| Unantastbar | 02.05.2014 13:25 |
Danke für die rasche Antwort.
Leider hab ich nur die Logs von Antivirus und Malwarebytes Anti-Malware.
Anbei noch der von dir gewünschte Log. Avira Antivirus: Code:
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Freitag, 2. Mai 2014 13:20
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Antivirus Free
Seriennummer : 0000149996-AVHOE-0000001
Plattform : Windows 7 Professional
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : UNATON-PC
Versionsinformationen:
BUILD.DAT : 14.0.3.350 56624 Bytes 25.02.2014 11:41:00
AVSCAN.EXE : 14.0.3.332 1058384 Bytes 25.02.2014 09:41:04
AVSCANRC.DLL : 14.0.2.180 62008 Bytes 25.02.2014 09:41:04
LUKE.DLL : 14.0.3.336 65616 Bytes 25.02.2014 09:41:05
AVSCPLR.DLL : 14.0.3.336 124496 Bytes 25.02.2014 09:41:04
AVREG.DLL : 14.0.3.336 250448 Bytes 25.02.2014 09:41:04
avlode.dll : 14.0.3.336 544848 Bytes 25.02.2014 09:41:04
avlode.rdf : 14.0.4.14 63648 Bytes 02.05.2014 11:34:21
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 09:41:06
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 09:41:06
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 09:41:06
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 09:41:06
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 09:41:06
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 09:41:06
VBASE006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 11:34:43
VBASE007.VDF : 7.11.145.136 2117120 Bytes 28.04.2014 11:34:46
VBASE008.VDF : 7.11.145.137 2048 Bytes 28.04.2014 11:34:46
VBASE009.VDF : 7.11.145.138 2048 Bytes 28.04.2014 11:34:46
VBASE010.VDF : 7.11.145.139 2048 Bytes 28.04.2014 11:34:46
VBASE011.VDF : 7.11.145.140 2048 Bytes 28.04.2014 11:34:46
VBASE012.VDF : 7.11.145.141 2048 Bytes 28.04.2014 11:34:46
VBASE013.VDF : 7.11.146.20 166912 Bytes 29.04.2014 11:34:47
VBASE014.VDF : 7.11.146.131 194048 Bytes 01.05.2014 11:34:47
VBASE015.VDF : 7.11.146.132 2048 Bytes 01.05.2014 11:34:47
VBASE016.VDF : 7.11.146.133 2048 Bytes 01.05.2014 11:34:47
VBASE017.VDF : 7.11.146.134 2048 Bytes 01.05.2014 11:34:47
VBASE018.VDF : 7.11.146.135 2048 Bytes 01.05.2014 11:34:47
VBASE019.VDF : 7.11.146.136 2048 Bytes 01.05.2014 11:34:47
VBASE020.VDF : 7.11.146.137 2048 Bytes 01.05.2014 11:34:47
VBASE021.VDF : 7.11.146.138 2048 Bytes 01.05.2014 11:34:47
VBASE022.VDF : 7.11.146.139 2048 Bytes 01.05.2014 11:34:47
VBASE023.VDF : 7.11.146.140 2048 Bytes 01.05.2014 11:34:47
VBASE024.VDF : 7.11.146.141 2048 Bytes 01.05.2014 11:34:47
VBASE025.VDF : 7.11.146.142 2048 Bytes 01.05.2014 11:34:47
VBASE026.VDF : 7.11.146.143 2048 Bytes 01.05.2014 11:34:48
VBASE027.VDF : 7.11.146.144 2048 Bytes 01.05.2014 11:34:48
VBASE028.VDF : 7.11.146.145 2048 Bytes 01.05.2014 11:34:48
VBASE029.VDF : 7.11.146.146 2048 Bytes 01.05.2014 11:34:48
VBASE030.VDF : 7.11.146.147 2048 Bytes 01.05.2014 11:34:48
VBASE031.VDF : 7.11.146.148 111616 Bytes 01.05.2014 11:34:48
Engineversion : 8.3.18.12
AEVDF.DLL : 8.3.0.4 118976 Bytes 02.05.2014 11:34:20
AESCRIPT.DLL : 8.1.4.200 528584 Bytes 02.05.2014 11:34:20
AESCN.DLL : 8.3.0.2 135360 Bytes 02.05.2014 11:34:19
AESBX.DLL : 8.2.20.18 1409224 Bytes 02.05.2014 11:34:20
AERDL.DLL : 8.2.0.138 704888 Bytes 25.02.2014 09:41:04
AEPACK.DLL : 8.4.0.22 778440 Bytes 02.05.2014 11:34:19
AEOFFICE.DLL : 8.3.0.4 205000 Bytes 02.05.2014 11:34:18
AEHEUR.DLL : 8.1.4.1044 6697160 Bytes 02.05.2014 11:34:18
AEHELP.DLL : 8.3.0.0 274808 Bytes 02.05.2014 11:34:14
AEGEN.DLL : 8.1.7.26 450752 Bytes 02.05.2014 11:34:14
AEEXP.DLL : 8.4.1.312 569544 Bytes 02.05.2014 11:34:21
AEEMU.DLL : 8.1.3.2 393587 Bytes 25.02.2014 09:41:04
AECORE.DLL : 8.3.0.6 241864 Bytes 02.05.2014 11:34:14
AEBB.DLL : 8.1.1.4 53619 Bytes 25.02.2014 09:41:04
AVWINLL.DLL : 14.0.3.252 23608 Bytes 25.02.2014 09:41:05
AVPREF.DLL : 14.0.3.252 48696 Bytes 25.02.2014 09:41:04
AVREP.DLL : 14.0.3.252 175672 Bytes 25.02.2014 09:41:04
AVARKT.DLL : 14.0.3.336 256080 Bytes 25.02.2014 09:41:04
AVEVTLOG.DLL : 14.0.3.336 165968 Bytes 25.02.2014 09:41:04
SQLITE3.DLL : 3.7.0.1 394808 Bytes 25.02.2014 09:41:06
AVSMTP.DLL : 14.0.3.252 60472 Bytes 25.02.2014 09:41:04
NETNT.DLL : 14.0.3.252 13368 Bytes 25.02.2014 09:41:05
RCIMAGE.DLL : 14.0.3.260 4979256 Bytes 25.02.2014 09:41:06
RCTEXT.DLL : 14.0.3.282 72760 Bytes 25.02.2014 09:41:06
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: AVGuardAsyncScan
Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_53637a6b\guard_slideup.avp
Protokollierung.......................: standard
Primäre Aktion........................: Reparieren
Sekundäre Aktion......................: Quarantäne
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: aus
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: Vollständig
Beginn des Suchlaufs: Freitag, 2. Mai 2014 13:20
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '145' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '110' Modul(e) wurden durchsucht
Durchsuche Prozess 'atkexComSvc.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'aaHMSvc.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'AsSysCtrlService.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'sqlservr.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvNetworkService.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'LDSvc.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'sqlbrowser.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'sqlwriter.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.ServiceHost.exe' - '130' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '169' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'DAODx.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'AsRoutineController.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleCrashHandler.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvTmru.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvBackend.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'Steam.exe' - '139' Modul(e) wurden durchsucht
Durchsuche Prozess 'HD-Agent.exe' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'gvggph.exe' - '114' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dropbox.exe' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'AiChargerPlus.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'CurseClient.exe' - '163' Modul(e) wurden durchsucht
Durchsuche Prozess 'RzSynapse.exe' - '154' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleCrashHandler64.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.Systray.exe' - '122' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '101' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'TurboVHelp.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'EPUHelp.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '156' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'AI Suite II.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'AlertHelper.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '119' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'wuauclt.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'eso.exe' - '111' Modul(e) wurden durchsucht
Durchsuche Prozess 'jucheck.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'AwesomiumProcess.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'plugin-container.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_13_0_0_206.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_13_0_0_206.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '9' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '122' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\Program Files (x86)\HQ-Video-Pro-1.9\60f8b19e-300a-4164-a512-cce52df60a76-2.exe'
Der zu durchsuchende Pfad C:\Program Files (x86)\HQ-Video-Pro-1.9\60f8b19e-300a-4164-a512-cce52df60a76-2.exe konnte nicht geöffnet werden!
