Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Download Protect 2.2.1 und 1.0 im Firefox lässt sich nicht entfernen und schmeisst andere Erweiterungen raus (https://www.trojaner-board.de/154336-download-protect-2-2-1-1-0-firefox-laesst-entfernen-schmeisst-andere-erweiterungen-raus.html)

Daigochiban 25.05.2014 15:00
Download Protect 2.2.1 und 1.0 im Firefox lässt sich nicht entfernen und schmeisst andere Erweiterungen raus
 
Hallo,
irgendwie habe ich mir wohl auch diesen lästigen DownloadProtect eingefangen... Seit einiger Zeit werden meine FireFox Erweiterungen NoScript, AdBlock und Brief immer wieder vom Rechner geschmissen und dafür habe ich dieses ominöse DownloadProtect 2.2.1 und 1.0 sowohl im FireFox als auch im Chrome drinnen. Da ich den Chrome sowieso nur für den Chromecast drauf hatte habe ich den Kurzerhand deinstalliert, würde es aber auch ganz gerne wieder nutzen.

Was ich bereits versucht habe:
Nach dieser Anleitung sämtliche FF Erweiterungen deinstalliert und nach *.xpi Datein im Explorer gesucht und gelöscht und die Registry einträge entfernt.
EDIT: Irgendwie kann ich keine Links setzten. Die Anleitung habe ich hier gefunden hxxp://www.camp-firefox.de/forum/viewtopic.php?p=909050#p909050

Auf die Weise bin ich zumindest die Version 1.0 von DownloadProtect losgeworden. Aber die Version 2.2.1 installiert sich immer wieder von geisterhand selbst.... Bitte helft mir!


Ach ja und außerdem hab ich noch AdwCleaner v3.210 laufen lassen, aber noch nichts gelöscht oder sonst was.

Vielen Dank schon mal im Vorraus an den Kompententen Helfer =)

Leider sind die LogFiles zu lang, weswegen ich sie als zip hochladen musste...

schrauber 25.05.2014 18:03
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Daigochiban 25.05.2014 18:17
Oh ok. Weil das Board sagte ich soll sie anhängen. Aber kalr was immer weiterhilft und eure Arbeit erleichtert =)

defogger
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:48 on 25/05/2014 (Admin)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-


FRST Logfile:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 01
Ran by Winni (ATTENTION: The logged in user is not administrator) on ABRAXAS on 25-05-2014 14:51:14
Running from C:\Users\Winni\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Spotify Ltd) C:\Users\Winni\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1742064 2014-03-31] (Bitdefender)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM\...\runonceex: [Flags] - 8
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-03-31] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-03-31] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-03-31] (Bitdefender)
HKU\S-1-5-21-1143599331-371919559-3494116047-1003\...\Run: [Spotify Web Helper] => C:\Users\Winni\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-1143599331-371919559-3494116047-1003\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-03-31] (Bitdefender)
HKU\S-1-5-21-1143599331-371919559-3494116047-1003\...\Run: [Google Update] => C:\Users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-05] (Google Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF8A89CDC7D05CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{C0163090-193E-4CA1-9498-4D4C049B3E7A}: [NameServer]192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default
FF NetworkProxy: "ftp", "109.207.61.178"
FF NetworkProxy: "ftp_port", 8090
FF NetworkProxy: "http", "109.207.61.178"
FF NetworkProxy: "http_port", 8090
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "109.207.61.178"
FF NetworkProxy: "socks_port", 8090
FF NetworkProxy: "ssl", "109.207.61.178"
FF NetworkProxy: "ssl_port", 8090
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Winni\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Winni\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\searchplugins\youtube.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ []
FF HKLM-x32\...\Firefox\Extensions: [{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}] - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi [2014-05-23]

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-11]
CHR Extension: (Google Drive) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-11]
CHR Extension: (YouTube) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-11]
CHR Extension: (Google Cast) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-05-11]
CHR Extension: (Bitdefender Wallet) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-05-11]
CHR Extension: (Google-Suche) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-11]
CHR Extension: (Google Wallet) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-11]
CHR Extension: (Google Mail) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-11]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-03-31]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [484592 2013-11-17] (BitRaider, LLC)
R4 DlProtectSvc; C:\Windows\System32\DlProtectSvc.exe [124928 2014-05-12] ()
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-09-26] (Freemake)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1523728 2014-03-31] (Bitdefender)
R2 WesFaultSecure; C:\Windows\system32\xljveinstall.exe [120832 2014-05-12] ()

==================== Drivers (Whitelisted) ====================

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2014-02-03] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2014-02-03] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-27] (BitDefender SRL)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-09-21] (BitRaider)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-27] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\Admin\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-25 14:51 - 2014-05-25 14:51 - 00014131 _____ () C:\Users\Winni\Downloads\FRST.txt
2014-05-25 14:51 - 2014-05-25 14:51 - 00000000 ____D () C:\FRST
2014-05-25 14:50 - 2014-05-25 14:50 - 02066944 _____ (Farbar) C:\Users\Winni\Downloads\FRST64.exe
2014-05-25 14:48 - 2014-05-25 14:48 - 00050477 _____ () C:\Users\Winni\Downloads\Defogger.exe
2014-05-25 14:48 - 2014-05-25 14:48 - 00000472 _____ () C:\Users\Winni\Downloads\defogger_disable.log
2014-05-25 14:24 - 2014-05-25 14:26 - 00000000 ____D () C:\AdwCleaner
2014-05-23 14:22 - 2014-05-23 14:22 - 00961360 _____ (Chip Digital GmbH) C:\Users\Winni\Downloads\AdwCleaner - CHIP-Downloader.exe
2014-05-23 13:33 - 2014-05-23 13:33 - 00000207 _____ () C:\Users\Winni\Desktop\Warhammer 40,000 Space Marine Demo.url
2014-05-22 19:04 - 2014-05-22 19:04 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-22 19:04 - 2014-05-22 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-22 19:03 - 2014-05-22 19:04 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-22 19:03 - 2014-05-22 19:04 - 00000000 ____D () C:\Program Files\iTunes
2014-05-22 19:03 - 2014-05-22 19:04 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-22 19:03 - 2014-05-22 19:03 - 00000000 ____D () C:\Program Files\iPod
2014-05-20 23:14 - 2014-05-20 23:14 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 23:14 - 2014-05-20 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-20 23:11 - 2014-05-20 23:11 - 00000332 _____ () C:\Windows\PFRO.log
2014-05-20 23:00 - 2014-05-20 23:01 - 28852416 _____ (Mozilla) C:\Users\Winni\Downloads\Firefox Setup 29.0.1.exe
2014-05-16 16:34 - 2014-05-16 16:34 - 00013804 _____ () C:\Users\Winni\Desktop\H620000.html
2014-05-16 16:04 - 2014-05-23 15:09 - 00000728 __RSH () C:\ProgramData\ntuser.pol
2014-05-15 16:25 - 2014-05-15 16:26 - 00000000 ____D () C:\Users\Winni\Desktop\BIlder
2014-05-15 15:50 - 2014-05-12 05:06 - 958174777 _____ () C:\Users\Winni\Downloads\Game.of.Thrones.S04E06.720p.HDTV.x264-DIMENSION.mkv
2014-05-15 15:45 - 2014-05-15 15:50 - 42578956 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part10.rar
2014-05-15 15:27 - 2014-05-15 15:40 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part09.rar
2014-05-15 15:14 - 2014-05-15 15:26 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part08.rar
2014-05-15 15:01 - 2014-05-15 15:13 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part07.rar
2014-05-15 14:51 - 2014-05-15 15:00 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part06.rar
2014-05-15 14:40 - 2014-05-15 14:49 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part05.rar
2014-05-15 14:31 - 2014-05-15 14:39 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part04.rar
2014-05-15 14:21 - 2014-05-15 14:29 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part03.rar
2014-05-15 14:12 - 2014-05-15 14:12 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-05-15 14:11 - 2014-05-15 14:20 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part02.rar
2014-05-15 14:01 - 2014-05-15 14:10 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part01.rar
2014-05-14 17:53 - 2014-05-06 02:46 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 17:53 - 2014-05-06 02:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 17:53 - 2014-05-06 02:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 17:53 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 17:53 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 17:53 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 17:40 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 17:40 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 17:40 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 17:40 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 17:40 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 17:40 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 17:40 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 17:40 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 17:40 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 17:40 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 17:40 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 17:40 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 17:40 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 17:40 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 17:40 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 17:40 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 17:40 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 17:40 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 17:40 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 17:40 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 15:24 - 2014-05-13 15:24 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Lavasoft
2014-05-13 14:42 - 2014-05-13 14:42 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-13 00:09 - 2014-05-13 00:14 - 188100210 _____ () C:\Users\Winni\Downloads\ulisses-2014-05-12_05-09pm.zip
2014-05-12 21:58 - 2014-05-12 22:08 - 00000000 ____D () C:\Users\Admin\AppData\Local\ManyCam
2014-05-12 21:57 - 2014-05-12 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2014-05-12 21:55 - 2014-05-12 21:57 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-05-12 21:25 - 2014-05-12 21:25 - 00124928 _____ () C:\Windows\system32\DlProtectSvc.exe
2014-05-12 21:25 - 2014-05-12 21:25 - 00120832 _____ () C:\Windows\system32\xljveinstall.exe
2014-05-12 21:24 - 2014-05-13 15:29 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-05-12 21:24 - 2014-05-12 21:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\globalUpdate
2014-05-12 00:45 - 2014-05-12 00:45 - 02165929 _____ () C:\Users\Winni\Downloads\pathfinder.zip
2014-05-12 00:20 - 2014-05-12 00:21 - 00000000 ____D () C:\Program Files (x86)\Fantasy Grounds
2014-05-11 16:23 - 2014-05-11 19:06 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-05-11 16:23 - 2014-05-11 16:35 - 00000000 ____D () C:\Users\Winni\AppData\Local\Plex Media Server
2014-05-11 16:21 - 2014-05-11 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-05-11 16:21 - 2014-05-11 16:21 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-05-11 00:59 - 2014-05-20 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 17:50 - 2014-05-05 06:40 - 1345560050 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e05.720p.hdtv.x264-killers.mkv
2014-05-09 16:48 - 2014-05-20 23:13 - 00000000 ____D () C:\Users\Winni\Downloads\RPG
2014-05-09 00:10 - 2014-04-28 07:33 - 1347531464 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e04.720p.hdtv.x264-killers.mkv
2014-05-08 15:54 - 2014-05-25 14:04 - 00003740 _____ () C:\Windows\setupact.log
2014-05-08 15:54 - 2014-05-08 15:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-07 15:11 - 2014-05-15 16:30 - 00000000 ____D () C:\Users\Winni\Desktop\tmp
2014-05-07 15:06 - 2014-02-10 10:33 - 118399400 _____ () C:\Users\Winni\Downloads\Game.of.Thrones-Ice.and.Fire.A.Foreshadowing.HDTV.XviD-AFG.avi
2014-05-06 00:35 - 2014-05-06 00:43 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\HandBrake
2014-05-06 00:32 - 2014-05-06 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2014-05-05 22:39 - 2014-05-05 22:39 - 00001205 _____ () C:\Users\Winni\Desktop\Chromecast.lnk
2014-05-05 22:39 - 2014-05-05 22:39 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-05-05 22:38 - 2014-05-25 14:43 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003UA.job
2014-05-05 22:38 - 2014-05-22 22:43 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003Core.job
2014-05-05 22:38 - 2014-05-05 22:41 - 00000000 ____D () C:\Users\Winni\AppData\Local\Google
2014-05-05 21:36 - 2014-04-21 05:18 - 1344397720 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e03.720p.hdtv.x264-killers.mkv
2014-05-05 00:22 - 2014-04-14 04:40 - 1269763329 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e02.720p.hdtv.x264-2hd.mkv
2014-05-03 14:31 - 2014-04-07 06:19 - 1579446858 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e01.720p.hdtv.x264-killers.mkv
2014-04-28 22:47 - 2014-04-28 22:55 - 00000000 ____D () C:\Users\Winni\Documents\NetBeansProjects
2014-04-28 22:15 - 2014-04-28 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2014-04-28 22:13 - 2014-04-28 22:17 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-04-28 22:13 - 2014-04-28 22:12 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-28 22:12 - 2014-04-28 22:12 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-28 22:12 - 2014-04-28 22:12 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-28 22:12 - 2014-04-28 22:12 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-28 22:12 - 2014-04-28 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-04-28 22:11 - 2014-04-28 22:12 - 00000000 ____D () C:\Program Files\Java
2014-04-28 21:48 - 2014-04-28 21:48 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\.neurophstudio
2014-04-26 01:52 - 2014-04-26 01:52 - 00000879 _____ () C:\Users\Public\Desktop\NeurophStudio.lnk
2014-04-26 01:46 - 2014-04-26 01:48 - 92077729 _____ () C:\Users\Winni\Downloads\neurophstudio-windows-2.85.exe
2014-04-26 01:42 - 2014-04-26 01:42 - 02654732 _____ () C:\Users\Winni\Downloads\neuroph-2.8.zip
2014-04-26 01:38 - 2014-04-26 01:38 - 00000000 ____D () C:\Users\Winni\Documents\Processing
2014-04-26 01:38 - 2014-04-26 01:38 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Processing
2014-04-25 23:27 - 2014-04-25 23:29 - 114769586 _____ () C:\Users\Winni\Downloads\processing-2.1.2-windows64.zip
2014-04-25 00:57 - 2014-04-25 00:57 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Notepad++

==================== One Month Modified Files and Folders =======

2014-05-25 14:51 - 2014-05-25 14:51 - 00014131 _____ () C:\Users\Winni\Downloads\FRST.txt
2014-05-25 14:51 - 2014-05-25 14:51 - 00000000 ____D () C:\FRST
2014-05-25 14:50 - 2014-05-25 14:50 - 02066944 _____ (Farbar) C:\Users\Winni\Downloads\FRST64.exe
2014-05-25 14:48 - 2014-05-25 14:48 - 00050477 _____ () C:\Users\Winni\Downloads\Defogger.exe
2014-05-25 14:48 - 2014-05-25 14:48 - 00000472 _____ () C:\Users\Winni\Downloads\defogger_disable.log
2014-05-25 14:48 - 2012-10-21 19:48 - 00000000 ____D () C:\Users\Admin
2014-05-25 14:43 - 2014-05-05 22:38 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003UA.job
2014-05-25 14:35 - 2009-07-14 06:45 - 00020304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-25 14:35 - 2009-07-14 06:45 - 00020304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-25 14:26 - 2014-05-25 14:24 - 00000000 ____D () C:\AdwCleaner
2014-05-25 14:18 - 2012-11-21 20:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-25 14:11 - 2012-10-21 19:42 - 01668133 _____ () C:\Windows\WindowsUpdate.log
2014-05-25 14:08 - 2013-07-03 00:12 - 00000000 ____D () C:\Users\Winni\AppData\Local\Battle.net
2014-05-25 14:08 - 2011-04-12 09:43 - 00699654 _____ () C:\Windows\system32\perfh007.dat
2014-05-25 14:08 - 2011-04-12 09:43 - 00149794 _____ () C:\Windows\system32\perfc007.dat
2014-05-25 14:08 - 2009-07-14 07:13 - 01621612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-25 14:07 - 2013-07-03 00:12 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-05-25 14:04 - 2014-05-08 15:54 - 00003740 _____ () C:\Windows\setupact.log
2014-05-25 14:04 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-23 17:41 - 2012-10-25 21:20 - 00000000 ____D () C:\Users\Winni\Bewerbungen
2014-05-23 16:56 - 2012-10-21 21:05 - 00000000 ____D () C:\Users\Winni\AppData\Local\VirtualStore
2014-05-23 15:58 - 2012-10-22 23:05 - 00000388 _____ () C:\Windows\Tasks\update-S-1-5-21-1143599331-371919559-3494116047-1003.job
2014-05-23 15:25 - 2012-10-22 23:05 - 00000388 _____ () C:\Windows\Tasks\update-sys.job
2014-05-23 15:09 - 2014-05-16 16:04 - 00000728 __RSH () C:\ProgramData\ntuser.pol
2014-05-23 14:39 - 2012-10-31 22:39 - 00000432 _____ () C:\Windows\BRWMARK.INI
2014-05-23 14:22 - 2014-05-23 14:22 - 00961360 _____ (Chip Digital GmbH) C:\Users\Winni\Downloads\AdwCleaner - CHIP-Downloader.exe
2014-05-23 13:33 - 2014-05-23 13:33 - 00000207 _____ () C:\Users\Winni\Desktop\Warhammer 40,000 Space Marine Demo.url
2014-05-22 22:43 - 2014-05-05 22:38 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003Core.job
2014-05-22 19:04 - 2014-05-22 19:04 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-22 19:04 - 2014-05-22 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-22 19:04 - 2014-05-22 19:03 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-22 19:04 - 2014-05-22 19:03 - 00000000 ____D () C:\Program Files\iTunes
2014-05-22 19:04 - 2014-05-22 19:03 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-22 19:03 - 2014-05-22 19:03 - 00000000 ____D () C:\Program Files\iPod
2014-05-22 16:40 - 2013-09-05 16:11 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-05-22 14:55 - 2012-10-20 18:41 - 00000000 ____D () C:\Games
2014-05-20 23:14 - 2014-05-20 23:14 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 23:14 - 2014-05-20 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-20 23:14 - 2014-05-11 00:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-20 23:13 - 2014-05-09 16:48 - 00000000 ____D () C:\Users\Winni\Downloads\RPG
2014-05-20 23:11 - 2014-05-20 23:11 - 00000332 _____ () C:\Windows\PFRO.log
2014-05-20 23:01 - 2014-05-20 23:00 - 28852416 _____ (Mozilla) C:\Users\Winni\Downloads\Firefox Setup 29.0.1.exe
2014-05-20 22:39 - 2013-04-28 15:04 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Spotify
2014-05-20 12:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-19 00:41 - 2012-10-26 00:37 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\vlc
2014-05-16 16:59 - 2013-04-28 15:11 - 00000000 ____D () C:\Users\Winni\AppData\Local\Spotify
2014-05-16 16:54 - 2012-10-25 20:59 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-05-16 16:34 - 2014-05-16 16:34 - 00013804 _____ () C:\Users\Winni\Desktop\H620000.html
2014-05-16 16:04 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-15 16:30 - 2014-05-07 15:11 - 00000000 ____D () C:\Users\Winni\Desktop\tmp
2014-05-15 16:26 - 2014-05-15 16:25 - 00000000 ____D () C:\Users\Winni\Desktop\BIlder
2014-05-15 15:50 - 2014-05-15 15:45 - 42578956 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part10.rar
2014-05-15 15:40 - 2014-05-15 15:27 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part09.rar
2014-05-15 15:26 - 2014-05-15 15:14 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part08.rar
2014-05-15 15:13 - 2014-05-15 15:01 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part07.rar
2014-05-15 15:00 - 2014-05-15 14:51 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part06.rar
2014-05-15 14:49 - 2014-05-15 14:40 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part05.rar
2014-05-15 14:39 - 2014-05-15 14:31 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part04.rar
2014-05-15 14:29 - 2014-05-15 14:21 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part03.rar
2014-05-15 14:20 - 2014-05-15 14:11 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part02.rar
2014-05-15 14:12 - 2014-05-15 14:12 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-05-15 14:10 - 2014-05-15 14:01 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part01.rar
2014-05-15 13:44 - 2012-10-28 00:24 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-05-15 12:52 - 2012-10-31 22:46 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-15 12:43 - 2012-10-21 21:05 - 00000000 ___RD () C:\Users\Winni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 12:43 - 2012-10-21 21:05 - 00000000 ___RD () C:\Users\Winni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 19:20 - 2014-04-24 15:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 19:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-14 17:52 - 2013-07-10 18:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 17:52 - 2012-11-25 16:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 17:46 - 2012-10-21 20:48 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 22:18 - 2012-10-22 21:13 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 22:18 - 2012-10-22 21:13 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 15:29 - 2014-05-12 21:24 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-05-13 15:24 - 2014-05-13 15:24 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Lavasoft
2014-05-13 15:20 - 2012-10-21 21:04 - 00000000 ____D () C:\Users\Winni
2014-05-13 15:11 - 2013-02-17 20:15 - 00000000 ____D () C:\Users\Winni\AppData\Local\Unity
2014-05-13 14:42 - 2014-05-13 14:42 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-13 00:44 - 2014-01-10 00:46 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-05-13 00:14 - 2014-05-13 00:09 - 188100210 _____ () C:\Users\Winni\Downloads\ulisses-2014-05-12_05-09pm.zip
2014-05-12 23:51 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-12 22:08 - 2014-05-12 21:58 - 00000000 ____D () C:\Users\Admin\AppData\Local\ManyCam
2014-05-12 21:57 - 2014-05-12 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2014-05-12 21:57 - 2014-05-12 21:55 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-05-12 21:25 - 2014-05-12 21:25 - 00124928 _____ () C:\Windows\system32\DlProtectSvc.exe
2014-05-12 21:25 - 2014-05-12 21:25 - 00120832 _____ () C:\Windows\system32\xljveinstall.exe
2014-05-12 21:24 - 2014-05-12 21:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\globalUpdate
2014-05-12 05:06 - 2014-05-15 15:50 - 958174777 _____ () C:\Users\Winni\Downloads\Game.of.Thrones.S04E06.720p.HDTV.x264-DIMENSION.mkv
2014-05-12 00:45 - 2014-05-12 00:45 - 02165929 _____ () C:\Users\Winni\Downloads\pathfinder.zip
2014-05-12 00:21 - 2014-05-12 00:20 - 00000000 ____D () C:\Program Files (x86)\Fantasy Grounds
2014-05-11 19:06 - 2014-05-11 16:23 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-05-11 16:35 - 2014-05-11 16:23 - 00000000 ____D () C:\Users\Winni\AppData\Local\Plex Media Server
2014-05-11 16:28 - 2013-10-20 19:57 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-05-11 16:23 - 2012-10-21 23:14 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Apple Computer
2014-05-11 16:23 - 2012-10-21 23:14 - 00000000 ____D () C:\Users\Winni\AppData\Local\Apple Computer
2014-05-11 16:21 - 2014-05-11 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-05-11 16:21 - 2014-05-11 16:21 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-05-11 16:21 - 2013-09-07 21:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-11 15:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-09 08:14 - 2014-05-14 17:40 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 17:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 15:54 - 2014-05-08 15:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-07 14:20 - 2013-05-24 15:00 - 00000000 ____D () C:\Windows\Minidump
2014-05-07 14:20 - 2012-10-21 20:39 - 00000000 ____D () C:\Windows\Panther
2014-05-07 14:04 - 2013-01-26 19:42 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-07 14:04 - 2013-01-26 19:42 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-06 02:46 - 2014-05-14 17:53 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 02:21 - 2014-05-14 17:53 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 02:21 - 2014-05-14 17:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 01:32 - 2014-05-14 17:53 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 01:14 - 2014-05-14 17:53 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 01:14 - 2014-05-14 17:53 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 00:43 - 2014-05-06 00:35 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\HandBrake
2014-05-06 00:32 - 2014-05-06 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2014-05-05 22:41 - 2014-05-05 22:38 - 00000000 ____D () C:\Users\Winni\AppData\Local\Google
2014-05-05 22:39 - 2014-05-05 22:39 - 00001205 _____ () C:\Users\Winni\Desktop\Chromecast.lnk
2014-05-05 22:39 - 2014-05-05 22:39 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-05-05 06:40 - 2014-05-09 17:50 - 1345560050 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e05.720p.hdtv.x264-killers.mkv
2014-05-04 23:18 - 2013-03-30 22:47 - 00000000 ____D () C:\Users\Winni\Desktop\Neuer Ordner
2014-05-03 17:11 - 2013-05-22 17:45 - 00000000 ____D () C:\Users\Winni\Steuer
2014-04-28 22:55 - 2014-04-28 22:47 - 00000000 ____D () C:\Users\Winni\Documents\NetBeansProjects
2014-04-28 22:17 - 2014-04-28 22:13 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-04-28 22:15 - 2014-04-28 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2014-04-28 22:12 - 2014-04-28 22:13 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-28 22:12 - 2014-04-28 22:12 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-28 22:12 - 2014-04-28 22:12 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-28 22:12 - 2014-04-28 22:12 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-28 22:12 - 2014-04-28 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-04-28 22:12 - 2014-04-28 22:11 - 00000000 ____D () C:\Program Files\Java
2014-04-28 22:12 - 2014-04-19 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-28 21:48 - 2014-04-28 21:48 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\.neurophstudio
2014-04-28 07:33 - 2014-05-09 00:10 - 1347531464 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e04.720p.hdtv.x264-killers.mkv
2014-04-27 20:35 - 2013-05-22 15:37 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-04-26 01:52 - 2014-04-26 01:52 - 00000879 _____ () C:\Users\Public\Desktop\NeurophStudio.lnk
2014-04-26 01:48 - 2014-04-26 01:46 - 92077729 _____ () C:\Users\Winni\Downloads\neurophstudio-windows-2.85.exe
2014-04-26 01:42 - 2014-04-26 01:42 - 02654732 _____ () C:\Users\Winni\Downloads\neuroph-2.8.zip
2014-04-26 01:38 - 2014-04-26 01:38 - 00000000 ____D () C:\Users\Winni\Documents\Processing
2014-04-26 01:38 - 2014-04-26 01:38 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Processing
2014-04-25 23:29 - 2014-04-25 23:27 - 114769586 _____ () C:\Users\Winni\Downloads\processing-2.1.2-windows64.zip
2014-04-25 01:13 - 2014-04-18 22:47 - 00000000 ____D () C:\Users\Winni\Desktop\Neuer Ordner (2)
2014-04-25 00:57 - 2014-04-25 00:57 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Notepad++

Files to move or delete:
====================
C:\Users\Winni\Broodwar.bat


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
--- --- ---



additional.txt

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 01
Ran by Winni at 2014-05-25 14:52:05
Running from C:\Users\Winni\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.30424 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{25107779-C295-EB3E-3C92-AC1B45680012}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80424.1301 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.0.5-r2 - Arduino LLC)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitdefender Antivirus Plus (HKLM\...\Bitdefender) (Version: 17.20.0.883 - Bitdefender)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.8.1 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0424.1225.20315 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.316.0 - Google Inc.)
Compiled Driver Disk (Nokia) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-705480811205}_is1) (Version: 1.0.3.0 - COMPELSON Labs)
Core Temp 1.0 RC5 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Ihr Firmenname)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
Dungeon Keeper Gold (HKLM-x32\...\GOGPACKDUNGEONKEEPER_is1) (Version: 2.0.0.4 - GOG.com)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
EndNote X5 (HKLM-x32\...\{86B3F2D6-AC2B-0015-8AE1-F2F77F781B0C}) (Version: 15.0.0.5478 - Thomson Reuters)
Firefall (HKLM-x32\...\{CFEF8DB5-B45E-4b05-90BE-D02AA6F45354}) (Version:  - Red 5 Studios)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Freemake Video Converter Version 4.0.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.4 - Ellora Assets Corporation)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version:  - )
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
ManyCam 4.0.77 (HKLM-x32\...\ManyCam) (Version: 4.0.77 - Visicom Media Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.52 (HKLM-x32\...\Mp3tag) (Version: v2.52 - Florian Heidenreich)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
NeurophStudio (HKLM-x32\...\nbi-neurophstudio-1.0.0.0.0) (Version:  - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF24 Creator 6.0.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Personal ID (HKLM-x32\...\{F722209B-739E-40E4-ADB1-062BD032A0DB}) (Version: 1.8.5 - coolspot AG)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap)
Plex Media Server (HKLM-x32\...\{e9921c42-812d-4b39-9c02-612724349e82}) (Version: 0.9.907 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.907 - Plex, Inc.) Hidden
R.U.S.E (HKLM-x32\...\Steam App 21970) (Version:  - Ubisoft)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 2.0.1.60 - Steppschuh)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization V SDK (HKLM-x32\...\Steam App 16830) (Version:  - Firaxis Games)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SolForge (HKLM-x32\...\Steam App 232450) (Version:  - Stone Blade Entertainment)
SoundWire Server version 1.7.3 (HKLM-x32\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 1.7.3 - GeorgieLabs)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.12 - Bioware/EA)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
Star Wars: The Force Unleashed II (HKLM-x32\...\Steam App 32500) (Version:  - Lucas Arts)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Warhammer 40,000: Space Marine Demo (HKLM-x32\...\Steam App 55410) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version:  - Relic)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003Core.job => C:\Users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003UA.job => C:\Users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-1143599331-371919559-3494116047-1003.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => ?

