| stewiecali | 02.06.2014 15:02 |
Adw Code:
# AdwCleaner v3.211 - Bericht erstellt am 01/06/2014 um 16:41:06
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : User - PC1
# Gestartet von : C:\Users\User\Downloads\adwcleaner_3.211.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16635
-\\ Mozilla Firefox v28.0 (de)
[ Datei : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lpqe0v84.default\prefs.js ]
-\\ Google Chrome v32.0.1700.102
[ Datei : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [25239 octets] - [17/05/2014 11:07:14]
AdwCleaner[R1].txt - [1730 octets] - [31/05/2014 16:44:58]
AdwCleaner[R2].txt - [1403 octets] - [31/05/2014 17:24:11]
AdwCleaner[R3].txt - [1374 octets] - [01/06/2014 16:38:36]
AdwCleaner[S0].txt - [22658 octets] - [17/05/2014 11:09:17]
AdwCleaner[S1].txt - [1694 octets] - [31/05/2014 16:48:49]
AdwCleaner[S2].txt - [1249 octets] - [01/06/2014 16:41:06]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1309 octets] ##########
Frst Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2014 01
Ran by User at 2014-06-01 17:18:22
Running from C:\Users\User\Desktop\FRST
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
AntiCrash 3.6.1 (HKLM-x32\...\{39F8BF57-47FA-4F8D-9404-1B41321743AF}) (Version: - )
AutoHotkey 1.1.14.01 (HKLM-x32\...\AutoHotkey) (Version: 1.1.14.01 - Lexikos)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.235.19 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - Treyarch)
Camtasia Studio 8 (HKLM-x32\...\{2B1F8DD0-873D-4AC3-8400-766F255FE263}) (Version: 8.1.0.1281 - TechSmith Corporation)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
CLEO v3.0.950 (HKLM-x32\...\{8FB91814-FE42-4B62-9B54-4B677A420715}_is1) (Version: - Seemann (www.sannybuilder.com))
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dxtory version 2.0.124 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.124 - ExKode Co. Ltd.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Audio Converter version 5.0.38.423 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.38.423 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.34.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.34.430 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 32.0.1700.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
IMVU Avatar Chat Software (HKCU\...\IMVU Avatar chat client software BETA) (Version: - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3062 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{26055432-339E-4776-803B-F22240B91864}) (Version: 11.1.2 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.1.2 - Red Giant Software) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.1 - Notepad++ Team)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Reimage Protector (HKLM\...\Reimage Protector) (Version: - Reimage)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sandboxie 4.06 (64-bit) (HKLM\...\Sandboxie) (Version: 4.06 - Sandboxie Holdings, LLC)
SciTE4AutoHotkey v3.0.04 (HKLM-x32\...\SciTE4AutoHotkey) (Version: v3.0.04 - fincs)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1A75F4F-9C9F-11E2-8FCB-F04DA23A5C58}) (Version: 12.0.563 - Sony)
Virtual Audio Cable 4.13 (HKLM\...\Virtual Audio Cable 4.13) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Restore Points =========================
28-05-2014 14:37:07 Removed System Requirements Lab for Intel
31-05-2014 15:20:31 Removed XSplit
01-06-2014 07:59:02 Removed SpyHunter
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-06-01 10:12 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0D3010E0-AE40-44C9-89E5-1C0DDA7E7B51} - \MySearchDial No Task File <==== ATTENTION
Task: {253F9BC2-1CF0-4D83-9B3F-880166F8C292} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {480C3B2F-9164-434C-A1A9-3EB40DAA0F04} - \PriceMeterLiveUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {4B0CDF8F-9460-4281-9E08-8EBC74B9BB13} - \PriceMeterLiveUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {54EB0E28-0F94-4E82-A21E-710D6C482D1F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-13] (Google Inc.)
Task: {558AC428-01AB-496F-97B5-D661CDE8A229} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-13] (Google Inc.)
