic
2014-05-25 18:38 - 2013-08-21 18:03 - 00012502 _____ () C:\Users\Hoang\Documents\Praktikum-Lebenslauf.odt
2014-05-25 18:23 - 2013-06-06 17:48 - 00291128 _____ () C:\windows\SysWOW64\PnkBstrB.xtr
2014-05-25 18:23 - 2013-06-06 17:47 - 00291128 _____ () C:\windows\SysWOW64\PnkBstrB.exe
2014-05-25 18:22 - 2013-06-06 17:47 - 00291128 _____ () C:\windows\SysWOW64\PnkBstrB.ex0
2014-05-23 14:36 - 2013-05-07 19:45 - 00000000 ___HD () C:\windows\msdownld.tmp
2014-05-23 14:36 - 2013-05-07 19:45 - 00000000 ____D () C:\windows\SysWOW64\directx
2014-05-23 14:02 - 2014-04-30 18:38 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-05-18 18:44 - 2013-05-06 18:10 - 00000000 ____D () C:\Users\Hoang\Desktop\Wichtig
2014-05-18 11:48 - 2013-04-04 18:08 - 00000000 ____D () C:\Users\Hoang\Documents\My Games
2014-05-18 10:36 - 2013-02-07 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-18 10:35 - 2014-05-18 10:35 - 00000000 __SHD () C:\found.001
2014-05-18 10:18 - 2014-05-18 10:18 - 00000000 __SHD () C:\found.000
2014-05-18 09:57 - 2013-11-03 21:08 - 00000000 ____D () C:\Users\Hoang\Documents\Songs
2014-05-18 09:56 - 2013-11-03 21:08 - 00000000 ____D () C:\Users\Hoang\Documents\Skins
2014-05-18 09:54 - 2014-05-18 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\osu!
2014-05-17 20:51 - 2014-05-17 20:51 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Awesomium
2014-05-17 20:50 - 2014-05-17 20:50 - 00002026 _____ () C:\Users\Public\Desktop\Smite.lnk
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:50 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-05-17 20:50 - 2014-05-17 20:49 - 39967251 _____ (Hi-Rez Studios) C:\Users\Hoang\Downloads\InstallHiRezGamesEnglish.exe
2014-05-17 20:50 - 2012-12-12 05:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-17 19:58 - 2014-05-17 19:58 - 00283144 _____ (Mozilla) C:\Users\Hoang\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-17 19:58 - 2014-05-17 19:58 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-17 19:58 - 2014-05-10 10:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-17 19:58 - 2013-02-07 22:30 - 00000000 ____D () C:\Users\Hoang\AppData\Roaming\Mozilla
2014-05-17 19:56 - 2014-05-17 19:56 - 00003114 _____ () C:\windows\System32\Tasks\{9CF79E44-3096-42FA-8501-B0888A8F8F44}
2014-05-17 15:32 - 2013-05-07 14:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-17 15:12 - 2014-05-17 15:12 - 01141680 _____ () C:\Users\Hoang\Downloads\SteamSetup.exe
2014-05-17 10:49 - 2014-05-16 15:17 - 00000000 ____D () C:\Users\Hoang\Documents\Wichtig
2014-05-17 10:16 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\LiveKernelReports
2014-05-17 10:14 - 2014-05-16 17:08 - 00000000 ____D () C:\Users\Hoang\AppData\Local\Arma 3
2014-05-16 20:22 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-05-16 17:08 - 2014-05-16 17:08 - 00000000 ____D () C:\Users\Hoang\Documents\Arma 3
2014-05-16 17:08 - 2014-05-16 17:08 - 00000000 ____D () C:\ProgramData\Bohemia Interactive
2014-05-16 14:00 - 2014-05-16 14:00 - 06111731 _____ () C:\Users\Hoang\Downloads\LAN_Win7_7077.zip
2014-05-16 13:58 - 2014-05-16 13:58 - 00155838 _____ () C:\Users\Hoang\Downloads\Lan_Realtek_7.3.522.5009_W7x64_A.zip
2014-05-16 13:49 - 2014-05-16 13:49 - 04927173 _____ () C:\Users\Hoang\Downloads\INF_10.0.14.zip
2014-05-16 13:28 - 2013-02-07 22:24 - 00000000 ___RD () C:\Users\Hoang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 13:28 - 2013-02-07 22:24 - 00000000 ___RD () C:\Users\Hoang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 13:13 - 2014-05-16 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-16 13:13 - 2014-05-16 13:13 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\SecureBootUpdates
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-16 13:09 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-15 18:12 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-05-15 18:06 - 2013-08-14 16:27 - 00000000 ____D () C:\windows\system32\MRT
2014-05-15 18:03 - 2013-02-09 13:30 - 93223848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-05-15 18:03 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-05-13 20:09 - 2013-02-08 10:16 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 16:28 - 2014-05-13 16:21 - 05828846 _____ () C:\Users\Hoang\Downloads\01 Hört, Hört (Intro).m4a
2014-05-13 14:29 - 2014-05-13 14:29 - 00046136 ____H (LogMeIn Inc.) C:\windows\system32\Drivers\Hamdrv.sys
2014-05-12 15:48 - 2013-04-02 18:33 - 00000000 ____D () C:\Users\Hoang\Documents\uztcf
2014-05-12 07:26 - 2014-05-30 19:58 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-30 19:58 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-30 19:58 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-05-10 22:04 - 2014-05-10 22:04 - 00000000 ____D () C:\Users\Hoang\Documents\Klei
2014-05-10 22:02 - 2014-05-10 22:02 - 00000000 ____D () C:\Users\Hoang\Documents\Dont.Starve.Reign.of.Giants-CODEX
2014-05-10 21:54 - 2014-05-10 21:53 - 350810614 _____ () C:\Users\Hoang\Downloads\Dont.Starve.Reign.of.Giants-CODEX.rar
2014-05-10 09:09 - 2013-06-20 16:33 - 00004096 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-10 09:09 - 2013-06-20 16:33 - 00003860 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 11:16 - 2014-05-29 14:40 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-05-09 11:16 - 2014-05-29 14:40 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-05-09 11:16 - 2014-05-29 14:40 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys

Some content of TEMP:
====================
C:\Users\Hoang\AppData\Local\Temp\avgnt.exe
C:\Users\Hoang\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-15 15:47] - [2014-04-12 11:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-26 19:48

==================== End Of Log ============================
--- --- ---

schrauber 07.06.2014 05:55
Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

SkyMiep 07.06.2014 12:32
Sehr gut, die lästige Werbung ist jetzt weg.

Vielen Dank :D


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:19 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19