==================== Loaded Modules (whitelisted) =============

2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-10-25 16:06 - 2013-06-19 12:45 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2013-04-24 12:20 - 2013-04-24 12:20 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Winni\Downloads\AdwCleaner - CHIP-Downloader.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\Defogger.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\Firefox Setup 29.0.1.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\neurophstudio-windows-2.85.exe:BDU

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: DlProtectSvc => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Bitdefender-Geldbörse => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
MSCONFIG\startupreg: Bitdefender-Geldbörse-Agent => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
MSCONFIG\startupreg: Bitdefender-Geldbörse-Anwendungs-Agent => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: Plex Media Server => "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/25/2014 02:05:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/23/2014 03:09:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/23/2014 02:55:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/23/2014 01:06:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2014 02:32:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/21/2014 06:26:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/21/2014 10:11:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/20/2014 11:13:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/20/2014 02:43:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13478

Error: (05/20/2014 02:43:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13478


System errors:
=============
Error: (05/25/2014 02:05:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/23/2014 03:08:51 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/23/2014 02:55:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/23/2014 01:23:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/23/2014 01:23:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (05/23/2014 01:06:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/22/2014 02:54:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Remotezugriff-PPPOE-Treiber Desktop AGP" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/22/2014 02:32:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/21/2014 06:26:13 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/21/2014 06:25:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-10-21 15:57:05.114
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.114
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.098
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-20 20:36:48.223
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-20 20:36:48.223
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-20 20:36:48.208
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-20 20:36:48.208
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 33%
Total physical RAM: 8191.12 MB
Available physical RAM: 5423.5 MB
Total Pagefile: 16380.41 MB
Available Pagefile: 13455.06 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:387.54 GB) (Free:36.42 GB) NTFS
Drive d: (Music) (Fixed) (Total:78.12 GB) (Free:37.85 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
AdwCleaner v3.210

Code:
# AdwCleaner v3.210 - Bericht erstellt am 25/05/2014 um 15:45:25
# Aktualisiert 19/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Admin - ABRAXAS
# Gestartet von : C:\Users\Admin\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\f8b34e3b5e6e337aa6491ee3f713f8f5\adwcleaner_3.210.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gefunden : C:\Program Files (x86)\globalUpdate
Ordner Gefunden : C:\ProgramData\apn
Ordner Gefunden : C:\Users\Admin\AppData\Local\globalUpdate
Ordner Gefunden : C:\Users\Admin\AppData\Local\Temp\OCS

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gefunden : HKLM\Software\InstallIQ
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16545


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mk1wz4pq.default\prefs.js ]


[ Datei : C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\prefs.js ]

Zeile gefunden : user_pref("extensions.crossrider.bic", "145f1f0d12fd66f2c7d63508dc0152b4");

*************************

AdwCleaner[R0].txt - [2545 octets] - [25/05/2014 14:24:59]
AdwCleaner[R1].txt - [2455 octets] - [25/05/2014 15:45:25]

########## EOF - \AdwCleaner\AdwCleaner[R1].txt - [2515 octets] ##########
Der Log von Gmer ist leider alleine zu lang um ihn hier einzufügen.... ich hab es mal auf meiner Dropbox hochgeladen. Vielleicht hilft das ja? https://dl.dropboxusercontent.com/u/36386496/Gmer.txt

schrauber 26.05.2014 12:41
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Daigochiban 26.05.2014 22:17
So hier der Log vom ComboFix.
Code:
ComboFix 14-05-26.02 - Admin 26.05.2014  20:35:06.1.2 - x64
Microsoft Windows 7 Professional  6.1.7601.1.1252.49.1031.18.8191.6478 [GMT 2:00]
ausgeführt von:: c:\users\Winni\Desktop\ComboFix.exe
AV: Bitdefender Antivirus *Disabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
SP: Bitdefender Spyware-Schutz *Disabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1382709695.bdinstall.bin
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-04-26 bis 2014-05-26  ))))))))))))))))))))))))))))))
.
.
2014-05-26 18:41 . 2014-05-26 18:41        --------        d-----w-        c:\users\hedev\AppData\Local\temp
2014-05-26 18:41 . 2014-05-26 18:41        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-05-26 18:41 . 2014-05-26 18:41        --------        d-----w-        c:\users\Admin\AppData\Local\temp
2014-05-25 17:37 . 2014-05-25 17:37        --------        d-----w-        c:\users\Winni\AppData\Local\THQ
2014-05-25 12:51 . 2014-05-25 12:52        --------        d-----w-        C:\FRST
2014-05-25 12:24 . 2014-05-25 13:45        --------        d-----w-        C:\AdwCleaner
2014-05-22 17:03 . 2014-05-22 17:03        --------        d-----w-        c:\program files\iPod
2014-05-22 17:03 . 2014-05-22 17:04        --------        d-----w-        c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-22 17:03 . 2014-05-22 17:04        --------        d-----w-        c:\program files\iTunes
2014-05-22 17:03 . 2014-05-22 17:04        --------        d-----w-        c:\program files (x86)\iTunes
2014-05-20 21:14 . 2014-05-20 21:14        --------        d-----w-        c:\program files (x86)\Mozilla Maintenance Service
2014-05-15 12:12 . 2014-05-15 12:12        389240        ----a-w-        c:\windows\system32\drivers\trufos.sys
2014-05-14 15:53 . 2014-05-06 00:21        2382848        ----a-w-        c:\windows\system32\mshtml.tlb
2014-05-14 15:53 . 2014-05-05 23:14        2382848        ----a-w-        c:\windows\SysWow64\mshtml.tlb
2014-05-14 15:53 . 2014-05-06 00:46        17847808        ----a-w-        c:\windows\system32\mshtml.dll
2014-05-14 15:53 . 2014-05-06 00:21        96768        ----a-w-        c:\windows\system32\mshtmled.dll
2014-05-13 13:24 . 2014-05-13 13:24        --------        d-----w-        c:\users\Winni\AppData\Roaming\Lavasoft
2014-05-13 13:02 . 2014-05-13 13:02        --------        d-----w-        c:\users\Admin\AppData\Roaming\LavasoftStatistics
2014-05-13 12:42 . 2014-05-13 12:42        --------        d-----w-        c:\programdata\Lavasoft
2014-05-12 19:58 . 2014-05-12 20:08        --------        d-----w-        c:\users\Admin\AppData\Local\ManyCam
2014-05-12 19:55 . 2014-05-12 19:55        --------        d-----w-        c:\users\Admin\AppData\Roaming\ManyCam
2014-05-12 19:55 . 2014-05-12 19:57        --------        d-----w-        c:\program files (x86)\ManyCam
2014-05-12 19:26 . 2014-05-12 19:26        --------        d-----w-        c:\users\Admin\AppData\Roaming\dlg
2014-05-12 19:25 . 2014-05-12 19:25        120832        ----a-w-        c:\windows\system32\xljveinstall.exe
2014-05-12 19:25 . 2014-05-12 19:25        124928        ----a-w-        c:\windows\system32\DlProtectSvc.exe
2014-05-12 19:24 . 2014-05-13 13:29        --------        d-----w-        c:\program files (x86)\globalUpdate
2014-05-12 19:24 . 2014-05-12 19:24        --------        d-----w-        c:\users\Admin\AppData\Local\globalUpdate
2014-05-11 22:20 . 2014-05-11 22:22        --------        d-----w-        c:\users\Admin\AppData\Roaming\Fantasy Grounds
2014-05-11 22:20 . 2014-05-11 22:21        --------        d-----w-        c:\program files (x86)\Fantasy Grounds
2014-05-11 14:23 . 2014-05-11 17:06        --------        d-----w-        c:\programdata\boost_interprocess
2014-05-11 14:23 . 2014-05-11 14:35        --------        d-----w-        c:\users\Winni\AppData\Local\Plex Media Server
2014-05-11 14:21 . 2014-05-11 14:21        --------        d-----w-        c:\program files (x86)\Plex
2014-05-05 22:35 . 2014-05-05 22:43        --------        d-----w-        c:\users\Winni\AppData\Roaming\HandBrake
2014-05-05 20:38 . 2014-05-05 20:41        --------        d-----w-        c:\users\Winni\AppData\Local\Google
2014-04-28 20:13 . 2014-04-28 20:17        --------        d-----w-        c:\program files\NetBeans 8.0
2014-04-28 20:13 . 2014-04-28 20:13        --------        d-----w-        c:\program files (x86)\Common Files\Java
2014-04-28 20:13 . 2014-04-28 20:12        313256        ----a-w-        c:\windows\system32\javaws.exe
2014-04-28 20:12 . 2014-04-28 20:12        191400        ----a-w-        c:\windows\system32\javaw.exe
2014-04-28 20:12 . 2014-04-28 20:12        190888        ----a-w-        c:\windows\system32\java.exe
2014-04-28 20:12 . 2014-04-28 20:12        111016        ----a-w-        c:\windows\system32\WindowsAccessBridge-64.dll
2014-04-28 20:11 . 2014-04-28 20:12        --------        d-----w-        c:\program files\Java
2014-04-28 20:11 . 2014-04-28 20:47        --------        d-----w-        c:\users\Admin\.nbi
2014-04-28 19:48 . 2014-04-28 19:48        --------        d-----w-        c:\users\Winni\AppData\Roaming\.neurophstudio
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-14 15:46 . 2012-10-21 18:48        93223848        ----a-w-        c:\windows\system32\MRT.exe
2014-05-13 20:18 . 2012-10-22 19:13        70832        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-13 20:18 . 2012-10-22 19:13        692400        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-14 18:13 . 2014-04-19 19:00        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-03-31 20:46 . 2014-03-31 20:46        130712        ----a-w-        c:\windows\SysWow64\MSSTDFMT.DLL
2014-03-31 20:46 . 2014-03-31 20:46        1070232        ----a-w-        c:\windows\SysWow64\MSCOMCTL.OCX
2014-03-08 04:06 . 2014-04-08 20:14        10926592        ----a-w-        c:\windows\system32\ieframe.dll
2014-03-08 03:49 . 2014-04-08 20:14        2334720        ----a-w-        c:\windows\system32\jscript9.dll
2014-03-08 03:41 . 2014-04-08 20:14        1347072        ----a-w-        c:\windows\system32\urlmon.dll
2014-03-08 03:40 . 2014-04-08 20:14        1392128        ----a-w-        c:\windows\system32\wininet.dll
2014-03-08 03:39 . 2014-04-08 20:14        1494528        ----a-w-        c:\windows\system32\inetcpl.cpl
2014-03-08 03:38 . 2014-04-08 20:14        237056        ----a-w-        c:\windows\system32\url.dll
2014-03-08 03:37 . 2014-04-08 20:14        85504        ----a-w-        c:\windows\system32\jsproxy.dll
2014-03-08 03:34 . 2014-04-08 20:14        173056        ----a-w-        c:\windows\system32\ieUnatt.exe
2014-03-08 03:34 . 2014-04-08 20:14        816640        ----a-w-        c:\windows\system32\jscript.dll
2014-03-08 03:33 . 2014-04-08 20:14        599040        ----a-w-        c:\windows\system32\vbscript.dll
2014-03-08 03:32 . 2014-04-08 20:14        729088        ----a-w-        c:\windows\system32\msfeeds.dll
2014-03-08 03:32 . 2014-04-08 20:14        2147840        ----a-w-        c:\windows\system32\iertutil.dll
2014-03-08 03:24 . 2014-04-08 20:14        248320        ----a-w-        c:\windows\system32\ieui.dll
2014-03-07 23:12 . 2014-04-08 20:14        1806848        ----a-w-        c:\windows\SysWow64\jscript9.dll
2014-03-07 23:02 . 2014-04-08 20:14        1427968        ----a-w-        c:\windows\SysWow64\inetcpl.cpl
2014-03-07 23:02 . 2014-04-08 20:14        1129472        ----a-w-        c:\windows\SysWow64\wininet.dll
2014-03-07 22:57 . 2014-04-08 20:14        142848        ----a-w-        c:\windows\SysWow64\ieUnatt.exe
2014-03-07 22:56 . 2014-04-08 20:14        421376        ----a-w-        c:\windows\SysWow64\vbscript.dll
2014-03-04 09:44 . 2014-04-08 20:12        362496        ----a-w-        c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-08 20:12        243712        ----a-w-        c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-08 20:12        13312        ----a-w-        c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-04-08 20:12        16384        ----a-w-        c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-08 20:12        1163264        ----a-w-        c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-04-08 20:12        14336        ----a-w-        c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-08 20:12        44032        ----a-w-        c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-08 20:12        25600        ----a-w-        c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-08 20:12        5120        ----a-w-        c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-08 20:12        7680        ----a-w-        c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-08 20:12        2048        ----a-w-        c:\windows\SysWow64\user.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-12 43848]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-04-24 642304]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-03-17 224128]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-05-15 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender-Geldbörse-Agent"="c:\program files\Bitdefender\Bitdefender\pmbxag.exe" [2014-03-31 567888]
"Bitdefender-Geldbörse"="c:\program files\Bitdefender\Bitdefender\pwdmanui.exe" [2014-03-31 1001536]
"Bitdefender-Geldbörse-Anwendungs-Agent"="c:\program files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [2014-03-31 614232]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ALSysIO;ALSysIO;c:\users\Admin\AppData\Local\Temp\ALSysIO64.sys;c:\users\Admin\AppData\Local\Temp\ALSysIO64.sys [x]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrxusb.sys;c:\windows\SYSNATIVE\DRIVERS\athrxusb.sys [x]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys;c:\windows\SYSNATIVE\drivers\bdsandbox.sys [x]
R3 BRDriver64;BRDriver64;c:\programdata\BitRaider\BRDriver64.sys;c:\programdata\BitRaider\BRDriver64.sys [x]
R3 BRSptSvc;BitRaider Mini-Support Service;c:\programdata\BitRaider\BRSptSvc.exe;c:\programdata\BitRaider\BRSptSvc.exe [x]
R3 BthAvrcp;Bluetooth-AVRCP-Profil;c:\windows\system32\DRIVERS\BthAvrcp.sys;c:\windows\SYSNATIVE\DRIVERS\BthAvrcp.sys [x]
R3 csr_a2dp;Bluetooth-AV-Profil;c:\windows\system32\drivers\bthav.sys;c:\windows\SYSNATIVE\drivers\bthav.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R4 DlProtectSvc;Download Protect Service;c:\windows\System32\DlProtectSvc.exe;c:\windows\SYSNATIVE\DlProtectSvc.exe [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender\updatesrv.exe;c:\program files\Bitdefender\Bitdefender\updatesrv.exe [x]
S2 WesFaultSecure;Remotezugriff-PPPOE-Treiber Desktop AGP;c:\windows\system32\xljveinstall.exe;c:\windows\SYSNATIVE\xljveinstall.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-22 20:18]
.
2014-05-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003Core.job
- c:\users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-05 20:38]
.
2014-05-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003UA.job
- c:\users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-05 20:38]
.
2014-05-25 c:\windows\Tasks\update-S-1-5-21-1143599331-371919559-3494116047-1003.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2012-10-22 11:37]
.
2014-05-25 c:\windows\Tasks\update-sys.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2012-10-22 11:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bdagent"="c:\program files\Bitdefender\Bitdefender\bdagent.exe" [2014-03-31 1742064]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: Interfaces\{C0163090-193E-4CA1-9498-4D4C049B3E7A}: NameServer = 192.168.2.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mk1wz4pq.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1143599331-371919559-3494116047-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1143599331-371919559-3494116047-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-1143599331-371919559-3494116047-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B3D9E068-DE3E-E628-5947-78929B5C6C7B}*]
"hajncfacooeedfoh"=hex:6b,61,66,63,6e,6a,70,62,63,62,6e,6f,62,69,64,67,69,6b,
  61,68,67,66,00,c0
"gacifmeamonjbh"=hex:61,63,63,6c,68,70,69,6c,6a,68,62,62,6d,64,6c,6b,6c,65,6c,
  69,62,69,62,63,62,61,61,63,70,68,6c,69,6e,63,65,69,64,67,70,67,66,61,64,6a,\
.
[HKEY_USERS\S-1-5-21-1143599331-371919559-3494116047-1001\Software\SecuROM\License information*]
"datasecu"=hex:2d,70,90,02,79,97,3a,74,b2,68,48,af,ec,12,b1,02,fb,ae,c1,26,83,
  78,b1,2e,80,d4,57,6d,d8,29,23,02,c9,ec,ed,95,9c,08,11,bf,93,27,bf,4e,66,74,\
"rkeysecu"=hex:ee,52,0d,19,6e,70,16,0d,a0,f1,8f,f6,30,a2,9a,b6
.
[HKEY_USERS\S-1-5-21-1143599331-371919559-3494116047-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B3D9E068-DE3E-E628-5947-78929B5C6C7B}*]
"hajncfacooeedfoh"=hex:6b,61,66,63,6e,6a,70,62,63,62,6e,6f,62,69,64,67,69,6b,
  61,68,67,66,00,c0
"gacifmeamonjbh"=hex:61,63,6f,63,6b,63,6c,64,62,6a,70,61,65,6f,69,67,6f,6e,70,
  6e,64,6d,65,66,65,69,69,66,67,6f,69,66,6c,6d,70,62,66,6b,66,67,68,69,66,67,\
"ialimabkbfocbioonm"=hex:6b,61,66,63,6e,6a,70,62,63,62,6e,6f,62,69,64,67,69,6b,
  61,68,67,66,00,c0
.
[HKEY_USERS\S-1-5-21-1143599331-371919559-3494116047-1003\Software\SecuROM\License information*]
"datasecu"=hex:47,15,b4,d6,7b,2e,fe,27,35,49,67,49,41,2e,68,31,2b,59,08,b5,b6,
  8c,fe,e3,4f,9b,20,44,7c,92,66,31,50,86,3c,01,1e,bf,cb,1e,60,96,6d,83,a1,29,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_USERS\S-1-5-21-1143599331-371919559-3494116047-1003_Classes\CLSID]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-1143599331-371919559-3494116047-1003_Classes\CLSID\{699A646B-C61E-4C36-A253-620E4EBD294C}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-1143599331-371919559-3494116047-1003_Classes\CLSID\{97D17A04-4438-4C8E-BAC7-BC21B8B9E999}]
@DACL=(02 0000)
@="GPUStatusReader.GPUMonitor"
.
[HKEY_USERS\S-1-5-21-1143599331-371919559-3494116047-1003_Classes\CLSID\{d0f19d12-f0c9-434b-a9a8-35a6c5cd0530}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"AppId"="CurseClient.application, Culture=neutral, PublicKeyToken=9e9e83ddf3ed3ead, processorArchitecture=msil"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-1143599331-371919559-3494116047-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-1143599331-371919559-3494116047-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}]
@Class="REG_SZ"
@DACL=(02 0000)
@="PSFactoryBuffer"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-05-26  20:44:58
ComboFix-quarantined-files.txt  2014-05-26 18:44
.
Vor Suchlauf: 17 Verzeichnis(se), 38.102.671.360 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 37.972.160.512 Bytes frei
.
- - End Of File - - 0B01DB512AFA0A4CC3CA2A9587FC2FB4
A36C5E4F47E84449FF07ED3517B43A31
Mir ist grad beim ausschalten von Bitdefender aufgefallen, dass dieser am 22.5. einen und am 12.5 eine ganze Reihe Funde hatte. Allerdings hat es mich gar nicht darüber informiert....:wtf:
Leider kann ich keine Logdatei von Bitdefender finden sonst würd ich die ja auch posten :(

Und noch etwas hab ich gerade bemerkt: Wenn ich mich als Administrator einlogge, ist DownloadProtect in der Programm und Funktionen Liste von Windows zu finden. Soll ich das dort deinstallieren?

schrauber 27.05.2014 18:24
Ja deinstalliere ihn.


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Daigochiban 27.05.2014 20:15
Ok. Hab es deinstalliert, hat aber - wie zu erwarten - zumindest nichts offensichtliches bewirkt.

Malwarebytes Anti-Malware
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 27.05.2014
Suchlauf-Zeit: 19:58:18
Logdatei: MWB.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.05.27.08
Rootkit Datenbank: v2014.05.21.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Admin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 331267
Verstrichene Zeit: 10 Min, 21 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 3
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WOW6432NODE\InstallIQ, In Quarantäne, [75efd680c2b92a0c3df73072da2825db],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1143599331-371919559-3494116047-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\19979, In Quarantäne, [2c38c59144371c1a870fdcbfd032857b],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-1143599331-371919559-3494116047-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\PlusSHDD, In Quarantäne, [74f0cb8b4f2c85b1ad91613a5fa35ca4],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 1
PUP.Optional.CrossRider.A, C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "145f1f0d12fd66f2c7d63508dc0152b4");), Ersetzt,[d490d086c2b969cd1f84820414f01de3]

Physische Sektoren: 0
(No malicious items detected)


(end)
AdwCleaner
Code:
# AdwCleaner v3.211 - Bericht erstellt am 27/05/2014 um 20:16:03
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Admin - ABRAXAS
# Gestartet von : C:\Users\Winni\Desktop\adwcleaner_3.211.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\Skillbrains
Ordner Gelöscht : C:\Users\Admin\AppData\Local\globalUpdate
Datei Gelöscht : C:\Windows\Tasks\update-sys.job
Datei Gelöscht : C:\Windows\System32\Tasks\update-sys

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software
Schlüssel Gelöscht : HKLM\Software\SkillBrains
Schlüssel Gelöscht : HKLM\Software\Software

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16545


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mk1wz4pq.default\prefs.js ]


[ Datei : C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [2545 octets] - [25/05/2014 14:24:59]
AdwCleaner[R1].txt - [2605 octets] - [25/05/2014 15:45:25]
AdwCleaner[R2].txt - [2685 octets] - [27/05/2014 20:14:44]
AdwCleaner[S0].txt - [2488 octets] - [27/05/2014 20:16:03]

########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [2548 octets] ##########
Da ich beim ersten mal vergessen habe den Browser zu schliessen habe ich AdwCleaner ein zweites mal ausgeführt.