Task: {59179B25-AD1A-433F-8827-CD2A0CEF9141} - \BrowserDefendert No Task File <==== ATTENTION
Task: {5C9B5541-252E-4273-AAD3-1D00A5E6CA4C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {867B102B-6D97-4576-9E90-F9F30E4083F2} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {96EFB2BB-E37A-4C46-AE47-EEEA03AB84C8} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {97169AD0-9ACE-4C1D-B309-8FC96B68727E} - \Dealply No Task File <==== ATTENTION
Task: {AB04294C-250F-4926-B189-8C3E9C7DE56F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {C99732FB-4EA5-4AC4-A004-CBEC2A92735D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {D5A01C56-9DC9-4630-B883-4A9336CC6C72} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {F124AA82-88EA-46D2-8DA3-C208AE268264} - \pricemeterdownloader No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef348ab479b3a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-01-31 14:20 - 2013-12-19 20:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-28 11:14 - 2014-02-28 11:14 - 00173568 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\quazip.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 01080832 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00833024 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-02-28 15:07 - 2014-02-28 15:07 - 00102344 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-02-28 15:07 - 2014-02-28 15:07 - 00108488 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00030208 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00233984 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-02-28 15:10 - 2014-02-28 15:10 - 00563656 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-02-28 15:10 - 2014-02-28 15:10 - 00577480 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00159232 _____ () C:\Users\User\AppData\Local\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-01-28 15:10 - 2014-01-23 07:56 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libglesv2.dll
2014-01-28 15:10 - 2014-01-23 07:56 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libegl.dll
2014-01-28 15:10 - 2014-01-23 07:56 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
2014-01-28 15:10 - 2014-01-23 07:57 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
2014-01-28 15:10 - 2014-01-23 07:55 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
2014-02-20 17:11 - 2014-02-20 17:11 - 13632904 _____ () C:\Users\User\AppData\Local\Google\Chrome\User Data\PepperFlash\12.0.0.70\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\User\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\User\AppData\Roaming:NT
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^AntiCrash.lnk => C:\Windows\pss\AntiCrash.lnk.Startup
MSCONFIG\startupreg: RGSC => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/01/2014 04:43:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/01/2014 04:41:56 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/01/2014 04:41:56 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/01/2014 04:41:56 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/01/2014 04:41:13 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (06/01/2014 04:04:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/01/2014 04:03:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (06/01/2014 04:03:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (06/01/2014 04:03:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (06/01/2014 04:03:06 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
System errors:
=============
Error: (06/01/2014 04:42:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Reimage Real Time Protection" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/01/2014 04:04:50 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005
Error: (06/01/2014 04:03:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Reimage Real Time Protection" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/01/2014 10:35:40 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (06/01/2014 10:12:41 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (06/01/2014 10:12:10 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/01/2014 10:09:51 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (06/01/2014 09:37:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Reimage Real Time Protection" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/31/2014 04:50:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Reimage Real Time Protection" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/31/2014 01:44:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Reimage Real Time Protection" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (06/01/2014 04:43:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/01/2014 04:41:56 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name43900
Error: (06/01/2014 04:41:56 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name25900
Error: (06/01/2014 04:41:56 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name17900
Error: (06/01/2014 04:41:13 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (06/01/2014 04:04:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/01/2014 04:03:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (06/01/2014 04:03:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (06/01/2014 04:03:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (06/01/2014 04:03:06 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name43900
CodeIntegrity Errors:
===================================
Date: 2014-06-01 10:12:10.136
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-01 10:12:10.105
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 25%
Total physical RAM: 8043.86 MB
Available physical RAM: 5969.55 MB
Total Pagefile: 16085.9 MB