Systemfehler [3]: Das System kann den angegebenen Pfad nicht finden.
Beginne mit der Suche in 'C:\Program Files (x86)\HQ-Video-Pro-1.9\60f8b19e-300a-4164-a512-cce52df60a76-4.exe'
Der zu durchsuchende Pfad C:\Program Files (x86)\HQ-Video-Pro-1.9\60f8b19e-300a-4164-a512-cce52df60a76-4.exe konnte nicht geöffnet werden!
Systemfehler [3]: Das System kann den angegebenen Pfad nicht finden.
Beginne mit der Suche in 'C:\Program Files (x86)\HQ-Video-Pro-1.9\60f8b19e-300a-4164-a512-cce52df60a76-5.exe'
Der zu durchsuchende Pfad C:\Program Files (x86)\HQ-Video-Pro-1.9\60f8b19e-300a-4164-a512-cce52df60a76-5.exe konnte nicht geöffnet werden!
Systemfehler [3]: Das System kann den angegebenen Pfad nicht finden.
Beginne mit der Suche in 'C:\Program Files (x86)\HQ-Video-Pro-1.9\HQ-Video-Pro-1.9-bho.dll'
Der zu durchsuchende Pfad C:\Program Files (x86)\HQ-Video-Pro-1.9\HQ-Video-Pro-1.9-bho.dll konnte nicht geöffnet werden!
Systemfehler [3]: Das System kann den angegebenen Pfad nicht finden.
Beginne mit der Suche in 'C:\Program Files (x86)\HQ-Video-Pro-1.9\HQ-Video-Pro-1.9-codedownloader.exe'
Der zu durchsuchende Pfad C:\Program Files (x86)\HQ-Video-Pro-1.9\HQ-Video-Pro-1.9-codedownloader.exe konnte nicht geöffnet werden!
Systemfehler [3]: Das System kann den angegebenen Pfad nicht finden.
Ende des Suchlaufs: Freitag, 2. Mai 2014 13:20
Benötigte Zeit: 00:13 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
0 Verzeichnisse wurden überprüft
2059 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
2059 Dateien ohne Befall
4 Archive wurden durchsucht
0 Warnungen
0 Hinweise
Malwarebytes Anti-Malware: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 02.05.2014
Suchlauf-Zeit: 13:19:11
Logdatei: Anti Malware.txt
Administrator: Ja
Version: 2.00.1.1004
Malware Datenbank: v2014.05.02.07
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Unaton
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 267964
Verstrichene Zeit: 8 Min, 33 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 6
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\CLASSES\APPID\{76A60138-58B3-4e27-85FB-8FEF344A8998}, In Quarantäne, [ebb492ba7407d75fc7b3e538a06205fb],
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{76A60138-58B3-4E27-85FB-8FEF344A8998}, In Quarantäne, [ebb492ba7407d75fc7b3e538a06205fb],
PUP.Optional.HQVideoPro.A, HKLM\SOFTWARE\WOW6432NODE\HQ-Video-Pro-1.9, In Quarantäne, [8d120a42d3a80e28ba3ce69c729049b7],
PUP.Optional.HQVideoPro.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HQ-Video-Pro-1.9, Löschen bei Neustart, [b4ebc785f08b87af6a8a4939c83aca36],
PUP.Optional.HQVideoPro.A, HKU\S-1-5-21-4091059436-4059220182-3966356056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HQ-Video-Pro-1.9, Löschen bei Neustart, [554a3319abd02f077d77750d020027d9],
PUP.Optional.HQVideoPro.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HQ-Video-Pro-1.9, In Quarantäne, [f1ae5fed5e1df83ec52392d958aa1de3],
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 2
PUP.Optional.HQVideoPro.A, C:\Program Files (x86)\HQ-Video-Pro-1.9, In Quarantäne, [f1ae5fed5e1df83ec52392d958aa1de3],
PUP.Optional.SupraSavings.A, C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk, In Quarantäne, [3669014b8af1a88efa921c5315edb749],
Dateien: 25
PUP.FunMoods, C:\$Recycle.Bin\S-1-5-21-4091059436-4059220182-3966356056-1000\$RNJ8UF7.exe, In Quarantäne, [0f9064e8730894a24085c14e28d957a9],
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, In Quarantäne, [9c032e1e9be00c2af77f42fbab55b050],
PUP.Optional.SupraSavings.A, C:\temp\t.msi, In Quarantäne, [8f100b4163183df9908be347a262da26],
PUP.Optional.OneClickDownloader.A, C:\Users\Unaton\AppData\Local\Temp\KC84TCVq.exe.part, In Quarantäne, [ccd3e06c3a41ca6c828a927d1be6ee12],
PUP.BundleInstaller.DW, C:\Users\Unaton\AppData\Local\Temp\r5ATq5hD.exe.part, In Quarantäne, [9b04c08c4635a195d1ce0100da27916f],
PUP.BundleInstaller.DW, C:\Users\Unaton\AppData\Local\Temp\7R5V5yts.exe.part, In Quarantäne, [049b85c72754ab8b841beb167f829b65],
PUP.Optional.CrossRider.A, C:\Users\Unaton\AppData\Local\Temp\n7057\hqvideopro_2804_DE-18452fcc.exe, In Quarantäne, [edb262eaf784e155a69fc08256aae917],
PUP.Optional.Iminent.A, C:\Users\Unaton\AppData\Local\Temp\n7057\Iminent_1712-b2fcad5e.exe, In Quarantäne, [5748a6a645361125f51ffb463ac70ff1],
PUP.Optional.BundleInstaller.A, C:\Users\Unaton\AppData\Local\Temp\n7057\s7057.exe, In Quarantäne, [168951fba0dbcc6acc0b85bc738d3ec2],
PUP.Optional.SupraSavings.A, C:\Windows\Installer\133a6d5.msi, In Quarantäne, [9708410b067588ae1308bd6d9a6a4cb4],
PUP.Optional.AdPeak.A, C:\Windows\Installer\1363445.msi, In Quarantäne, [c0dfb6962b5048eedd99a09dbc4404fc],
