Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Abofalle über E-Mail, oder nicht hab kein plan .. (https://www.trojaner-board.de/152964-abofalle-e-mail-hab-kein-plan.html)

xRidi57 23.04.2014 22:31
Abofalle über E-Mail, oder nicht hab kein plan ..
 
Liste der Anhänge anzeigen (Anzahl: 2)
Hallo bin neu hier im Forum ,also ich hab ein Problem ,undswar hab ich um 4 uhr morgens ne Mail von ner Firma bekommen die nennt sich "Download Mediathek GmBh". im Google hab ich nichts gefunden nach unter der Firma in der E-mail stand /kurzgefasst:
Ich hätte mich bei denen Angemeldet zu einem monatlichen Preis von 39,99€ und einem 12 monatigen Laufzeitvertrages, um von deren Diensten zu nutzen und das im Anhang (Ms Dos Anwendung) Die Abbrechnung zu finden ist, jedoch ist das mir zu unseriös
Lade euch mal 2 screens hoch im Anhang zu finden
Bitte um eure Hilfen und vielen dank im Vorraus

1 Screen : von der Email
2: Screen von der ( Datei , wo alles drin stehen soll)
und sorry falls es im falschen bereich ist.

MFG Ridvan Senel

schrauber 24.04.2014 06:24
hi,

hast Du die Datei ausgeführt`?

free-eagle 24.04.2014 08:23
das gleiche Problem habe ich auch. Wohl gleicher Text nur von media center ag.

Hab mit Outlook nur die Mail! geöffnet. Zunächst war in der Übersicht mit einer Klammer angezeigt, dass ein Anhang dabei wäre, plötzlich war die Klammer aber weg. Ein Anhang wurde nicht angezeigt in der Mail. Die Mail wurde allerdings auch nur halb zerissen dargestellt.

Hat sich da was installiert? Norton und malwarebytes finden nichts...

Vielleicht hat web.de den Anhang automatisch "entschärft" ?

Merkwürdig. Hat wer Rat?

Anzeige erstatten?
Laptop neu aufsetzen ?

xRidi57 24.04.2014 13:00
Zitat:
Zitat von schrauber (Beitrag 1289890)
hi,

hast Du die Datei ausgeführt`?
hab es aus neugier 1x geöffnet , aber dann hat der antivirus sofort zugeschlagen, hab dann auf
datei reinigen geklickt und aufeinmal hat sich der pc neugefahren, sofort auf viren überprüft
garkeine bedrohung mehr , stand da

@ Ist es eine Fake mail oder nicht?

schrauber 25.04.2014 08:28
Klar ist das ein Fake, doof nur dass du sie ausgeführt hast.


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


xRidi57 25.04.2014 17:15
So hier die Die FRST TXT datei und die addition.

schrauber 26.04.2014 08:26
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

xRidi57 26.04.2014 15:55
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-04-2014 01
Ran by Senel (administrator) on SENEL-PC on 25-04-2014 18:04:11
Running from C:\Users\Senel\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Ymir Entertainment) C:\Users\Senel\Desktop\Hardcore-RELOADED\bin\metin2client.bin


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2041192 2012-12-29] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2544664 2014-03-22] ()
HKU\S-1-5-21-1969415253-1381297592-3536760822-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1969415253-1381297592-3536760822-1000\...\Run: [ccleaner] => C:\Program Files\Portable\CCleaner Professional 64-bit v3.26.1888\CCleaner64.exe [5628848 2012-12-19] (Piriform Ltd)
HKU\S-1-5-21-1969415253-1381297592-3536760822-1000\...\MountPoints2: {80d41f16-b3df-11e2-9b7b-00219b3b5af3} - E:\Startme.exe
HKU\S-1-5-21-1969415253-1381297592-3536760822-1000\...\MountPoints2: {fbacd5fe-90ac-11e1-8294-00219b3b5af3} - E:\iStudio.exe
HKU\S-1-5-21-1969415253-1381297592-3536760822-1015\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => "C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL" File Not Found
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\icloud.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\icloudweb.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\shellstreamsshortcut.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\digital imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=3103cad4-749d-4c4e-ad06-76606549414e&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrId=361C00219B3B5AF3&affID=128492&tsp=5210
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB312C1B358C6CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=3103cad4-749d-4c4e-ad06-76606549414e&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1391479063&from=epom2&uid=ST3250310AS_6RYCW312XXXX6RYCW312
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391479063&from=epom2&uid=ST3250310AS_6RYCW312XXXX6RYCW312&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1391479063&from=epom2&uid=ST3250310AS_6RYCW312XXXX6RYCW312
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1391479063&from=epom2&uid=ST3250310AS_6RYCW312XXXX6RYCW312
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1391479063&from=epom2&uid=ST3250310AS_6RYCW312XXXX6RYCW312&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391479063&from=epom2&uid=ST3250310AS_6RYCW312XXXX6RYCW312&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1391479063&from=epom2&uid=ST3250310AS_6RYCW312XXXX6RYCW312
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1391479063&from=epom2&uid=ST3250310AS_6RYCW312XXXX6RYCW312
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1391479063&from=epom2&uid=ST3250310AS_6RYCW312XXXX6RYCW312&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1388332930&from=tugs&uid=ST3250310AS_6RYCW312XXXX6RYCW312
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391479063&from=epom2&uid=ST3250310AS_6RYCW312XXXX6RYCW312&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391479063&from=epom2&uid=ST3250310AS_6RYCW312XXXX6RYCW312&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=1083&systemid=1&apn_dtid=IME001&apn_ptnrs=AG1&o=APN10653&apn_uid=3845565516064015&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=435&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=8262354109704303&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391479063&from=epom2&uid=ST3250310AS_6RYCW312XXXX6RYCW312&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=3103cad4-749d-4c4e-ad06-76606549414e&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
SearchScopes: HKLM-x32 - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://startsear.ch/?aff=2&src=sp&cf=23b46b08-3eca-11e1-83f9-00219b3b5af3&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391479063&from=epom2&uid=ST3250310AS_6RYCW312XXXX6RYCW312&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=1083&systemid=1&apn_dtid=IME001&apn_ptnrs=AG1&o=APN10653&apn_uid=3845565516064015&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=435&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=8262354109704303&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481020
SearchScopes: HKLM-x32 - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=23b46b08-3eca-11e1-83f9-00219b3b5af3&q={searchTerms}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={A8304609-4950-11E2-AB2B-00219B3B5AF3}
SearchScopes: HKCU - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481020
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=3103cad4-749d-4c4e-ad06-76606549414e&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=361C00219B3B5AF3&affID=128492&tsp=5210
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391479063&from=epom2&uid=ST3250310AS_6RYCW312XXXX6RYCW312&q={searchTerms}
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=3F0F6C1CECD6A807A0592650A95CD44C&q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://mysearch.avg.com/search?cid={8BA2E64F-A341-40B9-AE78-55976F02621C}&mid=8d30daaf834b47d2ad54d168dddfb300-d34e44a11638f55389816c80ef77a950c775f85a&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-21 19:45:10&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=1083&systemid=1&apn_dtid=IME001&apn_ptnrs=AG1&o=APN10653&apn_uid=3845565516064015&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=435&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=8262354109704303&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481020
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL =
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={A8304609-4950-11E2-AB2B-00219B3B5AF3}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FoxTab - {4DF4AC8C-FFA8-40FF-91F0-EB8389314B78} - C:\Users\Senel\AppData\LocalLow\FoxTab\IE\FoxTab.dll (The FoxTab Team)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.5.292\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: DataMngr - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} -  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} -  No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - No Name - !{c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
Toolbar: HKLM-x32 - No Name - !{c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
Toolbar: HKLM-x32 - Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.5.292\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} -  No File
Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File
Toolbar: HKCU - No Name - {5786D022-540E-4699-B350-B4BE0AE94B79} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C0CEF198-2956-4B3E-B56D-CD71F16ABB6F}: [NameServer]62.109.121.2 62.109.121.1

FireFox:
========
FF ProfilePath: C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\Profiles\p8bg8o9l.default
FF user.js: detected! => C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\Profiles\p8bg8o9l.default\user.js
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.5\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\Profiles\p8bg8o9l.default\searchplugins\buenosearch.xml
FF SearchPlugin: C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\Profiles\p8bg8o9l.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\Profiles\p8bg8o9l.default\searchplugins\improvedsearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
FF Extension: Feven 1.5 - C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\Profiles\p8bg8o9l.default\Extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com [2013-12-29]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\Profiles\p8bg8o9l.default\Extensions\ich@maltegoetz.de [2013-03-16]
FF Extension: No Name - C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2012-12-24]
FF Extension: No Name - C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2013-03-16]
FF Extension: Movie2kDownloader - C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.91
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.91 [2014-03-21]
FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\

Chrome:
=======
CHR HomePage: hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrId=361C00219B3B5AF3&affID=128492&tsp=5210
CHR RestoreOnStartup: "hxxp://www.awesomehp.com/?type=hp&ts=1391479063&from=epom2&uid=ST3250310AS_6RYCW312XXXX6RYCW312"
CHR StartupUrls: "hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrId=361C00219B3B5AF3&affID=128492&tsp=5210"
CHR DefaultSearchKeyword: mysearch.avg.com
CHR DefaultSearchProvider: AVG Secure Search
CHR DefaultSearchURL: hxxp://mysearch.avg.com/search?cid={8BA2E64F-A341-40B9-AE78-55976F02621C}&mid=8d30daaf834b47d2ad54d168dddfb300-d34e44a11638f55389816c80ef77a950c775f85a&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-21 19:45:10&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms}
CHR Extension: (ProxTube) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-10-25]
CHR Extension: (QuickShare Widget) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl [2013-10-30]
CHR Extension: (Docs) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-28]
CHR Extension: (Google Drive) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-28]
CHR Extension: (No Name) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb [2013-05-12]
CHR Extension: (DVDVideoSoftTB DE) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm [2012-09-17]
CHR Extension: (YouTube) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-28]
CHR Extension: (Extended Protection) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2014-02-04]
CHR Extension: (Google Search) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-28]
CHR Extension: (Zwinky) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehjkfdmkpocpileolmldepapdjbfegei [2013-12-24]
CHR Extension: (No Name) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga [2012-12-20]
CHR Extension: (Improved Search) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hahpjplbmicfkmoccokbjejahjjpnena [2014-03-02]
CHR Extension: (SweetIM for Facebook) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2013-10-25]
CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2012-09-17]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-25]
CHR Extension: (SweetPacks Chrome Extension) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj [2013-10-25]
CHR Extension: (FoxTab) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pailhpppfllmijejfccffanaigjphjnb [2013-10-25]
CHR Extension: (Gmail) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-28]
CHR HKCU\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\Senel\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [2013-05-06]
CHR HKCU\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\Senel\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-09-11]
CHR HKCU\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\Senel\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx [2012-12-01]
CHR HKCU\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Senel\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-08-26]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2012-08-26]
CHR HKLM-x32\...\Chrome\Extension: [aakchaleigkohafkfjfjbblobjifikek] - C:\Users\Senel\AppData\LocalLow\proxtube\CHROME\proxtube.crx [2012-04-19]
CHR HKLM-x32\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\Senel\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [2013-05-06]
CHR HKLM-x32\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\Senel\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-09-11]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Senel\AppData\Roaming\BabSolution\CR\Delta.crx [2012-09-11]
CHR HKLM-x32\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\Senel\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx [2012-12-01]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2013-12-29]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-12-18]
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Senel\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-08-26]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2012-12-18]
CHR HKLM-x32\...\Chrome\Extension: [pailhpppfllmijejfccffanaigjphjnb] - C:\Users\Senel\AppData\LocalLow\FoxTab\CHROME\FoxTab.crx [2010-06-09]
CHR HKLM-x32\...\Chrome\Extension: [pkndmigholgfjlniaohblojbhgjbkakn] - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-02-04]

==================== Services (Whitelisted) =================

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4467488 2013-05-29] (INCA Internet Co., Ltd.)
S3 Pml Driver HPZ12; C:\Windows\SysWOW64\HPZipm12.exe [65536 2004-03-18] (HP)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2102072 2013-12-18] (AVG)
R2 vToolbarUpdater18.0.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [1771032 2014-03-22] (AVG Secure Search)
S3 xsherlock; C:\Windows\SysWOW64\xsherlock.xem [666720 2012-12-20] (Wellbia.com Co., Ltd.)