Available Pagefile: 13952.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:680.54 GB) (Free:258.35 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Disk_2) (CDROM) (Total:5.55 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 2A180AE6)
Partition 1: (Active) - (Size=681 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-06-2014 01
Ran by User (administrator) on PC1 on 01-06-2014 17:17:46
Running from C:\Users\User\Desktop\FRST
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Users\User\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-09-19] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [85600 2013-12-13] (Nullsoft, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3701525457-4283376491-4006895372-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-3701525457-4283376491-4006895372-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2013-10-16] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3701525457-4283376491-4006895372-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
ShortcutTarget: IMVU.lnk -> C:\Users\User\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x72AF0974E9E2CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{67B02B1A-7418-48EF-B2E5-02FC8EC69392}: [NameServer]192.168.178.1,192.168.178.46
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lpqe0v84.default
FF NetworkProxy: "socks_version", 4
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
Chrome:
=======
CHR HomePage:
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-01]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-01]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-01]
CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-01]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-01]
CHR Extension: (AdRemoverrUuTubbe) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dibpjnjgdeendckdpigimgmolffmpoca [2014-06-01]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-01]
CHR HKCU\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\User\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [2013-08-21]
CHR HKLM-x32\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\User\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [2013-08-21]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [186056 2013-10-16] (Sandboxie Holdings, LLC)
S2 ReimageRealTimeProtection; C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe [X]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [200552 2013-10-16] (Sandboxie Holdings, LLC)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-06-19] (Duplex Secure Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 b57xdbd; system32\DRIVERS\b57xdbd.sys [X]
S3 b57xdmp; system32\DRIVERS\b57xdmp.sys [X]
S3 bScsiMSa; system32\DRIVERS\bScsiMSa.sys [X]
S3 bScsiSDa; system32\DRIVERS\bScsiSDa.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\User\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 RwDrv; \??\C:\Windows\SysWOW64\Drivers\RwDrv.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-01 16:38 - 2014-06-01 16:38 - 01327971 _____ () C:\Users\User\Downloads\adwcleaner_3.211.exe
2014-06-01 10:14 - 2014-06-01 10:14 - 00018840 _____ () C:\ComboFix.txt
2014-06-01 10:14 - 2014-06-01 10:14 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-01 10:14 - 2014-06-01 10:14 - 00000000 ____D () C:\Users\fbwuser\AppData\Local\temp
2014-06-01 10:14 - 2014-06-01 10:14 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-01 10:14 - 2014-06-01 10:14 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-01 10:14 - 2014-06-01 10:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-01 10:01 - 2014-06-01 10:14 - 00000000 ____D () C:\Qoobox
2014-06-01 10:01 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-01 10:01 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-01 10:01 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-01 10:01 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-01 10:01 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-01 10:01 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-01 10:01 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-01 10:01 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-01 10:00 - 2014-06-01 10:13 - 00000000 ____D () C:\Windows\erdnt
2014-06-01 10:00 - 2014-06-01 10:00 - 05203398 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe
2014-06-01 10:00 - 2014-06-01 10:00 - 05203398 _____ (Swearware) C:\Users\User\Downloads\ComboFix.exe
2014-05-31 17:29 - 2014-06-01 17:18 - 00000000 ____D () C:\Users\User\Desktop\FRST
2014-05-31 17:25 - 2014-06-01 17:17 - 00000000 ____D () C:\FRST
2014-05-31 17:25 - 2014-05-31 17:25 - 02066944 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-05-31 16:44 - 2014-05-31 16:44 - 00961360 _____ (Chip Digital GmbH) C:\Users\User\Downloads\AdwCleaner - CHIP-Installer.exe
2014-05-31 14:24 - 2014-05-31 14:24 - 00000000 ____D () C:\Users\User\AppData\Roaming\IMVUClient
2014-05-31 14:22 - 2014-05-31 14:23 - 00079248 _____ () C:\Users\User\Downloads\InstallIMVU_502.0_st_c.exe
2014-05-30 15:43 - 2014-05-30 15:43 - 00379963 _____ () C:\Users\User\Downloads\Yakuza-Keybinder.rar
2014-05-30 08:35 - 2014-05-30 08:35 - 08388904 _____ () C:\Users\User\Downloads\[Hochladen.to Dateien - Files kostenlos hochladen]fonts.txd
2014-05-29 21:15 - 2014-05-29 21:15 - 00161351 _____ () C:\Users\User\Downloads\-ORIGINAL--SKINS.rar
2014-05-29 21:15 - 2014-05-29 21:15 - 00000000 ____D () C:\Users\User\Desktop\-ORIGINAL--SKINS
2014-05-28 16:43 - 2014-05-28 16:43 - 00000000 ____D () C:\ProgramData\CDB
2014-05-28 16:42 - 2014-05-28 16:48 - 00000000 ____D () C:\rei
2014-05-28 16:42 - 2014-05-28 16:43 - 00000163 _____ () C:\Windows\Reimage.ini
2014-05-28 16:42 - 2014-05-28 16:42 - 00821320 _____ (Reimage®) C:\Users\User\Downloads\ReimageRepair.exe