PUP.Optional.HQVideoPro.A, C:\Program Files (x86)\HQ-Video-Pro-1.9\53172.crx, In Quarantäne, [f1ae5fed5e1df83ec52392d958aa1de3],
PUP.Optional.HQVideoPro.A, C:\Program Files (x86)\HQ-Video-Pro-1.9\53172.xpi, In Quarantäne, [f1ae5fed5e1df83ec52392d958aa1de3],
PUP.Optional.HQVideoPro.A, C:\Program Files (x86)\HQ-Video-Pro-1.9\60f8b19e-300a-4164-a512-cce52df60a76-2.exe, In Quarantäne, [f1ae5fed5e1df83ec52392d958aa1de3],
PUP.Optional.HQVideoPro.A, C:\Program Files (x86)\HQ-Video-Pro-1.9\60f8b19e-300a-4164-a512-cce52df60a76-3.exe, In Quarantäne, [f1ae5fed5e1df83ec52392d958aa1de3],
PUP.Optional.HQVideoPro.A, C:\Program Files (x86)\HQ-Video-Pro-1.9\60f8b19e-300a-4164-a512-cce52df60a76-4.exe, In Quarantäne, [f1ae5fed5e1df83ec52392d958aa1de3],
PUP.Optional.HQVideoPro.A, C:\Program Files (x86)\HQ-Video-Pro-1.9\60f8b19e-300a-4164-a512-cce52df60a76-5.exe, In Quarantäne, [f1ae5fed5e1df83ec52392d958aa1de3],
PUP.Optional.HQVideoPro.A, C:\Program Files (x86)\HQ-Video-Pro-1.9\background.html, In Quarantäne, [f1ae5fed5e1df83ec52392d958aa1de3],
PUP.Optional.HQVideoPro.A, C:\Program Files (x86)\HQ-Video-Pro-1.9\HQ-Video-Pro-1.9-bg.exe, In Quarantäne, [f1ae5fed5e1df83ec52392d958aa1de3],
PUP.Optional.HQVideoPro.A, C:\Program Files (x86)\HQ-Video-Pro-1.9\HQ-Video-Pro-1.9-bho.dll, In Quarantäne, [f1ae5fed5e1df83ec52392d958aa1de3],
PUP.Optional.HQVideoPro.A, C:\Program Files (x86)\HQ-Video-Pro-1.9\HQ-Video-Pro-1.9-bho64.dll, In Quarantäne, [f1ae5fed5e1df83ec52392d958aa1de3],
PUP.Optional.HQVideoPro.A, C:\Program Files (x86)\HQ-Video-Pro-1.9\HQ-Video-Pro-1.9-codedownloader.exe, In Quarantäne, [f1ae5fed5e1df83ec52392d958aa1de3],
PUP.Optional.HQVideoPro.A, C:\Program Files (x86)\HQ-Video-Pro-1.9\HQ-Video-Pro-1.9.ico, In Quarantäne, [f1ae5fed5e1df83ec52392d958aa1de3],
PUP.Optional.HQVideoPro.A, C:\Program Files (x86)\HQ-Video-Pro-1.9\Uninstall.exe, In Quarantäne, [f1ae5fed5e1df83ec52392d958aa1de3],
PUP.Optional.HQVideoPro.A, C:\Program Files (x86)\HQ-Video-Pro-1.9\utils.exe, In Quarantäne, [f1ae5fed5e1df83ec52392d958aa1de3],
Physische Sektoren: 0
(No malicious items detected)
(end)
FRST:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014
Ran by Unaton (administrator) on UNATON-PC on 02-05-2014 14:20:44
Running from D:\Eigene Dateien\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Microsoft Corporation) C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Windows\DAODx.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) E:\Spiele\Steam.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
() C:\Users\Unaton\AppData\Local\gvggph.exe
(Dropbox, Inc.) C:\Users\Unaton\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Curse) C:\Users\Unaton\AppData\Local\Apps\2.0\LLOCZMY7.BL4\V6Q4QPAW.TW6\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [465536 2010-11-08] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [610152 2013-06-21] (Razer Inc.)
HKLM-x32\...\Run: [QuickTime Task] => D:\Quick Time\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [182352 2014-04-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess?
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
HKU\S-1-5-21-4091059436-4059220182-3966356056-1000\...\Run: [Steam] => E:\Spiele\Steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-4091059436-4059220182-3966356056-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [168288 2011-11-23] (BlueStack Systems, Inc.)
HKU\S-1-5-21-4091059436-4059220182-3966356056-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-4091059436-4059220182-3966356056-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4091059436-4059220182-3966356056-1000\...\Run: [DAEMON Tools Lite] => E:\Programme\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-4091059436-4059220182-3966356056-1000\...\Run: [gvggph] => c:\users\unaton\appdata\local\gvggph.exe [2732032 2014-05-01] ()
HKU\S-1-5-21-4091059436-4059220182-3966356056-1000\...\MountPoints2: {084e370f-e91a-11e0-96da-806e6f6e6963} - D:\.\Bin\ASSETUP.exe
HKU\S-1-5-21-4091059436-4059220182-3966356056-1000\...\MountPoints2: {50887e9a-4a91-11e2-9917-14dae921361e} - H:\Autorun.exe
HKU\S-1-5-21-4091059436-4059220182-3966356056-1000\...\MountPoints2: {975ca07c-952e-11e2-802a-14dae921361e} - H:\AutoRun.exe
HKU\S-1-5-21-4091059436-4059220182-3966356056-1000\...\MountPoints2: {ac2b762c-9415-11e3-abd7-14dae921361e} - G:\KODAK_Camera_Setup_App.exe
HKU\S-1-5-21-4091059436-4059220182-3966356056-1000\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-4091059436-4059220182-3966356056-1000\$6625244b4e0dce17a510fa764a5a01e8\n. ATTENTION! ====> ZeroAccess?