==================== Drivers (Whitelisted) ====================

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-03-22] (AVG Technologies)
S3 REN2CAP_DRIVER; C:\Windows\System32\drivers\ren2cap.sys [46728 2011-11-07] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-08-16] (Duplex Secure Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
S3 TKCtrl; \??\C:\Windows\system32\TKCtrl2k64.sys [X]
S3 TKFsAvM; \??\C:\Windows\system32\TKFsAv64.sys [X]
S3 TKFsFtM; \??\C:\Windows\system32\TKFsFt64.sys [X]
S1 TKFWFV; system32\TKFWFV64.sys [X]
S3 TKFWVT; \??\C:\Windows\system32\TKFWVT64.sys [X]
S3 TkIdsVt; \??\C:\Windows\system32\TkIdsVt64.sys [X]
S3 TKPcFt; \??\C:\Windows\system32\TKPcFtCb64.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-25 18:04 - 2014-04-25 18:04 - 00029115 _____ () C:\Users\Senel\Downloads\FRST.txt
2014-04-25 18:03 - 2014-04-25 18:04 - 00000000 ____D () C:\FRST
2014-04-25 18:03 - 2014-04-25 18:03 - 02061312 _____ (Farbar) C:\Users\Senel\Downloads\FRST64.exe
2014-04-24 20:31 - 2014-04-24 20:31 - 00000452 _____ () C:\Users\Senel\Bundesliga..txt
2014-04-23 10:56 - 2014-04-24 14:28 - 00009962 _____ () C:\Windows\PFRO.log
2014-04-23 09:51 - 2014-04-23 09:52 - 00300104 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-23 09:49 - 2014-04-23 09:53 - 00000000 ___HD () C:\Users\Senel\AppData\Local\Pvyjq
2014-04-22 20:14 - 2014-04-22 20:14 - 00064624 _____ () C:\Users\Senel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-22 20:12 - 2014-04-22 20:13 - 00018473 _____ () C:\Windows\DirectX.log
2014-04-22 20:10 - 2014-04-23 10:40 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-04-22 16:10 - 2014-04-24 20:22 - 00003416 _____ () C:\Windows\setupact.log
2014-04-22 16:10 - 2014-04-22 16:10 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 23:34 - 2014-04-19 23:34 - 00000000 ____D () C:\Riot Games
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-13 10:45 - 2014-04-13 10:45 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG
2014-04-13 10:41 - 2014-04-13 10:41 - 00000000 ____D () C:\Users\Administrator\AppData\Local\AVG SafeGuard toolbar
2014-04-13 10:40 - 2014-04-13 10:40 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG2014
2014-04-13 10:40 - 2014-04-13 10:40 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Avg2014
2014-04-10 21:18 - 2014-04-10 21:18 - 00000000 ____D () C:\Users\Senel\AppData\Local\dumps
2014-04-10 20:06 - 2014-04-10 20:06 - 00000000 ____D () C:\CFLog
2014-04-10 19:35 - 2014-04-10 19:35 - 00000000 ____D () C:\Program Files (x86)\Z8Games
2014-04-10 19:20 - 2014-04-10 19:20 - 00000178 _____ () C:\console.log
2014-04-09 12:04 - 2013-12-25 03:22 - 00000000 ____D () C:\Users\Senel\Desktop\Hardcore-RELOADED
2014-04-08 21:58 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-08 21:57 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-08 21:57 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-08 21:57 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-08 21:54 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-08 21:54 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-08 21:54 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-08 21:54 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-08 21:54 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-08 21:54 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-08 21:54 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-08 21:54 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-08 21:54 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-08 21:54 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-08 21:54 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-08 21:54 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-08 21:54 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-08 21:54 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-08 21:54 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-08 21:54 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-08 21:54 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-07 19:01 - 2011-11-07 16:18 - 00046728 _____ () C:\Windows\system32\Drivers\ren2cap.sys
2014-04-01 11:50 - 2014-04-23 10:59 - 00000000 ____D () C:\Fraps
2014-04-01 11:42 - 2014-04-01 11:42 - 00002676 _____ () C:\Users\Senel\Videos\Documents\Vegas Pro registrieren.htm
2014-04-01 11:30 - 2014-04-01 11:30 - 00000000 ____D () C:\Program Files\Sony
2014-04-01 11:30 - 2014-04-01 11:30 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-04-01 08:06 - 2014-04-25 09:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-03-31 16:20 - 2014-03-31 16:20 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-03-30 00:15 - 2014-03-30 00:15 - 00000000 ____D () C:\Users\Ridi\AppData\Roaming\AVG
2014-03-30 00:11 - 2014-03-30 00:11 - 00000000 ____D () C:\Users\Ridi\AppData\Local\AVG SafeGuard toolbar
2014-03-30 00:10 - 2014-03-30 00:10 - 00000000 ____D () C:\Users\Ridi\AppData\Roaming\AVG2014
2014-03-30 00:10 - 2014-03-30 00:10 - 00000000 ____D () C:\Users\Ridi\AppData\Local\Avg2014
2014-03-27 22:14 - 2014-03-27 22:14 - 00192792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-03-27 22:14 - 2014-03-27 22:14 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-03-27 22:07 - 2014-03-27 22:07 - 00236824 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-03-27 22:05 - 2014-03-27 22:05 - 00324376 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-03-27 22:03 - 2014-03-27 22:03 - 00032536 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-03-26 19:25 - 2014-03-26 19:25 - 00000053 _____ () C:\Users\Senel\dasdsdsad.txt
2014-03-26 16:30 - 2014-03-26 16:30 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-03-26 16:30 - 2014-03-26 16:30 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab

==================== One Month Modified Files and Folders =======

2014-04-25 18:04 - 2014-04-25 18:04 - 00029115 _____ () C:\Users\Senel\Downloads\FRST.txt
2014-04-25 18:04 - 2014-04-25 18:03 - 00000000 ____D () C:\FRST
2014-04-25 18:03 - 2014-04-25 18:03 - 02061312 _____ (Farbar) C:\Users\Senel\Downloads\FRST64.exe
2014-04-25 17:58 - 2014-03-07 14:35 - 02087490 _____ () C:\Windows\WindowsUpdate.log
2014-04-25 17:29 - 2011-12-31 20:16 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-25 17:27 - 2014-02-04 03:04 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-25 17:11 - 2012-04-26 09:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-25 15:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-04-25 09:44 - 2014-04-01 08:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-25 09:44 - 2014-02-13 00:55 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-25 03:29 - 2011-12-31 20:16 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-24 20:31 - 2014-04-24 20:31 - 00000452 _____ () C:\Users\Senel\Bundesliga..txt
2014-04-24 20:31 - 2011-12-29 20:31 - 00000000 ____D () C:\Users\Senel
2014-04-24 20:22 - 2014-04-22 16:10 - 00003416 _____ () C:\Windows\setupact.log
2014-04-24 20:22 - 2012-04-08 02:45 - 00000435 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-24 15:35 - 2013-10-25 19:08 - 00000000 ____D () C:\Users\Senel\AppData\Roaming\TS3Client
2014-04-24 14:36 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-24 14:36 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-24 14:33 - 2011-04-12 09:43 - 00710046 _____ () C:\Windows\system32\perfh007.dat
2014-04-24 14:33 - 2011-04-12 09:43 - 00154482 _____ () C:\Windows\system32\perfc007.dat
2014-04-24 14:33 - 2009-07-14 07:13 - 01650084 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-24 14:29 - 2013-07-18 01:23 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-04-24 14:29 - 2012-01-16 17:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-24 14:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-24 14:28 - 2014-04-23 10:56 - 00009962 _____ () C:\Windows\PFRO.log
2014-04-23 13:34 - 2013-01-03 14:18 - 00000000 ____D () C:\Users\Senel\Desktop\Kadir
2014-04-23 10:59 - 2014-04-01 11:50 - 00000000 ____D () C:\Fraps
2014-04-23 10:46 - 2012-01-04 20:27 - 00000000 ____D () C:\Users\Senel\AppData\Local\Sony
2014-04-23 10:42 - 2012-08-22 03:53 - 00000000 ____D () C:\Users\Senel\AppData\Local\Unity
2014-04-23 10:40 - 2014-04-22 20:10 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-04-23 10:31 - 2013-12-29 18:03 - 00000000 ____D () C:\Users\Senel\AppData\Local\genienext
2014-04-23 10:26 - 2013-12-29 22:45 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-04-23 10:22 - 2014-03-04 12:54 - 00000000 ____D () C:\Users\Senel\AppData\Local\PMB Files
2014-04-23 10:22 - 2014-03-04 12:54 - 00000000 ____D () C:\ProgramData\PMB Files
2014-04-23 09:53 - 2014-04-23 09:49 - 00000000 ___HD () C:\Users\Senel\AppData\Local\Pvyjq
2014-04-23 09:52 - 2014-04-23 09:51 - 00300104 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-22 20:14 - 2014-04-22 20:14 - 00064624 _____ () C:\Users\Senel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-22 20:13 - 2014-04-22 20:12 - 00018473 _____ () C:\Windows\DirectX.log
2014-04-22 16:10 - 2014-04-22 16:10 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-22 00:09 - 2013-08-10 11:27 - 00000000 ____D () C:\Users\Administrator
2014-04-22 00:09 - 2013-08-04 15:25 - 00000000 ____D () C:\Users\Ridi
2014-04-21 01:30 - 2014-03-21 20:44 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-04-19 23:34 - 2014-04-19 23:34 - 00000000 ____D () C:\Riot Games
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-13 10:45 - 2014-04-13 10:45 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG
2014-04-13 10:41 - 2014-04-13 10:41 - 00000000 ____D () C:\Users\Administrator\AppData\Local\AVG SafeGuard toolbar
2014-04-13 10:40 - 2014-04-13 10:40 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG2014
2014-04-13 10:40 - 2014-04-13 10:40 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Avg2014
2014-04-12 15:33 - 2013-12-02 02:16 - 00000193 _____ () C:\Users\Senel\Videos\Documents\ads.txt
2014-04-11 09:33 - 2011-12-31 20:16 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-11 09:33 - 2011-12-31 20:16 - 00003862 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-10 21:18 - 2014-04-10 21:18 - 00000000 ____D () C:\Users\Senel\AppData\Local\dumps
2014-04-10 20:06 - 2014-04-10 20:06 - 00000000 ____D () C:\CFLog
2014-04-10 19:35 - 2014-04-10 19:35 - 00000000 ____D () C:\Program Files (x86)\Z8Games
2014-04-10 19:20 - 2014-04-10 19:20 - 00000178 _____ () C:\console.log
2014-04-10 18:43 - 2014-02-04 04:37 - 00003696 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-04-10 11:35 - 2013-09-17 03:03 - 00002367 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-09 14:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-09 03:04 - 2012-10-03 14:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 03:03 - 2013-07-12 01:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 03:01 - 2011-12-29 20:51 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-07 19:09 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-04 20:49 - 2013-08-05 15:20 - 00000089 _____ () C:\Users\Senel\Videos\Documents\.......txt
2014-04-03 03:54 - 2012-01-04 20:26 - 00000000 ____D () C:\Users\Senel\AppData\Roaming\Sony
2014-04-01 11:42 - 2014-04-01 11:42 - 00002676 _____ () C:\Users\Senel\Videos\Documents\Vegas Pro registrieren.htm
2014-04-01 11:30 - 2014-04-01 11:30 - 00000000 ____D () C:\Program Files\Sony
2014-04-01 11:30 - 2014-04-01 11:30 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-03-31 16:20 - 2014-03-31 16:20 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-03-31 03:16 - 2014-04-08 21:58 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-08 21:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-08 21:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-08 21:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-30 00:48 - 2013-08-04 15:26 - 00000000 ____D () C:\Users\Ridi\AppData\Local\VirtualStore
2014-03-30 00:15 - 2014-03-30 00:15 - 00000000 ____D () C:\Users\Ridi\AppData\Roaming\AVG
2014-03-30 00:11 - 2014-03-30 00:11 - 00000000 ____D () C:\Users\Ridi\AppData\Local\AVG SafeGuard toolbar
2014-03-30 00:10 - 2014-03-30 00:10 - 00000000 ____D () C:\Users\Ridi\AppData\Roaming\AVG2014
2014-03-30 00:10 - 2014-03-30 00:10 - 00000000 ____D () C:\Users\Ridi\AppData\Local\Avg2014
2014-03-27 22:14 - 2014-03-27 22:14 - 00192792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-03-27 22:14 - 2014-03-27 22:14 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-03-27 22:07 - 2014-03-27 22:07 - 00236824 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-03-27 22:05 - 2014-03-27 22:05 - 00324376 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-03-27 22:03 - 2014-03-27 22:03 - 00032536 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-03-26 19:25 - 2014-03-26 19:25 - 00000053 _____ () C:\Users\Senel\dasdsdsad.txt
2014-03-26 16:30 - 2014-03-26 16:30 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-03-26 16:30 - 2014-03-26 16:30 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab

Files to move or delete:
====================
C:\ProgramData\libcurl.dll
C:\ProgramData\pthreadGC2.dll
C:\ProgramData\ras_0oed.pad
C:\ProgramData\zlib1.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-23 04:54

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-04-2014 01
Ran by Senel at 2014-04-25 18:04:44
Running from C:\Users\Senel\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4570 - AVG Technologies)
AVG 2014 (Version: 14.0.3920 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4336 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4570 - AVG Technologies) Hidden
AVG PC TuneUp 2014 (de-DE) (x32 Version: 14.0.1001.295 - AVG) Hidden
AVG PC TuneUp 2014 (HKLM-x32\...\AVG PC TuneUp) (Version: 14.0.1001.295 - AVG)
AVG PC TuneUp 2014 (x32 Version: 14.0.1001.295 - AVG) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.0.5.292 - AVG Technologies)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CreativeProjects (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
CreativeProjectsTemplates (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
CueTour (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINT_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version:  - Microsoft)
Destinations (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
Director (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HP Image Zone 4.0 (HKLM-x32\...\HP Photo & Imaging) (Version: 4.0 - HP)
HP Software Update (HKLM-x32\...\{457791C5-D702-4143-A7B2-2744BE9573F2}) (Version: 2.0.39.20040212 - Hewlett-Packard)
HPSystemDiagnostics (x32 Version: 1.5.0.0 - Your Company Name) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Iminent (x32 Version: 5.45.21.0 - Iminent) Hidden <==== ATTENTION
InstantShare (x32 Version: 4.0.0.40 - Hewlett-Packard) Hidden
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 German Language Pack (HKLM-x32\...\{E78BFA60-5393-4C38-82AB-E8019E464EB4}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft PowerPoint 2010 (HKLM-x32\...\Office14.POWERPOINT) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nexon Game Manager (HKLM-x32\...\{289AC7E0-0AEE-4a7b-913C-709D9803D23E}) (Version:  - )
nProtect Security Platform (x32 Version: 3.00.0000 - INCAInternet) Hidden
NVIDIA 3D Vision Controller Driver (x32 Version: 276.42 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller-Treiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.90 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 310.90 - NVIDIA Corporation)
NVIDIA Grafiktreiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.95.599 - NVIDIA Corporation) Hidden
NVIDIA nView 136.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.53 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (Version: 6.14.10.1362 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1090 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 310.90 (Version: 310.90 - NVIDIA Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PhotoGallery (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
PrintScreen (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
QFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
QuickProjects (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINT_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SkinsHP1 (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TrayApp (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
Unload (x32 Version: 4.0.0 - Hewlett-Packard) Hidden
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINT_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINT_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINT_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINT_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINT_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINT_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINT_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINT_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINT_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.POWERPOINT_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.POWERPOINT_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.POWERPOINT_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINT_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINT_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.POWERPOINT_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebReg (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

19-04-2014 21:33:40 Installed League of Legends
19-04-2014 21:34:42 DirectX wurde installiert
20-04-2014 06:16:26 Removed MSXML 4.0 SP2 (KB973688)
20-04-2014 17:00:12 Windows-Sicherung
22-04-2014 18:11:51 DirectX wurde installiert
23-04-2014 08:24:56 Removed League of Legends
23-04-2014 08:45:25 Removed Vegas Pro 11.0 (64-bit)
24-04-2014 12:25:06 Windows Live Essentials
24-04-2014 12:25:31 WLSetup

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0DFA5BB5-7BF6-4652-AA01-6A6EE128208B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31] (Google Inc.)
Task: {2C649BBB-8F1A-4A8E-ADFA-BCB22BBA63A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31] (Google Inc.)
Task: {2F067166-C136-4202-BFDB-E9612859CE39} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {3D9C33A8-26AA-4940-9FA9-C88B6B6D1726} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {59AB0E13-31B9-4353-A2BA-47094D486F7A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1969415253-1381297592-3536760822-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {5BD29E73-C7ED-4BEC-8DE3-145711267CB9} - System32\Tasks\{CA3B60D0-8636-465C-8E84-1261645DE5D5} => D:\Setup.exe
Task: {61B08E38-D8E2-4343-99EF-DE4AF7843846} - System32\Tasks\{8C1D8C6E-B790-403A-ABBE-3FA514918866} => D:\Setup.exe
Task: {6D31C775-2EFA-4196-8AD6-B0FC8F458381} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {867720AE-D0CA-4F92-BE73-146BC8838A3F} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2013-12-18] (AVG)
Task: {94A28B59-A0E0-4C27-845F-3F6C315F327B} - System32\Tasks\{9C5D2035-F037-4677-9772-0E790413528C} => D:\Setup.exe
Task: {9590E4F2-DA5B-47DB-9D8C-2C3649DA0053} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {A60BDBDD-BB01-4611-A6C5-2AAE79BC4FAB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1969415253-1381297592-3536760822-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {B55B2DF3-E450-4DB8-88BE-A00AEEA1974A} - System32\Tasks\{BD123B87-AD7C-46E1-814A-39B487245FE1} => C:\Users\Senel\Desktop\Client\metin2client.exe
Task: {C6F33BC1-94CF-4C49-BFFC-54EF16AFA154} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D4185CBA-681D-460A-9F94-1874302BBB00} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2004-02-12] (Hewlett-Packard Company)
Task: {D96EBF5C-F2CB-4D40-9D93-32CEE2444F4F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {E7024D38-1C71-4148-ADC1-F22409263FB4} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {F558F417-6A0C-41AB-A420-F9AFDDA6AB55} - System32\Tasks\{C0AC2858-52EA-4ACC-9FC8-D893CE3A8931} => C:\Users\Senel\Desktop\Client\metin2client.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-11-18 05:59 - 2012-12-29 10:40 - 00087480 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-11-19 06:01 - 2009-11-19 06:01 - 00022016 _____ () C:\Windows\System32\sugw2l6.dll
2013-12-18 10:38 - 2013-12-18 10:38 - 00742200 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2014-03-22 21:43 - 2014-03-22 21:42 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\loggingserver.exe
2012-01-16 17:46 - 2012-12-29 12:34 - 00380776 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-22 21:43 - 2014-03-22 21:42 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\log4cplusU.dll
2014-03-21 20:44 - 2014-03-22 21:42 - 01603608 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll
2014-04-10 11:35 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-04-10 11:35 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-10 11:35 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-10 11:35 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-10 11:35 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-10 11:35 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
2014-04-10 11:35 - 2014-04-02 03:58 - 13691720 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
2014-04-09 12:04 - 2013-11-30 22:47 - 00349696 _____ () C:\Users\Senel\Desktop\Hardcore-RELOADED\bin\mss32.dll
2014-04-09 12:05 - 2013-12-25 01:57 - 00202240 _____ () C:\Users\Senel\Desktop\Hardcore-RELOADED\bin\SpeedTreeRT.dll
2014-04-09 12:04 - 2012-03-02 14:14 - 00125952 _____ () C:\Users\Senel\Desktop\Hardcore-RELOADED\bin\miles\mssmp3.asi
2014-04-09 12:04 - 2012-03-02 14:14 - 00197120 _____ () C:\Users\Senel\Desktop\Hardcore-RELOADED\bin\miles\mssvoice.asi
2014-04-09 12:04 - 2012-03-02 14:14 - 00083456 _____ () C:\Users\Senel\Desktop\Hardcore-RELOADED\bin\miles\mssa3d.m3d
2014-04-09 12:04 - 2012-03-02 14:14 - 00070656 _____ () C:\Users\Senel\Desktop\Hardcore-RELOADED\bin\miles\mssds3d.m3d
2014-04-09 12:04 - 2012-03-02 14:14 - 00080896 _____ () C:\Users\Senel\Desktop\Hardcore-RELOADED\bin\miles\mssdx7.m3d
2014-04-09 12:04 - 2012-03-02 14:14 - 00103424 _____ () C:\Users\Senel\Desktop\Hardcore-RELOADED\bin\miles\msseax.m3d
2014-04-09 12:04 - 2012-03-02 14:14 - 00354816 _____ () C:\Users\Senel\Desktop\Hardcore-RELOADED\bin\miles\mssrsx.m3d
2014-04-09 12:04 - 2012-03-02 14:14 - 00067072 _____ () C:\Users\Senel\Desktop\Hardcore-RELOADED\bin\miles\msssoft.m3d
2014-04-09 12:04 - 2012-03-02 14:14 - 00093696 _____ () C:\Users\Senel\Desktop\Hardcore-RELOADED\bin\miles\mssdsp.flt