2014-05-28 16:42 - 2014-05-28 16:42 - 00821320 _____ (Reimage®) C:\Users\User\Downloads\ReimageRepair (1).exe
2014-05-28 16:42 - 2014-05-28 16:42 - 00000000 ____D () C:\Program Files\Reimage
2014-05-26 15:45 - 2014-05-26 15:46 - 06067280 _____ () C:\Users\User\Downloads\#swaqman (2).zip
2014-05-25 10:29 - 2014-05-25 10:29 - 00412626 _____ () C:\Users\User\Downloads\Freundesliste System.zip
2014-05-25 10:29 - 2014-05-25 10:29 - 00000000 ____D () C:\Users\User\Desktop\Freundesliste System
2014-05-24 20:56 - 2014-05-24 20:56 - 02250240 _____ () C:\Users\User\Downloads\SA-Keybinder.exe
2014-05-24 20:40 - 2014-05-24 20:41 - 03684312 _____ () C:\Users\User\Downloads\rgnlauncher0.9.6 (2).exe
2014-05-24 10:17 - 2014-05-24 10:17 - 01993005 _____ () C:\Users\User\Downloads\Bilder.rar
2014-05-23 21:41 - 2014-05-23 21:41 - 00008192 _____ () C:\Users\User\Downloads\Adlerauge.exe
2014-05-23 21:39 - 2014-05-23 21:39 - 00008192 _____ () C:\Users\User\Downloads\SAMP-NameTag-Hack.exe
2014-05-23 20:50 - 2014-05-23 20:50 - 01131529 _____ () C:\Users\User\Downloads\edits.rar
2014-05-22 16:30 - 2014-05-22 16:30 - 00028670 _____ () C:\Users\User\Downloads\peko-ist-geil.wav
2014-05-21 18:48 - 2014-05-21 18:48 - 26151954 _____ () C:\Users\User\Downloads\GENRL0 (2)
2014-05-21 18:24 - 2014-05-22 14:30 - 00000000 ____D () C:\Users\User\Documents\Overlay-Optionen
2014-05-21 18:24 - 2014-05-21 18:24 - 00860672 _____ () C:\Users\User\Downloads\Overlay_1.45.exe
2014-05-21 18:24 - 2014-05-21 18:24 - 00860672 _____ () C:\Users\User\Desktop\Overlay_1.45.exe
2014-05-21 18:13 - 2014-05-21 18:13 - 24913027 _____ () C:\Users\User\Downloads\PigMussy-Pack.rar
2014-05-21 17:38 - 2014-05-21 17:38 - 08353712 _____ () C:\Users\User\Downloads\Kenny wat is den los mit dir_.mp4
2014-05-18 19:29 - 2014-05-18 19:29 - 00004760 _____ () C:\Users\User\Downloads\Weapon.dat - default.ide v3.rar
2014-05-18 10:35 - 2014-05-18 10:35 - 06247465 _____ () C:\Users\User\Downloads\Lagg oder DDos_.mp4
2014-05-17 18:58 - 2014-05-17 18:58 - 06362224 _____ () C:\Users\User\Downloads\Felix_Diesel #Healhack.mp4
2014-05-17 18:37 - 2014-05-17 18:37 - 00000000 ____D () C:\Users\User\Desktop\Deaglepack (1)
2014-05-17 18:36 - 2014-05-17 18:37 - 05643950 _____ () C:\Users\User\Downloads\Deaglepack (1).rar
2014-05-17 16:50 - 2014-05-17 16:50 - 00001174 _____ () C:\Users\User\Desktop\TeamSpeak 3 Client.lnk
2014-05-17 16:50 - 2014-05-17 16:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-05-17 16:40 - 2014-05-17 16:40 - 00961360 _____ (Chip Digital GmbH) C:\Users\User\Downloads\TeamSpeak 3 64 Bit - CHIP-Downloader.exe
2014-05-17 16:39 - 2014-05-17 16:39 - 00961360 _____ (Chip Digital GmbH) C:\Users\User\Downloads\TeamSpeak 3 32 Bit - CHIP-Downloader.exe
2014-05-17 12:44 - 2014-05-17 12:44 - 00080476 _____ () C:\Users\User\Downloads\YakuZa-Skin-f--r-die-Tomate.rar
2014-05-17 12:21 - 2014-05-17 12:21 - 00768428 _____ () C:\Users\User\Downloads\1341069701_HDiconsSAbyZera.zip
2014-05-17 11:43 - 2014-05-17 11:43 - 08388904 _____ () C:\Users\User\Downloads\fonts (4).txd
2014-05-16 20:32 - 2014-05-16 20:32 - 05220703 _____ () C:\Users\User\Desktop\RPG CITY TEAM USER PRESENTATION !.webm
2014-05-16 14:21 - 2014-05-16 14:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-16 14:21 - 2014-05-16 14:21 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-13 19:55 - 2014-05-19 20:34 - 00000000 ____D () C:\Users\User\Desktop\frag
2014-05-13 19:43 - 2014-05-13 19:43 - 00839913 _____ () C:\Users\User\Downloads\Yakuza-Intro.mp4
2014-05-10 18:45 - 2014-05-10 18:45 - 19568865 _____ () C:\Users\User\Downloads\Fertige-GENRL.rar
2014-05-10 16:30 - 2014-05-12 20:09 - 00000000 ____D () C:\Users\User\Desktop\King
2014-05-10 16:28 - 2014-05-10 16:30 - 106494550 _____ () C:\Users\User\Downloads\King.zip
2014-05-10 15:37 - 2014-05-10 15:37 - 00000000 ____D () C:\Users\User\Desktop\selfmadeavi
2014-05-09 18:38 - 2014-05-09 18:38 - 05355643 _____ () C:\Users\User\Downloads\Khalife.zip
2014-05-09 16:46 - 2014-05-09 16:46 - 00000000 ____D () C:\Users\User\Desktop\-Gerami-HD-Modpack- (3)
2014-05-09 16:45 - 2014-05-09 16:45 - 00892557 _____ () C:\Users\User\Downloads\-Gerami-HD-Modpack- (3).rar
2014-05-08 18:42 - 2014-05-16 19:57 - 00000000 ____D () C:\Users\User\Desktop\Overlay-by-swiix (3)
2014-05-08 18:42 - 2014-05-08 18:42 - 00798872 _____ () C:\Users\User\Downloads\Overlay-by-swiix (3).rar
2014-05-08 16:57 - 2014-05-08 16:57 - 00124902 _____ () C:\Users\User\Downloads\Bonas Ghosts CC Looks.rar
2014-05-08 16:52 - 2014-05-08 16:52 - 13661550 _____ () C:\Users\User\Downloads\SoundPack by xDeso1337.rar
2014-05-08 14:44 - 2014-05-08 14:45 - 00000000 ____D () C:\Program Files\Virtual Audio Cable
2014-05-08 14:44 - 2014-05-08 14:44 - 00537138 _____ () C:\Users\User\Downloads\vac413.zip
2014-05-08 14:44 - 2014-05-08 14:44 - 00108960 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2014-05-08 14:44 - 2014-05-08 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2014-05-08 14:41 - 2014-05-08 14:43 - 00279379 _____ () C:\Users\User\Downloads\VirtualAudioCable409.zip
2014-05-08 14:40 - 2014-05-08 14:40 - 00629584 _____ (Chip Digital GmbH) C:\Users\User\Downloads\Virtual Audio Cable - CHIP-Downloader.exe
2014-05-08 14:37 - 2014-05-31 17:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\Winamp
2014-05-08 14:36 - 2014-05-08 14:36 - 12855384 _____ (Nullsoft, Inc.) C:\Users\User\Downloads\winamp5666_full_de-de_b3516.exe
2014-05-08 14:35 - 2014-05-08 14:35 - 00042311 _____ () C:\Users\User\Downloads\TS3MusicBot-plugin.rar
2014-05-07 19:47 - 2014-05-07 19:48 - 34014392 _____ (DVDVideoSoft Ltd. ) C:\Users\User\Downloads\FreeYouTubeToMP3Converter34430 (1).exe
2014-05-07 16:19 - 2014-05-07 16:19 - 00401185 _____ () C:\Users\User\Downloads\AutoHotkey111500_ansi.zip