Code:
# AdwCleaner v3.211 - Bericht erstellt am 27/05/2014 um 20:27:39
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Admin - ABRAXAS
# Gestartet von : C:\Users\Winni\Desktop\adwcleaner_3.211.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16545


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mk1wz4pq.default\prefs.js ]


[ Datei : C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.crossrider.bic", "145f1f0d12fd66f2c7d63508dc0152b4");

*************************

AdwCleaner[R0].txt - [2545 octets] - [25/05/2014 14:24:59]
AdwCleaner[R1].txt - [2605 octets] - [25/05/2014 15:45:25]
AdwCleaner[R2].txt - [2685 octets] - [27/05/2014 20:14:44]
AdwCleaner[R3].txt - [1242 octets] - [27/05/2014 20:26:37]
AdwCleaner[S0].txt - [2634 octets] - [27/05/2014 20:16:03]
AdwCleaner[S1].txt - [1165 octets] - [27/05/2014 20:27:39]

########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [1225 octets] ##########
Junkware Removal Tool

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Admin on 27.05.2014 at 20:30:44,22
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.05.2014 at 20:37:04,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 01
Ran by Winni (ATTENTION: The logged in user is not administrator) on ABRAXAS on 27-05-2014 20:46:00
Running from C:\Users\Winni\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Spotify Ltd) C:\Users\Winni\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1743088 2014-05-27] (Bitdefender)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-05-27] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-27] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-05-27] (Bitdefender)
HKU\S-1-5-21-1143599331-371919559-3494116047-1003\...\Run: [Spotify Web Helper] => C:\Users\Winni\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-1143599331-371919559-3494116047-1003\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-27] (Bitdefender)
HKU\S-1-5-21-1143599331-371919559-3494116047-1003\...\Run: [Google Update] => C:\Users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-05] (Google Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF8A89CDC7D05CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{C0163090-193E-4CA1-9498-4D4C049B3E7A}: [NameServer]192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default
FF NetworkProxy: "ftp", "109.207.61.178"
FF NetworkProxy: "ftp_port", 8090
FF NetworkProxy: "http", "109.207.61.178"
FF NetworkProxy: "http_port", 8090
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "109.207.61.178"
FF NetworkProxy: "socks_port", 8090
FF NetworkProxy: "ssl", "109.207.61.178"
FF NetworkProxy: "ssl_port", 8090
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Winni\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Winni\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\searchplugins\youtube.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ []
FF HKLM-x32\...\Firefox\Extensions: [{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}] - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi [2014-05-23]

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-11]
CHR Extension: (Google Drive) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-11]
CHR Extension: (YouTube) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-11]
CHR Extension: (Google Cast) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-05-11]
CHR Extension: (Bitdefender Wallet) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-05-11]
CHR Extension: (Google-Suche) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-11]
CHR Extension: (Google Wallet) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-11]
CHR Extension: (Google Mail) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-11]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-03-31]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [484592 2013-11-17] (BitRaider, LLC)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-09-26] (Freemake)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1526800 2014-05-27] (Bitdefender)

==================== Drivers (Whitelisted) ====================

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2014-02-03] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2014-02-03] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-27] (BitDefender SRL)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-09-21] (BitRaider)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-27] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\Admin\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-27 20:37 - 2014-05-27 20:37 - 00000829 _____ () C:\Users\Winni\Downloads\JRT.txt
2014-05-27 20:30 - 2014-05-27 20:30 - 00000000 ____D () C:\Windows\ERUNT
2014-05-27 20:25 - 2014-05-27 20:25 - 01016261 _____ (Thisisu) C:\Users\Winni\Desktop\JRT.exe
2014-05-27 20:12 - 2014-05-27 20:12 - 01327971 _____ () C:\Users\Winni\Desktop\adwcleaner_3.211.exe
2014-05-27 20:10 - 2014-05-27 20:10 - 00001892 _____ () C:\Users\Admin\Downloads\MWB.txt
2014-05-27 19:56 - 2014-05-27 19:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-27 19:55 - 2014-05-27 19:55 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-27 19:55 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-27 19:55 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-27 19:55 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-27 19:53 - 2014-05-27 19:54 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Winni\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-27 19:45 - 2014-05-27 19:45 - 00000385 _____ () C:\Users\Admin\AppData\Roaminguser_gensett.xml
2014-05-27 16:30 - 2014-05-27 16:30 - 00000207 _____ () C:\Users\Winni\Desktop\Warhammer 40,000 Space Marine.url
2014-05-26 20:44 - 2014-05-26 20:44 - 00023782 _____ () C:\ComboFix.txt
2014-05-26 20:32 - 2014-05-26 20:45 - 00000000 ____D () C:\Qoobox
2014-05-26 20:32 - 2014-05-26 20:43 - 00000000 ____D () C:\Windows\erdnt
2014-05-26 20:32 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-26 20:32 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-26 20:32 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-26 20:32 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-26 20:32 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-26 20:32 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-26 20:32 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-26 20:32 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-26 20:26 - 2014-05-26 20:27 - 05200919 ____R (Swearware) C:\Users\Winni\Desktop\ComboFix.exe
2014-05-25 19:37 - 2014-05-25 19:37 - 00000000 ____D () C:\Users\Winni\AppData\Local\THQ
2014-05-25 15:54 - 2014-05-25 15:54 - 00049825 _____ () C:\Users\Winni\Downloads\LogFiles.zip
2014-05-25 15:53 - 2014-05-25 15:53 - 00002605 _____ () C:\Users\Winni\Downloads\AdwCleaner[R1].txt
2014-05-25 15:52 - 2014-05-25 15:52 - 00002605 _____ () C:\Users\Admin\Downloads\AdwCleaner[R1].txt
2014-05-25 15:19 - 2014-05-25 15:19 - 00749519 _____ () C:\Users\Winni\Downloads\Gmer.txt
2014-05-25 15:06 - 2014-05-25 15:06 - 00380416 _____ () C:\Users\Winni\Downloads\Gmer-19357.exe
2014-05-25 14:52 - 2014-05-25 14:52 - 00035181 _____ () C:\Users\Winni\Downloads\Addition.txt
2014-05-25 14:51 - 2014-05-27 20:46 - 00014174 _____ () C:\Users\Winni\Downloads\FRST.txt
2014-05-25 14:51 - 2014-05-27 20:46 - 00000000 ____D () C:\FRST
2014-05-25 14:50 - 2014-05-25 14:50 - 02066944 _____ (Farbar) C:\Users\Winni\Downloads\FRST64.exe
2014-05-25 14:48 - 2014-05-25 14:48 - 00050477 _____ () C:\Users\Winni\Downloads\Defogger.exe
2014-05-25 14:48 - 2014-05-25 14:48 - 00000472 _____ () C:\Users\Winni\Downloads\defogger_disable.log
2014-05-25 14:48 - 2014-05-25 14:48 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2014-05-25 14:24 - 2014-05-27 20:27 - 00000000 ____D () C:\AdwCleaner
2014-05-22 19:04 - 2014-05-22 19:04 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-22 19:04 - 2014-05-22 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-22 19:03 - 2014-05-22 19:04 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-22 19:03 - 2014-05-22 19:04 - 00000000 ____D () C:\Program Files\iTunes
2014-05-22 19:03 - 2014-05-22 19:04 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-22 19:03 - 2014-05-22 19:03 - 00000000 ____D () C:\Program Files\iPod
2014-05-20 23:14 - 2014-05-20 23:14 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 23:14 - 2014-05-20 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-20 23:11 - 2014-05-27 20:28 - 00001816 _____ () C:\Windows\PFRO.log
2014-05-20 23:00 - 2014-05-20 23:01 - 28852416 _____ (Mozilla) C:\Users\Winni\Downloads\Firefox Setup 29.0.1.exe
2014-05-16 16:34 - 2014-05-16 16:34 - 00013804 _____ () C:\Users\Winni\Desktop\H620000.html
2014-05-16 16:04 - 2014-05-23 15:09 - 00000728 __RSH () C:\ProgramData\ntuser.pol
2014-05-15 16:25 - 2014-05-15 16:26 - 00000000 ____D () C:\Users\Winni\Desktop\BIlder
2014-05-15 15:50 - 2014-05-12 05:06 - 958174777 _____ () C:\Users\Winni\Downloads\Game.of.Thrones.S04E06.720p.HDTV.x264-DIMENSION.mkv
2014-05-15 15:45 - 2014-05-15 15:50 - 42578956 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part10.rar
2014-05-15 15:27 - 2014-05-15 15:40 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part09.rar
2014-05-15 15:14 - 2014-05-15 15:26 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part08.rar
2014-05-15 15:01 - 2014-05-15 15:13 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part07.rar
2014-05-15 14:51 - 2014-05-15 15:00 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part06.rar
2014-05-15 14:40 - 2014-05-15 14:49 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part05.rar
2014-05-15 14:31 - 2014-05-15 14:39 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part04.rar
2014-05-15 14:21 - 2014-05-15 14:29 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part03.rar
2014-05-15 14:12 - 2014-05-15 14:12 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-05-15 14:11 - 2014-05-15 14:20 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part02.rar
2014-05-15 14:01 - 2014-05-15 14:10 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part01.rar
2014-05-14 17:53 - 2014-05-06 02:46 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 17:53 - 2014-05-06 02:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 17:53 - 2014-05-06 02:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 17:53 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 17:53 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 17:53 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 17:40 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 17:40 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 17:40 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 17:40 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 17:40 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 17:40 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 17:40 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 17:40 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 17:40 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 17:40 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 17:40 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 17:40 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 17:40 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 17:40 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 17:40 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 17:40 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 17:40 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 17:40 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 17:40 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 17:40 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 15:24 - 2014-05-13 15:24 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Lavasoft
2014-05-13 15:02 - 2014-05-13 15:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\LavasoftStatistics
2014-05-13 14:42 - 2014-05-13 14:42 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-13 00:09 - 2014-05-13 00:14 - 188100210 _____ () C:\Users\Winni\Downloads\ulisses-2014-05-12_05-09pm.zip
2014-05-12 21:58 - 2014-05-12 22:08 - 00000000 ____D () C:\Users\Admin\AppData\Local\ManyCam
2014-05-12 21:57 - 2014-05-12 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2014-05-12 21:55 - 2014-05-12 21:57 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-05-12 21:55 - 2014-05-12 21:55 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ManyCam
2014-05-12 21:26 - 2014-05-12 21:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\dlg
2014-05-12 21:25 - 2014-05-12 21:25 - 00120832 _____ () C:\Windows\system32\xljveinstall.exe
2014-05-12 00:45 - 2014-05-12 00:45 - 02165929 _____ () C:\Users\Winni\Downloads\pathfinder.zip
2014-05-12 00:22 - 2014-05-12 00:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Fantasy Grounds
2014-05-12 00:20 - 2014-05-12 00:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Fantasy Grounds
2014-05-12 00:20 - 2014-05-12 00:21 - 00000000 ____D () C:\Program Files (x86)\Fantasy Grounds
2014-05-11 16:23 - 2014-05-11 16:35 - 00000000 ____D () C:\Users\Winni\AppData\Local\Plex Media Server
2014-05-11 16:21 - 2014-05-11 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-05-11 16:21 - 2014-05-11 16:21 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-05-11 00:59 - 2014-05-20 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 17:50 - 2014-05-05 06:40 - 1345560050 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e05.720p.hdtv.x264-killers.mkv
2014-05-09 16:48 - 2014-05-20 23:13 - 00000000 ____D () C:\Users\Winni\Downloads\RPG
2014-05-09 00:10 - 2014-04-28 07:33 - 1347531464 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e04.720p.hdtv.x264-killers.mkv
2014-05-08 15:54 - 2014-05-27 20:39 - 00004300 _____ () C:\Windows\setupact.log
2014-05-08 15:54 - 2014-05-08 15:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-07 15:11 - 2014-05-15 16:30 - 00000000 ____D () C:\Users\Winni\Desktop\tmp
2014-05-07 15:06 - 2014-02-10 10:33 - 118399400 _____ () C:\Users\Winni\Downloads\Game.of.Thrones-Ice.and.Fire.A.Foreshadowing.HDTV.XviD-AFG.avi
2014-05-06 00:35 - 2014-05-06 00:43 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\HandBrake
2014-05-06 00:32 - 2014-05-06 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2014-05-05 22:39 - 2014-05-05 22:39 - 00001205 _____ () C:\Users\Winni\Desktop\Chromecast.lnk
2014-05-05 22:39 - 2014-05-05 22:39 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-05-05 22:38 - 2014-05-27 20:43 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003UA.job
2014-05-05 22:38 - 2014-05-26 22:43 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003Core.job
2014-05-05 22:38 - 2014-05-05 22:41 - 00000000 ____D () C:\Users\Winni\AppData\Local\Google
2014-05-05 21:36 - 2014-04-21 05:18 - 1344397720 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e03.720p.hdtv.x264-killers.mkv
2014-05-05 00:22 - 2014-04-14 04:40 - 1269763329 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e02.720p.hdtv.x264-2hd.mkv
2014-05-03 14:31 - 2014-04-07 06:19 - 1579446858 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e01.720p.hdtv.x264-killers.mkv
2014-04-28 22:47 - 2014-04-28 22:55 - 00000000 ____D () C:\Users\Winni\Documents\NetBeansProjects
2014-04-28 22:15 - 2014-04-28 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2014-04-28 22:13 - 2014-04-28 22:17 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-04-28 22:13 - 2014-04-28 22:12 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-28 22:12 - 2014-04-28 22:12 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-28 22:12 - 2014-04-28 22:12 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-28 22:12 - 2014-04-28 22:12 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-28 22:12 - 2014-04-28 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-04-28 22:11 - 2014-04-28 22:47 - 00000000 ____D () C:\Users\Admin\.nbi
2014-04-28 22:11 - 2014-04-28 22:12 - 00000000 ____D () C:\Program Files\Java
2014-04-28 21:48 - 2014-04-28 21:48 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\.neurophstudio

==================== One Month Modified Files and Folders =======

2014-05-27 20:46 - 2014-05-25 14:51 - 00014174 _____ () C:\Users\Winni\Downloads\FRST.txt
2014-05-27 20:46 - 2014-05-25 14:51 - 00000000 ____D () C:\FRST
2014-05-27 20:44 - 2011-04-12 09:43 - 00699654 _____ () C:\Windows\system32\perfh007.dat
2014-05-27 20:44 - 2011-04-12 09:43 - 00149794 _____ () C:\Windows\system32\perfc007.dat
2014-05-27 20:44 - 2009-07-14 07:13 - 01621612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-27 20:43 - 2014-05-05 22:38 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003UA.job
2014-05-27 20:43 - 2012-10-21 19:42 - 01794366 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 20:39 - 2014-05-08 15:54 - 00004300 _____ () C:\Windows\setupact.log
2014-05-27 20:39 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 20:37 - 2014-05-27 20:37 - 00000829 _____ () C:\Users\Winni\Downloads\JRT.txt
2014-05-27 20:36 - 2009-07-14 06:45 - 00020304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-27 20:36 - 2009-07-14 06:45 - 00020304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-27 20:30 - 2014-05-27 20:30 - 00000000 ____D () C:\Windows\ERUNT
2014-05-27 20:28 - 2014-05-20 23:11 - 00001816 _____ () C:\Windows\PFRO.log
2014-05-27 20:27 - 2014-05-25 14:24 - 00000000 ____D () C:\AdwCleaner
2014-05-27 20:25 - 2014-05-27 20:25 - 01016261 _____ (Thisisu) C:\Users\Winni\Desktop\JRT.exe
2014-05-27 20:18 - 2012-11-21 20:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-27 20:12 - 2014-05-27 20:12 - 01327971 _____ () C:\Users\Winni\Desktop\adwcleaner_3.211.exe
2014-05-27 20:10 - 2014-05-27 20:10 - 00001892 _____ () C:\Users\Admin\Downloads\MWB.txt
2014-05-27 19:58 - 2012-10-22 23:05 - 00000388 _____ () C:\Windows\Tasks\update-S-1-5-21-1143599331-371919559-3494116047-1003.job
2014-05-27 19:57 - 2014-05-27 19:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-27 19:55 - 2014-05-27 19:55 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-27 19:54 - 2014-05-27 19:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Winni\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-27 19:45 - 2014-05-27 19:45 - 00000385 _____ () C:\Users\Admin\AppData\Roaminguser_gensett.xml
2014-05-27 18:54 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-27 18:17 - 2013-07-03 00:12 - 00000000 ____D () C:\Users\Winni\AppData\Local\Battle.net
2014-05-27 18:04 - 2013-04-28 15:04 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Spotify
2014-05-27 16:30 - 2014-05-27 16:30 - 00000207 _____ () C:\Users\Winni\Desktop\Warhammer 40,000 Space Marine.url
2014-05-26 22:43 - 2014-05-05 22:38 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003Core.job
2014-05-26 20:45 - 2014-05-26 20:32 - 00000000 ____D () C:\Qoobox
2014-05-26 20:45 - 2012-10-21 19:48 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-26 20:45 - 2012-10-21 19:48 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-26 20:45 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-26 20:44 - 2014-05-26 20:44 - 00023782 _____ () C:\ComboFix.txt
2014-05-26 20:43 - 2014-05-26 20:32 - 00000000 ____D () C:\Windows\erdnt
2014-05-26 20:42 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-26 20:27 - 2014-05-26 20:26 - 05200919 ____R (Swearware) C:\Users\Winni\Desktop\ComboFix.exe
2014-05-25 20:14 - 2012-10-21 21:04 - 00000000 ____D () C:\Users\Winni
2014-05-25 19:37 - 2014-05-25 19:37 - 00000000 ____D () C:\Users\Winni\AppData\Local\THQ
2014-05-25 15:54 - 2014-05-25 15:54 - 00049825 _____ () C:\Users\Winni\Downloads\LogFiles.zip
2014-05-25 15:53 - 2014-05-25 15:53 - 00002605 _____ () C:\Users\Winni\Downloads\AdwCleaner[R1].txt
2014-05-25 15:52 - 2014-05-25 15:52 - 00002605 _____ () C:\Users\Admin\Downloads\AdwCleaner[R1].txt
2014-05-25 15:19 - 2014-05-25 15:19 - 00749519 _____ () C:\Users\Winni\Downloads\Gmer.txt
2014-05-25 15:06 - 2014-05-25 15:06 - 00380416 _____ () C:\Users\Winni\Downloads\Gmer-19357.exe
2014-05-25 14:52 - 2014-05-25 14:52 - 00035181 _____ () C:\Users\Winni\Downloads\Addition.txt
2014-05-25 14:50 - 2014-05-25 14:50 - 02066944 _____ (Farbar) C:\Users\Winni\Downloads\FRST64.exe
2014-05-25 14:48 - 2014-05-25 14:48 - 00050477 _____ () C:\Users\Winni\Downloads\Defogger.exe
2014-05-25 14:48 - 2014-05-25 14:48 - 00000472 _____ () C:\Users\Winni\Downloads\defogger_disable.log
2014-05-25 14:48 - 2014-05-25 14:48 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2014-05-25 14:48 - 2012-10-21 19:48 - 00000000 ____D () C:\Users\Admin
2014-05-25 14:07 - 2013-07-03 00:12 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-05-23 17:41 - 2012-10-25 21:20 - 00000000 ____D () C:\Users\Winni\Bewerbungen
2014-05-23 16:56 - 2012-10-21 21:05 - 00000000 ____D () C:\Users\Winni\AppData\Local\VirtualStore
2014-05-23 15:09 - 2014-05-16 16:04 - 00000728 __RSH () C:\ProgramData\ntuser.pol
2014-05-23 14:39 - 2012-10-31 22:39 - 00000432 _____ () C:\Windows\BRWMARK.INI
2014-05-22 19:04 - 2014-05-22 19:04 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-22 19:04 - 2014-05-22 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-22 19:04 - 2014-05-22 19:03 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-22 19:04 - 2014-05-22 19:03 - 00000000 ____D () C:\Program Files\iTunes
2014-05-22 19:04 - 2014-05-22 19:03 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-22 19:03 - 2014-05-22 19:03 - 00000000 ____D () C:\Program Files\iPod
2014-05-22 16:40 - 2013-09-05 16:11 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-05-22 14:55 - 2012-10-20 18:41 - 00000000 ____D () C:\Games
2014-05-20 23:14 - 2014-05-20 23:14 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 23:14 - 2014-05-20 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-20 23:14 - 2014-05-11 00:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-20 23:13 - 2014-05-09 16:48 - 00000000 ____D () C:\Users\Winni\Downloads\RPG
2014-05-20 23:01 - 2014-05-20 23:00 - 28852416 _____ (Mozilla) C:\Users\Winni\Downloads\Firefox Setup 29.0.1.exe
2014-05-20 12:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-19 00:41 - 2012-10-26 00:37 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\vlc
2014-05-16 16:59 - 2013-04-28 15:11 - 00000000 ____D () C:\Users\Winni\AppData\Local\Spotify
2014-05-16 16:54 - 2012-10-25 20:59 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-05-16 16:34 - 2014-05-16 16:34 - 00013804 _____ () C:\Users\Winni\Desktop\H620000.html
2014-05-16 16:04 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-15 16:30 - 2014-05-07 15:11 - 00000000 ____D () C:\Users\Winni\Desktop\tmp
2014-05-15 16:26 - 2014-05-15 16:25 - 00000000 ____D () C:\Users\Winni\Desktop\BIlder
2014-05-15 15:50 - 2014-05-15 15:45 - 42578956 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part10.rar
2014-05-15 15:40 - 2014-05-15 15:27 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part09.rar
2014-05-15 15:26 - 2014-05-15 15:14 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part08.rar
2014-05-15 15:13 - 2014-05-15 15:01 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part07.rar
2014-05-15 15:00 - 2014-05-15 14:51 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part06.rar
2014-05-15 14:49 - 2014-05-15 14:40 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part05.rar
2014-05-15 14:39 - 2014-05-15 14:31 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part04.rar
2014-05-15 14:29 - 2014-05-15 14:21 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part03.rar
2014-05-15 14:20 - 2014-05-15 14:11 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part02.rar
2014-05-15 14:12 - 2014-05-15 14:12 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-05-15 14:10 - 2014-05-15 14:01 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.S04E06.720p.part01.rar
2014-05-15 13:44 - 2012-10-28 00:24 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-05-15 12:52 - 2012-10-31 22:46 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-15 12:43 - 2012-10-21 21:05 - 00000000 ___RD () C:\Users\Winni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 12:43 - 2012-10-21 21:05 - 00000000 ___RD () C:\Users\Winni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 19:20 - 2014-04-24 15:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 19:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-14 17:52 - 2013-07-10 18:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 17:52 - 2012-11-25 16:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 17:46 - 2012-10-21 20:48 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 22:18 - 2012-10-22 21:13 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 22:18 - 2012-10-22 21:13 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 15:24 - 2014-05-13 15:24 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Lavasoft
2014-05-13 15:11 - 2013-02-17 20:15 - 00000000 ____D () C:\Users\Winni\AppData\Local\Unity
2014-05-13 15:02 - 2014-05-13 15:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\LavasoftStatistics
2014-05-13 14:42 - 2014-05-13 14:42 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-13 00:44 - 2014-01-10 00:46 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-05-13 00:14 - 2014-05-13 00:09 - 188100210 _____ () C:\Users\Winni\Downloads\ulisses-2014-05-12_05-09pm.zip
2014-05-12 23:51 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-12 22:08 - 2014-05-12 21:58 - 00000000 ____D () C:\Users\Admin\AppData\Local\ManyCam
2014-05-12 21:57 - 2014-05-12 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2014-05-12 21:57 - 2014-05-12 21:55 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-05-12 21:55 - 2014-05-12 21:55 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ManyCam
2014-05-12 21:26 - 2014-05-12 21:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\dlg
2014-05-12 21:25 - 2014-05-12 21:25 - 00120832 _____ () C:\Windows\system32\xljveinstall.exe
2014-05-12 07:26 - 2014-05-27 19:55 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-27 19:55 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-27 19:55 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-12 05:06 - 2014-05-15 15:50 - 958174777 _____ () C:\Users\Winni\Downloads\Game.of.Thrones.S04E06.720p.HDTV.x264-DIMENSION.mkv
2014-05-12 00:45 - 2014-05-12 00:45 - 02165929 _____ () C:\Users\Winni\Downloads\pathfinder.zip
2014-05-12 00:22 - 2014-05-12 00:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Fantasy Grounds
2014-05-12 00:22 - 2014-05-12 00:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Fantasy Grounds
2014-05-12 00:21 - 2014-05-12 00:20 - 00000000 ____D () C:\Program Files (x86)\Fantasy Grounds
2014-05-11 16:35 - 2014-05-11 16:23 - 00000000 ____D () C:\Users\Winni\AppData\Local\Plex Media Server
2014-05-11 16:28 - 2013-10-20 19:57 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-05-11 16:23 - 2012-10-21 23:14 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Apple Computer
2014-05-11 16:23 - 2012-10-21 23:14 - 00000000 ____D () C:\Users\Winni\AppData\Local\Apple Computer
2014-05-11 16:21 - 2014-05-11 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-05-11 16:21 - 2014-05-11 16:21 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-05-11 16:21 - 2013-09-07 21:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-11 15:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-09 08:14 - 2014-05-14 17:40 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 17:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 15:54 - 2014-05-08 15:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-07 14:20 - 2013-05-24 15:00 - 00000000 ____D () C:\Windows\Minidump
2014-05-07 14:20 - 2012-10-21 20:39 - 00000000 ____D () C:\Windows\Panther
2014-05-07 14:04 - 2013-01-26 19:42 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-07 14:04 - 2013-01-26 19:42 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-06 02:46 - 2014-05-14 17:53 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 02:21 - 2014-05-14 17:53 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 02:21 - 2014-05-14 17:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 01:32 - 2014-05-14 17:53 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 01:14 - 2014-05-14 17:53 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 01:14 - 2014-05-14 17:53 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 00:43 - 2014-05-06 00:35 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\HandBrake
2014-05-06 00:32 - 2014-05-06 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2014-05-05 22:41 - 2014-05-05 22:38 - 00000000 ____D () C:\Users\Winni\AppData\Local\Google
2014-05-05 22:39 - 2014-05-05 22:39 - 00001205 _____ () C:\Users\Winni\Desktop\Chromecast.lnk
2014-05-05 22:39 - 2014-05-05 22:39 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-05-05 06:40 - 2014-05-09 17:50 - 1345560050 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e05.720p.hdtv.x264-killers.mkv
2014-05-04 23:18 - 2013-03-30 22:47 - 00000000 ____D () C:\Users\Winni\Desktop\Neuer Ordner
2014-05-03 17:11 - 2013-05-22 17:45 - 00000000 ____D () C:\Users\Winni\Steuer
2014-04-28 22:55 - 2014-04-28 22:47 - 00000000 ____D () C:\Users\Winni\Documents\NetBeansProjects
2014-04-28 22:47 - 2014-04-28 22:11 - 00000000 ____D () C:\Users\Admin\.nbi
2014-04-28 22:17 - 2014-04-28 22:13 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-04-28 22:15 - 2014-04-28 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2014-04-28 22:12 - 2014-04-28 22:13 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-28 22:12 - 2014-04-28 22:12 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-28 22:12 - 2014-04-28 22:12 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-28 22:12 - 2014-04-28 22:12 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-28 22:12 - 2014-04-28 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-04-28 22:12 - 2014-04-28 22:11 - 00000000 ____D () C:\Program Files\Java
2014-04-28 22:12 - 2014-04-19 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-28 21:48 - 2014-04-28 21:48 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\.neurophstudio
2014-04-28 07:33 - 2014-05-09 00:10 - 1347531464 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e04.720p.hdtv.x264-killers.mkv
2014-04-27 20:35 - 2013-05-22 15:37 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular

Files to move or delete:
====================
C:\Users\Winni\Broodwar.bat


Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


addition

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 01
Ran by Winni at 2014-05-27 20:46:44
Running from C:\Users\Winni\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus (Disabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Disabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.30424 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{25107779-C295-EB3E-3C92-AC1B45680012}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80424.1301 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.0.5-r2 - Arduino LLC)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitdefender Antivirus Plus (HKLM\...\Bitdefender) (Version: 17.20.0.883 - Bitdefender)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.8.1 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0424.1225.20315 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.316.0 - Google Inc.)
Compiled Driver Disk (Nokia) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-705480811205}_is1) (Version: 1.0.3.0 - COMPELSON Labs)
Core Temp 1.0 RC5 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Ihr Firmenname)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
Dungeon Keeper Gold (HKLM-x32\...\GOGPACKDUNGEONKEEPER_is1) (Version: 2.0.0.4 - GOG.com)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
EndNote X5 (HKLM-x32\...\{86B3F2D6-AC2B-0015-8AE1-F2F77F781B0C}) (Version: 15.0.0.5478 - Thomson Reuters)
Firefall (HKLM-x32\...\{CFEF8DB5-B45E-4b05-90BE-D02AA6F45354}) (Version:  - Red 5 Studios)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Freemake Video Converter Version 4.0.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.4 - Ellora Assets Corporation)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version:  - )
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
ManyCam 4.0.77 (HKLM-x32\...\ManyCam) (Version: 4.0.77 - Visicom Media Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.52 (HKLM-x32\...\Mp3tag) (Version: v2.52 - Florian Heidenreich)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
NeurophStudio (HKLM-x32\...\nbi-neurophstudio-1.0.0.0.0) (Version:  - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF24 Creator 6.0.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Personal ID (HKLM-x32\...\{F722209B-739E-40E4-ADB1-062BD032A0DB}) (Version: 1.8.5 - coolspot AG)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap)
Plex Media Server (HKLM-x32\...\{e9921c42-812d-4b39-9c02-612724349e82}) (Version: 0.9.907 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.907 - Plex, Inc.) Hidden
R.U.S.E (HKLM-x32\...\Steam App 21970) (Version:  - Ubisoft)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 2.0.1.60 - Steppschuh)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization V SDK (HKLM-x32\...\Steam App 16830) (Version:  - Firaxis Games)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SolForge (HKLM-x32\...\Steam App 232450) (Version:  - Stone Blade Entertainment)
SoundWire Server version 1.7.3 (HKLM-x32\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 1.7.3 - GeorgieLabs)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.12 - Bioware/EA)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
Star Wars: The Force Unleashed II (HKLM-x32\...\Steam App 32500) (Version:  - Lucas Arts)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Warhammer 40,000 Space Marine (HKLM-x32\...\Steam App 55150) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version:  - Relic)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-05-26 20:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003Core.job => C:\Users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003UA.job => C:\Users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-1143599331-371919559-3494116047-1003.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (whitelisted) =============

2013-10-25 16:06 - 2013-06-19 12:45 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2013-04-24 12:20 - 2013-04-24 12:20 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Winni\Desktop\adwcleaner_3.211.exe:BDU
AlternateDataStreams: C:\Users\Winni\Desktop\ComboFix.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\Defogger.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\Firefox Setup 29.0.1.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\mbam-setup-2.0.2.1012.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\neurophstudio-windows-2.85.exe:BDU