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: nProtect Firewall Core Driver
Description: nProtect Firewall Core Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: TKFWFV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/25/2014 09:46:46 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: SA_Error1709: StandardAction(0xC00706AD): Produkt: AVG 2014 -- Fehler 1706. SA_Error1706: StandardAction(0xC00706AA): Für das Produkt 'AVG 2014' wurde kein Installationspaket gefunden. Wiederholen Sie die Installation mit einer gültigen Kopie des Installationspakets „Avgx64.msi“.

Error: (04/24/2014 07:39:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5039

Error: (04/24/2014 07:39:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5039

Error: (04/24/2014 07:39:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/24/2014 07:39:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4025

Error: (04/24/2014 07:39:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4025

Error: (04/24/2014 07:39:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/24/2014 07:38:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3027

Error: (04/24/2014 07:38:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3027

Error: (04/24/2014 07:38:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (04/25/2014 05:28:33 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536753635.

Error: (04/25/2014 05:28:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536753635.

Error: (04/25/2014 05:28:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536753635.

Error: (04/25/2014 05:28:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536753635.

Error: (04/25/2014 05:28:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536753635.

Error: (04/25/2014 05:28:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536753635.

Error: (04/25/2014 05:28:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536753635.

Error: (04/25/2014 05:28:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536753635.

Error: (04/25/2014 05:28:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536753635.

Error: (04/25/2014 05:28:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536753635.


Microsoft Office Sessions:
=========================
Error: (04/25/2014 09:46:46 AM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: SA_Error1709: StandardAction(0xC00706AD): Produkt: AVG 2014 -- Fehler 1706. SA_Error1706: StandardAction(0xC00706AA): Für das Produkt 'AVG 2014' wurde kein Installationspaket gefunden. Wiederholen Sie die Installation mit einer gültigen Kopie des Installationspakets „Avgx64.msi“.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/24/2014 07:39:01 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5039

Error: (04/24/2014 07:39:01 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5039

Error: (04/24/2014 07:39:01 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/24/2014 07:39:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4025

Error: (04/24/2014 07:39:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4025

Error: (04/24/2014 07:39:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/24/2014 07:38:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3027

Error: (04/24/2014 07:38:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3027

Error: (04/24/2014 07:38:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2013-08-26 12:40:43.424
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Senel\Downloads\64Bit Injector\Injector.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-26 12:40:43.377
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Senel\Downloads\64Bit Injector\Injector.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-26 12:40:39.474
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Senel\Downloads\64Bit Injector\Injector.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-26 12:40:39.427
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Senel\Downloads\64Bit Injector\Injector.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-01-13 01:01:55.860
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-01-13 01:01:55.768
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-01-13 01:01:27.629
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-01-13 01:01:27.532
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-09-19 22:34:46.070
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-09-19 22:34:46.052
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 45%
Total physical RAM: 4093.66 MB
Available physical RAM: 2231.4 MB
Total Pagefile: 8185.49 MB
Available Pagefile: 5938.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.83 GB) (Free:147.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: B7E26B95)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================
So hab das erste ist die FRST Text datei das zweite die Addition

schrauber 26.04.2014 18:50
Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

xRidi57 27.04.2014 07:19
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org


Protection, 27.04.2014 05:10:05, SYSTEM, SENEL-PC, Protection, Malware Protection, Starting,
Protection, 27.04.2014 05:10:05, SYSTEM, SENEL-PC, Protection, Malware Protection, Started,
Protection, 27.04.2014 05:10:05, SYSTEM, SENEL-PC, Protection, Malicious Website Protection, Starting,
Protection, 27.04.2014 05:10:09, SYSTEM, SENEL-PC, Protection, Malicious Website Protection, Started,
Update, 27.04.2014 05:10:35, SYSTEM, SENEL-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 27.04.2014 05:10:44, SYSTEM, SENEL-PC, Manual, Malware Database, 2014.3.4.9, 2014.4.27.1,
Update, 27.04.2014 05:10:50, SYSTEM, SENEL-PC, Manual, program, 2.0.0.1000, 2.0.1.1004,
Protection, 27.04.2014 05:11:20, SYSTEM, SENEL-PC, Protection, Malicious Website Protection, Stopping,
Protection, 27.04.2014 05:11:20, SYSTEM, SENEL-PC, Protection, Malicious Website Protection, Stopped,
Protection, 27.04.2014 05:11:20, SYSTEM, SENEL-PC, Protection, Malware Protection, Stopping,
Protection, 27.04.2014 05:11:21, SYSTEM, SENEL-PC, Protection, Malware Protection, Stopped,
Protection, 27.04.2014 05:11:35, SYSTEM, SENEL-PC, Protection, Malware Protection, Starting,
Protection, 27.04.2014 05:11:35, SYSTEM, SENEL-PC, Protection, Malware Protection, Started,
Protection, 27.04.2014 05:11:35, SYSTEM, SENEL-PC, Protection, Malicious Website Protection, Starting,
Protection, 27.04.2014 05:11:35, SYSTEM, SENEL-PC, Protection, Malicious Website Protection, Started,
Update, 27.04.2014 05:11:39, SYSTEM, SENEL-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 27.04.2014 05:11:43, SYSTEM, SENEL-PC, Manual, Malware Database, 2014.3.4.9, 2014.4.27.1,
Protection, 27.04.2014 05:11:44, SYSTEM, SENEL-PC, Protection, Refresh, Starting,
Protection, 27.04.2014 05:11:44, SYSTEM, SENEL-PC, Protection, Malicious Website Protection, Stopping,
Protection, 27.04.2014 05:11:44, SYSTEM, SENEL-PC, Protection, Malicious Website Protection, Stopped,
Protection, 27.04.2014 05:11:49, SYSTEM, SENEL-PC, Protection, Refresh, Success,
Protection, 27.04.2014 05:11:49, SYSTEM, SENEL-PC, Protection, Malicious Website Protection, Starting,
Protection, 27.04.2014 05:11:49, SYSTEM, SENEL-PC, Protection, Malicious Website Protection, Started,
Detection, 27.04.2014 05:16:46, SYSTEM, SENEL-PC, Protection, Malware Protection, File, PUP.Optional.NewTab.A, C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx, Quarantine, [cd804ce3e5967db920356022ed15f40c]
Detection, 27.04.2014 05:42:18, SYSTEM, SENEL-PC, Protection, Malicious Website Protection, IP, 173.193.227.115, creoads.com, 55830, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
Detection, 27.04.2014 05:42:18, SYSTEM, SENEL-PC, Protection, Malicious Website Protection, IP, 173.193.227.115, creoads.com, 55830, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
Detection, 27.04.2014 05:42:19, SYSTEM, SENEL-PC, Protection, Malicious Website Protection, IP, 173.193.227.115, creoads.com, 55833, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
Protection, 27.04.2014 06:50:42, SYSTEM, SENEL-PC, Protection, Malware Protection, Starting,
Protection, 27.04.2014 06:50:42, SYSTEM, SENEL-PC, Protection, Malware Protection, Started,
Protection, 27.04.2014 06:50:43, SYSTEM, SENEL-PC, Protection, Malicious Website Protection, Starting,
Protection, 27.04.2014 06:51:20, SYSTEM, SENEL-PC, Protection, Malicious Website Protection, Started,

(end)
Code:
# AdwCleaner v3.204 - Bericht erstellt am 27/04/2014 um 07:13:02
# Aktualisiert 26/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Senel - SENEL-PC
# Gestartet von : C:\Users\Senel\Desktop\Programme\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\Systweak Support Dock
Ordner Gelöscht : C:\Program Files (x86)\WinZip Registry Optimizer
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gelöscht : C:\Windows\SysWOW64\AI_RecycleBin
Ordner Gelöscht : C:\Users\Administrator\AppData\LocalLow\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Users\Ridi\AppData\LocalLow\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Users\Senel\AppData\Local\apn
Ordner Gelöscht : C:\Users\Senel\AppData\Local\b1e
Ordner Gelöscht : C:\Users\Senel\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Senel\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Senel\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Users\Senel\AppData\Local\lollipop
Ordner Gelöscht : C:\Users\Senel\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Senel\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Senel\AppData\Local\PutLockerDownloader
Ordner Gelöscht : C:\Users\Senel\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Senel\AppData\LocalLow\DataMngr
Ordner Gelöscht : C:\Users\Senel\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Senel\AppData\LocalLow\FoxTab
Ordner Gelöscht : C:\Users\Senel\AppData\LocalLow\ilividtoolbarguid
Ordner Gelöscht : C:\Users\Senel\AppData\LocalLow\incredibar.com
Ordner Gelöscht : C:\Users\Senel\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Senel\AppData\LocalLow\searchquband
Ordner Gelöscht : C:\Users\Senel\AppData\LocalLow\searchresultstb
Ordner Gelöscht : C:\Users\Senel\AppData\Roaming\adawaretb
Ordner Gelöscht : C:\Users\Senel\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Senel\AppData\Roaming\blekko
Ordner Gelöscht : C:\Users\Senel\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\Senel\AppData\Roaming\iWin
Ordner Gelöscht : C:\Users\Senel\AppData\Roaming\OCS
Ordner Gelöscht : C:\Users\Senel\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Senel\AppData\Roaming\searchquband
Ordner Gelöscht : C:\Users\Senel\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Ordner Gelöscht : C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hahpjplbmicfkmoccokbjejahjjpnena
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Ordner Gelöscht : C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn
[!] Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
[!] Ordner Gelöscht : C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Senel\AppData\Local\Temp\Uninstall.exe
Datei Gelöscht : C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
Datei Gelöscht : C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\Profiles\p8bg8o9l.default\user.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\user.js