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\Users\Unaton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Unaton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Unaton\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9FCB32D6347DCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ICQ Sparberater - {FE163F11-1919-4257-A280-FF5AF8DAEECB} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\7xdkvgjw.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF SearchPlugin: C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\7xdkvgjw.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\7xdkvgjw.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\7xdkvgjw.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\7xdkvgjw.default\searchplugins\icq-search.xml
FF SearchPlugin: C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\7xdkvgjw.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\7xdkvgjw.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\7xdkvgjw.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\7xdkvgjw.default\Extensions\abs@avira.com [2014-05-02]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\7xdkvgjw.default\Extensions\ich@maltegoetz.de [2013-12-12]
FF Extension: YouTube Unblocker - C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\7xdkvgjw.default\Extensions\youtubeunblocker@unblocker.yt [2014-04-20]
FF Extension: No Name - C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\7xdkvgjw.default\Extensions\ciuvo-extension@icq.de.xpi [2011-10-14]
FF Extension: No Name - C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\7xdkvgjw.default\Extensions\toolbar@web.de.xpi [2012-01-30]
FF Extension: No Name - C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\7xdkvgjw.default\Extensions\{6679dcef-4fd7-4517-880e-39ffdaede143}.xpi [2013-10-30]
FF Extension: No Name - C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\7xdkvgjw.default\Extensions\{89d51b88-206d-4eb1-8b73-1d112b0e3034}.xpi [2013-11-06]
FF Extension: No Name - C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\7xdkvgjw.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]
FF Extension: No Name - C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\7xdkvgjw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-09-28]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-05-02]
Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "sync_promo"
CHR Extension: (Google Docs) - C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-03]
CHR Extension: (Google Drive) - C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-03]
CHR Extension: (YouTube) - C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-03]
CHR Extension: (Google-Suche) - C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-03]
CHR Extension: (Google Wallet) - C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-03]
CHR Extension: (Google Mail) - C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-03]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [125008 2014-04-30] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [110944 2011-11-23] (BlueStack Systems, Inc.)
R2 MSSQL$BWDATOOLSET; C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-08-27] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] ()
==================== Drivers (Whitelisted) ====================
R0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-08] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70496 2011-11-23] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-25] (DT Soft Ltd)
R1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [34704 2011-09-28] (Arainia Solutions LLC)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2012-12-20] (Duplex Secure Ltd.)
U3 afnew8nw; C:\Windows\System32\Drivers\afnew8nw.sys [0 ] (Advanced Micro Devices)
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-02 14:20 - 2014-05-02 14:20 - 00000000 ____D () C:\FRST
2014-05-02 14:16 - 2014-05-02 14:16 - 00028198 _____ () C:\Users\Unaton\Desktop\AVSCAN-20140502-131954-FFB32960.LOG
2014-05-02 14:15 - 2014-05-02 14:15 - 00005853 _____ () C:\Users\Unaton\Desktop\Anti Malware.txt
2014-05-02 13:34 - 2014-05-02 13:34 - 00000000 ____D () C:\Users\Unaton\AppData\Roaming\Avira
2014-05-02 13:33 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-02 13:33 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-02 13:33 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-05-02 13:30 - 2014-05-02 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-02 13:30 - 2014-05-02 13:33 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-02 13:30 - 2014-05-02 13:30 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-02 13:11 - 2014-05-02 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-02 13:10 - 2014-05-02 14:14 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-02 13:09 - 2014-05-02 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-02 13:09 - 2014-05-02 13:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-02 13:09 - 2014-05-02 13:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-02 13:09 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-02 13:09 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-02 13:09 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-02 12:18 - 2014-05-02 13:20 - 00000000 ____D () C:\AdwCleaner
2014-05-02 12:18 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-02 12:06 - 2014-05-02 12:57 - 00000998 _____ () C:\cleannavi.txt
2014-05-02 12:06 - 2014-05-02 12:57 - 00000000 ____D () C:\Navilog1
2014-05-02 12:06 - 2014-05-02 12:56 - 00000000 ____D () C:\Program Files (x86)\Navilog1
2014-05-01 21:31 - 2014-05-01 21:31 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-05-01 21:31 - 2014-05-01 21:31 - 00000000 ____D () C:\Windows\de
2014-05-01 21:16 - 2014-05-01 21:16 - 00020437 _____ () C:\Users\Unaton\Desktop\Goat Thrower GP5.mid
2014-05-01 13:35 - 2014-05-02 14:20 - 01044002 _____ () C:\Users\Unaton\AppData\Local\gvggph.gss
2014-05-01 13:35 - 2014-05-02 14:18 - 00018432 _____ () C:\Users\Unaton\AppData\Local\gvggph.gdb
2014-05-01 13:35 - 2014-05-01 13:35 - 02732032 _____ () C:\Users\Unaton\AppData\Local\gvggph.exe
2014-04-27 18:49 - 2014-05-02 13:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-23 13:46 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-23 13:46 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-23 13:46 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-23 13:46 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-23 13:46 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-23 13:46 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-23 13:46 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-23 13:46 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-23 13:46 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-23 13:46 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-23 13:46 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-23 13:46 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-23 13:46 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-23 13:46 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-23 13:46 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-23 13:46 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-23 13:46 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-23 13:46 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-23 13:46 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-23 13:46 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-23 13:46 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-23 13:46 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-23 13:46 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-23 13:46 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-23 13:46 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-23 13:46 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-23 13:46 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-23 13:46 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-23 13:46 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-23 