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: DlProtectSvc => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Bitdefender-Geldbörse => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
MSCONFIG\startupreg: Bitdefender-Geldbörse-Agent => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
MSCONFIG\startupreg: Bitdefender-Geldbörse-Anwendungs-Agent => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: Plex Media Server => "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/27/2014 08:41:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/27/2014 08:41:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/27/2014 08:38:24 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-05-26 20:41:32.104
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-26 20:41:32.073
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-10-21 15:57:05.114
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.114
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.098
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-20 20:36:48.223
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-20 20:36:48.223
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 22%
Total physical RAM: 8191.12 MB
Available physical RAM: 6374.84 MB
Total Pagefile: 16380.41 MB
Available Pagefile: 14252.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:387.54 GB) (Free:26.48 GB) NTFS
Drive d: (Music) (Fixed) (Total:78.12 GB) (Free:37.85 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
So wie das aussah, lag (liegt?) da ja noch mehr im argen als "nur" der DownloadProtect dreck im argen.... und ich dachte immer ich wäre mir NoScript und einem halbwegs vernünftigem Surfverhalten ganz gut unterwegs...

schrauber 28.05.2014 12:22

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

schrauber 28.05.2014 12:22

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Daigochiban 29.05.2014 00:08
Eset
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=282132207242af4f87620114470380d4
# engine=18450
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-28 10:04:21
# local_time=2014-05-29 12:04:21 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 18611184 152944511 0 0
# scanned=664298
# found=0
# cleaned=0
# scan_time=7611
security check
Code:
Results of screen317's Security Check version 0.99.83 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Bitdefender Antivirus 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 55 
 Adobe Flash Player 13.0.0.214 
 Adobe Reader XI 
 Mozilla Firefox (29.0.1)
````````Process Check: objlist.exe by Laurent```````` 
 Bitdefender Bitdefender vsserv.exe 
 Bitdefender Bitdefender updatesrv.exe 
 Bitdefender Bitdefender bdagent.exe 
 Bitdefender Bitdefender downloader.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
Frst

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 01
Ran by Winni (ATTENTION: The logged in user is not administrator) on ABRAXAS on 29-05-2014 01:01:19
Running from C:\Users\Winni\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Spotify Ltd) C:\Users\Winni\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1743088 2014-05-27] (Bitdefender)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-05-27] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-27] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-05-27] (Bitdefender)
HKU\S-1-5-21-1143599331-371919559-3494116047-1003\...\Run: [Spotify Web Helper] => C:\Users\Winni\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-1143599331-371919559-3494116047-1003\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-27] (Bitdefender)
HKU\S-1-5-21-1143599331-371919559-3494116047-1003\...\Run: [Google Update] => C:\Users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-05] (Google Inc.)
HKU\S-1-5-21-1143599331-371919559-3494116047-1003\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF8A89CDC7D05CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{C0163090-193E-4CA1-9498-4D4C049B3E7A}: [NameServer]192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default
FF NetworkProxy: "ftp", "109.207.61.178"
FF NetworkProxy: "ftp_port", 8090
FF NetworkProxy: "http", "109.207.61.178"
FF NetworkProxy: "http_port", 8090
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "109.207.61.178"
FF NetworkProxy: "socks_port", 8090
FF NetworkProxy: "ssl", "109.207.61.178"
FF NetworkProxy: "ssl_port", 8090
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Winni\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Winni\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\searchplugins\youtube.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\Extensions\brief@mozdev.org.xpi [2014-05-28]
FF Extension: RSS Icon for Brief - C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\Extensions\iconforbrief@gmail.com.xpi [2014-05-28]
FF Extension: NoScript - C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-28]
FF Extension: Adblock Plus - C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-28]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ []
FF HKLM-x32\...\Firefox\Extensions: [{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}] - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi
FF Extension: No Name - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi [2014-05-23]

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-11]
CHR Extension: (Google Drive) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-11]
CHR Extension: (YouTube) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-11]
CHR Extension: (Google Cast) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-05-11]
CHR Extension: (Bitdefender Wallet) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-05-11]
CHR Extension: (Google-Suche) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-11]
CHR Extension: (Google Wallet) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-11]
CHR Extension: (Google Mail) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-11]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-03-31]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [484592 2013-11-17] (BitRaider, LLC)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-09-26] (Freemake)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1526800 2014-05-27] (Bitdefender)

==================== Drivers (Whitelisted) ====================

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2014-02-03] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2014-02-03] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-27] (BitDefender SRL)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-09-21] (BitRaider)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-27] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\Admin\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-29 01:01 - 2014-05-29 01:01 - 00015230 _____ () C:\Users\Winni\Desktop\FRST.txt
2014-05-28 21:54 - 2014-05-28 21:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-28 21:22 - 2014-05-28 21:22 - 00854367 _____ () C:\Users\Winni\Desktop\SecurityCheck.exe
2014-05-28 15:08 - 2014-05-28 15:08 - 02347384 _____ (ESET) C:\Users\Winni\Desktop\esetsmartinstaller_deu.exe
2014-05-28 13:14 - 2014-05-28 13:14 - 00018435 _____ () C:\Windows\DirectX.log
2014-05-27 20:37 - 2014-05-27 20:37 - 00000829 _____ () C:\Users\Winni\Downloads\JRT.txt
2014-05-27 20:30 - 2014-05-27 20:30 - 00000000 ____D () C:\Windows\ERUNT
2014-05-27 20:25 - 2014-05-27 20:25 - 01016261 _____ (Thisisu) C:\Users\Winni\Desktop\JRT.exe
2014-05-27 20:12 - 2014-05-27 20:12 - 01327971 _____ () C:\Users\Winni\Desktop\adwcleaner_3.211.exe
2014-05-27 20:10 - 2014-05-27 20:10 - 00001892 _____ () C:\Users\Winni\Desktop\MWB.txt
2014-05-27 19:56 - 2014-05-27 19:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-27 19:55 - 2014-05-27 19:55 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-27 19:55 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-27 19:55 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-27 19:55 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-27 19:53 - 2014-05-27 19:54 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Winni\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-27 19:45 - 2014-05-27 19:45 - 00000385 _____ () C:\Users\Admin\AppData\Roaminguser_gensett.xml
2014-05-27 16:30 - 2014-05-27 16:30 - 00000207 _____ () C:\Users\Winni\Desktop\Warhammer 40,000 Space Marine.url
2014-05-26 20:44 - 2014-05-26 20:44 - 00023782 _____ () C:\ComboFix.txt
2014-05-26 20:32 - 2014-05-26 20:45 - 00000000 ____D () C:\Qoobox
2014-05-26 20:32 - 2014-05-26 20:43 - 00000000 ____D () C:\Windows\erdnt
2014-05-26 20:32 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-26 20:32 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-26 20:32 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-26 20:32 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-26 20:32 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-26 20:32 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-26 20:32 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-26 20:32 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-26 20:26 - 2014-05-26 20:27 - 05200919 ____R (Swearware) C:\Users\Winni\Desktop\ComboFix.exe
2014-05-25 19:37 - 2014-05-25 19:37 - 00000000 ____D () C:\Users\Winni\AppData\Local\THQ
2014-05-25 15:54 - 2014-05-25 15:54 - 00049825 _____ () C:\Users\Winni\Downloads\LogFiles.zip
2014-05-25 15:53 - 2014-05-25 15:53 - 00002605 _____ () C:\Users\Winni\Downloads\AdwCleaner[R1].txt
2014-05-25 15:19 - 2014-05-25 15:19 - 00749519 _____ () C:\Users\Winni\Downloads\Gmer.txt
2014-05-25 15:06 - 2014-05-25 15:06 - 00380416 _____ () C:\Users\Winni\Downloads\Gmer-19357.exe
2014-05-25 14:52 - 2014-05-27 20:46 - 00031592 _____ () C:\Users\Winni\Downloads\Addition.txt
2014-05-25 14:51 - 2014-05-29 01:01 - 00000000 ____D () C:\FRST
2014-05-25 14:51 - 2014-05-27 20:46 - 00049253 _____ () C:\Users\Winni\Downloads\FRST.txt
2014-05-25 14:50 - 2014-05-25 14:50 - 02066944 _____ (Farbar) C:\Users\Winni\Desktop\FRST64.exe
2014-05-25 14:48 - 2014-05-25 14:48 - 00050477 _____ () C:\Users\Winni\Downloads\Defogger.exe
2014-05-25 14:48 - 2014-05-25 14:48 - 00000472 _____ () C:\Users\Winni\Downloads\defogger_disable.log
2014-05-25 14:48 - 2014-05-25 14:48 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2014-05-25 14:24 - 2014-05-27 20:27 - 00000000 ____D () C:\AdwCleaner
2014-05-22 19:04 - 2014-05-22 19:04 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-22 19:04 - 2014-05-22 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-22 19:03 - 2014-05-22 19:04 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-22 19:03 - 2014-05-22 19:04 - 00000000 ____D () C:\Program Files\iTunes
2014-05-22 19:03 - 2014-05-22 19:04 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-22 19:03 - 2014-05-22 19:03 - 00000000 ____D () C:\Program Files\iPod
2014-05-20 23:14 - 2014-05-20 23:14 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 23:14 - 2014-05-20 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-20 23:11 - 2014-05-27 20:28 - 00001816 _____ () C:\Windows\PFRO.log
2014-05-20 23:00 - 2014-05-20 23:01 - 28852416 _____ (Mozilla) C:\Users\Winni\Downloads\Firefox Setup 29.0.1.exe
2014-05-16 16:34 - 2014-05-16 16:34 - 00013804 _____ () C:\Users\Winni\Desktop\H620000.html
2014-05-16 16:04 - 2014-05-23 15:09 - 00000728 __RSH () C:\ProgramData\ntuser.pol
2014-05-15 16:25 - 2014-05-15 16:26 - 00000000 ____D () C:\Users\Winni\Desktop\BIlder
2014-05-15 15:50 - 2014-05-12 05:06 - 958174777 _____ () C:\Users\Winni\Downloads\Game.of.Thrones.S04E06.720p.HDTV.x264-DIMENSION.mkv
2014-05-15 14:12 - 2014-05-15 14:12 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-05-14 17:53 - 2014-05-06 02:46 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 17:53 - 2014-05-06 02:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 17:53 - 2014-05-06 02:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 17:53 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 17:53 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 17:53 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 17:40 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 17:40 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 17:40 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 17:40 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 17:40 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 17:40 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 17:40 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 17:40 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 17:40 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 17:40 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 17:40 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 17:40 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 17:40 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 17:40 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 17:40 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 17:40 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 17:40 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 17:40 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 17:40 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 17:40 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 15:24 - 2014-05-13 15:24 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Lavasoft
2014-05-13 15:02 - 2014-05-13 15:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\LavasoftStatistics
2014-05-13 14:42 - 2014-05-13 14:42 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-13 00:09 - 2014-05-13 00:14 - 188100210 _____ () C:\Users\Winni\Downloads\ulisses-2014-05-12_05-09pm.zip
2014-05-12 21:58 - 2014-05-12 22:08 - 00000000 ____D () C:\Users\Admin\AppData\Local\ManyCam
2014-05-12 21:57 - 2014-05-12 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2014-05-12 21:55 - 2014-05-12 21:57 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-05-12 21:55 - 2014-05-12 21:55 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ManyCam
2014-05-12 21:26 - 2014-05-12 21:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\dlg
2014-05-12 21:25 - 2014-05-12 21:25 - 00120832 _____ () C:\Windows\system32\xljveinstall.exe
2014-05-12 00:22 - 2014-05-12 00:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Fantasy Grounds
2014-05-12 00:20 - 2014-05-12 00:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Fantasy Grounds
2014-05-12 00:20 - 2014-05-12 00:21 - 00000000 ____D () C:\Program Files (x86)\Fantasy Grounds
2014-05-11 16:23 - 2014-05-11 16:35 - 00000000 ____D () C:\Users\Winni\AppData\Local\Plex Media Server
2014-05-11 16:21 - 2014-05-11 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-05-11 16:21 - 2014-05-11 16:21 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-05-11 00:59 - 2014-05-20 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 17:50 - 2014-05-05 06:40 - 1345560050 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e05.720p.hdtv.x264-killers.mkv
2014-05-09 16:48 - 2014-05-29 01:01 - 00000000 ____D () C:\Users\Winni\Downloads\RPG
2014-05-09 00:10 - 2014-04-28 07:33 - 1347531464 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e04.720p.hdtv.x264-killers.mkv
2014-05-08 15:54 - 2014-05-28 21:37 - 00004412 _____ () C:\Windows\setupact.log
2014-05-08 15:54 - 2014-05-08 15:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-07 15:11 - 2014-05-15 16:30 - 00000000 ____D () C:\Users\Winni\Desktop\tmp
2014-05-07 15:06 - 2014-02-10 10:33 - 118399400 _____ () C:\Users\Winni\Downloads\Game.of.Thrones-Ice.and.Fire.A.Foreshadowing.HDTV.XviD-AFG.avi
2014-05-06 00:35 - 2014-05-06 00:43 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\HandBrake
2014-05-06 00:32 - 2014-05-06 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2014-05-05 22:39 - 2014-05-05 22:39 - 00001205 _____ () C:\Users\Winni\Desktop\Chromecast.lnk
2014-05-05 22:39 - 2014-05-05 22:39 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-05-05 22:38 - 2014-05-29 00:43 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003UA.job
2014-05-05 22:38 - 2014-05-28 22:43 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003Core.job
2014-05-05 22:38 - 2014-05-05 22:41 - 00000000 ____D () C:\Users\Winni\AppData\Local\Google
2014-05-05 21:36 - 2014-04-21 05:18 - 1344397720 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e03.720p.hdtv.x264-killers.mkv
2014-05-05 00:22 - 2014-04-14 04:40 - 1269763329 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e02.720p.hdtv.x264-2hd.mkv
2014-05-03 14:31 - 2014-04-07 06:19 - 1579446858 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e01.720p.hdtv.x264-killers.mkv

==================== One Month Modified Files and Folders =======

2014-05-29 01:01 - 2014-05-29 01:01 - 00015230 _____ () C:\Users\Winni\Desktop\FRST.txt
2014-05-29 01:01 - 2014-05-25 14:51 - 00000000 ____D () C:\FRST
2014-05-29 01:01 - 2014-05-09 16:48 - 00000000 ____D () C:\Users\Winni\Downloads\RPG
2014-05-29 00:43 - 2014-05-05 22:38 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003UA.job
2014-05-29 00:39 - 2012-10-31 22:39 - 00000432 _____ () C:\Windows\BRWMARK.INI
2014-05-29 00:18 - 2012-11-21 20:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-28 23:58 - 2012-10-22 23:05 - 00000388 _____ () C:\Windows\Tasks\update-S-1-5-21-1143599331-371919559-3494116047-1003.job
2014-05-28 22:43 - 2014-05-05 22:38 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003Core.job
2014-05-28 21:57 - 2011-04-12 09:43 - 00699654 _____ () C:\Windows\system32\perfh007.dat
2014-05-28 21:57 - 2011-04-12 09:43 - 00149794 _____ () C:\Windows\system32\perfc007.dat
2014-05-28 21:57 - 2009-07-14 07:13 - 01621612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-28 21:54 - 2014-05-28 21:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-28 21:44 - 2012-10-21 19:42 - 01829037 _____ () C:\Windows\WindowsUpdate.log
2014-05-28 21:44 - 2009-07-14 06:45 - 00020304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-28 21:44 - 2009-07-14 06:45 - 00020304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-28 21:37 - 2014-05-08 15:54 - 00004412 _____ () C:\Windows\setupact.log
2014-05-28 21:37 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-28 21:22 - 2014-05-28 21:22 - 00854367 _____ () C:\Users\Winni\Desktop\SecurityCheck.exe
2014-05-28 15:08 - 2014-05-28 15:08 - 02347384 _____ (ESET) C:\Users\Winni\Desktop\esetsmartinstaller_deu.exe
2014-05-28 13:14 - 2014-05-28 13:14 - 00018435 _____ () C:\Windows\DirectX.log
2014-05-28 00:09 - 2013-07-03 00:12 - 00000000 ____D () C:\Users\Winni\AppData\Local\Battle.net
2014-05-27 20:46 - 2014-05-25 14:52 - 00031592 _____ () C:\Users\Winni\Downloads\Addition.txt
2014-05-27 20:46 - 2014-05-25 14:51 - 00049253 _____ () C:\Users\Winni\Downloads\FRST.txt
2014-05-27 20:37 - 2014-05-27 20:37 - 00000829 _____ () C:\Users\Winni\Downloads\JRT.txt
2014-05-27 20:30 - 2014-05-27 20:30 - 00000000 ____D () C:\Windows\ERUNT
2014-05-27 20:28 - 2014-05-20 23:11 - 00001816 _____ () C:\Windows\PFRO.log
2014-05-27 20:27 - 2014-05-25 14:24 - 00000000 ____D () C:\AdwCleaner
2014-05-27 20:25 - 2014-05-27 20:25 - 01016261 _____ (Thisisu) C:\Users\Winni\Desktop\JRT.exe
2014-05-27 20:12 - 2014-05-27 20:12 - 01327971 _____ () C:\Users\Winni\Desktop\adwcleaner_3.211.exe
2014-05-27 20:10 - 2014-05-27 20:10 - 00001892 _____ () C:\Users\Winni\Desktop\MWB.txt
2014-05-27 19:57 - 2014-05-27 19:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-27 19:55 - 2014-05-27 19:55 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-27 19:54 - 2014-05-27 19:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Winni\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-27 19:45 - 2014-05-27 19:45 - 00000385 _____ () C:\Users\Admin\AppData\Roaminguser_gensett.xml
2014-05-27 18:54 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-27 18:04 - 2013-04-28 15:04 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Spotify
2014-05-27 16:30 - 2014-05-27 16:30 - 00000207 _____ () C:\Users\Winni\Desktop\Warhammer 40,000 Space Marine.url
2014-05-26 20:45 - 2014-05-26 20:32 - 00000000 ____D () C:\Qoobox
2014-05-26 20:45 - 2012-10-21 19:48 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-26 20:45 - 2012-10-21 19:48 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-26 20:45 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-26 20:44 - 2014-05-26 20:44 - 00023782 _____ () C:\ComboFix.txt
2014-05-26 20:43 - 2014-05-26 20:32 - 00000000 ____D () C:\Windows\erdnt
2014-05-26 20:42 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-26 20:27 - 2014-05-26 20:26 - 05200919 ____R (Swearware) C:\Users\Winni\Desktop\ComboFix.exe
2014-05-25 20:14 - 2012-10-21 21:04 - 00000000 ____D () C:\Users\Winni
2014-05-25 19:37 - 2014-05-25 19:37 - 00000000 ____D () C:\Users\Winni\AppData\Local\THQ
2014-05-25 15:54 - 2014-05-25 15:54 - 00049825 _____ () C:\Users\Winni\Downloads\LogFiles.zip
2014-05-25 15:53 - 2014-05-25 15:53 - 00002605 _____ () C:\Users\Winni\Downloads\AdwCleaner[R1].txt
2014-05-25 15:19 - 2014-05-25 15:19 - 00749519 _____ () C:\Users\Winni\Downloads\Gmer.txt
2014-05-25 15:06 - 2014-05-25 15:06 - 00380416 _____ () C:\Users\Winni\Downloads\Gmer-19357.exe
2014-05-25 14:50 - 2014-05-25 14:50 - 02066944 _____ (Farbar) C:\Users\Winni\Desktop\FRST64.exe
2014-05-25 14:48 - 2014-05-25 14:48 - 00050477 _____ () C:\Users\Winni\Downloads\Defogger.exe
2014-05-25 14:48 - 2014-05-25 14:48 - 00000472 _____ () C:\Users\Winni\Downloads\defogger_disable.log
2014-05-25 14:48 - 2014-05-25 14:48 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2014-05-25 14:48 - 2012-10-21 19:48 - 00000000 ____D () C:\Users\Admin
2014-05-25 14:07 - 2013-07-03 00:12 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-05-23 17:41 - 2012-10-25 21:20 - 00000000 ____D () C:\Users\Winni\Bewerbungen
2014-05-23 16:56 - 2012-10-21 21:05 - 00000000 ____D () C:\Users\Winni\AppData\Local\VirtualStore
2014-05-23 15:09 - 2014-05-16 16:04 - 00000728 __RSH () C:\ProgramData\ntuser.pol
2014-05-22 19:04 - 2014-05-22 19:04 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-22 19:04 - 2014-05-22 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-22 19:04 - 2014-05-22 19:03 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-22 19:04 - 2014-05-22 19:03 - 00000000 ____D () C:\Program Files\iTunes
2014-05-22 19:04 - 2014-05-22 19:03 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-22 19:03 - 2014-05-22 19:03 - 00000000 ____D () C:\Program Files\iPod
2014-05-22 16:40 - 2013-09-05 16:11 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-05-22 14:55 - 2012-10-20 18:41 - 00000000 ____D () C:\Games
2014-05-20 23:14 - 2014-05-20 23:14 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 23:14 - 2014-05-20 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-20 23:14 - 2014-05-11 00:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-20 23:01 - 2014-05-20 23:00 - 28852416 _____ (Mozilla) C:\Users\Winni\Downloads\Firefox Setup 29.0.1.exe
2014-05-20 12:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-19 00:41 - 2012-10-26 00:37 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\vlc
2014-05-16 16:59 - 2013-04-28 15:11 - 00000000 ____D () C:\Users\Winni\AppData\Local\Spotify
2014-05-16 16:54 - 2012-10-25 20:59 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-05-16 16:34 - 2014-05-16 16:34 - 00013804 _____ () C:\Users\Winni\Desktop\H620000.html
2014-05-16 16:04 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-15 16:30 - 2014-05-07 15:11 - 00000000 ____D () C:\Users\Winni\Desktop\tmp
2014-05-15 16:26 - 2014-05-15 16:25 - 00000000 ____D () C:\Users\Winni\Desktop\BIlder
2014-05-15 14:12 - 2014-05-15 14:12 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-05-15 13:44 - 2012-10-28 00:24 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-05-15 12:52 - 2012-10-31 22:46 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-15 12:43 - 2012-10-21 21:05 - 00000000 ___RD () C:\Users\Winni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 12:43 - 2012-10-21 21:05 - 00000000 ___RD () C:\Users\Winni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 19:20 - 2014-04-24 15:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 19:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-14 17:52 - 2013-07-10 18:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 17:52 - 2012-11-25 16:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 17:46 - 2012-10-21 20:48 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 22:18 - 2012-10-22 21:13 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 22:18 - 2012-10-22 21:13 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 15:24 - 2014-05-13 15:24 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Lavasoft
2014-05-13 15:11 - 2013-02-17 20:15 - 00000000 ____D () C:\Users\Winni\AppData\Local\Unity
2014-05-13 15:02 - 2014-05-13 15:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\LavasoftStatistics
2014-05-13 14:42 - 2014-05-13 14:42 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-13 00:44 - 2014-01-10 00:46 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-05-13 00:14 - 2014-05-13 00:09 - 188100210 _____ () C:\Users\Winni\Downloads\ulisses-2014-05-12_05-09pm.zip
2014-05-12 23:51 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-12 22:08 - 2014-05-12 21:58 - 00000000 ____D () C:\Users\Admin\AppData\Local\ManyCam
2014-05-12 21:57 - 2014-05-12 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2014-05-12 21:57 - 2014-05-12 21:55 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-05-12 21:55 - 2014-05-12 21:55 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ManyCam
2014-05-12 21:26 - 2014-05-12 21:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\dlg
2014-05-12 21:25 - 2014-05-12 21:25 - 00120832 _____ () C:\Windows\system32\xljveinstall.exe
2014-05-12 07:26 - 2014-05-27 19:55 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-27 19:55 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-27 19:55 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-12 05:06 - 2014-05-15 15:50 - 958174777 _____ () C:\Users\Winni\Downloads\Game.of.Thrones.S04E06.720p.HDTV.x264-DIMENSION.mkv
2014-05-12 00:22 - 2014-05-12 00:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Fantasy Grounds
2014-05-12 00:22 - 2014-05-12 00:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Fantasy Grounds
2014-05-12 00:21 - 2014-05-12 00:20 - 00000000 ____D () C:\Program Files (x86)\Fantasy Grounds
2014-05-11 16:35 - 2014-05-11 16:23 - 00000000 ____D () C:\Users\Winni\AppData\Local\Plex Media Server
2014-05-11 16:28 - 2013-10-20 19:57 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-05-11 16:23 - 2012-10-21 23:14 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Apple Computer
2014-05-11 16:23 - 2012-10-21 23:14 - 00000000 ____D () C:\Users\Winni\AppData\Local\Apple Computer
2014-05-11 16:21 - 2014-05-11 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-05-11 16:21 - 2014-05-11 16:21 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-05-11 16:21 - 2013-09-07 21:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-11 15:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-09 08:14 - 2014-05-14 17:40 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 17:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 15:54 - 2014-05-08 15:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-07 14:20 - 2013-05-24 15:00 - 00000000 ____D () C:\Windows\Minidump
2014-05-07 14:20 - 2012-10-21 20:39 - 00000000 ____D () C:\Windows\Panther
2014-05-07 14:04 - 2013-01-26 19:42 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-07 14:04 - 2013-01-26 19:42 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-06 02:46 - 2014-05-14 17:53 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 02:21 - 2014-05-14 17:53 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 02:21 - 2014-05-14 17:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 01:32 - 2014-05-14 17:53 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 01:14 - 2014-05-14 17:53 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 01:14 - 2014-05-14 17:53 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 00:43 - 2014-05-06 00:35 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\HandBrake
2014-05-06 00:32 - 2014-05-06 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2014-05-05 22:41 - 2014-05-05 22:38 - 00000000 ____D () C:\Users\Winni\AppData\Local\Google
2014-05-05 22:39 - 2014-05-05 22:39 - 00001205 _____ () C:\Users\Winni\Desktop\Chromecast.lnk
2014-05-05 22:39 - 2014-05-05 22:39 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-05-05 06:40 - 2014-05-09 17:50 - 1345560050 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e05.720p.hdtv.x264-killers.mkv
2014-05-04 23:18 - 2013-03-30 22:47 - 00000000 ____D () C:\Users\Winni\Desktop\Neuer Ordner
2014-05-03 17:11 - 2013-05-22 17:45 - 00000000 ____D () C:\Users\Winni\Steuer

Files to move or delete:
====================
C:\Users\Winni\Broodwar.bat


Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
--- --- ---


Addition
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 01
Ran by Winni at 2014-05-29 01:01:59
Running from C:\Users\Winni\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.30424 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{25107779-C295-EB3E-3C92-AC1B45680012}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80424.1301 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.0.5-r2 - Arduino LLC)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitdefender Antivirus Plus (HKLM\...\Bitdefender) (Version: 17.20.0.883 - Bitdefender)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.8.1 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0424.1225.20315 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.316.0 - Google Inc.)
Compiled Driver Disk (Nokia) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-705480811205}_is1) (Version: 1.0.3.0 - COMPELSON Labs)
Core Temp 1.0 RC5 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Ihr Firmenname)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
Dungeon Keeper Gold (HKLM-x32\...\GOGPACKDUNGEONKEEPER_is1) (Version: 2.0.0.4 - GOG.com)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
EndNote X5 (HKLM-x32\...\{86B3F2D6-AC2B-0015-8AE1-F2F77F781B0C}) (Version: 15.0.0.5478 - Thomson Reuters)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Firefall (HKLM-x32\...\{CFEF8DB5-B45E-4b05-90BE-D02AA6F45354}) (Version:  - Red 5 Studios)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Freemake Video Converter Version 4.0.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.4 - Ellora Assets Corporation)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version:  - )
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
ManyCam 4.0.77 (HKLM-x32\...\ManyCam) (Version: 4.0.77 - Visicom Media Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.52 (HKLM-x32\...\Mp3tag) (Version: v2.52 - Florian Heidenreich)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
NeurophStudio (HKLM-x32\...\nbi-neurophstudio-1.0.0.0.0) (Version:  - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF24 Creator 6.0.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Personal ID (HKLM-x32\...\{F722209B-739E-40E4-ADB1-062BD032A0DB}) (Version: 1.8.5 - coolspot AG)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap)
Plex Media Server (HKLM-x32\...\{e9921c42-812d-4b39-9c02-612724349e82}) (Version: 0.9.907 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.907 - Plex, Inc.) Hidden
R.U.S.E (HKLM-x32\...\Steam App 21970) (Version:  - Ubisoft)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 2.0.1.60 - Steppschuh)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization V SDK (HKLM-x32\...\Steam App 16830) (Version:  - Firaxis Games)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SolForge (HKLM-x32\...\Steam App 232450) (Version:  - Stone Blade Entertainment)
SoundWire Server version 1.7.3 (HKLM-x32\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 1.7.3 - GeorgieLabs)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.12 - Bioware/EA)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
Star Wars: The Force Unleashed II (HKLM-x32\...\Steam App 32500) (Version:  - Lucas Arts)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Warhammer 40,000 Space Marine (HKLM-x32\...\Steam App 55150) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version:  - Relic)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-05-26 20:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003Core.job => C:\Users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003UA.job => C:\Users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-1143599331-371919559-3494116047-1003.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (whitelisted) =============

2013-10-25 16:06 - 2013-06-19 12:45 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2013-04-24 12:20 - 2013-04-24 12:20 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Winni\Desktop\adwcleaner_3.211.exe:BDU
AlternateDataStreams: C:\Users\Winni\Desktop\ComboFix.exe:BDU
AlternateDataStreams: C:\Users\Winni\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\Defogger.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\Firefox Setup 29.0.1.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\mbam-setup-2.0.2.1012.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\neurophstudio-windows-2.85.exe:BDU

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: DlProtectSvc => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Bitdefender-Geldbörse => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
MSCONFIG\startupreg: Bitdefender-Geldbörse-Agent => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
MSCONFIG\startupreg: Bitdefender-Geldbörse-Anwendungs-Agent => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: Plex Media Server => "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/28/2014 09:54:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/28/2014 09:54:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/28/2014 09:54:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/28/2014 09:38:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/28/2014 06:41:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/28/2014 03:09:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/28/2014 03:09:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/28/2014 03:09:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/28/2014 03:08:56 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/28/2014 03:08:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (05/28/2014 09:38:22 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/28/2014 01:11:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/28/2014 01:11:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (05/28/2014 00:19:28 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {EA022610-0748-4C24-B229-6C507EBDFDBB}

Error: (05/28/2014 00:18:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/27/2014 08:41:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/27/2014 08:38:24 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-05-26 20:41:32.104
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-26 20:41:32.073
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-10-21 15:57:05.114
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.114
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.098