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Senel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Senel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Senel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Senel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Senel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Senel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aiennapmieppnpfhhogglccgepbdajan
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Movie2KDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_samsung-kies_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_samsung-kies_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{50F7F0BE-31BA-4145-BD8B-6B0DECFED804}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{75E8DA27-44AF-40AE-927C-F2EEC99D65B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFF6B2CA-366C-4A90-B685-D87776DEB0D2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\APN DTX
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\distromatic
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\ilividtoolbarguid
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\InstalledThirdPartyPrograms
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ilividtoolbarguid
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\searchqutoolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\iLividSRTB
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DataMngr
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Speedchecker Limited

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v

[ Datei : C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "AVG Secure Search");

[ Datei : C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\Profiles\p8bg8o9l.default\prefs.js ]


-\\ Google Chrome v34.0.1847.116

[ Datei : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Ridi\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

[ Datei : C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://www.awesomehp.com/web/?type=ds&ts=1391479063&from=epom2&uid=ST3250310AS_6RYCW312XXXX6RYCW312&q={searchTerms}

*************************

AdwCleaner[R0].txt - [26823 octets] - [27/04/2014 07:12:19]
AdwCleaner[S0].txt - [23635 octets] - [27/04/2014 07:13:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23696 octets] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Senel on 27.04.2014 at  7:18:48,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasdlg
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\foxydeal_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\foxydeal_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetupV1 (1)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetupV1 (1)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetupV1 (1)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetupV1 (1)_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\browser manager"
Successfully deleted: [Folder] "C:\ProgramData\installbrainservice"
Successfully deleted: [Folder] "C:\ProgramData\sweetim"
Successfully deleted: [Folder] "C:\ProgramData\wincert"
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{0337BA18-CC17-478A-B591-A7BFCD1C6CB3}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{0ECD913B-5653-4B7A-ADB9-B694C7B8B72B}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{0F7DF3BD-FE28-49EB-A8EC-BA5195FFDE28}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{1FCBC7A9-799F-47CB-AF0B-889C4FA550FB}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{2607C313-799F-46B9-BA44-E784E07A8749}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{3737E677-9ED1-4064-B401-372DC0839927}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{4327ABDA-5AC5-4EBF-8EF4-E02EB0774151}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{59FAC615-7E4F-4889-966C-3BDEF26BE300}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{5DE52149-E36E-4DEC-B229-5BED7144755A}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{63DC9255-7DA1-4BDC-8681-9AFE8DCF532E}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{7026B23B-8349-4C8A-95C4-F065BC59AE2F}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{70A06BC0-198A-4BC8-84F8-FA0E855DDCEA}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{7360A264-1DD7-4FEB-8D42-1E05D653D353}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{75CF96F5-1D91-4D1D-AA87-299398ABFB2D}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{849A314C-CF32-4856-B601-81E06641C679}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{87B8C2AC-9FA6-4621-A5F7-EA4DE6B7752F}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{91C94504-D0F1-412A-9999-3319ED8AD819}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{9265967C-2705-4280-8075-B6105445AEBC}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{9C6D602C-EB1E-4383-B0FB-B778D6B06AC9}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{9CDF6258-2DBB-481D-8693-6DA132626B10}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{A46794CA-B90E-400B-868E-6149EE17065C}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{A48C8C5A-EEEB-48A9-8775-2DA0F89F4AD4}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{AE0647FD-CC38-4349-B7C7-00A0CB298951}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{B0B224E1-0806-4758-81B3-C336C9BB76B5}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{B45149F7-BA1F-47F3-8382-DCC609E838DC}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{B635F96D-F727-41D8-BC5C-5AEABA37D7DE}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{C3DD8984-17E3-493B-B913-3270362B1C71}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{CC44B993-FA41-44EB-B7C8-AC727F962D74}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{E1C65F5B-9E1B-4EA7-BCE8-26283DA1D88C}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{E23374E2-8D12-4182-88EB-6E13F61C3E00}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{F48DC156-6793-4E2C-9E59-9F6B875B4E38}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{FDBF6662-F155-4CAA-BB6A-D8EBD24719F2}
Successfully deleted: [Empty Folder] C:\Users\Senel\appdata\local\{FF1360C3-3D17-44CF-A783-F9F46BADACE7}



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Senel\appdata\local\Google\Chrome\User Data\Default\Extensions\hahpjplbmicfkmoccokbjejahjjpnena
Successfully deleted: [Folder] C:\Users\Senel\appdata\local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.04.2014 at  7:27:13,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2014 03
Ran by Senel (administrator) on SENEL-PC on 27-04-2014 08:09:50
Running from C:\Users\Senel\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2041192 2012-12-29] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-1969415253-1381297592-3536760822-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1969415253-1381297592-3536760822-1000\...\Run: [ccleaner] => C:\Program Files\Portable\CCleaner Professional 64-bit v3.26.1888\CCleaner64.exe [5628848 2012-12-19] (Piriform Ltd)
HKU\S-1-5-21-1969415253-1381297592-3536760822-1000\...\MountPoints2: {80d41f16-b3df-11e2-9b7b-00219b3b5af3} - E:\Startme.exe
HKU\S-1-5-21-1969415253-1381297592-3536760822-1000\...\MountPoints2: {fbacd5fe-90ac-11e1-8294-00219b3b5af3} - E:\iStudio.exe
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => "C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL" File Not Found
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\icloud.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\icloudweb.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\shellstreamsshortcut.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\digital imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB312C1B358C6CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FoxTab - {4DF4AC8C-FFA8-40FF-91F0-EB8389314B78} - C:\Users\Senel\AppData\LocalLow\FoxTab\IE\FoxTab.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - !{c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
Toolbar: HKLM-x32 - No Name - !{c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} -  No File
Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File
Toolbar: HKCU - No Name - {5786D022-540E-4699-B350-B4BE0AE94B79} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\Profiles\p8bg8o9l.default
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\Profiles\p8bg8o9l.default\searchplugins\improvedsearch.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\Profiles\p8bg8o9l.default\Extensions\ich@maltegoetz.de [2013-03-16]
FF Extension: No Name - C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2012-12-24]
FF Extension: No Name - C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2013-03-16]
FF Extension: Movie2kDownloader - C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\

Chrome:
=======
CHR Extension: (ProxTube) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-10-25]
CHR Extension: (Docs) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-28]
CHR Extension: (Google Drive) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-28]
CHR Extension: (No Name) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb [2013-05-12]
CHR Extension: (YouTube) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-28]
CHR Extension: (Google Search) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-28]
CHR Extension: (No Name) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehjkfdmkpocpileolmldepapdjbfegei [2013-12-24]
CHR Extension: (No Name) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga [2012-12-20]
CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2012-09-17]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-25]
CHR Extension: (FoxTab) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pailhpppfllmijejfccffanaigjphjnb [2013-10-25]
CHR Extension: (Gmail) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-28]
CHR HKCU\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\Senel\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [2013-05-06]
CHR HKCU\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\Senel\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx [2012-12-01]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2012-12-01]
CHR HKLM-x32\...\Chrome\Extension: [aakchaleigkohafkfjfjbblobjifikek] - C:\Users\Senel\AppData\LocalLow\proxtube\CHROME\proxtube.crx [2012-04-19]
CHR HKLM-x32\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\Senel\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [2013-05-06]
CHR HKLM-x32\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\Senel\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx [2012-12-01]
CHR HKLM-x32\...\Chrome\Extension: [pailhpppfllmijejfccffanaigjphjnb] - C:\Users\Senel\AppData\LocalLow\FoxTab\CHROME\FoxTab.crx [2012-12-01]

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4467488 2013-05-29] (INCA Internet Co., Ltd.)
S3 Pml Driver HPZ12; C:\Windows\SysWOW64\HPZipm12.exe [65536 2004-03-18] (HP)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2102072 2013-12-18] (AVG)
S3 xsherlock; C:\Windows\SysWOW64\xsherlock.xem [666720 2012-12-20] (Wellbia.com Co., Ltd.)