13:46 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-23 13:46 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-23 13:46 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-23 13:46 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-23 13:46 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-23 13:46 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-23 13:46 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-23 13:46 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-23 13:46 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-23 13:46 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-23 13:46 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-23 13:46 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-23 13:46 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-23 13:46 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-23 13:46 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-23 13:46 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-23 13:46 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-23 13:46 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-23 13:46 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-18 14:25 - 2014-01-21 19:29 - 00000000 ____D () C:\Users\Unaton\Desktop\Serdar Somuncu
2014-04-12 17:46 - 2014-04-12 17:46 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-12 17:46 - 2014-04-12 17:46 - 00000000 ____D () C:\Users\Unaton\AppData\Local\Skype
2014-04-12 17:46 - 2014-04-12 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-10 21:57 - 2014-04-23 23:53 - 00000000 ____D () C:\Windows\rescache
2014-04-10 09:17 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 09:17 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 09:17 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 09:17 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 09:17 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 09:17 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 09:17 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 09:17 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 09:17 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 09:17 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 09:17 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 09:17 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 09:17 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 09:17 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 09:17 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 09:17 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 09:17 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-06 15:48 - 2014-04-06 15:47 - 00045257 _____ () C:\Users\Unaton\Desktop\statistikplugin.jar
==================== One Month Modified Files and Folders =======
2014-05-02 14:20 - 2014-05-02 14:20 - 00000000 ____D () C:\FRST
2014-05-02 14:20 - 2014-05-01 13:35 - 01044002 _____ () C:\Users\Unaton\AppData\Local\gvggph.gss
2014-05-02 14:18 - 2014-05-01 13:35 - 00018432 _____ () C:\Users\Unaton\AppData\Local\gvggph.gdb
2014-05-02 14:16 - 2014-05-02 14:16 - 00028198 _____ () C:\Users\Unaton\Desktop\AVSCAN-20140502-131954-FFB32960.LOG
2014-05-02 14:15 - 2014-05-02 14:15 - 00005853 _____ () C:\Users\Unaton\Desktop\Anti Malware.txt
2014-05-02 14:14 - 2014-05-02 13:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-02 14:04 - 2012-05-03 11:49 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-02 13:43 - 2011-09-27 17:10 - 02002452 _____ () C:\Windows\WindowsUpdate.log
2014-05-02 13:41 - 2013-03-08 18:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-02 13:34 - 2014-05-02 13:34 - 00000000 ____D () C:\Users\Unaton\AppData\Roaming\Avira
2014-05-02 13:33 - 2014-05-02 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-02 13:33 - 2014-05-02 13:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-02 13:33 - 2011-09-28 11:37 - 00000000 ____D () C:\ProgramData\Avira
2014-05-02 13:30 - 2014-05-02 13:30 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-02 13:30 - 2013-11-23 10:29 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-02 13:28 - 2009-07-14 06:45 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-02 13:28 - 2009-07-14 06:45 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-02 13:27 - 2009-07-14 19:58 - 00746754 _____ () C:\Windows\system32\perfh007.dat
2014-05-02 13:27 - 2009-07-14 19:58 - 00167888 _____ () C:\Windows\system32\perfc007.dat
2014-05-02 13:27 - 2009-07-14 07:13 - 01754680 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-02 13:25 - 2014-04-27 18:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-05-02 13:22 - 2012-05-02 16:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-02 13:21 - 2012-07-06 12:18 - 00000000 ___RD () C:\Users\Unaton\Dropbox
2014-05-02 13:21 - 2012-07-06 12:14 - 00000000 ____D () C:\Users\Unaton\AppData\Roaming\Dropbox
2014-05-02 13:21 - 2012-05-03 11:49 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-02 13:21 - 2012-04-02 13:02 - 00000000 ____D () C:\Users\Unaton\AppData\Local\Deployment
2014-05-02 13:21 - 2011-09-28 12:02 - 00310006 _____ () C:\Windows\PFRO.log
2014-05-02 13:21 - 2011-09-28 01:21 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-02 13:21 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-05-02 13:21 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-02 13:21 - 2009-07-14 06:51 - 00210023 _____ () C:\Windows\setupact.log
2014-05-02 13:20 - 2014-05-02 12:18 - 00000000 ____D () C:\AdwCleaner
2014-05-02 13:11 - 2014-05-02 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-02 13:09 - 2014-05-02 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-02 13:09 - 2014-05-02 13:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-02 13:09 - 2014-05-02 13:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-02 13:04 - 2014-01-10 18:40 - 00000000 ____D () C:\Users\Unaton\AppData\Roaming\Awesomium
2014-05-02 12:57 - 2014-05-02 12:06 - 00000998 _____ () C:\cleannavi.txt
2014-05-02 12:57 - 2014-05-02 12:06 - 00000000 ____D () C:\Navilog1
2014-05-02 12:56 - 2014-05-02 12:06 - 00000000 ____D () C:\Program Files (x86)\Navilog1
2014-05-02 12:17 - 2012-03-12 17:23 - 00000000 ____D () C:\Program Files (x86)\Image-Line
2014-05-02 12:17 - 2012-03-12 17:22 - 00000000 ____D () C:\Users\Unaton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-05-01 21:50 - 2011-10-10 16:29 - 00001456 _____ () C:\Users\Unaton\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2014-05-01 21:31 - 2014-05-01 21:31 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-05-01 21:31 - 2014-05-01 21:31 - 00000000 ____D () C:\Windows\de
2014-05-01 21:31 - 2013-11-29 16:51 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-05-01 21:31 - 2011-11-11 19:18 - 00414115 _____ () C:\Windows\DirectX.log
2014-05-01 21:16 - 2014-05-01 21:16 - 00020437 _____ () C:\Users\Unaton\Desktop\Goat Thrower GP5.mid
2014-05-01 13:35 - 2014-05-01 13:35 - 02732032 _____ () C:\Users\Unaton\AppData\Local\gvggph.exe
2014-04-30 20:00 - 2012-07-23 13:22 - 00000000 ____D () C:\Users\Unaton\AppData\Roaming\vlc
2014-04-30 15:41 - 2013-03-08 18:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-30 15:41 - 2013-03-08 18:20 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-30 15:41 - 2011-09-27 18:53 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-30 12:18 - 2011-09-27 17:09 - 00000000 ____D () C:\Users\Unaton
2014-04-27 22:42 - 2011-10-31 13:28 - 02138112 ___SH () C:\Users\Unaton\Thumbs.db
2014-04-23 23:53 - 2014-04-10 21:57 - 00000000 ____D () C:\Windows\rescache
2014-04-23 16:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-22 09:41 - 2013-12-08 20:23 - 00000000 ____D () C:\Users\Unaton\helden
2014-04-21 18:42 - 2011-09-29 19:52 - 00000000 ____D () C:\Users\Unaton\AppData\Roaming\TS3Client
2014-04-18 20:50 - 2011-10-11 17:56 - 00000000 ____D () C:\Users\Unaton\AppData\Roaming\Skype
2014-04-17 20:08 - 2009-07-14 06:45 - 04937712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-17 14:37 - 2013-11-29 16:50 - 00000000 ____D () C:\Users\Unaton\AppData\Local\Windows Live