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-20 20:36:48.223
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-20 20:36:48.223
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 33%
Total physical RAM: 8191.12 MB
Available physical RAM: 5474.86 MB
Total Pagefile: 16380.41 MB
Available Pagefile: 13544.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:387.54 GB) (Free:27.85 GB) NTFS
Drive d: (Music) (Fixed) (Total:78.12 GB) (Free:37.85 GB) NTFS
Drive g: () (Removable) (Total:3.73 GB) (Free:1.58 GB) FAT32
Drive h: (20101125_115117) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive i: (TOSHIBA HDD) (Fixed) (Total:1862.04 GB) (Free:175.5 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
So. Das DownloadProtect ist zwar noch in der Erweiterungsliste aber es bleibt deaktiviert. Und bisher hat es auch keine anderen Erweiterungen mehr raus geschmissen. Bekomme ich es evtl. noch ganz aus der Erweiterungsliste raus?
Chrome kann ich jetzt auch wieder gefahrlos installieren oder?

Auf jeden Fall vielen Dank für die Hilfe :dankeschoen::dankeschoen:

schrauber 29.05.2014 21:09
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
FF HKLM-x32\...\Firefox\Extensions: [{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}] - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi
FF Extension: No Name - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi [2014-05-23]

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Daigochiban 30.05.2014 15:36
Ich Trottel hab leider den Teil mit der FixList übersehen und hab zuerst combofix deinstalliert und delfix laufen lassen... :headbang:

Jetzt gibt FRST eine Fehlermeldung wenn ich auf Fix klicke:

Code:
AutoIt Error
Line 9272 (File "C:\Users\Winni\Desktop\FRST64.exe"):
Error: Variable cannot be accessed in this manner.
Eine Logfile erstellt er trotzdem

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-05-2014 01
Ran by Winni at 2014-05-30 16:30:02 Run:2
Running from C:\Users\Winni\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
FF HKLM-x32\...\Firefox\Extensions: [{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}] - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi
FF Extension: No Name - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi [2014-05-23]
       
*****************


"C:\Windows\system32\GroupPolicy\Machine" directory move:

Und weill du es im vorherigem Post scheinbar überlesen hast: Bekomme ich DownloadProtect irgendwie aus der Erweiterungsliste vom Fire Fox? Es ist ja immmoment nur deaktiviert.
Und kann ich Chrome wieder gefahrlos installieren?

schrauber 31.05.2014 15:07
Chrome kannste installieren.

Kannste mir von FF mal nen Screenshot zeigen? Ich seh in den Logs nix mehr.

Daigochiban 01.06.2014 11:37
Klar. Here you go:

https://dl.dropboxusercontent.com/u/.../Unbenannt.JPG

schrauber 02.06.2014 11:47
Screenshot bitte anhängen, ich seh den so nicht.

Daigochiban 02.06.2014 18:20
Liste der Anhänge anzeigen (Anzahl: 1)
Gerne auch das =)

schrauber 03.06.2014 18:33
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
FF Extension: No Name - C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\Extensions\brief@mozdev.org.xpi [2014-05-28]
FF HKLM-x32\...\Firefox\Extensions: [{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}] - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi
FF Extension: No Name - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi [2014-05-23]

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Daigochiban 03.06.2014 22:30
Leider immer noch da. Aber dafür hat sich jetzt mein RSS Reader "Brief" verabschiedet =/

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-06-2014
Ran by Winni at 2014-06-03 23:24:53 Run:4
Running from C:\Users\Winni\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
FF Extension: No Name - C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\Extensions\brief@mozdev.org.xpi [2014-05-28]
FF HKLM-x32\...\Firefox\Extensions: [{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}] - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi
FF Extension: No Name - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi [2014-05-23]
*****************

C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\Extensions\brief@mozdev.org.xpi => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB} => Unable to delete value

"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions"

Listing permissions failed. Access Denied.
Could not move "C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi" => Scheduled to move on reboot.

schrauber 04.06.2014 18:49
poste bitte nochmal ein frisches FRST log, mach bitte mal alle Haken raus unter Whitelist bevor du scannst.

Daigochiban 04.06.2014 21:02

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by Winni (ATTENTION: The logged in user is not administrator) on ABRAXAS on 04-06-2014 21:58:08
Running from C:\Users\Winni\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (All) =========================

(Microsoft Corporation) C:\Windows\System32\taskhost.exe
(Microsoft Corporation) C:\Windows\System32\dwm.exe
(Microsoft Corporation) C:\Windows\explorer.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Spotify Ltd) C:\Users\Winni\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Farbar) C:\Users\Winni\Desktop\FRST64.exe

==================== Registry (All) ===========================

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1743088 2014-05-27] (Bitdefender)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30720 2010-11-21] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-21] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] Explorer.exe [2871808 2011-02-25] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [2616320 2011-02-25] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 255
HKLM\...\Policies\Explorer: [NoDriveAutoRun] 67108863
HKLM\...\Policies\Explorer: [HonorAutorunSetting] 1
HKLM\...\Policies\Explorer: [NoDrives] 0
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-05-27] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-27] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-05-27] (Bitdefender)
HKU\S-1-5-21-1143599331-371919559-3494116047-1003\...\Run: [Spotify Web Helper] => C:\Users\Winni\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-1143599331-371919559-3494116047-1003\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-27] (Bitdefender)
HKU\S-1-5-21-1143599331-371919559-3494116047-1003\...\Run: [Google Update] => C:\Users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-05] (Google Inc.)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  No File
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (All) ===========================

HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF8A89CDC7D05CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
URLSearchHook: HKCU - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKCU - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} -  No File
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} -  No File
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog5 10 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog5-x64 01 %SystemRoot%\system32\NLAapi.dll [70656] (Microsoft Corporation)
Winsock: Catalog5-x64 02 %SystemRoot%\system32\napinsp.dll [68096] (Microsoft Corporation)
Winsock: Catalog5-x64 03 %SystemRoot%\system32\pnrpnsp.dll [86016] (Microsoft Corporation)
Winsock: Catalog5-x64 04 %SystemRoot%\system32\pnrpnsp.dll [86016] (Microsoft Corporation)
Winsock: Catalog5-x64 05 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog5-x64 06 %SystemRoot%\System32\winrnr.dll [28672] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
Winsock: Catalog5-x64 10 %SystemRoot%\system32\wshbth.dll [47104] (Microsoft Corporation)
Winsock: Catalog9-x64 01 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 02 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 03 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 04 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 05 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 06 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 07 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 08 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 09 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 10 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 11 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Tcpip\..\Interfaces\{C0163090-193E-4CA1-9498-4D4C049B3E7A}: [NameServer]192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default
FF NetworkProxy: "ftp", "109.207.61.178"
FF NetworkProxy: "ftp_port", 8090
FF NetworkProxy: "http", "109.207.61.178"
FF NetworkProxy: "http_port", 8090
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "109.207.61.178"
FF NetworkProxy: "socks_port", 8090
FF NetworkProxy: "ssl", "109.207.61.178"
FF NetworkProxy: "ssl_port", 8090
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Winni\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Winni\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\searchplugins\youtube.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bing.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\google.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Brief - C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\Extensions\brief@mozdev.org.xpi [2014-06-04]
FF Extension: RSS Icon for Brief - C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\Extensions\iconforbrief@gmail.com.xpi [2014-05-28]
FF Extension: NoScript - C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-28]
FF Extension: Adblock Plus - C:\Users\Winni\AppData\Roaming\Mozilla\Firefox\Profiles\0p5daajj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-28]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2014-05-20]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ []
FF HKLM-x32\...\Firefox\Extensions: [{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}] - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi
FF Extension: No Name - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi [2014-05-23]
FF HKLM-x32\...\Mozilla Firefox 29.0.1\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components
FF HKLM-x32\...\Mozilla Firefox 29.0.1\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\plugins [2014-05-11]
FF HKCU\...\Mozilla Firefox 29.0.1\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components
FF HKCU\...\Mozilla Firefox 29.0.1\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\plugins [2014-05-11]
FF StartMenuInternet: FIREFOX.EXE - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

Chrome:
=======
CHR DefaultSearchKeyword: google.de
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Extension: (Google Docs) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-11]
CHR Extension: (Google Drive) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-11]
CHR Extension: (YouTube) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-11]
CHR Extension: (Google Cast) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-05-11]
CHR Extension: (Bitdefender Wallet) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-05-11]
CHR Extension: (Google-Suche) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-11]
CHR Extension: (Google Wallet) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-11]
CHR Extension: (Google Mail) - C:\Users\Winni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-11]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-03-31]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (All) ========================

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432 2013-12-21] (Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257712 2014-05-13] (Adobe Systems Incorporated)
R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-14] (Microsoft Corporation)
S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [238080 2013-04-24] (AMD)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-14] (Microsoft Corporation)
S3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-27] (Microsoft Corporation)
R2 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-02-12] (Apple Inc.)
S3 AppMgmt; C:\Windows\System32\appmgmts.dll [193536 2009-07-14] (Microsoft Corporation)
S3 AppMgmt; C:\Windows\SysWOW64\appmgmts.dll [149504 2009-07-14] (Microsoft Corporation)
S3 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [51808 2013-09-11] (Microsoft Corporation)
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [679424 2010-11-21] (Microsoft Corporation)
R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [679424 2010-11-21] (Microsoft Corporation)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-21] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation)
R2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-21] (Microsoft Corporation)
R2 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-21] (Microsoft Corporation)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
R3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-05] (Microsoft Corporation)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [484592 2013-11-17] (BitRaider, LLC)
S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-21] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66384 2009-06-10] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [105144 2013-09-11] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2013-09-11] (Microsoft Corporation)
S3 COMSysApp; C:\Windows\system32\dllhost.exe [9728 2009-07-14] (Microsoft Corporation)
S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [184320 2013-07-09] (Microsoft Corporation)
R2 CscService; C:\Windows\System32\cscsvc.dll [692224 2010-11-21] (Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-21] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-21] (Microsoft Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-03-03] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-21] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-21] (Microsoft Corporation)
R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation)
S3 EFS; C:\Windows\System32\lsass.exe [31232 2014-04-12] (Microsoft Corporation)
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-21] (Microsoft Corporation)
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation)
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-21] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-21] (Microsoft Corporation)
R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation)
R2 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation)
R2 FontCache; C:\Windows\system32\FntCache.dll [1143296 2013-08-27] (Microsoft Corporation)
R3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-09-26] (Freemake)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-21] (Microsoft Corporation)
S3 hidserv; C:\Windows\System32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation)
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-21] (Microsoft Corporation)
U3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-21] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-21] (Microsoft Corporation)
S3 idsvc; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [856400 2010-11-21] (Microsoft Corporation)
S3 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-12] (Microsoft Corporation)
R2 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation)
R3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [641352 2014-05-26] (Apple Inc.)
R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\System32\srvsvc.dll [236032 2010-11-21] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-21] (Microsoft Corporation)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-21] (Microsoft Corporation)
R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-05-07] (Mozilla Foundation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-21] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-21] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2010-11-21] (Microsoft Corporation)
S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-21] (Microsoft Corporation)
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation)
R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation)
S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation)
S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 odserv; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation)
S3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-14] (Microsoft Corporation)
S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1361920 2009-07-14] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-21] (Microsoft Corporation)
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-05-24] (Microsoft Corporation)
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation)
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation)
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-21] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [209920 2012-05-01] (Microsoft Corporation)
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation)
R3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-21] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-14] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-14] (Microsoft Corporation)
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-14] (Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-21] (Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-21] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-21] (Microsoft Corporation)
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-21] (Microsoft Corporation)
R2 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-21] (Microsoft Corporation)
R2 SENS; C:\Windows\system32\sens.dll [64512 2009-07-14] (Microsoft Corporation)
R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [737616 2013-04-18] (Nokia)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-21] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-21] (Microsoft Corporation)
S2 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-21] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-21] (Microsoft Corporation)
S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-11] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-21] (Microsoft Corporation)
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation)
R3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [543424 2014-05-29] (Valve Corporation)
R2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\system32\storsvc.dll [17920 2009-07-14] (Microsoft Corporation)
S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation)
R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-21] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-21] (Microsoft Corporation)
R3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-21] (Microsoft Corporation)
R3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-21] (Microsoft Corporation)
S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation)
R2 TeamViewer9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [4972864 2014-04-02] (TeamViewer GmbH)
S3 TermService; C:\Windows\System32\termsrv.dll [680960 2010-11-21] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation)
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation)
R3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-21] (Microsoft Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation)
S3 UmRdpService; C:\Windows\System32\umrdp.dll [214528 2010-11-21] (Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation)
R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation)
S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-21] (Microsoft Corporation)
S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-21] (Microsoft Corporation)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1526800 2014-05-27] (Bitdefender)
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-21] (Microsoft Corporation)
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-21] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [259584 2013-07-04] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation)
S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444416 2010-11-21] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018304 2010-11-21] (Microsoft Corporation)
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corp.)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-21] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation)
R3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-21] (Microsoft Corporation)
R2 wscsvc; C:\Windows\system32\wscsvc.dll [97280 2009-07-14] (Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-05-04] (Microsoft Corporation)
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation)
R2 wuauserv; C:\Windows\system32\wuaueng.dll [2428952 2012-06-03] (Microsoft Corporation)
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-26] (Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-28] (Microsoft Corporation)

==================== Drivers (All) ==========================

R3 1394ohci; C:\Windows\System32\DRIVERS\1394ohci.sys [229888 2010-11-21] (Microsoft Corporation)
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-21] (Microsoft Corporation)
S3 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [491088 2009-07-14] (Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\drivers\adpahci.sys [339536 2009-07-14] (Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\drivers\adpu320.sys [182864 2009-07-14] (Adaptec, Inc.)
R1 AFD; C:\Windows\system32\drivers\afd.sys [497152 2013-09-28] (Microsoft Corporation)
S3 agp440; C:\Windows\system32\drivers\agp440.sys [61008 2009-07-14] (Microsoft Corporation)
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-14] (Acer Laboratories Inc.)
S3 amdide; C:\Windows\system32\drivers\amdide.sys [15440 2009-07-14] (Microsoft Corporation)
S3 AmdK8; C:\Windows\system32\drivers\amdk8.sys [64512 2009-07-14] (Microsoft Corporation)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11922944 2013-04-24] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [359936 2013-04-24] (Advanced Micro Devices, Inc.)
S3 AmdPPM; C:\Windows\system32\drivers\amdppm.sys [60928 2009-07-14] (Microsoft Corporation)
S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [107904 2011-03-11] (Advanced Micro Devices)
S3 amdsbs; C:\Windows\system32\drivers\amdsbs.sys [194128 2009-07-14] (AMD Technologies Inc.)
R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-21] (Microsoft Corporation)
S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-14] (Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-14] (Adaptec, Inc.)
R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation)
R0 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96896 2012-05-14] (Advanced Micro Devices)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11922944 2013-04-24] (Advanced Micro Devices, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2014-02-03] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2014-02-03] (BitDefender)
S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation)
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation)
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-14] (Microsoft Corporation)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-27] (BitDefender SRL)
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation)
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-14] (Microsoft Corporation)
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] (Microsoft Corporation)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-09-21] (BitRaider)
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
S3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-14] (Microsoft Corporation)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S3 BthEnum; C:\Windows\System32\DRIVERS\BthEnum.sys [41984 2009-07-14] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\DRIVERS\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation)
S3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [118784 2009-07-14] (Microsoft Corporation)
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [552960 2012-07-06] (Microsoft Corporation)
S3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [80384 2011-04-28] (Microsoft Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation)
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-21] (Microsoft Corporation)
S3 circlass; C:\Windows\system32\drivers\circlass.sys [45568 2009-07-14] (Microsoft Corporation)
R0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] (Microsoft Corporation)
S3 CmBatt; C:\Windows\system32\drivers\CmBatt.sys [17664 2009-07-14] (Microsoft Corporation)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] (CMD Technology, Inc.)
R0 CNG; C:\Windows\System32\Drivers\cng.sys [458712 2013-07-04] (Microsoft Corporation)
S3 Compbatt; C:\Windows\system32\drivers\compbatt.sys [21584 2009-07-14] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2010-11-21] (Microsoft Corporation)
S4 crcdisk; C:\Windows\system32\drivers\crcdisk.sys [24144 2009-07-14] (Microsoft Corporation)
R1 CSC; C:\Windows\System32\drivers\csc.sys [514560 2010-11-21] (Microsoft Corporation)
S3 csr_a2dp; C:\Windows\System32\drivers\bthav.sys [78848 2009-12-21] (CSR, plc)
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-21] (Microsoft Corporation)
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation)
R0 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
S3 dmvsc; C:\Windows\system32\drivers\dmvsc.sys [71168 2010-11-21] (Microsoft Corporation)
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2009-07-14] (Microsoft Corporation)
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [983488 2013-08-01] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-14] (Emulex)
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-14] (Microsoft Corporation)
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation)
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] (Microsoft Corporation)
S3 fdc; C:\Windows\system32\drivers\fdc.sys [29696 2009-07-14] (Microsoft Corporation)
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation)
S3 flpydisk; C:\Windows\system32\drivers\flpydisk.sys [24576 2009-07-14] (Microsoft Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-14] (Microsoft Corporation)
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
S3 gagp30kx; C:\Windows\system32\drivers\gagp30kx.sys [65088 2009-07-14] (Microsoft Corporation)
R3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
R3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-21] (Microsoft Corporation)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2010-11-21] (Microsoft Corporation)
S3 HidBatt; C:\Windows\system32\drivers\HidBatt.sys [26624 2009-07-14] (Microsoft Corporation)
S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [100864 2009-07-14] (Microsoft Corporation)
S3 HidIr; C:\Windows\system32\drivers\hidir.sys [46592 2009-07-14] (Microsoft Corporation)
R3 HidUsb; C:\Windows\system32\drivers\hidusb.sys [30208 2010-11-21] (Microsoft Corporation)
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-21] (Hewlett-Packard Company)
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-21] (Microsoft Corporation)
R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)
R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation)
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2011-03-11] (Intel Corporation)
S3 iirsp; C:\Windows\system32\drivers\iirsp.sys [44112 2009-07-14] (Intel Corp./ICP vortex GmbH)
S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-14] (Microsoft Corporation)
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-21] (Microsoft Corporation)
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-21] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation)
S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-14] (Microsoft Corporation)
S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [274880 2014-02-04] (Microsoft Corporation)
R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-14] (Microsoft Corporation)
S3 kbdhid; C:\Windows\system32\drivers\kbdhid.sys [33280 2010-11-21] (Microsoft Corporation)
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2014-04-12] (Microsoft Corporation)
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155072 2014-04-12] (Microsoft Corporation)
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation)
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x64.sys [56320 2009-08-23] (Atheros Communications, Inc.)
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation)
S3 LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [114752 2009-07-14] (LSI Corporation)
S3 LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [106560 2009-07-14] (LSI Corporation)
S3 LSI_SAS2; C:\Windows\system32\drivers\lsi_sas2.sys [65600 2009-07-14] (LSI Corporation)
S3 LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [115776 2009-07-14] (LSI Corporation)
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-27] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
S3 megasas; C:\Windows\system32\drivers\megasas.sys [35392 2009-07-14] (LSI Corporation)
S3 MegaSR; C:\Windows\system32\drivers\MegaSR.sys [284736 2009-07-14] (LSI Corporation, Inc.)
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation)
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation)
R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-14] (Microsoft Corporation)
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] (Microsoft Corporation)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-21] (Microsoft Corporation)
S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-21] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2013-07-04] (Microsoft Corporation)
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-04-27] (Microsoft Corporation)
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-09] (Microsoft Corporation)
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-04-27] (Microsoft Corporation)
S3 msahci; C:\Windows\system32\drivers\msahci.sys [31104 2010-11-21] (Microsoft Corporation)
S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-21] (Microsoft Corporation)
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation)
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation)
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation)
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-21] (Microsoft Corporation)
R1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-14] (Microsoft Corporation)
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation)
S3 MTConfig; C:\Windows\system32\drivers\MTConfig.sys [15360 2009-07-14] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation)
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation)
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] (Microsoft Corporation)
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-21] (Microsoft Corporation)
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-21] (Microsoft Corporation)
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-21] (Microsoft Corporation)
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation)
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-21] (Microsoft Corporation)
S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-14] (IBM Corporation)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] (Microsoft Corporation)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1684928 2014-01-24] (Microsoft Corporation)
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation)
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-03-11] (NVIDIA Corporation)
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-03-11] (NVIDIA Corporation)
S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-14] (Microsoft Corporation)
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-14] (Microsoft Corporation)
S3 Parport; C:\Windows\system32\drivers\parport.sys [97280 2009-07-14] (Microsoft Corporation)
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [26112 2012-10-17] (Nokia)
R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)
R0 pciide; C:\Windows\System32\drivers\pciide.sys [12352 2009-07-14] (Microsoft Corporation)
S3 pcmcia; C:\Windows\system32\drivers\pcmcia.sys [220752 2009-07-14] (Microsoft Corporation)
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] (Microsoft Corporation)
R3 Point64; C:\Windows\System32\DRIVERS\point64.sys [45416 2011-08-01] (Microsoft Corporation)
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-21] (Microsoft Corporation)
S3 Processor; C:\Windows\system32\drivers\processr.sys [60416 2009-07-14] (Microsoft Corporation)
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-21] (Microsoft Corporation)
S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-14] (QLogic Corporation)
S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-14] (QLogic Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation)
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] (Microsoft Corporation)
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-21] (Microsoft Corporation)
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation)
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] (Microsoft Corporation)
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-21] (Microsoft Corporation)
R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation)
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation)
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165888 2010-11-21] (Microsoft Corporation)
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation)
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [19456 2012-08-23] (Microsoft Corporation)
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2012-04-28] (Microsoft Corporation)
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)
S3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [158720 2009-07-14] (Microsoft Corporation)
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation)
S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [6656 2010-11-21] (Microsoft Corporation)
S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-21] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-21] (Microsoft Corporation)
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-14] (Microsoft Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Microsoft Corporation)
S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2009-07-14] (Microsoft Corporation)
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation)
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation)
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-21] (Microsoft Corporation)
S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16896 2009-07-14] (Microsoft Corporation)
S3 SiSRaid2; C:\Windows\system32\drivers\SiSRaid2.sys [43584 2009-07-14] (Silicon Integrated Systems Corp.)
S3 SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [80464 2009-07-14] (Silicon Integrated Systems)
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation)
R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-29] (Microsoft Corporation)
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-29] (Microsoft Corporation)
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-29] (Microsoft Corporation)
S3 stexstor; C:\Windows\system32\drivers\stexstor.sys [24656 2009-07-14] (Promise Technology)
R0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [46464 2010-11-21] (Microsoft Corporation)