==================== Drivers (Whitelisted) ====================

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
S3 REN2CAP_DRIVER; C:\Windows\System32\drivers\ren2cap.sys [46728 2011-11-07] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-08-16] (Duplex Secure Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
S3 TKCtrl; \??\C:\Windows\system32\TKCtrl2k64.sys [X]
S3 TKFsAvM; \??\C:\Windows\system32\TKFsAv64.sys [X]
S3 TKFsFtM; \??\C:\Windows\system32\TKFsFt64.sys [X]
S1 TKFWFV; system32\TKFWFV64.sys [X]
S3 TKFWVT; \??\C:\Windows\system32\TKFWVT64.sys [X]
S3 TkIdsVt; \??\C:\Windows\system32\TkIdsVt64.sys [X]
S3 TKPcFt; \??\C:\Windows\system32\TKPcFtCb64.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-27 08:09 - 2014-04-27 08:09 - 00000000 ____D () C:\Users\Senel\Downloads\FRST-OlderVersion
2014-04-27 07:27 - 2014-04-27 07:27 - 00006189 _____ () C:\Users\Senel\Desktop\JRT.txt
2014-04-27 07:18 - 2014-04-27 07:18 - 00000000 ____D () C:\Windows\ERUNT
2014-04-27 07:17 - 2014-04-27 07:17 - 01016261 _____ (Thisisu) C:\Users\Senel\Downloads\JRT.exe
2014-04-27 07:15 - 2014-04-27 07:15 - 00023821 _____ () C:\Users\Senel\Desktop\AdwCleaner[S0].txt
2014-04-27 07:12 - 2014-04-27 07:13 - 00000000 ____D () C:\AdwCleaner
2014-04-27 07:12 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-04-27 06:59 - 2014-04-27 06:59 - 00003592 _____ () C:\Users\Senel\Desktop\mbam.txt
2014-04-27 06:58 - 2014-04-27 06:58 - 00064624 _____ () C:\Users\Senel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-27 06:50 - 2014-04-27 07:14 - 00000112 _____ () C:\Windows\setupact.log
2014-04-27 06:50 - 2014-04-27 06:50 - 00300104 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-27 06:50 - 2014-04-27 06:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-27 06:49 - 2014-04-27 07:14 - 00001408 _____ () C:\Windows\PFRO.log
2014-04-27 05:10 - 2014-04-27 07:15 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-27 05:09 - 2014-04-27 05:11 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-27 05:09 - 2014-04-27 05:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-27 05:09 - 2014-04-27 05:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-27 05:09 - 2014-04-27 05:09 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Senel\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-27 05:09 - 2014-04-27 05:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-27 05:09 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-27 05:09 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-27 05:09 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-27 04:50 - 2014-04-27 04:50 - 00001268 _____ () C:\Users\Senel\Desktop\Revo Uninstaller.lnk
2014-04-27 04:50 - 2014-04-27 04:50 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-27 04:49 - 2014-04-27 04:49 - 02617648 _____ (VS Revo Group Ltd.) C:\Users\Senel\Downloads\revosetup194.exe
2014-04-25 18:04 - 2014-04-27 08:10 - 00016013 _____ () C:\Users\Senel\Downloads\FRST.txt
2014-04-25 18:04 - 2014-04-25 18:05 - 00037888 _____ () C:\Users\Senel\Downloads\Addition.txt
2014-04-25 18:03 - 2014-04-27 08:09 - 02061824 _____ (Farbar) C:\Users\Senel\Downloads\FRST64.exe
2014-04-25 18:03 - 2014-04-27 08:09 - 00000000 ____D () C:\FRST
2014-04-23 09:49 - 2014-04-23 09:53 - 00000000 ___HD () C:\Users\Senel\AppData\Local\Pvyjq
2014-04-22 20:10 - 2014-04-23 10:40 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-13 10:45 - 2014-04-13 10:45 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG
2014-04-13 10:40 - 2014-04-13 10:40 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG2014
2014-04-13 10:40 - 2014-04-13 10:40 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Avg2014
2014-04-10 21:18 - 2014-04-10 21:18 - 00000000 ____D () C:\Users\Senel\AppData\Local\dumps
2014-04-10 19:20 - 2014-04-10 19:20 - 00000178 _____ () C:\console.log
2014-04-09 12:04 - 2013-12-25 03:22 - 00000000 ____D () C:\Users\Senel\Desktop\Hardcore-RELOADED
2014-04-08 21:58 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-08 21:57 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-08 21:57 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-08 21:57 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-08 21:54 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-08 21:54 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-08 21:54 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-08 21:54 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-08 21:54 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-08 21:54 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-08 21:54 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-08 21:54 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-08 21:54 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-08 21:54 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-08 21:54 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-08 21:54 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-08 21:54 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-08 21:54 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-08 21:54 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-08 21:54 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-08 21:54 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-07 19:01 - 2011-11-07 16:18 - 00046728 _____ () C:\Windows\system32\Drivers\ren2cap.sys
2014-04-01 11:30 - 2014-04-01 11:30 - 00000000 ____D () C:\Program Files\Sony
2014-04-01 11:30 - 2014-04-01 11:30 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-04-01 08:06 - 2014-04-25 09:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-03-31 16:20 - 2014-03-31 16:20 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-03-30 00:15 - 2014-03-30 00:15 - 00000000 ____D () C:\Users\Ridi\AppData\Roaming\AVG
2014-03-30 00:10 - 2014-03-30 00:10 - 00000000 ____D () C:\Users\Ridi\AppData\Roaming\AVG2014
2014-03-30 00:10 - 2014-03-30 00:10 - 00000000 ____D () C:\Users\Ridi\AppData\Local\Avg2014

==================== One Month Modified Files and Folders =======

2014-04-27 08:10 - 2014-04-25 18:04 - 00016013 _____ () C:\Users\Senel\Downloads\FRST.txt
2014-04-27 08:09 - 2014-04-27 08:09 - 00000000 ____D () C:\Users\Senel\Downloads\FRST-OlderVersion
2014-04-27 08:09 - 2014-04-25 18:03 - 02061824 _____ (Farbar) C:\Users\Senel\Downloads\FRST64.exe
2014-04-27 08:09 - 2014-04-25 18:03 - 00000000 ____D () C:\FRST
2014-04-27 07:29 - 2011-12-31 20:16 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-27 07:27 - 2014-04-27 07:27 - 00006189 _____ () C:\Users\Senel\Desktop\JRT.txt
2014-04-27 07:21 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-27 07:21 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-27 07:19 - 2011-04-12 09:43 - 00710046 _____ () C:\Windows\system32\perfh007.dat
2014-04-27 07:19 - 2011-04-12 09:43 - 00154482 _____ () C:\Windows\system32\perfc007.dat
2014-04-27 07:19 - 2009-07-14 07:13 - 01650084 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-27 07:18 - 2014-04-27 07:18 - 00000000 ____D () C:\Windows\ERUNT
2014-04-27 07:17 - 2014-04-27 07:17 - 01016261 _____ (Thisisu) C:\Users\Senel\Downloads\JRT.exe
2014-04-27 07:15 - 2014-04-27 07:15 - 00023821 _____ () C:\Users\Senel\Desktop\AdwCleaner[S0].txt
2014-04-27 07:15 - 2014-04-27 05:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-27 07:15 - 2011-12-31 20:16 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-27 07:14 - 2014-04-27 06:50 - 00000112 _____ () C:\Windows\setupact.log
2014-04-27 07:14 - 2014-04-27 06:49 - 00001408 _____ () C:\Windows\PFRO.log
2014-04-27 07:14 - 2013-07-18 01:23 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-04-27 07:14 - 2012-04-08 02:45 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-27 07:14 - 2012-01-16 17:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-27 07:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-27 07:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-04-27 07:13 - 2014-04-27 07:12 - 00000000 ____D () C:\AdwCleaner
2014-04-27 07:13 - 2014-03-07 14:35 - 01129455 _____ () C:\Windows\WindowsUpdate.log
2014-04-27 07:13 - 2013-09-17 03:03 - 00001282 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-27 07:13 - 2013-09-17 03:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-27 07:13 - 2012-01-08 12:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-27 07:13 - 2011-12-29 20:31 - 00000995 _____ () C:\Users\Senel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-27 07:11 - 2012-04-26 09:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-27 06:59 - 2014-04-27 06:59 - 00003592 _____ () C:\Users\Senel\Desktop\mbam.txt
2014-04-27 06:58 - 2014-04-27 06:58 - 00064624 _____ () C:\Users\Senel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-27 06:50 - 2014-04-27 06:50 - 00300104 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-27 06:50 - 2014-04-27 06:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-27 05:15 - 2014-02-04 04:46 - 00000000 ____D () C:\Users\Senel\Desktop\Programme
2014-04-27 05:11 - 2014-04-27 05:09 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-27 05:11 - 2014-04-27 05:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-27 05:11 - 2014-04-27 05:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-27 05:09 - 2014-04-27 05:09 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Senel\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-27 05:09 - 2014-04-27 05:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-27 05:07 - 2013-10-25 19:08 - 00000000 ____D () C:\Users\Senel\AppData\Roaming\TS3Client
2014-04-27 05:04 - 2012-12-23 02:00 - 00000000 ____D () C:\ProgramData\NexonEU
2014-04-27 04:50 - 2014-04-27 04:50 - 00001268 _____ () C:\Users\Senel\Desktop\Revo Uninstaller.lnk
2014-04-27 04:50 - 2014-04-27 04:50 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-27 04:49 - 2014-04-27 04:49 - 02617648 _____ (VS Revo Group Ltd.) C:\Users\Senel\Downloads\revosetup194.exe
2014-04-26 18:01 - 2014-02-04 03:04 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-26 17:58 - 2011-12-29 20:31 - 00000000 ____D () C:\Users\Senel
2014-04-25 18:05 - 2014-04-25 18:04 - 00037888 _____ () C:\Users\Senel\Downloads\Addition.txt
2014-04-25 09:44 - 2014-04-01 08:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-25 09:44 - 2014-02-13 00:55 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-23 13:34 - 2013-01-03 14:18 - 00000000 ____D () C:\Users\Senel\Desktop\Kadir
2014-04-23 10:46 - 2012-01-04 20:27 - 00000000 ____D () C:\Users\Senel\AppData\Local\Sony
2014-04-23 10:42 - 2012-08-22 03:53 - 00000000 ____D () C:\Users\Senel\AppData\Local\Unity
2014-04-23 10:40 - 2014-04-22 20:10 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-04-23 10:22 - 2014-03-04 12:54 - 00000000 ____D () C:\Users\Senel\AppData\Local\PMB Files
2014-04-23 10:22 - 2014-03-04 12:54 - 00000000 ____D () C:\ProgramData\PMB Files
2014-04-23 09:53 - 2014-04-23 09:49 - 00000000 ___HD () C:\Users\Senel\AppData\Local\Pvyjq
2014-04-22 00:09 - 2013-08-10 11:27 - 00000000 ____D () C:\Users\Administrator
2014-04-22 00:09 - 2013-08-04 15:25 - 00000000 ____D () C:\Users\Ridi
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-13 10:45 - 2014-04-13 10:45 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG
2014-04-13 10:40 - 2014-04-13 10:40 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG2014
2014-04-13 10:40 - 2014-04-13 10:40 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Avg2014
2014-04-12 15:33 - 2013-12-02 02:16 - 00000193 _____ () C:\Users\Senel\Videos\Documents\ads.txt
2014-04-11 09:33 - 2011-12-31 20:16 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-11 09:33 - 2011-12-31 20:16 - 00003862 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-10 21:18 - 2014-04-10 21:18 - 00000000 ____D () C:\Users\Senel\AppData\Local\dumps
2014-04-10 19:20 - 2014-04-10 19:20 - 00000178 _____ () C:\console.log
2014-04-10 18:43 - 2014-02-04 04:37 - 00003696 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-04-09 14:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-09 03:04 - 2012-10-03 14:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 03:03 - 2013-07-12 01:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 03:01 - 2011-12-29 20:51 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-07 19:09 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-04 20:49 - 2013-08-05 15:20 - 00000089 _____ () C:\Users\Senel\Videos\Documents\.......txt
2014-04-03 09:51 - 2014-04-27 05:09 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-27 05:09 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-27 05:09 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-03 03:54 - 2012-01-04 20:26 - 00000000 ____D () C:\Users\Senel\AppData\Roaming\Sony
2014-04-01 11:30 - 2014-04-01 11:30 - 00000000 ____D () C:\Program Files\Sony
2014-04-01 11:30 - 2014-04-01 11:30 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-03-31 16:20 - 2014-03-31 16:20 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-03-31 03:16 - 2014-04-08 21:58 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-08 21:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-08 21:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-08 21:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-30 00:48 - 2013-08-04 15:26 - 00000000 ____D () C:\Users\Ridi\AppData\Local\VirtualStore
2014-03-30 00:15 - 2014-03-30 00:15 - 00000000 ____D () C:\Users\Ridi\AppData\Roaming\AVG
2014-03-30 00:10 - 2014-03-30 00:10 - 00000000 ____D () C:\Users\Ridi\AppData\Roaming\AVG2014
2014-03-30 00:10 - 2014-03-30 00:10 - 00000000 ____D () C:\Users\Ridi\AppData\Local\Avg2014