2014-05-06 16:58 - 2014-05-06 16:58 - 03684312 _____ () C:\Users\User\Downloads\rgnlauncher0.9.6 (1).exe
2014-05-06 15:20 - 2014-05-06 15:20 - 00444998 _____ () C:\Users\User\Downloads\Allgemeiner Keybinder (2).zip
2014-05-06 14:40 - 2014-05-06 14:40 - 00352765 _____ () C:\Users\User\Downloads\Beep-Tones by SCProductions.rar
2014-05-05 20:02 - 2014-05-05 20:03 - 121715851 _____ () C:\Users\User\Downloads\Icons (4).rar
2014-05-04 17:06 - 2014-05-09 16:32 - 00000055 _____ () C:\Users\User\Desktop\---.txt
2014-05-04 14:30 - 2014-05-04 14:30 - 01430648 _____ () C:\Users\User\Downloads\Bilder-by-javiguiza.rar
2014-05-04 09:44 - 2014-05-04 09:44 - 22981524 _____ () C:\Users\User\Downloads\GTA SA Backup Skins 123Axell.rar
2014-05-04 09:27 - 2014-05-04 09:27 - 06067280 _____ () C:\Users\User\Downloads\#swaqman (1).zip
2014-05-03 16:29 - 2014-05-03 16:29 - 00378583 _____ () C:\Users\User\Downloads\Chromatic Editing 200 subs CC pack.rar
2014-05-03 10:37 - 2014-05-03 10:49 - 00000831 _____ () C:\Users\User\Desktop\FBI Bewerbunggespräch.txt
2014-05-02 11:20 - 2014-05-02 11:20 - 00286640 _____ () C:\Windows\Minidump\050214-22308-01.dmp
==================== One Month Modified Files and Folders =======
2014-06-01 17:18 - 2014-05-31 17:29 - 00000000 ____D () C:\Users\User\Desktop\FRST
2014-06-01 17:17 - 2014-05-31 17:25 - 00000000 ____D () C:\FRST
2014-06-01 17:17 - 2013-06-13 11:51 - 00000000 ____D () C:\Users\User\AppData\Local\Temp
2014-06-01 17:16 - 2013-06-14 15:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\TS3Client
2014-06-01 17:16 - 2013-06-13 19:22 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-01 17:08 - 2013-06-13 12:49 - 00003906 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{148E43A9-7EF6-4727-974F-C29C4A3AB0B6}
2014-06-01 17:00 - 2013-08-11 19:37 - 00075487 _____ () C:\Windows\setupact.log
2014-06-01 17:00 - 2013-06-13 09:47 - 01051352 _____ () C:\Windows\WindowsUpdate.log
2014-06-01 16:59 - 2011-04-12 09:43 - 00709248 _____ () C:\Windows\system32\perfh007.dat
2014-06-01 16:59 - 2011-04-12 09:43 - 00154102 _____ () C:\Windows\system32\perfc007.dat
2014-06-01 16:59 - 2009-07-14 07:13 - 01647172 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-01 16:49 - 2009-07-14 06:45 - 00021088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-01 16:49 - 2009-07-14 06:45 - 00021088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-01 16:43 - 2014-04-11 17:32 - 00000000 ____D () C:\Users\User\AppData\Local\LogMeIn Hamachi
2014-06-01 16:43 - 2013-06-19 14:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\IMVU
2014-06-01 16:41 - 2014-04-12 16:22 - 00000000 ____D () C:\AdwCleaner
2014-06-01 16:41 - 2013-08-12 14:58 - 00191536 _____ () C:\Windows\PFRO.log
2014-06-01 16:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-01 16:38 - 2014-06-01 16:38 - 01327971 _____ () C:\Users\User\Downloads\adwcleaner_3.211.exe
2014-06-01 16:37 - 2013-06-13 19:22 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-01 16:10 - 2013-06-13 20:16 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-06-01 16:04 - 2013-12-30 13:52 - 00002356 _____ () C:\Windows\Sandboxie.ini
2014-06-01 10:14 - 2014-06-01 10:14 - 00018840 _____ () C:\ComboFix.txt
2014-06-01 10:14 - 2014-06-01 10:14 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-01 10:14 - 2014-06-01 10:14 - 00000000 ____D () C:\Users\fbwuser\AppData\Local\temp
2014-06-01 10:14 - 2014-06-01 10:14 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-01 10:14 - 2014-06-01 10:14 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-01 10:14 - 2014-06-01 10:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-01 10:14 - 2014-06-01 10:01 - 00000000 ____D () C:\Qoobox
2014-06-01 10:13 - 2014-06-01 10:00 - 00000000 ____D () C:\Windows\erdnt
2014-06-01 10:12 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-01 10:10 - 2013-07-05 08:50 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-01 10:00 - 2014-06-01 10:00 - 05203398 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe
2014-06-01 10:00 - 2014-06-01 10:00 - 05203398 _____ (Swearware) C:\Users\User\Downloads\ComboFix.exe
2014-06-01 09:59 - 2014-04-17 15:19 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-06-01 09:42 - 2013-12-22 12:50 - 00000000 ____D () C:\Users\User\Desktop\Sony Vegas
2014-05-31 17:25 - 2014-05-31 17:25 - 02066944 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-05-31 17:19 - 2014-05-08 14:37 - 00000000 ____D () C:\Users\User\AppData\Roaming\Winamp
2014-05-31 17:19 - 2014-01-01 17:53 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-31 16:44 - 2014-05-31 16:44 - 00961360 _____ (Chip Digital GmbH) C:\Users\User\Downloads\AdwCleaner - CHIP-Installer.exe
2014-05-31 14:39 - 2013-06-13 11:51 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-31 14:24 - 2014-05-31 14:24 - 00000000 ____D () C:\Users\User\AppData\Roaming\IMVUClient
2014-05-31 14:23 - 2014-05-31 14:22 - 00079248 _____ () C:\Users\User\Downloads\InstallIMVU_502.0_st_c.exe
2014-05-31 13:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-30 18:10 - 2013-11-30 12:44 - 00000000 ____D () C:\Users\User\Desktop\JBG2
2014-05-30 15:43 - 2014-05-30 15:43 - 00379963 _____ () C:\Users\User\Downloads\Yakuza-Keybinder.rar
2014-05-30 15:43 - 2013-11-02 12:39 - 00000020 _____ () C:\Users\User\AppData\Roaming\dx.ini
2014-05-30 08:35 - 2014-05-30 08:35 - 08388904 _____ () C:\Users\User\Downloads\[Hochladen.to Dateien - Files kostenlos hochladen]fonts.txd
2014-05-29 21:15 - 2014-05-29 21:15 - 00161351 _____ () C:\Users\User\Downloads\-ORIGINAL--SKINS.rar
2014-05-29 21:15 - 2014-05-29 21:15 - 00000000 ____D () C:\Users\User\Desktop\-ORIGINAL--SKINS
2014-05-29 18:08 - 2013-07-14 09:54 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-05-29 12:50 - 2013-08-11 19:41 - 00000000 ____D () C:\Users\User\Desktop\Alle SAMP Mods ?