S3 storvsc; C:\Windows\system32\drivers\storvsc.sys [34688 2010-11-21] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-14] (Microsoft Corporation)
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2013-09-08] (Microsoft Corporation)
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1903552 2013-09-08] (Microsoft Corporation)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] (Microsoft Corporation)
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation)
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] (Microsoft Corporation)
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-21] (Microsoft Corporation)
R1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [63360 2010-11-21] (Microsoft Corporation)
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2013-06-15] (Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56832 2013-10-02] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [30208 2012-08-23] (Microsoft Corporation)
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-21] (Microsoft Corporation)
S3 uagp35; C:\Windows\system32\drivers\uagp35.sys [64080 2009-07-14] (Microsoft Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-21] (Microsoft Corporation)
S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-14] (Microsoft Corporation)
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-21] (Microsoft Corporation)
S3 UmPass; C:\Windows\System32\DRIVERS\umpass.sys [9728 2009-07-14] (Microsoft Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.)
S3 usbaudio; C:\Windows\system32\drivers\usbaudio.sys [109824 2013-07-12] (Microsoft Corporation)
S3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-27] (Microsoft Corporation)
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation)
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [53248 2013-11-27] (Microsoft Corporation)
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-27] (Microsoft Corporation)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-27] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] (Microsoft Corporation)
S3 usbser; C:\Windows\System32\DRIVERS\usbser.sys [33280 2013-08-29] (Microsoft Corporation)
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-11] (Microsoft Corporation)
R3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [30720 2013-11-27] (Microsoft Corporation)
S3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation)
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation)
S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-21] (Microsoft Corporation)
S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-14] (VIA Technologies, Inc.)
S3 vmbus; C:\Windows\system32\drivers\vmbus.sys [199552 2010-11-21] (Microsoft Corporation)
S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [21760 2010-11-21] (Microsoft Corporation)
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)
S3 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [161872 2009-07-14] (VIA Technologies Inc.,Ltd)
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [27776 2009-07-14] (Microsoft Corporation)
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] (Microsoft Corporation)
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] (Microsoft Corporation)
S3 Wd; C:\Windows\system32\drivers\wd.sys [21056 2009-07-14] (Microsoft Corporation)
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-26] (Microsoft Corporation)
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation)
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] (Microsoft Corporation)
S3 WIMMount; C:\Windows\SysWOW64\drivers\wimmount.sys [19008 2009-07-14] (Microsoft Corporation)
U3 Winsock; No ImagePath
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-21] (Microsoft Corporation)
S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-14] (Microsoft Corporation)
R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation)
R3 WSDPrintDevice; C:\Windows\System32\DRIVERS\WSDPrint.sys [23040 2009-07-14] (Microsoft Corporation)
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] (Microsoft Corporation)
R3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 xusb21; C:\Windows\System32\DRIVERS\xusb21.sys [73984 2009-08-13] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\Admin\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-04 10:21 - 2014-06-04 10:28 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part11.rar
2014-06-04 10:08 - 2014-06-04 10:15 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part04.rar
2014-06-04 01:19 - 2014-06-04 01:29 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part10.rar
2014-06-04 01:07 - 2014-06-04 01:18 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part09.rar
2014-06-04 00:56 - 2014-06-04 01:06 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part08.rar
2014-06-04 00:44 - 2014-06-04 00:55 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part07.rar
2014-06-04 00:33 - 2014-06-04 00:44 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part06.rar
2014-06-04 00:22 - 2014-06-04 00:32 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part05.rar
2014-06-04 00:10 - 2014-06-04 00:21 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part03.rar
2014-06-03 23:59 - 2014-06-04 00:10 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part02.rar
2014-06-03 23:48 - 2014-06-03 23:58 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part01.rar
2014-06-03 23:24 - 2014-06-03 23:24 - 00000000 ____D () C:\Users\Winni\Desktop\FRST-OlderVersion
2014-05-30 16:29 - 2014-06-04 21:58 - 00000000 ____D () C:\FRST
2014-05-30 16:26 - 2014-05-30 16:26 - 00000758 _____ () C:\DelFix.txt
2014-05-30 16:20 - 2014-05-30 16:20 - 00000244 _____ () C:\Users\Winni\Downloads\defogger_enable.log
2014-05-30 15:17 - 2014-05-30 15:17 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-30 15:17 - 2014-05-30 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-30 15:16 - 2014-05-30 15:17 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-30 15:16 - 2014-05-30 15:17 - 00000000 ____D () C:\Program Files\iTunes
2014-05-30 15:16 - 2014-05-30 15:17 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-30 15:16 - 2014-05-30 15:16 - 00000000 ____D () C:\Program Files\iPod
2014-05-29 01:01 - 2014-06-04 21:58 - 00069920 _____ () C:\Users\Winni\Desktop\FRST.txt
2014-05-29 01:01 - 2014-05-29 01:02 - 00042490 _____ () C:\Users\Winni\Desktop\Addition.txt
2014-05-28 21:54 - 2014-05-28 21:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-28 21:22 - 2014-05-28 21:22 - 00854367 _____ () C:\Users\Winni\Desktop\SecurityCheck.exe
2014-05-28 15:08 - 2014-05-28 15:08 - 02347384 _____ (ESET) C:\Users\Winni\Desktop\esetsmartinstaller_deu.exe
2014-05-28 13:14 - 2014-05-28 13:14 - 00018435 _____ () C:\Windows\DirectX.log
2014-05-27 20:37 - 2014-05-27 20:37 - 00000829 _____ () C:\Users\Winni\Downloads\JRT.txt
2014-05-27 20:30 - 2014-05-30 16:26 - 00000000 ____D () C:\Windows\ERUNT
2014-05-27 20:25 - 2014-05-27 20:25 - 01016261 _____ (Thisisu) C:\Users\Winni\Desktop\JRT.exe
2014-05-27 20:12 - 2014-05-27 20:12 - 01327971 _____ () C:\Users\Winni\Desktop\adwcleaner_3.211.exe
2014-05-27 20:10 - 2014-05-27 20:10 - 00001892 _____ () C:\Users\Winni\Desktop\MWB.txt
2014-05-27 19:56 - 2014-05-27 19:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-27 19:55 - 2014-05-27 19:55 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-27 19:55 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-27 19:55 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-27 19:55 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-27 19:53 - 2014-05-27 19:54 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Winni\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-27 19:45 - 2014-05-27 19:45 - 00000385 _____ () C:\Users\Admin\AppData\Roaminguser_gensett.xml
2014-05-27 16:30 - 2014-05-27 16:30 - 00000207 _____ () C:\Users\Winni\Desktop\Warhammer 40,000 Space Marine.url
2014-05-26 20:44 - 2014-05-30 16:26 - 00000000 ____D () C:\Users\Admin\AppData\Local\temp
2014-05-26 20:44 - 2014-05-26 20:44 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-26 20:44 - 2014-05-26 20:44 - 00000000 ____D () C:\Users\hedev\AppData\Local\temp
2014-05-26 20:44 - 2014-05-26 20:44 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-26 20:44 - 2014-05-26 20:44 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-26 20:32 - 2014-05-26 20:43 - 00000000 ____D () C:\Windows\erdnt
2014-05-25 19:37 - 2014-05-25 19:37 - 00000000 ____D () C:\Users\Winni\AppData\Local\THQ
2014-05-25 15:54 - 2014-05-25 15:54 - 00049825 _____ () C:\Users\Winni\Downloads\LogFiles.zip
2014-05-25 15:53 - 2014-05-25 15:53 - 00002605 _____ () C:\Users\Winni\Downloads\AdwCleaner[R1].txt
2014-05-25 15:19 - 2014-05-25 15:19 - 00749519 _____ () C:\Users\Winni\Downloads\Gmer.txt
2014-05-25 15:06 - 2014-05-25 15:06 - 00380416 _____ () C:\Users\Winni\Downloads\Gmer-19357.exe
2014-05-25 14:52 - 2014-05-27 20:46 - 00031592 _____ () C:\Users\Winni\Downloads\Addition.txt
2014-05-25 14:51 - 2014-05-27 20:46 - 00049253 _____ () C:\Users\Winni\Downloads\FRST.txt
2014-05-25 14:50 - 2014-06-03 23:24 - 02068992 _____ (Farbar) C:\Users\Winni\Desktop\FRST64.exe
2014-05-25 14:48 - 2014-05-25 14:48 - 00000472 _____ () C:\Users\Winni\Downloads\defogger_disable.log
2014-05-20 23:14 - 2014-05-20 23:14 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 23:14 - 2014-05-20 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-20 23:11 - 2014-05-27 20:28 - 00001816 _____ () C:\Windows\PFRO.log
2014-05-20 23:00 - 2014-05-20 23:01 - 28852416 _____ (Mozilla) C:\Users\Winni\Downloads\Firefox Setup 29.0.1.exe
2014-05-16 16:04 - 2014-05-23 15:09 - 00000728 __RSH () C:\ProgramData\ntuser.pol
2014-05-15 16:25 - 2014-05-15 16:26 - 00000000 ____D () C:\Users\Winni\Desktop\BIlder
2014-05-15 15:50 - 2014-05-12 05:06 - 958174777 _____ () C:\Users\Winni\Downloads\Game.of.Thrones.S04E06.720p.HDTV.x264-DIMENSION.mkv
2014-05-15 14:12 - 2014-05-15 14:12 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-05-14 17:53 - 2014-05-06 02:46 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 17:53 - 2014-05-06 02:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 17:53 - 2014-05-06 02:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 17:53 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 17:53 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 17:53 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 17:40 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 17:40 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 17:40 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 17:40 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 17:40 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 17:40 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 17:40 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 17:40 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 17:40 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 17:40 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 17:40 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 17:40 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 17:40 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 17:40 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 17:40 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 17:40 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 17:40 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 17:40 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 17:40 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 17:40 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 15:24 - 2014-05-13 15:24 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Lavasoft
2014-05-13 15:02 - 2014-05-13 15:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\LavasoftStatistics
2014-05-13 14:42 - 2014-05-13 14:42 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-13 00:09 - 2014-05-13 00:14 - 188100210 _____ () C:\Users\Winni\Downloads\ulisses-2014-05-12_05-09pm.zip
2014-05-12 21:58 - 2014-05-12 22:08 - 00000000 ____D () C:\Users\Admin\AppData\Local\ManyCam
2014-05-12 21:57 - 2014-05-12 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2014-05-12 21:55 - 2014-05-12 21:57 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-05-12 21:55 - 2014-05-12 21:55 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ManyCam
2014-05-12 21:26 - 2014-05-12 21:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\dlg
2014-05-12 21:25 - 2014-05-12 21:25 - 00120832 _____ () C:\Windows\system32\xljveinstall.exe
2014-05-12 00:22 - 2014-05-12 00:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Fantasy Grounds
2014-05-12 00:20 - 2014-05-12 00:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Fantasy Grounds
2014-05-12 00:20 - 2014-05-12 00:21 - 00000000 ____D () C:\Program Files (x86)\Fantasy Grounds
2014-05-11 16:23 - 2014-05-11 16:35 - 00000000 ____D () C:\Users\Winni\AppData\Local\Plex Media Server
2014-05-11 16:21 - 2014-05-11 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-05-11 16:21 - 2014-05-11 16:21 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-05-11 00:59 - 2014-05-20 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 17:50 - 2014-05-05 06:40 - 1345560050 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e05.720p.hdtv.x264-killers.mkv
2014-05-09 16:48 - 2014-05-29 01:01 - 00000000 ____D () C:\Users\Winni\Downloads\RPG
2014-05-09 00:10 - 2014-04-28 07:33 - 1347531464 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e04.720p.hdtv.x264-killers.mkv
2014-05-08 15:54 - 2014-06-04 21:45 - 00005028 _____ () C:\Windows\setupact.log
2014-05-08 15:54 - 2014-05-08 15:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-07 15:11 - 2014-05-15 16:30 - 00000000 ____D () C:\Users\Winni\Desktop\tmp
2014-05-07 15:06 - 2014-02-10 10:33 - 118399400 _____ () C:\Users\Winni\Downloads\Game.of.Thrones-Ice.and.Fire.A.Foreshadowing.HDTV.XviD-AFG.avi
2014-05-06 00:35 - 2014-05-06 00:43 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\HandBrake
2014-05-06 00:32 - 2014-05-06 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2014-05-05 22:39 - 2014-05-05 22:39 - 00001205 _____ () C:\Users\Winni\Desktop\Chromecast.lnk
2014-05-05 22:39 - 2014-05-05 22:39 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-05-05 22:38 - 2014-06-04 09:43 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003UA.job
2014-05-05 22:38 - 2014-06-02 22:43 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003Core.job
2014-05-05 22:38 - 2014-05-05 22:41 - 00000000 ____D () C:\Users\Winni\AppData\Local\Google
2014-05-05 21:36 - 2014-04-21 05:18 - 1344397720 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e03.720p.hdtv.x264-killers.mkv
2014-05-05 00:22 - 2014-04-14 04:40 - 1269763329 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e02.720p.hdtv.x264-2hd.mkv

==================== One Month Modified Files and Folders =======

2014-06-04 21:58 - 2014-05-30 16:29 - 00000000 ____D () C:\FRST
2014-06-04 21:58 - 2014-05-29 01:01 - 00069920 _____ () C:\Users\Winni\Desktop\FRST.txt
2014-06-04 21:58 - 2012-10-21 21:04 - 00000000 ____D () C:\Users\Winni\AppData\Local\Temp
2014-06-04 21:53 - 2009-07-14 06:45 - 00020304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-04 21:53 - 2009-07-14 06:45 - 00020304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-04 21:52 - 2012-10-21 19:42 - 02008678 _____ () C:\Windows\WindowsUpdate.log
2014-06-04 21:45 - 2014-05-08 15:54 - 00005028 _____ () C:\Windows\setupact.log
2014-06-04 21:45 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-04 10:28 - 2014-06-04 10:21 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part11.rar
2014-06-04 10:18 - 2012-11-21 20:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-04 10:15 - 2014-06-04 10:08 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part04.rar
2014-06-04 10:07 - 2012-10-28 00:24 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-06-04 09:43 - 2014-05-05 22:38 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003UA.job
2014-06-04 07:58 - 2012-10-22 23:05 - 00000388 _____ () C:\Windows\Tasks\update-S-1-5-21-1143599331-371919559-3494116047-1003.job
2014-06-04 01:29 - 2014-06-04 01:19 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part10.rar
2014-06-04 01:18 - 2014-06-04 01:07 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part09.rar
2014-06-04 01:06 - 2014-06-04 00:56 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part08.rar
2014-06-04 00:55 - 2014-06-04 00:44 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part07.rar
2014-06-04 00:44 - 2014-06-04 00:33 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part06.rar
2014-06-04 00:32 - 2014-06-04 00:22 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part05.rar
2014-06-04 00:21 - 2014-06-04 00:10 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part03.rar
2014-06-04 00:10 - 2014-06-03 23:59 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part02.rar
2014-06-03 23:58 - 2014-06-03 23:48 - 105000000 _____ () C:\Users\Winni\Downloads\GoT.s04e07.720p.part01.rar
2014-06-03 23:24 - 2014-06-03 23:24 - 00000000 ____D () C:\Users\Winni\Desktop\FRST-OlderVersion
2014-06-03 23:24 - 2014-05-25 14:50 - 02068992 _____ (Farbar) C:\Users\Winni\Desktop\FRST64.exe
2014-06-03 01:21 - 2012-10-26 00:37 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\vlc
2014-06-03 00:46 - 2013-04-28 15:04 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Spotify
2014-06-02 22:43 - 2014-05-05 22:38 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003Core.job
2014-06-02 22:17 - 2013-07-03 00:12 - 00000000 ____D () C:\Users\Winni\AppData\Local\Battle.net
2014-06-02 21:01 - 2013-04-28 15:11 - 00000000 ____D () C:\Users\Winni\AppData\Local\Spotify
2014-06-02 20:38 - 2013-09-05 16:11 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-06-02 20:37 - 2013-07-03 00:12 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-01 12:31 - 2011-04-12 09:43 - 00699654 _____ () C:\Windows\system32\perfh007.dat
2014-06-01 12:31 - 2011-04-12 09:43 - 00149794 _____ () C:\Windows\system32\perfc007.dat
2014-06-01 12:31 - 2009-07-14 07:13 - 01621612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-30 16:26 - 2014-05-30 16:26 - 00000758 _____ () C:\DelFix.txt
2014-05-30 16:26 - 2014-05-27 20:30 - 00000000 ____D () C:\Windows\ERUNT
2014-05-30 16:26 - 2014-05-26 20:44 - 00000000 ____D () C:\Users\Admin\AppData\Local\temp
2014-05-30 16:20 - 2014-05-30 16:20 - 00000244 _____ () C:\Users\Winni\Downloads\defogger_enable.log
2014-05-30 16:20 - 2012-10-21 19:48 - 00000000 ____D () C:\Users\Admin
2014-05-30 15:17 - 2014-05-30 15:17 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-30 15:17 - 2014-05-30 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-30 15:17 - 2014-05-30 15:16 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-30 15:17 - 2014-05-30 15:16 - 00000000 ____D () C:\Program Files\iTunes
2014-05-30 15:17 - 2014-05-30 15:16 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-30 15:16 - 2014-05-30 15:16 - 00000000 ____D () C:\Program Files\iPod
2014-05-29 01:02 - 2014-05-29 01:01 - 00042490 _____ () C:\Users\Winni\Desktop\Addition.txt
2014-05-29 01:01 - 2014-05-09 16:48 - 00000000 ____D () C:\Users\Winni\Downloads\RPG
2014-05-29 00:39 - 2012-10-31 22:39 - 00000432 _____ () C:\Windows\BRWMARK.INI
2014-05-28 21:54 - 2014-05-28 21:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-28 21:22 - 2014-05-28 21:22 - 00854367 _____ () C:\Users\Winni\Desktop\SecurityCheck.exe
2014-05-28 15:08 - 2014-05-28 15:08 - 02347384 _____ (ESET) C:\Users\Winni\Desktop\esetsmartinstaller_deu.exe
2014-05-28 13:14 - 2014-05-28 13:14 - 00018435 _____ () C:\Windows\DirectX.log
2014-05-27 20:46 - 2014-05-25 14:52 - 00031592 _____ () C:\Users\Winni\Downloads\Addition.txt
2014-05-27 20:46 - 2014-05-25 14:51 - 00049253 _____ () C:\Users\Winni\Downloads\FRST.txt
2014-05-27 20:37 - 2014-05-27 20:37 - 00000829 _____ () C:\Users\Winni\Downloads\JRT.txt
2014-05-27 20:28 - 2014-05-20 23:11 - 00001816 _____ () C:\Windows\PFRO.log
2014-05-27 20:25 - 2014-05-27 20:25 - 01016261 _____ (Thisisu) C:\Users\Winni\Desktop\JRT.exe
2014-05-27 20:12 - 2014-05-27 20:12 - 01327971 _____ () C:\Users\Winni\Desktop\adwcleaner_3.211.exe
2014-05-27 20:10 - 2014-05-27 20:10 - 00001892 _____ () C:\Users\Winni\Desktop\MWB.txt
2014-05-27 19:57 - 2014-05-27 19:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-27 19:55 - 2014-05-27 19:55 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-27 19:54 - 2014-05-27 19:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Winni\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-27 19:45 - 2014-05-27 19:45 - 00000385 _____ () C:\Users\Admin\AppData\Roaminguser_gensett.xml
2014-05-27 18:54 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-27 16:30 - 2014-05-27 16:30 - 00000207 _____ () C:\Users\Winni\Desktop\Warhammer 40,000 Space Marine.url
2014-05-26 20:45 - 2012-10-21 19:48 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-26 20:45 - 2012-10-21 19:48 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-26 20:45 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-26 20:44 - 2014-05-26 20:44 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-26 20:44 - 2014-05-26 20:44 - 00000000 ____D () C:\Users\hedev\AppData\Local\temp
2014-05-26 20:44 - 2014-05-26 20:44 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-26 20:44 - 2014-05-26 20:44 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-26 20:43 - 2014-05-26 20:32 - 00000000 ____D () C:\Windows\erdnt
2014-05-26 20:42 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-25 20:14 - 2012-10-21 21:04 - 00000000 ____D () C:\Users\Winni
2014-05-25 19:37 - 2014-05-25 19:37 - 00000000 ____D () C:\Users\Winni\AppData\Local\THQ
2014-05-25 15:54 - 2014-05-25 15:54 - 00049825 _____ () C:\Users\Winni\Downloads\LogFiles.zip
2014-05-25 15:53 - 2014-05-25 15:53 - 00002605 _____ () C:\Users\Winni\Downloads\AdwCleaner[R1].txt
2014-05-25 15:19 - 2014-05-25 15:19 - 00749519 _____ () C:\Users\Winni\Downloads\Gmer.txt
2014-05-25 15:06 - 2014-05-25 15:06 - 00380416 _____ () C:\Users\Winni\Downloads\Gmer-19357.exe
2014-05-25 14:48 - 2014-05-25 14:48 - 00000472 _____ () C:\Users\Winni\Downloads\defogger_disable.log
2014-05-23 17:41 - 2012-10-25 21:20 - 00000000 ____D () C:\Users\Winni\Bewerbungen
2014-05-23 16:56 - 2012-10-21 21:05 - 00000000 ____D () C:\Users\Winni\AppData\Local\VirtualStore
2014-05-23 15:09 - 2014-05-16 16:04 - 00000728 __RSH () C:\ProgramData\ntuser.pol
2014-05-22 14:55 - 2012-10-20 18:41 - 00000000 ____D () C:\Games
2014-05-20 23:14 - 2014-05-20 23:14 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 23:14 - 2014-05-20 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-20 23:14 - 2014-05-11 00:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-20 23:01 - 2014-05-20 23:00 - 28852416 _____ (Mozilla) C:\Users\Winni\Downloads\Firefox Setup 29.0.1.exe
2014-05-20 12:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 16:54 - 2012-10-25 20:59 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-05-16 16:04 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-15 16:30 - 2014-05-07 15:11 - 00000000 ____D () C:\Users\Winni\Desktop\tmp
2014-05-15 16:26 - 2014-05-15 16:25 - 00000000 ____D () C:\Users\Winni\Desktop\BIlder
2014-05-15 14:12 - 2014-05-15 14:12 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-05-15 12:52 - 2012-10-31 22:46 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-15 12:43 - 2012-10-21 21:05 - 00000000 ___RD () C:\Users\Winni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 12:43 - 2012-10-21 21:05 - 00000000 ___RD () C:\Users\Winni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 19:20 - 2014-04-24 15:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 19:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-14 17:52 - 2013-07-10 18:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 17:52 - 2012-11-25 16:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 17:46 - 2012-10-21 20:48 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 22:18 - 2012-10-22 21:13 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 22:18 - 2012-10-22 21:13 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 15:24 - 2014-05-13 15:24 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Lavasoft
2014-05-13 15:11 - 2013-02-17 20:15 - 00000000 ____D () C:\Users\Winni\AppData\Local\Unity
2014-05-13 15:02 - 2014-05-13 15:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\LavasoftStatistics
2014-05-13 14:42 - 2014-05-13 14:42 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-13 00:44 - 2014-01-10 00:46 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-05-13 00:14 - 2014-05-13 00:09 - 188100210 _____ () C:\Users\Winni\Downloads\ulisses-2014-05-12_05-09pm.zip
2014-05-12 23:51 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-12 22:08 - 2014-05-12 21:58 - 00000000 ____D () C:\Users\Admin\AppData\Local\ManyCam
2014-05-12 21:57 - 2014-05-12 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2014-05-12 21:57 - 2014-05-12 21:55 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-05-12 21:55 - 2014-05-12 21:55 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ManyCam
2014-05-12 21:26 - 2014-05-12 21:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\dlg
2014-05-12 21:25 - 2014-05-12 21:25 - 00120832 _____ () C:\Windows\system32\xljveinstall.exe
2014-05-12 07:26 - 2014-05-27 19:55 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-27 19:55 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-27 19:55 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-12 05:06 - 2014-05-15 15:50 - 958174777 _____ () C:\Users\Winni\Downloads\Game.of.Thrones.S04E06.720p.HDTV.x264-DIMENSION.mkv
2014-05-12 00:22 - 2014-05-12 00:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Fantasy Grounds
2014-05-12 00:22 - 2014-05-12 00:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Fantasy Grounds
2014-05-12 00:21 - 2014-05-12 00:20 - 00000000 ____D () C:\Program Files (x86)\Fantasy Grounds
2014-05-11 16:35 - 2014-05-11 16:23 - 00000000 ____D () C:\Users\Winni\AppData\Local\Plex Media Server
2014-05-11 16:28 - 2013-10-20 19:57 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-05-11 16:23 - 2012-10-21 23:14 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Apple Computer
2014-05-11 16:23 - 2012-10-21 23:14 - 00000000 ____D () C:\Users\Winni\AppData\Local\Apple Computer
2014-05-11 16:21 - 2014-05-11 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-05-11 16:21 - 2014-05-11 16:21 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-05-11 16:21 - 2013-09-07 21:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-11 15:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-09 08:14 - 2014-05-14 17:40 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 17:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 15:54 - 2014-05-08 15:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-07 14:20 - 2013-05-24 15:00 - 00000000 ____D () C:\Windows\Minidump
2014-05-07 14:20 - 2012-10-21 20:39 - 00000000 ____D () C:\Windows\Panther
2014-05-07 14:04 - 2013-01-26 19:42 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-07 14:04 - 2013-01-26 19:42 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-06 02:46 - 2014-05-14 17:53 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 02:21 - 2014-05-14 17:53 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 02:21 - 2014-05-14 17:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 01:32 - 2014-05-14 17:53 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 01:14 - 2014-05-14 17:53 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 01:14 - 2014-05-14 17:53 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 00:43 - 2014-05-06 00:35 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\HandBrake
2014-05-06 00:32 - 2014-05-06 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2014-05-05 22:41 - 2014-05-05 22:38 - 00000000 ____D () C:\Users\Winni\AppData\Local\Google
2014-05-05 22:39 - 2014-05-05 22:39 - 00001205 _____ () C:\Users\Winni\Desktop\Chromecast.lnk
2014-05-05 22:39 - 2014-05-05 22:39 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-05-05 06:40 - 2014-05-09 17:50 - 1345560050 _____ () C:\Users\Winni\Downloads\game.of.thrones.s04e05.720p.hdtv.x264-killers.mkv

Files to move or delete:
====================
C:\Users\Winni\Broodwar.bat


Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
--- --- ---

Daigochiban 04.06.2014 21:02
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2014
Ran by Winni at 2014-06-04 21:58:36
Running from C:\Users\Winni\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.30424 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{25107779-C295-EB3E-3C92-AC1B45680012}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80424.1301 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.0.5-r2 - Arduino LLC)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitdefender Antivirus Plus (HKLM\...\Bitdefender) (Version: 17.20.0.883 - Bitdefender)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.8.1 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0424.1225.20315 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.316.0 - Google Inc.)
Compiled Driver Disk (Nokia) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-705480811205}_is1) (Version: 1.0.3.0 - COMPELSON Labs)
Core Temp 1.0 RC5 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Ihr Firmenname)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
Dungeon Keeper Gold (HKLM-x32\...\GOGPACKDUNGEONKEEPER_is1) (Version: 2.0.0.4 - GOG.com)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
EndNote X5 (HKLM-x32\...\{86B3F2D6-AC2B-0015-8AE1-F2F77F781B0C}) (Version: 15.0.0.5478 - Thomson Reuters)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Firefall (HKLM-x32\...\{CFEF8DB5-B45E-4b05-90BE-D02AA6F45354}) (Version:  - Red 5 Studios)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Freemake Video Converter Version 4.0.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.4 - Ellora Assets Corporation)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version:  - )
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
ManyCam 4.0.77 (HKLM-x32\...\ManyCam) (Version: 4.0.77 - Visicom Media Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.52 (HKLM-x32\...\Mp3tag) (Version: v2.52 - Florian Heidenreich)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
NeurophStudio (HKLM-x32\...\nbi-neurophstudio-1.0.0.0.0) (Version:  - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF24 Creator 6.0.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Personal ID (HKLM-x32\...\{F722209B-739E-40E4-ADB1-062BD032A0DB}) (Version: 1.8.5 - coolspot AG)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap)
Plex Media Server (HKLM-x32\...\{e9921c42-812d-4b39-9c02-612724349e82}) (Version: 0.9.907 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.907 - Plex, Inc.) Hidden
R.U.S.E (HKLM-x32\...\Steam App 21970) (Version:  - Ubisoft)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 2.0.1.60 - Steppschuh)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization V SDK (HKLM-x32\...\Steam App 16830) (Version:  - Firaxis Games)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SolForge (HKLM-x32\...\Steam App 232450) (Version:  - Stone Blade Entertainment)
SoundWire Server version 1.7.3 (HKLM-x32\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 1.7.3 - GeorgieLabs)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.12 - Bioware/EA)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
Star Wars: The Force Unleashed II (HKLM-x32\...\Steam App 32500) (Version:  - Lucas Arts)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Warhammer 40,000 Space Marine (HKLM-x32\...\Steam App 55150) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version:  - Relic)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-05-26 20:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003Core.job => C:\Users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003UA.job => C:\Users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-1143599331-371919559-3494116047-1003.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (whitelisted) =============

2013-10-25 16:06 - 2013-06-19 12:45 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2013-04-24 12:20 - 2013-04-24 12:20 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Winni\Desktop\adwcleaner_3.211.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\Firefox Setup 29.0.1.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\mbam-setup-2.0.2.1012.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\neurophstudio-windows-2.85.exe:BDU

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: DlProtectSvc => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Bitdefender-Geldbörse => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
MSCONFIG\startupreg: Bitdefender-Geldbörse-Agent => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
MSCONFIG\startupreg: Bitdefender-Geldbörse-Anwendungs-Agent => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: Plex Media Server => "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/04/2014 09:47:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2014 02:21:03 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/03/2014 11:41:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 7.0.70.10 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 790

Startzeit: 01cf7f742956f42b

Endzeit: 10

Anwendungspfad: C:\Program Files (x86)\JDownloader\jre\bin\javaw.exe

Berichts-ID:

Error: (06/03/2014 11:27:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2014 11:22:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2014 08:20:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2014 00:15:52 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/01/2014 11:36:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/01/2014 00:28:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/31/2014 02:27:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/04/2014 09:46:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/04/2014 02:44:23 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (06/04/2014 02:44:21 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (06/04/2014 02:43:34 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (06/04/2014 02:43:31 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (06/04/2014 02:41:56 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (06/04/2014 02:41:53 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (06/04/2014 02:41:18 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (06/04/2014 02:41:16 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (06/04/2014 02:40:32 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-05-26 20:41:32.104
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-26 20:41:32.073
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-10-21 15:57:05.114
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.114
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.098
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-20 20:36:48.223
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-20 20:36:48.223
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 21%
Total physical RAM: 8191.12 MB
Available physical RAM: 6395.12 MB
Total Pagefile: 16380.41 MB