Files to move or delete:
====================
C:\ProgramData\libcurl.dll
C:\ProgramData\pthreadGC2.dll
C:\ProgramData\ras_0oed.pad
C:\ProgramData\zlib1.dll


Some content of TEMP:
====================
C:\Users\Senel\AppData\Local\Temp\NGM.exe
C:\Users\Senel\AppData\Local\Temp\NGMDll.dll
C:\Users\Senel\AppData\Local\Temp\NGMResource.dll
C:\Users\Senel\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-23 04:54

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 28.04.2014 07:18

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

xRidi57 28.04.2014 23:37
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=807a7aacd50a1c44b395f10b8796e190
# engine=18063
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-28 08:55:32
# local_time=2014-04-28 10:55:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 6618101 150348382 0 0
# scanned=240987
# found=0
# cleaned=0
# scan_time=6890

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2014
Ran by Senel (administrator) on SENEL-PC on 29-04-2014 00:34:28
Running from C:\Users\Senel\Downloads\FRST-OlderVersion
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\loggingserver.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Ymir Entertainment) C:\Users\Senel\Desktop\Hardcore-RELOADED\bin\metin2client.bin
(Ymir Entertainment) C:\Users\Senel\Desktop\Hardcore-RELOADED\bin\metin2client.bin
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2041192 2012-12-29] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2544664 2014-04-27] ()
HKU\S-1-5-21-1969415253-1381297592-3536760822-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1969415253-1381297592-3536760822-1000\...\Run: [ccleaner] => C:\Program Files\Portable\CCleaner Professional 64-bit v3.26.1888\CCleaner64.exe [5628848 2012-12-19] (Piriform Ltd)
HKU\S-1-5-21-1969415253-1381297592-3536760822-1000\...\MountPoints2: {80d41f16-b3df-11e2-9b7b-00219b3b5af3} - E:\Startme.exe
HKU\S-1-5-21-1969415253-1381297592-3536760822-1000\...\MountPoints2: {fbacd5fe-90ac-11e1-8294-00219b3b5af3} - E:\iStudio.exe
HKU\S-1-5-21-1969415253-1381297592-3536760822-1015\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => "C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL" File Not Found
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\icloud.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\icloudweb.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\shellstreamsshortcut.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\digital imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB312C1B358C6CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FoxTab - {4DF4AC8C-FFA8-40FF-91F0-EB8389314B78} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - !{c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
Toolbar: HKLM-x32 - No Name - !{c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} -  No File
Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File
Toolbar: HKCU - No Name - {5786D022-540E-4699-B350-B4BE0AE94B79} -  No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C0CEF198-2956-4B3E-B56D-CD71F16ABB6F}: [NameServer]62.109.121.2 62.109.121.1

FireFox:
========
FF ProfilePath: C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\Profiles\p8bg8o9l.default
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\Profiles\p8bg8o9l.default\searchplugins\improvedsearch.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\Profiles\p8bg8o9l.default\Extensions\ich@maltegoetz.de [2013-03-16]
FF Extension: No Name - C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2012-12-24]
FF Extension: No Name - C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2013-03-16]
FF Extension: Movie2kDownloader - C:\Users\Senel\AppData\Roaming\Mozilla\Firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\

Chrome:
=======
CHR Extension: (ProxTube) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-10-25]
CHR Extension: (Docs) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-28]
CHR Extension: (Google Drive) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-28]
CHR Extension: (No Name) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb [2013-05-12]
CHR Extension: (YouTube) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-28]
CHR Extension: (Google Search) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-28]
CHR Extension: (No Name) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehjkfdmkpocpileolmldepapdjbfegei [2013-12-24]
CHR Extension: (No Name) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga [2012-12-20]
CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2012-09-17]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-25]
CHR Extension: (FoxTab) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pailhpppfllmijejfccffanaigjphjnb [2013-10-25]
CHR Extension: (Gmail) - C:\Users\Senel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-28]
CHR HKCU\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\Senel\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [2013-05-06]
CHR HKCU\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\Senel\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx [2012-12-01]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2012-12-01]
CHR HKLM-x32\...\Chrome\Extension: [aakchaleigkohafkfjfjbblobjifikek] - C:\Users\Senel\AppData\LocalLow\proxtube\CHROME\proxtube.crx [2012-04-19]
CHR HKLM-x32\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\Senel\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [2013-05-06]
CHR HKLM-x32\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\Senel\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx [2012-12-01]
CHR HKLM-x32\...\Chrome\Extension: [pailhpppfllmijejfccffanaigjphjnb] - C:\Users\Senel\AppData\LocalLow\FoxTab\CHROME\FoxTab.crx [2012-12-01]

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4467488 2013-05-29] (INCA Internet Co., Ltd.)
S3 Pml Driver HPZ12; C:\Windows\SysWOW64\HPZipm12.exe [65536 2004-03-18] (HP)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2102072 2013-12-18] (AVG)
S3 xsherlock; C:\Windows\SysWOW64\xsherlock.xem [666720 2012-12-20] (Wellbia.com Co., Ltd.)

==================== Drivers (Whitelisted) ====================

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-04-27] (AVG Technologies)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
S3 REN2CAP_DRIVER; C:\Windows\System32\drivers\ren2cap.sys [46728 2011-11-07] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-08-16] (Duplex Secure Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
S3 TKCtrl; \??\C:\Windows\system32\TKCtrl2k64.sys [X]
S3 TKFsAvM; \??\C:\Windows\system32\TKFsAv64.sys [X]
S3 TKFsFtM; \??\C:\Windows\system32\TKFsFt64.sys [X]
S1 TKFWFV; system32\TKFWFV64.sys [X]
S3 TKFWVT; \??\C:\Windows\system32\TKFWVT64.sys [X]
S3 TkIdsVt; \??\C:\Windows\system32\TkIdsVt64.sys [X]
S3 TKPcFt; \??\C:\Windows\system32\TKPcFtCb64.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-29 00:31 - 2014-04-29 00:32 - 00855379 _____ () C:\Users\Senel\Desktop\SecurityCheck.exe
2014-04-27 17:52 - 2014-04-27 17:53 - 00018473 _____ () C:\Windows\DirectX.log
2014-04-27 17:51 - 2014-04-27 17:51 - 00001172 _____ () C:\Users\Public\Desktop\AION Free-to-Play.lnk
2014-04-27 17:49 - 2014-04-27 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-04-27 17:49 - 2014-04-27 17:49 - 00001071 _____ () C:\Users\Public\Desktop\Gameforge Live.lnk
2014-04-27 17:49 - 2014-04-27 17:49 - 00000000 ____D () C:\Users\Senel\Downloads\Gameforge Live
2014-04-27 17:49 - 2014-04-27 17:49 - 00000000 ____D () C:\Users\Senel\AppData\Local\Gameforge4d
2014-04-27 17:48 - 2014-04-27 17:48 - 20125848 _____ (Gameforge ) C:\Users\Senel\Desktop\AION_GameforgeLiveSetup.exe
2014-04-27 11:54 - 2014-04-27 11:54 - 01070496 _____ (Unity Technologies ApS) C:\Users\Senel\Downloads\UnityWebPlayer.exe
2014-04-27 11:54 - 2014-04-27 11:54 - 01070496 _____ (Unity Technologies ApS) C:\Users\Senel\Downloads\UnityWebPlayer (1).exe
2014-04-27 08:22 - 2014-04-27 08:22 - 00000000 ____D () C:\Users\Senel\AppData\Local\AVG SafeGuard toolbar
2014-04-27 08:22 - 2014-04-27 08:21 - 00049952 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-04-27 08:21 - 2014-04-27 08:21 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-04-27 08:09 - 2014-04-29 00:34 - 00000000 ____D () C:\Users\Senel\Downloads\FRST-OlderVersion
2014-04-27 07:18 - 2014-04-27 07:18 - 00000000 ____D () C:\Windows\ERUNT
2014-04-27 07:17 - 2014-04-27 07:17 - 01016261 _____ (Thisisu) C:\Users\Senel\Downloads\JRT.exe
2014-04-27 07:12 - 2014-04-27 07:13 - 00000000 ____D () C:\AdwCleaner
2014-04-27 07:12 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-04-27 06:58 - 2014-04-27 06:58 - 00064624 _____ () C:\Users\Senel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-27 06:50 - 2014-04-27 23:59 - 00000280 _____ () C:\Windows\setupact.log
2014-04-27 06:50 - 2014-04-27 06:50 - 00300104 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-27 06:50 - 2014-04-27 06:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-27 06:49 - 2014-04-27 07:14 - 00001408 _____ () C:\Windows\PFRO.log
2014-04-27 05:10 - 2014-04-27 07:15 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-27 05:09 - 2014-04-27 05:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-27 05:09 - 2014-04-27 05:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-27 05:09 - 2014-04-27 05:09 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Senel\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-27 05:09 - 2014-04-27 05:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-27 05:09 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-27 05:09 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-27 05:09 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-27 04:50 - 2014-04-27 04:50 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-27 04:49 - 2014-04-27 04:49 - 02617648 _____ (VS Revo Group Ltd.) C:\Users\Senel\Downloads\revosetup194.exe
2014-04-25 18:04 - 2014-04-27 08:10 - 00033416 _____ () C:\Users\Senel\Downloads\FRST.txt
2014-04-25 18:04 - 2014-04-25 18:05 - 00037888 _____ () C:\Users\Senel\Downloads\Addition.txt
2014-04-25 18:03 - 2014-04-29 00:34 - 00000000 ____D () C:\FRST
2014-04-25 18:03 - 2014-04-27 08:09 - 02061824 _____ (Farbar) C:\Users\Senel\Downloads\FRST64.exe
2014-04-23 09:49 - 2014-04-23 09:53 - 00000000 ___HD () C:\Users\Senel\AppData\Local\Pvyjq
2014-04-22 20:10 - 2014-04-27 17:49 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-13 10:45 - 2014-04-13 10:45 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG
2014-04-13 10:40 - 2014-04-13 10:40 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG2014
2014-04-13 10:40 - 2014-04-13 10:40 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Avg2014
2014-04-10 21:18 - 2014-04-10 21:18 - 00000000 ____D () C:\Users\Senel\AppData\Local\dumps
2014-04-10 19:20 - 2014-04-10 19:20 - 00000178 _____ () C:\console.log
2014-04-09 12:04 - 2013-12-25 03:22 - 00000000 ____D () C:\Users\Senel\Desktop\Hardcore-RELOADED
2014-04-08 21:58 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-08 21:57 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-08 21:57 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-08 21:57 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-08 21:54 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-08 21:54 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-08 21:54 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-08 21:54 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-08 21:54 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-08 21:54 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-08 21:54 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-08 21:54 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-08 21:54 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-08 21:54 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-08 21:54 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-08 21:54 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-08 21:54 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-08 21:54 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-08 21:54 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-08 21:54 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-08 21:54 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-07 19:01 - 2011-11-07 16:18 - 00046728 _____ () C:\Windows\system32\Drivers\ren2cap.sys
2014-04-01 11:30 - 2014-04-01 11:30 - 00000000 ____D () C:\Program Files\Sony
2014-04-01 11:30 - 2014-04-01 11:30 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-04-01 08:06 - 2014-04-25 09:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-03-31 16:20 - 2014-03-31 16:20 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-03-30 00:15 - 2014-03-30 00:15 - 00000000 ____D () C:\Users\Ridi\AppData\Roaming\AVG
2014-03-30 00:10 - 2014-03-30 00:10 - 00000000 ____D () C:\Users\Ridi\AppData\Roaming\AVG2014
2014-03-30 00:10 - 2014-03-30 00:10 - 00000000 ____D () C:\Users\Ridi\AppData\Local\Avg2014