2014-05-28 16:48 - 2014-05-28 16:42 - 00000000 ____D () C:\rei
2014-05-28 16:43 - 2014-05-28 16:43 - 00000000 ____D () C:\ProgramData\CDB
2014-05-28 16:43 - 2014-05-28 16:42 - 00000163 _____ () C:\Windows\Reimage.ini
2014-05-28 16:42 - 2014-05-28 16:42 - 00821320 _____ (Reimage®) C:\Users\User\Downloads\ReimageRepair.exe
2014-05-28 16:42 - 2014-05-28 16:42 - 00821320 _____ (Reimage®) C:\Users\User\Downloads\ReimageRepair (1).exe
2014-05-28 16:42 - 2014-05-28 16:42 - 00000000 ____D () C:\Program Files\Reimage
2014-05-26 15:46 - 2014-05-26 15:45 - 06067280 _____ () C:\Users\User\Downloads\#swaqman (2).zip
2014-05-25 10:29 - 2014-05-25 10:29 - 00412626 _____ () C:\Users\User\Downloads\Freundesliste System.zip
2014-05-25 10:29 - 2014-05-25 10:29 - 00000000 ____D () C:\Users\User\Desktop\Freundesliste System
2014-05-25 09:27 - 2014-03-25 20:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-25 09:27 - 2013-06-13 20:16 - 00000000 ____D () C:\ProgramData\Skype
2014-05-24 20:56 - 2014-05-24 20:56 - 02250240 _____ () C:\Users\User\Downloads\SA-Keybinder.exe
2014-05-24 20:41 - 2014-05-24 20:40 - 03684312 _____ () C:\Users\User\Downloads\rgnlauncher0.9.6 (2).exe
2014-05-24 10:17 - 2014-05-24 10:17 - 01993005 _____ () C:\Users\User\Downloads\Bilder.rar
2014-05-23 21:41 - 2014-05-23 21:41 - 00008192 _____ () C:\Users\User\Downloads\Adlerauge.exe
2014-05-23 21:39 - 2014-05-23 21:39 - 00008192 _____ () C:\Users\User\Downloads\SAMP-NameTag-Hack.exe
2014-05-23 20:50 - 2014-05-23 20:50 - 01131529 _____ () C:\Users\User\Downloads\edits.rar
2014-05-23 16:31 - 2013-08-08 17:01 - 00005120 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-22 16:30 - 2014-05-22 16:30 - 00028670 _____ () C:\Users\User\Downloads\peko-ist-geil.wav
2014-05-22 16:25 - 2014-03-16 15:08 - 00000000 ____D () C:\Users\User\Desktop\crashes
2014-05-22 14:30 - 2014-05-21 18:24 - 00000000 ____D () C:\Users\User\Documents\Overlay-Optionen
2014-05-22 14:22 - 2013-06-13 19:13 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-22 14:22 - 2013-06-13 19:13 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-21 19:32 - 2013-09-13 18:28 - 00000000 ____D () C:\Users\User\Desktop\SAMP Original Files
2014-05-21 18:48 - 2014-05-21 18:48 - 26151954 _____ () C:\Users\User\Downloads\GENRL0 (2)
2014-05-21 18:24 - 2014-05-21 18:24 - 00860672 _____ () C:\Users\User\Downloads\Overlay_1.45.exe
2014-05-21 18:24 - 2014-05-21 18:24 - 00860672 _____ () C:\Users\User\Desktop\Overlay_1.45.exe
2014-05-21 18:13 - 2014-05-21 18:13 - 24913027 _____ () C:\Users\User\Downloads\PigMussy-Pack.rar
2014-05-21 17:38 - 2014-05-21 17:38 - 08353712 _____ () C:\Users\User\Downloads\Kenny wat is den los mit dir_.mp4
2014-05-19 20:34 - 2014-05-13 19:55 - 00000000 ____D () C:\Users\User\Desktop\frag
2014-05-18 19:29 - 2014-05-18 19:29 - 00004760 _____ () C:\Users\User\Downloads\Weapon.dat - default.ide v3.rar
2014-05-18 10:35 - 2014-05-18 10:35 - 06247465 _____ () C:\Users\User\Downloads\Lagg oder DDos_.mp4
2014-05-17 18:58 - 2014-05-17 18:58 - 06362224 _____ () C:\Users\User\Downloads\Felix_Diesel #Healhack.mp4
2014-05-17 18:37 - 2014-05-17 18:37 - 00000000 ____D () C:\Users\User\Desktop\Deaglepack (1)
2014-05-17 18:37 - 2014-05-17 18:36 - 05643950 _____ () C:\Users\User\Downloads\Deaglepack (1).rar
2014-05-17 16:50 - 2014-05-17 16:50 - 00001174 _____ () C:\Users\User\Desktop\TeamSpeak 3 Client.lnk
2014-05-17 16:50 - 2014-05-17 16:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-05-17 16:50 - 2013-07-30 17:15 - 00000000 ____D () C:\Users\User\AppData\Local\TeamSpeak 3 Client
2014-05-17 16:40 - 2014-05-17 16:40 - 00961360 _____ (Chip Digital GmbH) C:\Users\User\Downloads\TeamSpeak 3 64 Bit - CHIP-Downloader.exe
2014-05-17 16:39 - 2014-05-17 16:39 - 00961360 _____ (Chip Digital GmbH) C:\Users\User\Downloads\TeamSpeak 3 32 Bit - CHIP-Downloader.exe