2014-04-17 14:25 - 2011-09-28 01:21 - 00094056 _____ () C:\Users\Unaton\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 19:13 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-12 17:46 - 2014-04-12 17:46 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-12 17:46 - 2014-04-12 17:46 - 00000000 ____D () C:\Users\Unaton\AppData\Local\Skype
2014-04-12 17:46 - 2014-04-12 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-12 17:46 - 2011-09-28 22:45 - 00000000 ____D () C:\ProgramData\Skype
2014-04-11 08:56 - 2014-01-10 17:29 - 00009922 _____ () C:\Users\Unaton\Desktop\Disfigure the Pious Tabs.rar
2014-04-10 09:19 - 2013-08-15 01:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 09:19 - 2011-09-30 14:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-10 09:18 - 2011-09-28 17:07 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-06 15:47 - 2014-04-06 15:48 - 00045257 _____ () C:\Users\Unaton\Desktop\statistikplugin.jar
2014-04-04 15:29 - 2013-10-31 17:34 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-04-03 09:51 - 2014-05-02 13:09 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-05-02 13:09 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-05-02 13:09 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-4091059436-4059220182-3966356056-1000\$6625244b4e0dce17a510fa764a5a01e8
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$6625244b4e0dce17a510fa764a5a01e8
Some content of TEMP:
====================
C:\Users\Unaton\AppData\Local\Temp\aoe3-112-german.exe
C:\Users\Unaton\AppData\Local\Temp\AskSLib.dll
C:\Users\Unaton\AppData\Local\Temp\avgnt.exe
C:\Users\Unaton\AppData\Local\Temp\BFD Proto.dll
C:\Users\Unaton\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Unaton\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\Unaton\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Unaton\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Unaton\AppData\Local\Temp\L6GPInst.dll
C:\Users\Unaton\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Unaton\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Unaton\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Unaton\AppData\Local\Temp\nvStInst.exe
C:\Users\Unaton\AppData\Local\Temp\SpOrder.dll
C:\Users\Unaton\AppData\Local\Temp\standalonepatcher.exe
C:\Users\Unaton\AppData\Local\Temp\ubi2B5.tmp.exe
C:\Users\Unaton\AppData\Local\Temp\ubi5EF7.tmp.exe
C:\Users\Unaton\AppData\Local\Temp\ubi85EA.tmp.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
LastRegBack: 2014-04-29 13:40
==================== End Of Log ============================
--- --- ---
--- --- --- Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2014
Ran by Unaton at 2014-05-02 14:21:08
Running from D:\Eigene Dateien\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.01.34 - ASUSTeK Computer Inc.)
Anno 2070 (HKLM-x32\...\{435C32E1-96F0-4518-B051-A5403900C389}_is1) (Version: 1.01 - RAF)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.03 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed Revelations (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.00 - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
ATI Catalyst Install Manager (HKLM\...\{AB7F4312-8037-4EBF-9D0F-5513CDFD534C}) (Version: 3.0.812.0 - ATI Technologies, Inc.)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
Avira (HKLM-x32\...\{e932572a-a65f-40cb-bdb9-fde856c8b6f5}) (Version: 1.1.12.20001 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.12.20001 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
BlueStacks (alpha) (HKLM-x32\...\{A2B4973B-1ECD-45D0-B010-156DB8DFD201}) (Version: 0.6.2.0563 - BlueStack Systems, Inc.)
Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version: - )
Company of Heroes (HKLM-x32\...\{EAF636A9-F664-4703-A659-85A894DA264F}) (Version: 1.0.0.99 - THQ Inc.)
Creation Kit (HKLM-x32\...\Steam App 202480) (Version: - )
Crysis 3 (HKLM-x32\...\{B5EB0EC0-7AD1-4A8F-B672-8E9F7A2738E6}_is1) (Version: 1.0 - RAF)
Curse Client - 1 (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
Curse Client (HKCU\...\090215de958f1060) (Version: 4.0.1.260 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.33.2 - Electronic Arts)
Dragon Age Toolset (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.01 - Electronic Arts, Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
EZDrummer 64 bit (HKLM\...\{6CEFB8E2-2B47-49AB-B97E-AA1ACF6595E5}) (Version: 1.2.1.1 - Toontrack)
EZXDfh (HKLM-x32\...\{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}) (Version: 1.0 - Toontrack)
Fahrenheit (HKLM-x32\...\{BA10AC78-E687-4523-8B93-540428FC256F}) (Version: 1.1 - Ihr Firmenname)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.03 - Ubisoft)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free YouTube to MP3 Converter version 3.12.8.717 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.8.717 - DVDVideoSoft Ltd.)
FXpansion BFD2 (HKLM-x32\...\FXpansion BFD2) (Version: 2.3.0.36 - FXpansion Audio UK Ltd)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Genesis (HKCU\...\gvggph) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0011.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
ICQ Sparberater (HKLM-x32\...\{FE163F11-1919-4257-A280-FF5AF8DAEECB}) (Version: 1.2.662 - solute gmbh)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
License Support (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version: - Line 6)
Magic Set Editor 2.0.0 (HKLM-x32\...\Magic Set Editor 2_is1) (Version: - )
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (BWDATOOLSET) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Tools Express Edition (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 de)) (Version: 29.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NanoTools (HKLM-x32\...\{0933D69A-8995-41D7-A836-E148A8BDF734}_is1) (Version: 2.0.4 - NanoByte)
NVIDIA 3D Vision Controller Driver (x32 Version: 280.19 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
Papyrus Autor -- from R.O.M. logicware GmbH (HKLM-x32\...\Papyrus Autor) (Version: - R.O.M. logicware GmbH)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.7.24409 - Grinding Gear Games)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Pharao (HKLM-x32\...\Pharaoh) (Version: - )
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.11.3 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Soldat 1.6.6 (HKLM-x32\...\Soldat_is1) (Version: 1.6.6 - Michal Marcinkowski)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
STOIK Video Converter 2 (HKLM-x32\...\{A8DF8593-F619-47DE-AD27-BCABF233433A}) (Version: 2.1.0.0 - STOIK Imaging)
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
SupraSavings (x32 Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TES Construction Set (HKLM-x32\...\{58D68DF0-4E8B-4E9E-B425-670F9E37C1A8}) (Version: - )
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
The Witcher 2: Bonus Content (HKLM-x32\...\Steam App 20930) (Version: - )
Trillian (HKLM-x32\...\Trillian) (Version: - Cerulean Studios, LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VideoPad Video-Editor (HKLM-x32\...\VideoPad) (Version: 3.25 - NCH Software)
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ 64-bit Redistributables (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (x32 Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0AAD8FF4-2633-4D8A-93B5-CE77133EAA57} - \60f8b19e-300a-4164-a512-cce52df60a76-4 No Task File <==== ATTENTION
Task: {0C55C058-99A4-45F5-B768-C24AB81DAB88} - \60f8b19e-300a-4164-a512-cce52df60a76-3 No Task File <==== ATTENTION
Task: {0C95718E-EA14-4811-B9B3-ED8E2A6E9AA3} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: {3336B148-AF5C-4807-91F5-F59A47CFA663} - System32\Tasks\{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B} => C:\Program Files (x86)\Gizmo\gizmo.exe
Task: {407A7455-460F-4814-A5F1-992EA79C82C8} - \60f8b19e-300a-4164-a512-cce52df60a76-1 No Task File <==== ATTENTION
Task: {58CA7EBB-2F22-4036-B569-110FCDD81DE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-03] (Google Inc.)