==================== One Month Modified Files and Folders =======

2014-04-29 00:34 - 2014-04-27 08:09 - 00000000 ____D () C:\Users\Senel\Downloads\FRST-OlderVersion
2014-04-29 00:34 - 2014-04-25 18:03 - 00000000 ____D () C:\FRST
2014-04-29 00:34 - 2014-02-04 04:46 - 00000000 ____D () C:\Users\Senel\Desktop\Programme
2014-04-29 00:32 - 2014-04-29 00:31 - 00855379 _____ () C:\Users\Senel\Desktop\SecurityCheck.exe
2014-04-29 00:31 - 2013-09-17 03:03 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-29 00:31 - 2011-12-31 20:16 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-29 00:11 - 2012-04-26 09:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-28 21:48 - 2014-03-07 14:35 - 01231392 _____ () C:\Windows\WindowsUpdate.log
2014-04-28 21:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-04-28 19:51 - 2013-10-25 19:08 - 00000000 ____D () C:\Users\Senel\AppData\Roaming\TS3Client
2014-04-28 17:19 - 2014-02-04 03:04 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-28 03:29 - 2011-12-31 20:16 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-27 23:59 - 2014-04-27 06:50 - 00000280 _____ () C:\Windows\setupact.log
2014-04-27 17:53 - 2014-04-27 17:52 - 00018473 _____ () C:\Windows\DirectX.log
2014-04-27 17:51 - 2014-04-27 17:51 - 00001172 _____ () C:\Users\Public\Desktop\AION Free-to-Play.lnk
2014-04-27 17:51 - 2014-04-27 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-04-27 17:49 - 2014-04-27 17:49 - 00001071 _____ () C:\Users\Public\Desktop\Gameforge Live.lnk
2014-04-27 17:49 - 2014-04-27 17:49 - 00000000 ____D () C:\Users\Senel\Downloads\Gameforge Live
2014-04-27 17:49 - 2014-04-27 17:49 - 00000000 ____D () C:\Users\Senel\AppData\Local\Gameforge4d
2014-04-27 17:49 - 2014-04-22 20:10 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-04-27 17:48 - 2014-04-27 17:48 - 20125848 _____ (Gameforge ) C:\Users\Senel\Desktop\AION_GameforgeLiveSetup.exe
2014-04-27 17:19 - 2014-03-21 20:45 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-04-27 11:54 - 2014-04-27 11:54 - 01070496 _____ (Unity Technologies ApS) C:\Users\Senel\Downloads\UnityWebPlayer.exe
2014-04-27 11:54 - 2014-04-27 11:54 - 01070496 _____ (Unity Technologies ApS) C:\Users\Senel\Downloads\UnityWebPlayer (1).exe
2014-04-27 08:22 - 2014-04-27 08:22 - 00000000 ____D () C:\Users\Senel\AppData\Local\AVG SafeGuard toolbar
2014-04-27 08:21 - 2014-04-27 08:22 - 00049952 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-04-27 08:21 - 2014-04-27 08:21 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-04-27 08:10 - 2014-04-25 18:04 - 00033416 _____ () C:\Users\Senel\Downloads\FRST.txt
2014-04-27 08:09 - 2014-04-25 18:03 - 02061824 _____ (Farbar) C:\Users\Senel\Downloads\FRST64.exe
2014-04-27 07:21 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-27 07:21 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-27 07:19 - 2011-04-12 09:43 - 00710046 _____ () C:\Windows\system32\perfh007.dat
2014-04-27 07:19 - 2011-04-12 09:43 - 00154482 _____ () C:\Windows\system32\perfc007.dat
2014-04-27 07:19 - 2009-07-14 07:13 - 01650084 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-27 07:18 - 2014-04-27 07:18 - 00000000 ____D () C:\Windows\ERUNT
2014-04-27 07:17 - 2014-04-27 07:17 - 01016261 _____ (Thisisu) C:\Users\Senel\Downloads\JRT.exe
2014-04-27 07:15 - 2014-04-27 05:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-27 07:14 - 2014-04-27 06:49 - 00001408 _____ () C:\Windows\PFRO.log
2014-04-27 07:14 - 2013-07-18 01:23 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-04-27 07:14 - 2012-04-08 02:45 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-27 07:14 - 2012-01-16 17:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-27 07:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-27 07:13 - 2014-04-27 07:12 - 00000000 ____D () C:\AdwCleaner
2014-04-27 07:13 - 2013-09-17 03:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-27 07:13 - 2012-01-08 12:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-27 07:13 - 2011-12-29 20:31 - 00000995 _____ () C:\Users\Senel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-27 06:58 - 2014-04-27 06:58 - 00064624 _____ () C:\Users\Senel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-27 06:50 - 2014-04-27 06:50 - 00300104 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-27 06:50 - 2014-04-27 06:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-27 05:11 - 2014-04-27 05:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-27 05:11 - 2014-04-27 05:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-27 05:09 - 2014-04-27 05:09 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Senel\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-27 05:09 - 2014-04-27 05:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-27 05:04 - 2012-12-23 02:00 - 00000000 ____D () C:\ProgramData\NexonEU
2014-04-27 04:50 - 2014-04-27 04:50 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-27 04:49 - 2014-04-27 04:49 - 02617648 _____ (VS Revo Group Ltd.) C:\Users\Senel\Downloads\revosetup194.exe
2014-04-26 17:58 - 2011-12-29 20:31 - 00000000 ____D () C:\Users\Senel
2014-04-25 18:05 - 2014-04-25 18:04 - 00037888 _____ () C:\Users\Senel\Downloads\Addition.txt
2014-04-25 09:44 - 2014-04-01 08:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-25 09:44 - 2014-02-13 00:55 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-23 13:34 - 2013-01-03 14:18 - 00000000 ____D () C:\Users\Senel\Desktop\Kadir
2014-04-23 10:46 - 2012-01-04 20:27 - 00000000 ____D () C:\Users\Senel\AppData\Local\Sony
2014-04-23 10:42 - 2012-08-22 03:53 - 00000000 ____D () C:\Users\Senel\AppData\Local\Unity
2014-04-23 10:22 - 2014-03-04 12:54 - 00000000 ____D () C:\Users\Senel\AppData\Local\PMB Files
2014-04-23 10:22 - 2014-03-04 12:54 - 00000000 ____D () C:\ProgramData\PMB Files
2014-04-23 09:53 - 2014-04-23 09:49 - 00000000 ___HD () C:\Users\Senel\AppData\Local\Pvyjq
2014-04-22 00:09 - 2013-08-10 11:27 - 00000000 ____D () C:\Users\Administrator
2014-04-22 00:09 - 2013-08-04 15:25 - 00000000 ____D () C:\Users\Ridi
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-13 10:45 - 2014-04-13 10:45 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG
2014-04-13 10:40 - 2014-04-13 10:40 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG2014
2014-04-13 10:40 - 2014-04-13 10:40 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Avg2014
2014-04-12 15:33 - 2013-12-02 02:16 - 00000193 _____ () C:\Users\Senel\Videos\Documents\ads.txt
2014-04-11 09:33 - 2011-12-31 20:16 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-11 09:33 - 2011-12-31 20:16 - 00003862 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-10 21:18 - 2014-04-10 21:18 - 00000000 ____D () C:\Users\Senel\AppData\Local\dumps
2014-04-10 19:20 - 2014-04-10 19:20 - 00000178 _____ () C:\console.log
2014-04-10 18:43 - 2014-02-04 04:37 - 00003696 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-04-09 14:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-09 03:04 - 2012-10-03 14:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 03:03 - 2013-07-12 01:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 03:01 - 2011-12-29 20:51 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-07 19:09 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-04 20:49 - 2013-08-05 15:20 - 00000089 _____ () C:\Users\Senel\Videos\Documents\.......txt
2014-04-03 09:51 - 2014-04-27 05:09 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-27 05:09 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-27 05:09 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-03 03:54 - 2012-01-04 20:26 - 00000000 ____D () C:\Users\Senel\AppData\Roaming\Sony
2014-04-01 11:30 - 2014-04-01 11:30 - 00000000 ____D () C:\Program Files\Sony
2014-04-01 11:30 - 2014-04-01 11:30 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-03-31 16:20 - 2014-03-31 16:20 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-03-31 03:16 - 2014-04-08 21:58 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-08 21:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-08 21:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-08 21:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-30 00:48 - 2013-08-04 15:26 - 00000000 ____D () C:\Users\Ridi\AppData\Local\VirtualStore
2014-03-30 00:15 - 2014-03-30 00:15 - 00000000 ____D () C:\Users\Ridi\AppData\Roaming\AVG
2014-03-30 00:10 - 2014-03-30 00:10 - 00000000 ____D () C:\Users\Ridi\AppData\Roaming\AVG2014
2014-03-30 00:10 - 2014-03-30 00:10 - 00000000 ____D () C:\Users\Ridi\AppData\Local\Avg2014

Files to move or delete:
====================
C:\ProgramData\libcurl.dll
C:\ProgramData\pthreadGC2.dll
C:\ProgramData\ras_0oed.pad
C:\ProgramData\zlib1.dll


Some content of TEMP:
====================
C:\Users\Senel\AppData\Local\Temp\NGM.exe
C:\Users\Senel\AppData\Local\Temp\NGMDll.dll
C:\Users\Senel\AppData\Local\Temp\NGMResource.dll
C:\Users\Senel\AppData\Local\Temp\Quarantine.exe
C:\Users\Senel\AppData\Local\Temp\UNINSTALL.EXE


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-23 04:54

==================== End Of Log ============================
--- --- ---



Bezüglich auf dem Security check , ich drücke eine beliebige taste aber dann kommt ne meldung :" Unsupported operating system abborted!"

schrauber 29.04.2014 20:46
Securitycheck ignorieren.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\ProgramData\libcurl.dll
C:\ProgramData\pthreadGC2.dll
C:\ProgramData\ras_0oed.pad
C:\ProgramData\zlib1.dll

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:58 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131