2014-05-17 12:44 - 2014-05-17 12:44 - 00080476 _____ () C:\Users\User\Downloads\YakuZa-Skin-f--r-die-Tomate.rar
2014-05-17 12:21 - 2014-05-17 12:21 - 00768428 _____ () C:\Users\User\Downloads\1341069701_HDiconsSAbyZera.zip
2014-05-17 11:43 - 2014-05-17 11:43 - 08388904 _____ () C:\Users\User\Downloads\fonts (4).txd
2014-05-17 11:09 - 2013-06-13 19:22 - 00001286 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-17 11:09 - 2013-06-13 19:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-17 11:09 - 2013-06-13 11:51 - 00000997 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-16 20:32 - 2014-05-16 20:32 - 05220703 _____ () C:\Users\User\Desktop\RPG CITY TEAM USER PRESENTATION !.webm
2014-05-16 19:57 - 2014-05-08 18:42 - 00000000 ____D () C:\Users\User\Desktop\Overlay-by-swiix (3)
2014-05-16 14:21 - 2014-05-16 14:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-16 14:21 - 2014-05-16 14:21 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-14 18:16 - 2013-06-13 19:22 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 18:16 - 2013-06-13 19:22 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 18:16 - 2013-06-13 19:22 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 19:43 - 2014-05-13 19:43 - 00839913 _____ () C:\Users\User\Downloads\Yakuza-Intro.mp4
2014-05-12 20:09 - 2014-05-10 16:30 - 00000000 ____D () C:\Users\User\Desktop\King
2014-05-10 18:45 - 2014-05-10 18:45 - 19568865 _____ () C:\Users\User\Downloads\Fertige-GENRL.rar
2014-05-10 16:30 - 2014-05-10 16:28 - 106494550 _____ () C:\Users\User\Downloads\King.zip
2014-05-10 15:37 - 2014-05-10 15:37 - 00000000 ____D () C:\Users\User\Desktop\selfmadeavi
2014-05-09 18:38 - 2014-05-09 18:38 - 05355643 _____ () C:\Users\User\Downloads\Khalife.zip
2014-05-09 16:46 - 2014-05-09 16:46 - 00000000 ____D () C:\Users\User\Desktop\-Gerami-HD-Modpack- (3)
2014-05-09 16:45 - 2014-05-09 16:45 - 00892557 _____ () C:\Users\User\Downloads\-Gerami-HD-Modpack- (3).rar
2014-05-09 16:32 - 2014-05-04 17:06 - 00000055 _____ () C:\Users\User\Desktop\---.txt
2014-05-08 18:42 - 2014-05-08 18:42 - 00798872 _____ () C:\Users\User\Downloads\Overlay-by-swiix (3).rar
2014-05-08 17:02 - 2014-01-01 18:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet Looks
2014-05-08 16:57 - 2014-05-08 16:57 - 00124902 _____ () C:\Users\User\Downloads\Bonas Ghosts CC Looks.rar
2014-05-08 16:52 - 2014-05-08 16:52 - 13661550 _____ () C:\Users\User\Downloads\SoundPack by xDeso1337.rar
2014-05-08 14:45 - 2014-05-08 14:44 - 00000000 ____D () C:\Program Files\Virtual Audio Cable
2014-05-08 14:44 - 2014-05-08 14:44 - 00537138 _____ () C:\Users\User\Downloads\vac413.zip
2014-05-08 14:44 - 2014-05-08 14:44 - 00108960 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2014-05-08 14:44 - 2014-05-08 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2014-05-08 14:43 - 2014-05-08 14:41 - 00279379 _____ () C:\Users\User\Downloads\VirtualAudioCable409.zip
2014-05-08 14:40 - 2014-05-08 14:40 - 00629584 _____ (Chip Digital GmbH) C:\Users\User\Downloads\Virtual Audio Cable - CHIP-Downloader.exe
2014-05-08 14:37 - 2014-01-13 17:57 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-05-08 14:36 - 2014-05-08 14:36 - 12855384 _____ (Nullsoft, Inc.) C:\Users\User\Downloads\winamp5666_full_de-de_b3516.exe
2014-05-08 14:35 - 2014-05-08 14:35 - 00042311 _____ () C:\Users\User\Downloads\TS3MusicBot-plugin.rar
2014-05-07 19:49 - 2013-08-25 19:28 - 00001540 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-05-07 19:49 - 2013-07-07 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-05-07 19:49 - 2013-07-07 20:21 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-05-07 19:48 - 2014-05-07 19:47 - 34014392 _____ (DVDVideoSoft Ltd. ) C:\Users\User\Downloads\FreeYouTubeToMP3Converter34430 (1).exe
2014-05-07 19:48 - 2013-07-07 20:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\DVDVideoSoft