Task: {5D85653D-A0BA-4451-A99C-4989BFD85285} - \60f8b19e-300a-4164-a512-cce52df60a76-5 No Task File <==== ATTENTION
Task: {8E914CE9-EE3C-468E-BD83-989647F7B9BD} - System32\Tasks\AdobeAAMUpdater-1.0-Unaton-PC-Unaton => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {94FE0339-45C6-4187-9E54-3DBEE58B2B73} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AB6B7EA9-542D-45C6-81F9-BF3EA6778B22} - System32\Tasks\{5B64C468-A8A4-47CD-9738-80793F9208D1} => D:\Protools\APTHD_10.3.2\iLok-LicenseSupportSetup\x64\LicenseSupportSetup.exe
Task: {B4BCBD43-C94E-4F6E-8046-D6352075E0FC} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {B61025E4-4690-4926-ADE4-482015C97A42} - System32\Tasks\{AEF86DF0-12D0-46BB-B33C-D74C73461BB0} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.115/de/abandoninstall?page=tsMain
Task: {BA94A038-2C4B-4EE0-A18E-217FF253C424} - \60f8b19e-300a-4164-a512-cce52df60a76-2 No Task File <==== ATTENTION
Task: {CDAFE06E-7E49-4034-85F8-2C49D1C92861} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-30] (Adobe Systems Incorporated)
Task: {CE1BC9D3-6B81-468C-BFC7-F3CBE8D9667E} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {F27A8742-7713-4025-82D7-7AC3CC9EF2AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-03] (Google Inc.)
Task: {FE49029D-71EF-41F6-B484-287BA334D917} - System32\Tasks\BlueStacks\LogRotator => C:\Program Files (x86)\BlueStacks\HD-LogRotator.exe [2011-11-23] (BlueStack Systems, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-11-03 11:30 - 2010-11-03 11:30 - 00918144 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
2010-12-02 04:15 - 2010-12-02 04:15 - 00915584 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2011-09-28 16:56 - 2010-10-21 11:52 - 00586880 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2013-06-25 14:12 - 2013-08-27 22:21 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-11-19 02:25 - 2014-02-08 19:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-03-30 08:32 - 2009-03-30 08:32 - 00032768 ____R () C:\Windows\DAODx.exe
2014-05-01 13:35 - 2014-05-01 13:35 - 02732032 _____ () C:\Users\Unaton\AppData\Local\gvggph.exe
2013-05-20 19:45 - 2013-05-20 19:45 - 00014848 ____N () C:\Users\Unaton\AppData\Local\Apps\2.0\LLOCZMY7.BL4\V6Q4QPAW.TW6\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.WowDb.dll
2013-05-20 19:45 - 2013-05-20 19:45 - 00035840 ____N () C:\Users\Unaton\AppData\Local\Apps\2.0\LLOCZMY7.BL4\V6Q4QPAW.TW6\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.Advertising.dll
2013-05-20 19:45 - 2013-05-20 19:45 - 00099840 ____N () C:\Users\Unaton\AppData\Local\Apps\2.0\LLOCZMY7.BL4\V6Q4QPAW.TW6\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.CMOD2.dll
2014-05-02 13:33 - 2014-02-25 11:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-09-28 16:55 - 2014-05-02 13:21 - 00031744 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll
2011-09-28 16:55 - 2010-06-29 04:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll
2014-04-30 11:38 - 2014-04-30 11:38 - 00138320 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-04-30 11:38 - 2014-04-30 11:38 - 00065616 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-01-08 08:52 - 2014-04-22 00:55 - 00340480 _____ () E:\Spiele\libavresample-1.dll
2014-04-24 08:20 - 2014-04-22 00:55 - 00471552 _____ () E:\Spiele\libavutil-53.dll
2013-03-12 18:10 - 2014-04-01 00:09 - 00754688 _____ () E:\Spiele\SDL2.dll
2011-11-11 18:44 - 2014-04-24 00:01 - 01092288 _____ () E:\Spiele\bin\chromehtml.DLL
2011-11-11 18:44 - 2014-03-03 21:15 - 20626624 _____ () E:\Spiele\bin\libcef.dll
2012-03-16 00:53 - 2013-06-15 01:49 - 01100800 _____ () E:\Spiele\bin\avcodec-53.dll
2012-03-16 00:53 - 2013-06-15 01:49 - 00124416 _____ () E:\Spiele\bin\avutil-51.dll
2012-03-16 00:53 - 2013-06-15 01:49 - 00192000 _____ () E:\Spiele\bin\avformat-53.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Unaton\AppData\Roaming\Dropbox\bin\libcef.dll
2014-05-02 13:34 - 2014-04-30 11:38 - 00049744 _____ () C:\Users\Unaton\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2011-09-28 16:57 - 2011-03-04 10:33 - 00053248 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2011-09-28 16:57 - 2009-05-21 10:14 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2011-09-28 16:56 - 2011-02-24 10:19 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2011-09-28 16:56 - 2010-06-21 15:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2011-09-28 16:56 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2011-09-28 16:56 - 2011-02-09 09:02 - 00873472 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2011-09-28 16:56 - 2011-03-09 14:55 - 01036800 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2011-09-28 16:56 - 2011-05-16 17:35 - 00965632 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2011-09-28 16:57 - 2011-03-11 19:53 - 01257472 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2011-09-28 16:57 - 2011-01-06 10:38 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2011-09-28 16:56 - 2011-05-20 09:12 - 00881152 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2011-09-28 16:56 - 2011-04-07 17:33 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2011-09-28 16:56 - 2011-01-07 16:39 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2011-09-28 16:56 - 2010-08-06 18:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2011-09-28 16:56 - 2010-08-06 18:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2011-09-28 16:55 - 2010-08-23 04:17 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll
2011-09-28 16:56 - 2010-06-21 15:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
2014-05-02 13:11 - 2014-05-02 13:11 - 03845232 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-30 15:41 - 2014-04-30 15:41 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
2014-04-27 18:49 - 2014-04-27 18:49 - 03008624 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-04-27 18:49 - 2014-04-27 18:49 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-04-27 18:49 - 2014-04-27 18:49 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Microsoft:56wZZVLOhou7RpJ0GsR2FBuukj