Available Pagefile: 14444.47 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:387.54 GB) (Free:29.92 GB) NTFS
Drive d: (Music) (Fixed) (Total:78.12 GB) (Free:37.86 GB) NTFS
Drive j: (INTENSO) (Removable) (Total:15.04 GB) (Free:1.67 GB) FAT32

==================== MBR & Partition Table ==================

==================== End Of Log ============================

schrauber 05.06.2014 19:20
FRST bitte nochmal. Das Tool brauch ADminrechte.

Daigochiban 13.06.2014 22:50
Tschuldigung für die lange Funkstille. Providerprobleme und Urlaub... ICh hoffe du hast das Abo noch drinnen.

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02
Ran by Admin (administrator) on ABRAXAS on 13-06-2014 20:59:19
Running from C:\Users\Winni\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (All) =========================

(Microsoft Corporation) C:\Windows\System32\smss.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\wininit.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\services.exe
(Microsoft Corporation) C:\Windows\System32\lsass.exe
(Microsoft Corporation) C:\Windows\System32\lsm.exe
(Microsoft Corporation) C:\Windows\System32\winlogon.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\spoolsv.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\taskhost.exe
(Microsoft Corporation) C:\Windows\System32\dwm.exe
(Microsoft Corporation) C:\Windows\explorer.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Spotify Ltd) C:\Users\Winni\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Google Inc.) C:\Users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnetwk.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Farbar) C:\Users\Winni\Desktop\FRST64.exe

==================== Registry (All) ===========================

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1743088 2014-05-27] (Bitdefender)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30720 2010-11-21] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-21] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] Explorer.exe [2871808 2011-02-25] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [2616320 2011-02-25] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 255
HKLM\...\Policies\Explorer: [NoDriveAutoRun] 67108863
HKLM\...\Policies\Explorer: [HonorAutorunSetting] 1
HKLM\...\Policies\Explorer: [NoDrives] 0
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-05-27] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-27] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-05-27] (Bitdefender)
HKU\S-1-5-21-1143599331-371919559-3494116047-1001\...\Policies\system: [DisableRegistryTools] 0
HKU\S-1-5-21-1143599331-371919559-3494116047-1001\...\Policies\Explorer: [NoDrives] 0
HKU\S-1-5-21-1143599331-371919559-3494116047-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 145
HKU\S-1-5-21-1143599331-371919559-3494116047-1003\...\Run: [Spotify Web Helper] => C:\Users\Winni\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-1143599331-371919559-3494116047-1003\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-27] (Bitdefender)
HKU\S-1-5-21-1143599331-371919559-3494116047-1003\...\Run: [Google Update] => C:\Users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-05] (Google Inc.)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  No File
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  No File
BootExecute: autocheck autochk *
AlternateShell: cmd.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (All) ===========================

HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6652FDDAB4AFCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
URLSearchHook: HKCU - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKCU - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} -  No File
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} -  No File
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog5 10 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog5-x64 01 %SystemRoot%\system32\NLAapi.dll [70656] (Microsoft Corporation)
Winsock: Catalog5-x64 02 %SystemRoot%\system32\napinsp.dll [68096] (Microsoft Corporation)
Winsock: Catalog5-x64 03 %SystemRoot%\system32\pnrpnsp.dll [86016] (Microsoft Corporation)
Winsock: Catalog5-x64 04 %SystemRoot%\system32\pnrpnsp.dll [86016] (Microsoft Corporation)
Winsock: Catalog5-x64 05 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog5-x64 06 %SystemRoot%\System32\winrnr.dll [28672] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
Winsock: Catalog5-x64 10 %SystemRoot%\system32\wshbth.dll [47104] (Microsoft Corporation)
Winsock: Catalog9-x64 01 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 02 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 03 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 04 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 05 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 06 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 07 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 08 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 09 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 10 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 11 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{C0163090-193E-4CA1-9498-4D4C049B3E7A}: [NameServer]192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mk1wz4pq.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bing.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\google.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2014-05-20]
FF Extension: Download Protect - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi [2014-05-23]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ []
FF HKLM-x32\...\Firefox\Extensions: [{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}] - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi [2014-05-23]
FF HKLM-x32\...\Mozilla Firefox 29.0.1\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components
FF HKLM-x32\...\Mozilla Firefox 29.0.1\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\plugins [2014-05-11]
FF StartMenuInternet: FIREFOX.EXE - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

==================== Services (All) ========================

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432 2013-12-21] (Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257712 2014-05-13] (Adobe Systems Incorporated)
R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-14] (Microsoft Corporation)
S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [238080 2013-04-24] (AMD)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-14] (Microsoft Corporation)
R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-27] (Microsoft Corporation)
R2 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-02-12] (Apple Inc.)
S3 AppMgmt; C:\Windows\System32\appmgmts.dll [193536 2009-07-14] (Microsoft Corporation)
S3 AppMgmt; C:\Windows\SysWOW64\appmgmts.dll [149504 2009-07-14] (Microsoft Corporation)
S3 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [51808 2013-09-11] (Microsoft Corporation)
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [679424 2010-11-21] (Microsoft Corporation)
R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [679424 2010-11-21] (Microsoft Corporation)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-21] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation)
R2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-21] (Microsoft Corporation)
R2 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-21] (Microsoft Corporation)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
R3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-05] (Microsoft Corporation)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [484592 2013-11-17] (BitRaider, LLC)
S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-21] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66384 2009-06-10] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [105144 2013-09-11] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2013-09-11] (Microsoft Corporation)
S3 COMSysApp; C:\Windows\system32\dllhost.exe [9728 2009-07-14] (Microsoft Corporation)
S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [184320 2013-07-09] (Microsoft Corporation)
R2 CscService; C:\Windows\System32\cscsvc.dll [692224 2010-11-21] (Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-21] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-21] (Microsoft Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-03-03] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-21] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-21] (Microsoft Corporation)
R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation)
S3 EFS; C:\Windows\System32\lsass.exe [31232 2014-04-12] (Microsoft Corporation)
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-21] (Microsoft Corporation)
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation)
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-21] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-21] (Microsoft Corporation)
R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation)
R2 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation)
R2 FontCache; C:\Windows\system32\FntCache.dll [1143296 2013-08-27] (Microsoft Corporation)
R3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-09-26] (Freemake) [File not signed]
R2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-21] (Microsoft Corporation)
S3 hidserv; C:\Windows\System32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation)
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-21] (Microsoft Corporation)
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-21] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-21] (Microsoft Corporation)
S3 idsvc; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [856400 2010-11-21] (Microsoft Corporation)
S3 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-12] (Microsoft Corporation)
R2 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation)
R3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [641352 2014-05-26] (Apple Inc.)
R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\System32\srvsvc.dll [236032 2010-11-21] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-21] (Microsoft Corporation)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-14] (Microsoft Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-21] (Microsoft Corporation)
R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-05-07] (Mozilla Foundation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-21] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-21] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2010-11-21] (Microsoft Corporation)
S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-21] (Microsoft Corporation)
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation)
R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation)
S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation)
S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303104 2012-10-03] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation)
S3 odserv; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation)
S3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-14] (Microsoft Corporation)
S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1361920 2009-07-14] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-21] (Microsoft Corporation)
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-05-24] (Microsoft Corporation)
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation)
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation)
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-21] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [209920 2012-05-01] (Microsoft Corporation)
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation)
R3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-21] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-14] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-14] (Microsoft Corporation)
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-14] (Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-21] (Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-21] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-21] (Microsoft Corporation)
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-21] (Microsoft Corporation)
R2 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-21] (Microsoft Corporation)
R2 SENS; C:\Windows\system32\sens.dll [64512 2009-07-14] (Microsoft Corporation)
R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [737616 2013-04-18] (Nokia)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-21] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-21] (Microsoft Corporation)
S2 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-21] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-21] (Microsoft Corporation)
S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-11] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-21] (Microsoft Corporation)
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation)
R3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [543424 2014-05-29] (Valve Corporation)
R2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\system32\storsvc.dll [17920 2009-07-14] (Microsoft Corporation)
S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation)
R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-21] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-21] (Microsoft Corporation)
R3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-21] (Microsoft Corporation)
R3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-21] (Microsoft Corporation)
S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation)
R2 TeamViewer9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [4972864 2014-04-02] (TeamViewer GmbH)
S3 TermService; C:\Windows\System32\termsrv.dll [680960 2010-11-21] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation)
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-21] (Microsoft Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation)
S3 UmRdpService; C:\Windows\System32\umrdp.dll [214528 2010-11-21] (Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation)
R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation)
S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-21] (Microsoft Corporation)
S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-21] (Microsoft Corporation)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1526800 2014-05-27] (Bitdefender)
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-21] (Microsoft Corporation)
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-21] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation)
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [259584 2013-07-04] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation)
R3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444416 2010-11-21] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018304 2010-11-21] (Microsoft Corporation)
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corp.)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-21] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-21] (Microsoft Corporation)
R2 wscsvc; C:\Windows\system32\wscsvc.dll [97280 2009-07-14] (Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-05-04] (Microsoft Corporation)
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation)
R2 wuauserv; C:\Windows\system32\wuaueng.dll [2428952 2012-06-03] (Microsoft Corporation)
S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-26] (Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-28] (Microsoft Corporation)

==================== Drivers (All) ==========================

R3 1394ohci; C:\Windows\System32\DRIVERS\1394ohci.sys [229888 2010-11-21] (Microsoft Corporation)
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-21] (Microsoft Corporation)
S3 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [491088 2009-07-14] (Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\drivers\adpahci.sys [339536 2009-07-14] (Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\drivers\adpu320.sys [182864 2009-07-14] (Adaptec, Inc.)
R1 AFD; C:\Windows\system32\drivers\afd.sys [497152 2013-09-28] (Microsoft Corporation)
S3 agp440; C:\Windows\system32\drivers\agp440.sys [61008 2009-07-14] (Microsoft Corporation)
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-14] (Acer Laboratories Inc.)
S3 amdide; C:\Windows\system32\drivers\amdide.sys [15440 2009-07-14] (Microsoft Corporation)
S3 AmdK8; C:\Windows\system32\drivers\amdk8.sys [64512 2009-07-14] (Microsoft Corporation)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11922944 2013-04-24] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [359936 2013-04-24] (Advanced Micro Devices, Inc.)
S3 AmdPPM; C:\Windows\system32\drivers\amdppm.sys [60928 2009-07-14] (Microsoft Corporation)
S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [107904 2011-03-11] (Advanced Micro Devices)
S3 amdsbs; C:\Windows\system32\drivers\amdsbs.sys [194128 2009-07-14] (AMD Technologies Inc.)
R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-21] (Microsoft Corporation)
S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-14] (Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-14] (Adaptec, Inc.)
R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation)
R0 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)
R3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96896 2012-05-14] (Advanced Micro Devices)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11922944 2013-04-24] (Advanced Micro Devices, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2014-02-03] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2014-02-03] (BitDefender)
S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation)
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation)
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-14] (Microsoft Corporation)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-27] (BitDefender SRL)
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation)
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-14] (Microsoft Corporation)
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] (Microsoft Corporation)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-09-21] (BitRaider)
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
S3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-14] (Microsoft Corporation)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S3 BthEnum; C:\Windows\System32\DRIVERS\BthEnum.sys [41984 2009-07-14] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\DRIVERS\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation)
S3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [118784 2009-07-14] (Microsoft Corporation)
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [552960 2012-07-06] (Microsoft Corporation)
S3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [80384 2011-04-28] (Microsoft Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation)
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-21] (Microsoft Corporation)
S3 circlass; C:\Windows\system32\drivers\circlass.sys [45568 2009-07-14] (Microsoft Corporation)
R0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] (Microsoft Corporation)
S3 CmBatt; C:\Windows\system32\drivers\CmBatt.sys [17664 2009-07-14] (Microsoft Corporation)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] (CMD Technology, Inc.)
R0 CNG; C:\Windows\System32\Drivers\cng.sys [458712 2013-07-04] (Microsoft Corporation)
S3 Compbatt; C:\Windows\system32\drivers\compbatt.sys [21584 2009-07-14] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2010-11-21] (Microsoft Corporation)
S4 crcdisk; C:\Windows\system32\drivers\crcdisk.sys [24144 2009-07-14] (Microsoft Corporation)
R1 CSC; C:\Windows\System32\drivers\csc.sys [514560 2010-11-21] (Microsoft Corporation)
S3 csr_a2dp; C:\Windows\System32\drivers\bthav.sys [78848 2009-12-21] (CSR, plc)
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-21] (Microsoft Corporation)
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation)
R0 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
S3 dmvsc; C:\Windows\system32\drivers\dmvsc.sys [71168 2010-11-21] (Microsoft Corporation)
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2009-07-14] (Microsoft Corporation)
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [983488 2013-08-01] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-14] (Emulex)
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-14] (Microsoft Corporation)
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation)
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] (Microsoft Corporation)
S3 fdc; C:\Windows\system32\drivers\fdc.sys [29696 2009-07-14] (Microsoft Corporation)
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation)
S3 flpydisk; C:\Windows\system32\drivers\flpydisk.sys [24576 2009-07-14] (Microsoft Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-14] (Microsoft Corporation)
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
S3 gagp30kx; C:\Windows\system32\drivers\gagp30kx.sys [65088 2009-07-14] (Microsoft Corporation)
R3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
R3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-21] (Microsoft Corporation)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2010-11-21] (Microsoft Corporation)
S3 HidBatt; C:\Windows\system32\drivers\HidBatt.sys [26624 2009-07-14] (Microsoft Corporation)
S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [100864 2009-07-14] (Microsoft Corporation)
S3 HidIr; C:\Windows\system32\drivers\hidir.sys [46592 2009-07-14] (Microsoft Corporation)
R3 HidUsb; C:\Windows\system32\drivers\hidusb.sys [30208 2010-11-21] (Microsoft Corporation)
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-21] (Hewlett-Packard Company)
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-21] (Microsoft Corporation)
R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)
R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation)
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2011-03-11] (Intel Corporation)
S3 iirsp; C:\Windows\system32\drivers\iirsp.sys [44112 2009-07-14] (Intel Corp./ICP vortex GmbH)
S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-14] (Microsoft Corporation)
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-21] (Microsoft Corporation)
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-21] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation)
S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-14] (Microsoft Corporation)
S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [274880 2014-02-04] (Microsoft Corporation)
R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-14] (Microsoft Corporation)
S3 kbdhid; C:\Windows\system32\drivers\kbdhid.sys [33280 2010-11-21] (Microsoft Corporation)
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2014-04-12] (Microsoft Corporation)
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155072 2014-04-12] (Microsoft Corporation)
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation)
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x64.sys [56320 2009-08-23] (Atheros Communications, Inc.)
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation)
S3 LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [114752 2009-07-14] (LSI Corporation)
S3 LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [106560 2009-07-14] (LSI Corporation)
S3 LSI_SAS2; C:\Windows\system32\drivers\lsi_sas2.sys [65600 2009-07-14] (LSI Corporation)
S3 LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [115776 2009-07-14] (LSI Corporation)
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-27] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
S3 megasas; C:\Windows\system32\drivers\megasas.sys [35392 2009-07-14] (LSI Corporation)
S3 MegaSR; C:\Windows\system32\drivers\MegaSR.sys [284736 2009-07-14] (LSI Corporation, Inc.)
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation)
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation)
R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-14] (Microsoft Corporation)
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] (Microsoft Corporation)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-21] (Microsoft Corporation)
S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-21] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2013-07-04] (Microsoft Corporation)
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-04-27] (Microsoft Corporation)
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-09] (Microsoft Corporation)
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-04-27] (Microsoft Corporation)
S3 msahci; C:\Windows\system32\drivers\msahci.sys [31104 2010-11-21] (Microsoft Corporation)
S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-21] (Microsoft Corporation)
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation)
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation)
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation)
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-21] (Microsoft Corporation)
R1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-14] (Microsoft Corporation)
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation)
S3 MTConfig; C:\Windows\system32\drivers\MTConfig.sys [15360 2009-07-14] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation)
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation)
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] (Microsoft Corporation)
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-21] (Microsoft Corporation)
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-21] (Microsoft Corporation)
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-21] (Microsoft Corporation)
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation)
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-21] (Microsoft Corporation)
S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-14] (IBM Corporation)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] (Microsoft Corporation)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1684928 2014-01-24] (Microsoft Corporation)
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation)
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-03-11] (NVIDIA Corporation)
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-03-11] (NVIDIA Corporation)
S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-14] (Microsoft Corporation)
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-14] (Microsoft Corporation)
S3 Parport; C:\Windows\system32\drivers\parport.sys [97280 2009-07-14] (Microsoft Corporation)
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [26112 2012-10-17] (Nokia)
R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)
R0 pciide; C:\Windows\System32\drivers\pciide.sys [12352 2009-07-14] (Microsoft Corporation)
S3 pcmcia; C:\Windows\system32\drivers\pcmcia.sys [220752 2009-07-14] (Microsoft Corporation)
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] (Microsoft Corporation)
R3 Point64; C:\Windows\System32\DRIVERS\point64.sys [45416 2011-08-01] (Microsoft Corporation)
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-21] (Microsoft Corporation)
S3 Processor; C:\Windows\system32\drivers\processr.sys [60416 2009-07-14] (Microsoft Corporation)
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-21] (Microsoft Corporation)
S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-14] (QLogic Corporation)
S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-14] (QLogic Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation)
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] (Microsoft Corporation)
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-21] (Microsoft Corporation)
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation)
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] (Microsoft Corporation)
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-21] (Microsoft Corporation)
R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation)
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation)
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165888 2010-11-21] (Microsoft Corporation)
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation)
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [19456 2012-08-23] (Microsoft Corporation)
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2012-04-28] (Microsoft Corporation)
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)
S3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [158720 2009-07-14] (Microsoft Corporation)
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation)
S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [6656 2010-11-21] (Microsoft Corporation)
S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-21] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-21] (Microsoft Corporation)
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-14] (Microsoft Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Microsoft Corporation)
S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2009-07-14] (Microsoft Corporation)
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation)
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation)
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-21] (Microsoft Corporation)
S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16896 2009-07-14] (Microsoft Corporation)
S3 SiSRaid2; C:\Windows\system32\drivers\SiSRaid2.sys [43584 2009-07-14] (Silicon Integrated Systems Corp.)
S3 SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [80464 2009-07-14] (Silicon Integrated Systems)
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation)
R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-29] (Microsoft Corporation)
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-29] (Microsoft Corporation)
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-29] (Microsoft Corporation)
S3 stexstor; C:\Windows\system32\drivers\stexstor.sys [24656 2009-07-14] (Promise Technology)
R0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [46464 2010-11-21] (Microsoft Corporation)
S3 storvsc; C:\Windows\system32\drivers\storvsc.sys [34688 2010-11-21] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-14] (Microsoft Corporation)
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] (Microsoft Corporation)
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation)
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] (Microsoft Corporation)
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-21] (Microsoft Corporation)
R1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [63360 2010-11-21] (Microsoft Corporation)
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2013-06-15] (Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56832 2013-10-02] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [30208 2012-08-23] (Microsoft Corporation)
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-21] (Microsoft Corporation)
S3 uagp35; C:\Windows\system32\drivers\uagp35.sys [64080 2009-07-14] (Microsoft Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-21] (Microsoft Corporation)
S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-14] (Microsoft Corporation)
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-21] (Microsoft Corporation)
S3 UmPass; C:\Windows\System32\DRIVERS\umpass.sys [9728 2009-07-14] (Microsoft Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.)
S3 usbaudio; C:\Windows\system32\drivers\usbaudio.sys [109824 2013-07-12] (Microsoft Corporation)
S3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-27] (Microsoft Corporation)
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation)
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [53248 2013-11-27] (Microsoft Corporation)
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-27] (Microsoft Corporation)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-27] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] (Microsoft Corporation)
S3 usbser; C:\Windows\System32\DRIVERS\usbser.sys [33280 2013-08-29] (Microsoft Corporation)
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-11] (Microsoft Corporation)
R3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [30720 2013-11-27] (Microsoft Corporation)
S3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation)
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation)
S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-21] (Microsoft Corporation)
S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-14] (VIA Technologies, Inc.)
S3 vmbus; C:\Windows\system32\drivers\vmbus.sys [199552 2010-11-21] (Microsoft Corporation)
S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [21760 2010-11-21] (Microsoft Corporation)
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)
S3 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [161872 2009-07-14] (VIA Technologies Inc.,Ltd)
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [27776 2009-07-14] (Microsoft Corporation)
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] (Microsoft Corporation)
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] (Microsoft Corporation)
S3 Wd; C:\Windows\system32\drivers\wd.sys [21056 2009-07-14] (Microsoft Corporation)
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-26] (Microsoft Corporation)
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation)
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] (Microsoft Corporation)
S3 WIMMount; C:\Windows\SysWOW64\drivers\wimmount.sys [19008 2009-07-14] (Microsoft Corporation)
U3 Winsock; No ImagePath
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-21] (Microsoft Corporation)
S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-14] (Microsoft Corporation)
R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation)
R3 WSDPrintDevice; C:\Windows\System32\DRIVERS\WSDPrint.sys [23040 2009-07-14] (Microsoft Corporation)
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] (Microsoft Corporation)
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 xusb21; C:\Windows\System32\DRIVERS\xusb21.sys [73984 2009-08-13] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\Admin\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-10 19:59 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-10 19:58 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-10 19:58 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-10 19:58 - 2014-05-28 20:53 - 17857536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-10 19:58 - 2014-05-28 20:37 - 02338816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-10 19:58 - 2014-05-28 20:35 - 10890240 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-10 19:58 - 2014-05-28 20:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-10 19:58 - 2014-05-28 20:31 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-10 19:58 - 2014-05-28 20:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-10 19:58 - 2014-05-28 20:30 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-10 19:58 - 2014-05-28 20:29 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-10 19:58 - 2014-05-28 20:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-10 19:58 - 2014-05-28 20:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-10 19:58 - 2014-05-28 20:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-10 19:58 - 2014-05-28 20:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-10 19:58 - 2014-05-28 20:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-10 19:58 - 2014-05-28 20:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-10 19:58 - 2014-05-28 20:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-10 19:58 - 2014-05-28 20:28 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-10 19:58 - 2014-05-28 20:28 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-10 19:58 - 2014-05-28 20:28 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-10 19:58 - 2014-05-28 20:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-10 19:58 - 2014-05-28 20:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-10 19:58 - 2014-05-28 20:27 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-10 19:58 - 2014-05-28 18:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-10 19:58 - 2014-05-28 18:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-10 19:58 - 2014-05-28 18:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-10 19:58 - 2014-05-28 18:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-10 19:58 - 2014-05-28 18:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-10 19:58 - 2014-05-28 18:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-10 19:58 - 2014-05-28 18:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-10 19:58 - 2014-05-28 18:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-10 19:58 - 2014-05-28 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-10 19:58 - 2014-05-28 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-10 19:58 - 2014-05-28 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-10 19:58 - 2014-05-28 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-10 19:58 - 2014-05-28 18:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-10 19:58 - 2014-05-28 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-10 19:58 - 2014-05-28 18:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-10 19:58 - 2014-05-28 18:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-10 19:58 - 2014-05-28 18:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-10 19:58 - 2014-05-28 18:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-10 19:58 - 2014-05-28 18:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-10 19:58 - 2014-05-28 18:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-10 19:58 - 2014-05-28 18:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-10 19:58 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-10 19:58 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-10 19:58 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-10 19:58 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-10 19:58 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-10 19:58 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-10 19:58 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-10 19:58 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-10 19:58 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-10 19:58 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-10 19:58 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-10 19:58 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-10 19:58 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-08 22:52 - 2014-06-08 23:23 - 95539670 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part13.rar
2014-06-08 22:01 - 2014-06-08 22:35 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part10.rar
2014-06-08 22:01 - 2014-06-08 22:19 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part08.rar
2014-06-08 21:33 - 2014-06-08 21:50 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part12.rar
2014-06-08 21:10 - 2014-06-08 21:27 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part09.rar
2014-06-08 20:36 - 2014-06-08 20:53 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part11.rar
2014-06-08 20:35 - 2014-06-08 21:44 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part07.rar
2014-06-08 19:59 - 2014-06-12 09:14 - 00021205 _____ () C:\Users\Winni\Desktop\WM2014_Tippspiel_Intern.xlsx
2014-06-08 19:53 - 2014-06-08 20:10 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part06.rar
2014-06-08 19:47 - 2014-06-08 20:21 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part05.rar
2014-06-08 19:34 - 2014-06-08 19:52 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part04.rar
2014-06-05 14:39 - 2014-06-05 14:48 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part01.rar
2014-06-05 14:28 - 2014-06-05 14:37 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part03.rar
2014-06-05 14:18 - 2014-06-05 14:27 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part02.rar
2014-06-03 23:24 - 2014-06-13 20:58 - 00000000 ____D () C:\Users\Winni\Desktop\FRST-OlderVersion
2014-05-30 16:29 - 2014-06-13 20:59 - 00000000 ____D () C:\FRST
2014-05-30 16:26 - 2014-05-30 16:26 - 00000758 _____ () C:\DelFix.txt
2014-05-30 16:20 - 2014-05-30 16:20 - 00000244 _____ () C:\Users\Winni\Downloads\defogger_enable.log
2014-05-30 15:17 - 2014-05-30 15:17 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-30 15:17 - 2014-05-30 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-30 15:16 - 2014-05-30 15:17 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-30 15:16 - 2014-05-30 15:17 - 00000000 ____D () C:\Program Files\iTunes
2014-05-30 15:16 - 2014-05-30 15:17 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-30 15:16 - 2014-05-30 15:16 - 00000000 ____D () C:\Program Files\iPod
2014-05-29 01:01 - 2014-06-13 20:59 - 00069619 _____ () C:\Users\Winni\Desktop\FRST.txt
2014-05-29 01:01 - 2014-06-04 21:58 - 00036755 _____ () C:\Users\Winni\Desktop\Addition.txt
2014-05-28 21:54 - 2014-05-28 21:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-28 21:22 - 2014-05-28 21:22 - 00854367 _____ () C:\Users\Winni\Desktop\SecurityCheck.exe
2014-05-28 15:08 - 2014-05-28 15:08 - 02347384 _____ (ESET) C:\Users\Winni\Desktop\esetsmartinstaller_deu.exe
2014-05-28 13:14 - 2014-05-28 13:14 - 00018435 _____ () C:\Windows\DirectX.log
2014-05-27 20:37 - 2014-05-27 20:37 - 00000829 _____ () C:\Users\Winni\Downloads\JRT.txt
2014-05-27 20:30 - 2014-05-30 16:26 - 00000000 ____D () C:\Windows\ERUNT
2014-05-27 20:25 - 2014-05-27 20:25 - 01016261 _____ (Thisisu) C:\Users\Winni\Desktop\JRT.exe
2014-05-27 20:12 - 2014-05-27 20:12 - 01327971 _____ () C:\Users\Winni\Desktop\adwcleaner_3.211.exe
2014-05-27 20:10 - 2014-05-27 20:10 - 00001892 _____ () C:\Users\Winni\Desktop\MWB.txt
2014-05-27 19:56 - 2014-05-27 19:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-27 19:55 - 2014-05-27 19:55 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-27 19:55 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-27 19:55 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-27 19:55 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-27 19:53 - 2014-05-27 19:54 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Winni\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-27 19:45 - 2014-05-27 19:45 - 00000385 _____ () C:\Users\Admin\AppData\Roaminguser_gensett.xml
2014-05-27 16:30 - 2014-05-27 16:30 - 00000207 _____ () C:\Users\Winni\Desktop\Warhammer 40,000 Space Marine.url
2014-05-26 20:44 - 2014-06-13 20:59 - 00000000 ____D () C:\Users\Admin\AppData\Local\temp
2014-05-26 20:44 - 2014-05-26 20:44 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-26 20:44 - 2014-05-26 20:44 - 00000000 ____D () C:\Users\hedev\AppData\Local\temp
2014-05-26 20:44 - 2014-05-26 20:44 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-26 20:44 - 2014-05-26 20:44 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-26 20:32 - 2014-05-26 20:43 - 00000000 ____D () C:\Windows\erdnt
2014-05-25 19:37 - 2014-05-25 19:37 - 00000000 ____D () C:\Users\Winni\AppData\Local\THQ
2014-05-25 15:54 - 2014-05-25 15:54 - 00049825 _____ () C:\Users\Winni\Downloads\LogFiles.zip
2014-05-25 15:53 - 2014-05-25 15:53 - 00002605 _____ () C:\Users\Winni\Downloads\AdwCleaner[R1].txt
2014-05-25 15:19 - 2014-05-25 15:19 - 00749519 _____ () C:\Users\Winni\Downloads\Gmer.txt
2014-05-25 15:06 - 2014-05-25 15:06 - 00380416 _____ () C:\Users\Winni\Downloads\Gmer-19357.exe
2014-05-25 14:52 - 2014-05-27 20:46 - 00031592 _____ () C:\Users\Winni\Downloads\Addition.txt
2014-05-25 14:51 - 2014-05-27 20:46 - 00049253 _____ () C:\Users\Winni\Downloads\FRST.txt
2014-05-25 14:50 - 2014-06-13 20:58 - 02081792 _____ (Farbar) C:\Users\Winni\Desktop\FRST64.exe
2014-05-25 14:48 - 2014-05-25 14:48 - 00000472 _____ () C:\Users\Winni\Downloads\defogger_disable.log
2014-05-20 23:14 - 2014-05-20 23:14 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 23:14 - 2014-05-20 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-20 23:11 - 2014-05-27 20:28 - 00001816 _____ () C:\Windows\PFRO.log
2014-05-20 23:00 - 2014-05-20 23:01 - 28852416 _____ (Mozilla) C:\Users\Winni\Downloads\Firefox Setup 29.0.1.exe
2014-05-16 16:04 - 2014-05-23 15:09 - 00000728 __RSH () C:\ProgramData\ntuser.pol
2014-05-15 16:25 - 2014-05-15 16:26 - 00000000 ____D () C:\Users\Winni\Desktop\BIlder
2014-05-15 14:12 - 2014-05-15 14:12 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-05-14 17:40 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 17:40 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 17:40 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 17:40 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 17:40 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 17:40 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 17:40 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 17:40 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 17:40 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 17:40 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 17:40 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 17:40 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 17:40 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 17:40 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 17:40 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 17:40 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 17:40 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 17:40 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 17:40 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 17:40 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 17:40 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

==================== One Month Modified Files and Folders =======

2014-06-13 20:59 - 2014-05-30 16:29 - 00000000 ____D () C:\FRST
2014-06-13 20:59 - 2014-05-29 01:01 - 00069619 _____ () C:\Users\Winni\Desktop\FRST.txt
2014-06-13 20:59 - 2014-05-26 20:44 - 00000000 ____D () C:\Users\Admin\AppData\Local\temp
2014-06-13 20:59 - 2012-10-21 21:04 - 00000000 ____D () C:\Users\Winni\AppData\Local\Temp
2014-06-13 20:58 - 2014-06-03 23:24 - 00000000 ____D () C:\Users\Winni\Desktop\FRST-OlderVersion
2014-06-13 20:58 - 2014-05-25 14:50 - 02081792 _____ (Farbar) C:\Users\Winni\Desktop\FRST64.exe
2014-06-13 20:43 - 2014-05-05 22:38 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003UA.job
2014-06-13 20:18 - 2012-11-21 20:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-13 20:10 - 2012-10-21 19:42 - 01222618 _____ () C:\Windows\WindowsUpdate.log
2014-06-13 20:10 - 2009-07-14 06:45 - 00020304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-13 20:10 - 2009-07-14 06:45 - 00020304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-13 20:03 - 2014-05-08 15:54 - 00006229 _____ () C:\Windows\setupact.log
2014-06-13 20:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-12 09:14 - 2014-06-08 19:59 - 00021205 _____ () C:\Users\Winni\Desktop\WM2014_Tippspiel_Intern.xlsx
2014-06-12 09:04 - 2012-10-22 23:05 - 00000388 _____ () C:\Windows\Tasks\update-S-1-5-21-1143599331-371919559-3494116047-1003.job
2014-06-10 20:36 - 2014-04-24 15:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-10 20:11 - 2013-07-10 18:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-10 20:06 - 2012-11-25 16:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-10 20:06 - 2012-10-21 20:48 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-08 23:23 - 2014-06-08 22:52 - 95539670 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part13.rar
2014-06-08 22:43 - 2014-05-05 22:38 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003Core.job
2014-06-08 22:35 - 2014-06-08 22:01 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part10.rar
2014-06-08 22:19 - 2014-06-08 22:01 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part08.rar
2014-06-08 21:50 - 2014-06-08 21:33 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part12.rar
2014-06-08 21:44 - 2014-06-08 20:35 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part07.rar
2014-06-08 21:27 - 2014-06-08 21:10 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part09.rar
2014-06-08 21:06 - 2012-10-28 00:24 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-06-08 20:53 - 2014-06-08 20:36 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part11.rar
2014-06-08 20:21 - 2014-06-08 19:47 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part05.rar
2014-06-08 20:10 - 2014-06-08 19:53 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part06.rar
2014-06-08 19:52 - 2014-06-08 19:34 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part04.rar
2014-06-08 11:13 - 2014-06-10 19:58 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-10 19:58 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-05 14:48 - 2014-06-05 14:39 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part01.rar
2014-06-05 14:47 - 2013-04-28 15:04 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\Spotify
2014-06-05 14:37 - 2014-06-05 14:28 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part03.rar
2014-06-05 14:27 - 2014-06-05 14:18 - 105000000 _____ () C:\Users\Winni\Downloads\got.s04e08.720p.part02.rar
2014-06-04 21:58 - 2014-05-29 01:01 - 00036755 _____ () C:\Users\Winni\Desktop\Addition.txt
2014-06-03 01:21 - 2012-10-26 00:37 - 00000000 ____D () C:\Users\Winni\AppData\Roaming\vlc
2014-06-02 22:17 - 2013-07-03 00:12 - 00000000 ____D () C:\Users\Winni\AppData\Local\Battle.net
2014-06-02 21:01 - 2013-04-28 15:11 - 00000000 ____D () C:\Users\Winni\AppData\Local\Spotify
2014-06-02 20:38 - 2013-09-05 16:11 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-06-02 20:37 - 2013-07-03 00:12 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-01 12:31 - 2011-04-12 09:43 - 00699654 _____ () C:\Windows\system32\perfh007.dat
2014-06-01 12:31 - 2011-04-12 09:43 - 00149794 _____ () C:\Windows\system32\perfc007.dat
2014-06-01 12:31 - 2009-07-14 07:13 - 01621612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-30 16:26 - 2014-05-30 16:26 - 00000758 _____ () C:\DelFix.txt
2014-05-30 16:26 - 2014-05-27 20:30 - 00000000 ____D () C:\Windows\ERUNT
2014-05-30 16:20 - 2014-05-30 16:20 - 00000244 _____ () C:\Users\Winni\Downloads\defogger_enable.log
2014-05-30 16:20 - 2012-10-21 19:48 - 00000000 ____D () C:\Users\Admin
2014-05-30 15:17 - 2014-05-30 15:17 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-30 15:17 - 2014-05-30 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-30 15:17 - 2014-05-30 15:16 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-30 15:17 - 2014-05-30 15:16 - 00000000 ____D () C:\Program Files\iTunes
2014-05-30 15:17 - 2014-05-30 15:16 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-30 15:16 - 2014-05-30 15:16 - 00000000 ____D () C:\Program Files\iPod
2014-05-29 01:01 - 2014-05-09 16:48 - 00000000 ____D () C:\Users\Winni\Downloads\RPG
2014-05-29 00:39 - 2012-10-31 22:39 - 00000432 _____ () C:\Windows\BRWMARK.INI
2014-05-28 21:54 - 2014-05-28 21:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-28 21:22 - 2014-05-28 21:22 - 00854367 _____ () C:\Users\Winni\Desktop\SecurityCheck.exe
2014-05-28 20:53 - 2014-06-10 19:58 - 17857536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-28 20:37 - 2014-06-10 19:58 - 02338816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-28 20:35 - 2014-06-10 19:58 - 10890240 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-28 20:31 - 2014-06-10 19:58 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-28 20:31 - 2014-06-10 19:58 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-28 20:30 - 2014-06-10 19:58 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-28 20:30 - 2014-06-10 19:58 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-28 20:29 - 2014-06-10 19:58 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-28 20:29 - 2014-06-10 19:58 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-28 20:29 - 2014-06-10 19:58 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-28 20:29 - 2014-06-10 19:58 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-28 20:29 - 2014-06-10 19:58 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-28 20:29 - 2014-06-10 19:58 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-28 20:28 - 2014-06-10 19:58 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-28 20:28 - 2014-06-10 19:58 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-28 20:28 - 2014-06-10 19:58 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-28 20:28 - 2014-06-10 19:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-28 20:28 - 2014-06-10 19:58 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-05-28 20:28 - 2014-06-10 19:58 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-05-28 20:28 - 2014-06-10 19:58 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-05-28 20:27 - 2014-06-10 19:58 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-28 18:48 - 2014-06-10 19:58 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-28 18:39 - 2014-06-10 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-28 18:38 - 2014-06-10 19:58 - 09711104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-28 18:33 - 2014-06-10 19:58 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-28 18:32 - 2014-06-10 19:58 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-28 18:32 - 2014-06-10 19:58 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-28 18:31 - 2014-06-10 19:58 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-05-28 18:31 - 2014-06-10 19:58 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-28 18:30 - 2014-06-10 19:58 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-28 18:30 - 2014-06-10 19:58 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-28 18:30 - 2014-06-10 19:58 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-28 18:30 - 2014-06-10 19:58 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-28 18:30 - 2014-06-10 19:58 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-28 18:30 - 2014-06-10 19:58 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-28 18:30 - 2014-06-10 19:58 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-05-28 18:29 - 2014-06-10 19:58 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-28 18:29 - 2014-06-10 19:58 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-28 18:29 - 2014-06-10 19:58 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-28 18:29 - 2014-06-10 19:58 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-05-28 18:29 - 2014-06-10 19:58 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-05-28 18:28 - 2014-06-10 19:58 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-28 15:08 - 2014-05-28 15:08 - 02347384 _____ (ESET) C:\Users\Winni\Desktop\esetsmartinstaller_deu.exe
2014-05-28 13:14 - 2014-05-28 13:14 - 00018435 _____ () C:\Windows\DirectX.log
2014-05-27 20:46 - 2014-05-25 14:52 - 00031592 _____ () C:\Users\Winni\Downloads\Addition.txt
2014-05-27 20:46 - 2014-05-25 14:51 - 00049253 _____ () C:\Users\Winni\Downloads\FRST.txt
2014-05-27 20:37 - 2014-05-27 20:37 - 00000829 _____ () C:\Users\Winni\Downloads\JRT.txt
2014-05-27 20:28 - 2014-05-20 23:11 - 00001816 _____ () C:\Windows\PFRO.log
2014-05-27 20:25 - 2014-05-27 20:25 - 01016261 _____ (Thisisu) C:\Users\Winni\Desktop\JRT.exe
2014-05-27 20:12 - 2014-05-27 20:12 - 01327971 _____ () C:\Users\Winni\Desktop\adwcleaner_3.211.exe
2014-05-27 20:10 - 2014-05-27 20:10 - 00001892 _____ () C:\Users\Winni\Desktop\MWB.txt
2014-05-27 19:57 - 2014-05-27 19:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-27 19:55 - 2014-05-27 19:55 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-27 19:55 - 2014-05-27 19:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-27 19:54 - 2014-05-27 19:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Winni\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-27 19:45 - 2014-05-27 19:45 - 00000385 _____ () C:\Users\Admin\AppData\Roaminguser_gensett.xml
2014-05-27 18:54 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-27 16:30 - 2014-05-27 16:30 - 00000207 _____ () C:\Users\Winni\Desktop\Warhammer 40,000 Space Marine.url
2014-05-26 20:45 - 2012-10-21 19:48 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-26 20:45 - 2012-10-21 19:48 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-26 20:45 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-26 20:44 - 2014-05-26 20:44 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-26 20:44 - 2014-05-26 20:44 - 00000000 ____D () C:\Users\hedev\AppData\Local\temp
2014-05-26 20:44 - 2014-05-26 20:44 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-26 20:44 - 2014-05-26 20:44 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-26 20:43 - 2014-05-26 20:32 - 00000000 ____D () C:\Windows\erdnt
2014-05-26 20:42 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-25 20:14 - 2012-10-21 21:04 - 00000000 ____D () C:\Users\Winni
2014-05-25 19:37 - 2014-05-25 19:37 - 00000000 ____D () C:\Users\Winni\AppData\Local\THQ
2014-05-25 15:54 - 2014-05-25 15:54 - 00049825 _____ () C:\Users\Winni\Downloads\LogFiles.zip
2014-05-25 15:53 - 2014-05-25 15:53 - 00002605 _____ () C:\Users\Winni\Downloads\AdwCleaner[R1].txt
2014-05-25 15:19 - 2014-05-25 15:19 - 00749519 _____ () C:\Users\Winni\Downloads\Gmer.txt
2014-05-25 15:06 - 2014-05-25 15:06 - 00380416 _____ () C:\Users\Winni\Downloads\Gmer-19357.exe
2014-05-25 14:48 - 2014-05-25 14:48 - 00000472 _____ () C:\Users\Winni\Downloads\defogger_disable.log
2014-05-23 17:41 - 2012-10-25 21:20 - 00000000 ____D () C:\Users\Winni\Bewerbungen
2014-05-23 16:56 - 2012-10-21 21:05 - 00000000 ____D () C:\Users\Winni\AppData\Local\VirtualStore
2014-05-23 15:09 - 2014-05-16 16:04 - 00000728 __RSH () C:\ProgramData\ntuser.pol
2014-05-22 14:55 - 2012-10-20 18:41 - 00000000 ____D () C:\Games
2014-05-20 23:14 - 2014-05-20 23:14 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 23:14 - 2014-05-20 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-20 23:14 - 2014-05-11 00:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-20 23:01 - 2014-05-20 23:00 - 28852416 _____ (Mozilla) C:\Users\Winni\Downloads\Firefox Setup 29.0.1.exe
2014-05-20 12:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 16:54 - 2012-10-25 20:59 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-05-16 16:04 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-15 16:30 - 2014-05-07 15:11 - 00000000 ____D () C:\Users\Winni\Desktop\tmp
2014-05-15 16:26 - 2014-05-15 16:25 - 00000000 ____D () C:\Users\Winni\Desktop\BIlder
2014-05-15 14:12 - 2014-05-15 14:12 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-05-15 12:52 - 2012-10-31 22:46 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-15 12:43 - 2012-10-21 21:05 - 00000000 ___RD () C:\Users\Winni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 12:43 - 2012-10-21 21:05 - 00000000 ___RD () C:\Users\Winni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 19:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

Files to move or delete:
====================
C:\Users\Winni\Broodwar.bat


Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-08 21:50

==================== End Of Log ============================
--- --- ---

Daigochiban 13.06.2014 22:51
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2014 02
Ran by Admin at 2014-06-13 21:00:11
Running from C:\Users\Winni\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.30424 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{25107779-C295-EB3E-3C92-AC1B45680012}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80424.1301 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.0.5-r2 - Arduino LLC)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitdefender Antivirus Plus (HKLM\...\Bitdefender) (Version: 17.20.0.883 - Bitdefender)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.8.1 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0424.1225.20315 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0424.1224.20315 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0424.1225.20315 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Compiled Driver Disk (Nokia) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-705480811205}_is1) (Version: 1.0.3.0 - COMPELSON Labs)
Core Temp 1.0 RC5 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Ihr Firmenname)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
Dungeon Keeper Gold (HKLM-x32\...\GOGPACKDUNGEONKEEPER_is1) (Version: 2.0.0.4 - GOG.com)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
EndNote X5 (HKLM-x32\...\{86B3F2D6-AC2B-0015-8AE1-F2F77F781B0C}) (Version: 15.0.0.5478 - Thomson Reuters)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Firefall (HKLM-x32\...\{CFEF8DB5-B45E-4b05-90BE-D02AA6F45354}) (Version:  - Red 5 Studios)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Freemake Video Converter Version 4.0.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.4 - Ellora Assets Corporation)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version:  - )
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
ManyCam 4.0.77 (HKLM-x32\...\ManyCam) (Version: 4.0.77 - Visicom Media Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.52 (HKLM-x32\...\Mp3tag) (Version: v2.52 - Florian Heidenreich)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
NeurophStudio (HKLM-x32\...\nbi-neurophstudio-1.0.0.0.0) (Version:  - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF24 Creator 6.0.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Personal ID (HKLM-x32\...\{F722209B-739E-40E4-ADB1-062BD032A0DB}) (Version: 1.8.5 - coolspot AG)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap)
Plex Media Server (HKLM-x32\...\{e9921c42-812d-4b39-9c02-612724349e82}) (Version: 0.9.907 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.907 - Plex, Inc.) Hidden
R.U.S.E (HKLM-x32\...\Steam App 21970) (Version:  - Ubisoft)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 2.0.1.60 - Steppschuh)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization V SDK (HKLM-x32\...\Steam App 16830) (Version:  - Firaxis Games)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SolForge (HKLM-x32\...\Steam App 232450) (Version:  - Stone Blade Entertainment)
SoundWire Server version 1.7.3 (HKLM-x32\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 1.7.3 - GeorgieLabs)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.12 - Bioware/EA)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
Star Wars: The Force Unleashed II (HKLM-x32\...\Steam App 32500) (Version:  - Lucas Arts)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Warhammer 40,000 Space Marine (HKLM-x32\...\Steam App 55150) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version:  - Relic)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)

==================== Restore Points  =========================

08-06-2014 19:57:17 Geplanter Prüfpunkt
10-06-2014 18:03:53 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-05-26 20:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0475BD2A-51C6-4B5B-A983-08BCC4E95C3B} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {1F8348D9-8343-4462-BD5E-0F3FAB272E0C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {25374E87-9054-426D-B08C-03551189C990} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003Core => C:\Users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-05] (Google Inc.)
Task: {2B868DD0-5681-4D36-94CD-67790C74CD14} - System32\Tasks\update-S-1-5-21-1143599331-371919559-3494116047-1003 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: {33B06E48-22D1-455F-884D-0F79DBC897EA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003UA => C:\Users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-05] (Google Inc.)
Task: {5FF44371-F94A-4CE8-A87A-56F7419B8799} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {65D66A05-F0C6-4B6C-B51D-644990F51512} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8956CD09-B104-4E69-9DD8-BB6DABD53871} - System32\Tasks\{F5F61D05-F3F7-4BF0-B0BD-ECA3B926A02A} => E:\setup.exe
Task: {B34C272C-D8FF-41FA-B393-393AEBF0982C} - \update-sys No Task File <==== ATTENTION
Task: {D241B2D3-FB5D-4262-870D-310E57577841} - System32\Tasks\{7221AD8F-719C-477F-9CFF-360FD259B665} => E:\setup.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003Core.job => C:\Users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1143599331-371919559-3494116047-1003UA.job => C:\Users\Winni\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-1143599331-371919559-3494116047-1003.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (whitelisted) =============

2013-10-25 16:06 - 2013-06-19 12:45 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2013-10-25 16:06 - 2013-10-17 18:32 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2013-10-25 16:06 - 2013-10-17 18:32 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
2014-06-13 20:11 - 2014-06-13 20:11 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00045_016\ashttpbr.mdl
2014-06-13 20:11 - 2014-06-13 20:11 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00045_016\ashttpdsp.mdl
2014-06-13 20:11 - 2014-06-13 20:11 - 02598560 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00045_016\ashttpph.mdl
2014-06-13 20:11 - 2014-06-13 20:11 - 01321872 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00045_016\ashttprbl.mdl
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-04-24 12:20 - 2013-04-24 12:20 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-31 21:35 - 2014-03-31 21:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Winni\Desktop\adwcleaner_3.211.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\Firefox Setup 29.0.1.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\mbam-setup-2.0.2.1012.exe:BDU
AlternateDataStreams: C:\Users\Winni\Downloads\neurophstudio-windows-2.85.exe:BDU

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\Services: DlProtectSvc => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Bitdefender-Geldbörse => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
MSCONFIG\startupreg: Bitdefender-Geldbörse-Agent => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
MSCONFIG\startupreg: Bitdefender-Geldbörse-Anwendungs-Agent => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: Plex Media Server => "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/13/2014 08:04:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2014 09:07:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/10/2014 07:49:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/08/2014 09:52:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/08/2014 09:03:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/08/2014 07:31:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2014 01:32:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2014 09:47:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2014 02:21:03 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/03/2014 11:41:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 7.0.70.10 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 790

Startzeit: 01cf7f742956f42b

Endzeit: 10

Anwendungspfad: C:\Program Files (x86)\JDownloader\jre\bin\javaw.exe

Berichts-ID:


System errors:
=============
Error: (06/13/2014 08:04:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/12/2014 09:07:39 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/10/2014 07:48:56 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/08/2014 09:55:35 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (06/08/2014 09:03:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/08/2014 07:31:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/05/2014 01:32:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/04/2014 09:46:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/04/2014 02:44:23 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (06/04/2014 02:44:21 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-05-26 20:41:32.104
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-26 20:41:32.073
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-10-21 15:57:05.114
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.114
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.098
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-21 15:57:05.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-20 20:36:48.223
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-20 20:36:48.223
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 23%
Total physical RAM: 8191.12 MB
Available physical RAM: 6275.07 MB
Total Pagefile: 16380.41 MB
Available Pagefile: 14252.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:387.54 GB) (Free:36.81 GB) NTFS
Drive d: (Music) (Fixed) (Total:78.12 GB) (Free:37.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 4A3C4A3B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=388 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 14.06.2014 18:12
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
AlternateShell: cmd.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
FF Extension: Download Protect - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi [2014-05-23]
FF Extension: Download Protect - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi [2014-05-23]

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Daigochiban 15.06.2014 15:19
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-06-2014 02
Ran by Admin at 2014-06-15 16:12:40 Run:5
Running from C:\Users\Winni\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
AlternateShell: cmd.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
FF Extension: Download Protect - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi [2014-05-23]
FF Extension: Download Protect - C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi [2014-05-23]
       
*****************

hklm\System\CurrentControlSet\Control\SafeBoot\\AlternateShell => Value was restored successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi => Moved successfully.
C:\Windows\Installer\{4BFEB9A5-18C7-4449-B2DD-49294B6B8F3C}\{CA03242C-EE6E-4B3A-AF33-3A21C94FB1AB}.xpi not found.


The system needed a reboot.

==== End of Fixlog ====

schrauber 16.06.2014 09:14
Noch Probleme`?

Daigochiban 16.06.2014 21:40
Ha! Nein jetzt ist tatsächlich alles weg =) Vielen Vielen Dankfür die Hilfe und Geduld!!! :dankeschoen:

P.S: Eine kleine Spende in Rahmen meiner Möglichkeiten hab ich euch auch überlassen! Einen super Job macht ihr hier :daumenhoc

schrauber 17.06.2014 09:48
Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Daigochiban 29.06.2014 22:20
Danke alles bestens! Kannst das abo löschen =)

schrauber 30.06.2014 13:26
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:43 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131