AlternateDataStreams: C:\ProgramData\Microsoft:9X6urwTJpPcKQ0OPSQqJwK2CD7X
AlternateDataStreams: C:\ProgramData\Microsoft:Hap1NBXmwngsvEGR
AlternateDataStreams: C:\ProgramData\Microsoft:IH2Ljy2wNEwcAVJ8epX8Dz2
AlternateDataStreams: C:\ProgramData\Microsoft:Y2aSBBJsvAjvi9F5tD6sODiiC
AlternateDataStreams: C:\Users\Unaton\AppData\Local:MY9NARg22RaWh6Pb
AlternateDataStreams: C:\Users\Unaton\AppData\Local:uFPrcvVgljpAoJz3xB
AlternateDataStreams: C:\Users\Unaton\AppData\Local\Anwendungsdaten:MY9NARg22RaWh6Pb
AlternateDataStreams: C:\Users\Unaton\AppData\Local\Anwendungsdaten:uFPrcvVgljpAoJz3xB
AlternateDataStreams: C:\Users\Unaton\AppData\Local\Temp:nFFTS3vRumyP6yS9Nu38G9
AlternateDataStreams: C:\Users\Unaton\AppData\Local\Temporary Internet Files:imhNiTiNKxlIkb6PlcBG1IOV
AlternateDataStreams: C:\Users\Unaton\AppData\Local\Temporary Internet Files:J66QXElNjWJXsQfGmLDn5c
AlternateDataStreams: C:\Users\Unaton\AppData\Local\Temporary Internet Files:wxH9OFHB2hPoAsOvuGy
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^Users^Unaton^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Trillian.lnk => C:\Windows\pss\Trillian.lnk.Startup
MSCONFIG\startupreg: RGSC => E:\Programme\Rockstar Games Social Club\RGSCLauncher.exe /silent
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/02/2014 02:07:38 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (05/02/2014 01:22:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: demo32.exe, Version: 8.0.100.1040, Zeitstempel: 0x41783a3f
Name des fehlerhaften Moduls: QuickTime.qts_unloaded, Version: 0.0.0.0, Zeitstempel: 0x50890e53
Ausnahmecode: 0xc0000005
Fehleroffset: 0x55f4cce9
ID des fehlerhaften Prozesses: 0x1428
Startzeit der fehlerhaften Anwendung: 0xdemo32.exe0
Pfad der fehlerhaften Anwendung: demo32.exe1
Pfad des fehlerhaften Moduls: demo32.exe2
Berichtskennung: demo32.exe3
Error: (05/02/2014 01:21:22 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (05/02/2014 01:02:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: demo32.exe, Version: 8.0.100.1040, Zeitstempel: 0x41783a3f
Name des fehlerhaften Moduls: QuickTime.qts_unloaded, Version: 0.0.0.0, Zeitstempel: 0x50890e53
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6625cce9
ID des fehlerhaften Prozesses: 0x1608
Startzeit der fehlerhaften Anwendung: 0xdemo32.exe0
Pfad der fehlerhaften Anwendung: demo32.exe1
Pfad des fehlerhaften Moduls: demo32.exe2
Berichtskennung: demo32.exe3
Error: (05/02/2014 00:58:38 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (05/02/2014 00:20:51 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: demo32.exe, Version: 8.0.100.1040, Zeitstempel: 0x41783a3f
Name des fehlerhaften Moduls: QuickTime.qts_unloaded, Version: 0.0.0.0, Zeitstempel: 0x50890e53
Ausnahmecode: 0xc0000005
Fehleroffset: 0x545fcce9
ID des fehlerhaften Prozesses: 0x142c
Startzeit der fehlerhaften Anwendung: 0xdemo32.exe0
Pfad der fehlerhaften Anwendung: demo32.exe1
Pfad des fehlerhaften Moduls: demo32.exe2
Berichtskennung: demo32.exe3
Error: (05/02/2014 00:20:13 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (05/02/2014 00:05:55 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: demo32.exe, Version: 8.0.100.1040, Zeitstempel: 0x41783a3f
Name des fehlerhaften Moduls: QuickTime.qts_unloaded, Version: 0.0.0.0, Zeitstempel: 0x50890e53
Ausnahmecode: 0xc0000005
Fehleroffset: 0x5cdecce9
ID des fehlerhaften Prozesses: 0xf40
Startzeit der fehlerhaften Anwendung: 0xdemo32.exe0
Pfad der fehlerhaften Anwendung: demo32.exe1
Pfad des fehlerhaften Moduls: demo32.exe2
Berichtskennung: demo32.exe3
Error: (05/02/2014 11:56:37 AM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (05/01/2014 01:41:15 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: demo32.exe, Version: 8.0.100.1040, Zeitstempel: 0x41783a3f
Name des fehlerhaften Moduls: QuickTime.qts_unloaded, Version: 0.0.0.0, Zeitstempel: 0x50890e53
Ausnahmecode: 0xc0000005
Fehleroffset: 0x54f3cce9
ID des fehlerhaften Prozesses: 0x192c
Startzeit der fehlerhaften Anwendung: 0xdemo32.exe0
Pfad der fehlerhaften Anwendung: demo32.exe1
Pfad des fehlerhaften Moduls: demo32.exe2
Berichtskennung: demo32.exe3
System errors:
=============
Error: (05/02/2014 01:23:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinDefend" wurde mit folgendem Fehler beendet:
%%5
Error: (05/02/2014 01:21:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (05/02/2014 01:00:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinDefend" wurde mit folgendem Fehler beendet:
%%5
Error: (05/02/2014 00:58:38 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (05/02/2014 00:22:33 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinDefend" wurde mit folgendem Fehler beendet:
%%5
Error: (05/02/2014 00:20:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (05/02/2014 11:58:58 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinDefend" wurde mit folgendem Fehler beendet:
%%5
Error: (05/02/2014 11:56:37 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (05/01/2014 01:42:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinDefend" wurde mit folgendem Fehler beendet:
%%5
Error: (05/01/2014 01:40:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 33%
Total physical RAM: 8154.46 MB
Available physical RAM: 5403.97 MB
Total Pagefile: 10749.92 MB
Available Pagefile: 7436.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:74.43 GB) (Free:3.7 GB) NTFS
Drive d: (Volume) (Fixed) (Total:465.75 GB) (Free:263.06 GB) NTFS
Drive e: (Volume) (Fixed) (Total:465.75 GB) (Free:113.72 GB) NTFS
Drive h: (DISK1) (CDROM) (Total:3.57 GB) (Free:0 GB) UDF
Drive i: (raf-cry3_b) (CDROM) (Total:3.09 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 75 GB) (Disk ID: 3046D2DF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 9B57CBC9)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Lesestoff:
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