2014-05-07 16:19 - 2014-05-07 16:19 - 00401185 _____ () C:\Users\User\Downloads\AutoHotkey111500_ansi.zip
2014-05-06 16:58 - 2014-05-06 16:58 - 03684312 _____ () C:\Users\User\Downloads\rgnlauncher0.9.6 (1).exe
2014-05-06 15:20 - 2014-05-06 15:20 - 00444998 _____ () C:\Users\User\Downloads\Allgemeiner Keybinder (2).zip
2014-05-06 14:40 - 2014-05-06 14:40 - 00352765 _____ () C:\Users\User\Downloads\Beep-Tones by SCProductions.rar
2014-05-05 20:03 - 2014-05-05 20:02 - 121715851 _____ () C:\Users\User\Downloads\Icons (4).rar
2014-05-04 14:30 - 2014-05-04 14:30 - 01430648 _____ () C:\Users\User\Downloads\Bilder-by-javiguiza.rar
2014-05-04 09:44 - 2014-05-04 09:44 - 22981524 _____ () C:\Users\User\Downloads\GTA SA Backup Skins 123Axell.rar
2014-05-04 09:27 - 2014-05-04 09:27 - 06067280 _____ () C:\Users\User\Downloads\#swaqman (1).zip
2014-05-03 16:29 - 2014-05-03 16:29 - 00378583 _____ () C:\Users\User\Downloads\Chromatic Editing 200 subs CC pack.rar
2014-05-03 10:49 - 2014-05-03 10:37 - 00000831 _____ () C:\Users\User\Desktop\FBI Bewerbunggespräch.txt
2014-05-02 11:20 - 2014-05-02 11:20 - 00286640 _____ () C:\Windows\Minidump\050214-22308-01.dmp
2014-05-02 11:20 - 2014-04-12 10:21 - 316477296 _____ () C:\Windows\MEMORY.DMP
2014-05-02 11:20 - 2013-06-15 20:52 - 00000000 ____D () C:\Windows\Minidump
2014-05-02 11:20 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
Files to move or delete:
====================
C:\Users\User\AppData\Roaming\dx.ini
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-31 19:20
==================== End Of Log ============================
--- --- ---
JRT Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by User on 01.06.2014 at 20:03:03,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3701525457-4283376491-4006895372-1000\Software\sweetim
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CE4059F7-0C8F-4371-9169-877F92F1DB0A}
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.06.2014 at 20:10:00,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
mbam Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 01.06.2014
Suchlauf-Zeit: 17:28:27
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.06.01.05
Rootkit Datenbank: v2014.05.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: User
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 338072
Verstrichene Zeit: 35 Min, 56 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 4
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, In Quarantäne, [85c423500774d5618ad18440db28c13f],
PUP.Optional.PutLockerDownloader.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\APPDATALOW\SOFTWARE\PutLocker-Downloader V9.0, Löschen bei Neustart, [cd7cf77c6f0c91a5ccbce3c3bf43cd33],
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\WNLT, Löschen bei Neustart, [ed5c680b9ae12214a3e18b3f778cbf41],
Backdoor.Trace, HKU\S-1-5-21-3701525457-4283376491-4006895372-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\CYBER, Löschen bei Neustart, [d178522186f51f1784b493e36e95f60a],
Registrierungswerte: 3
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, {D94847BA-6138-49A5-A652-279C74184F10}, In Quarantäne, [85c423500774d5618ad18440db28c13f]
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\WNLT|URL, SIM, Löschen bei Neustart, [ed5c680b9ae12214a3e18b3f778cbf41]
Backdoor.Trace, HKU\S-1-5-21-3701525457-4283376491-4006895372-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\CYBER|FirstExecution, 29/06/2013 -- 19:21, Löschen bei Neustart, [d178522186f51f1784b493e36e95f60a]
Registrierungsdaten: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[e168571caccfff3757131f414eb63fc1]
Ordner: 0
(No malicious items detected)
Dateien: 39
PUP.Optional.MultiPlug.A, C:\ProgramData\AdRemoverrUuTubbe\sV.dll, In Quarantäne, [f455274cf08b0c2aeaa9ae9d659cb54b],
PUP.Optional.MultiPlug.A, C:\ProgramData\AdRemoverrUuTubbe\sV.exe, In Quarantäne, [7ccd33404437f046474ccf7cea1733cd],
PUP.Optional.Somoto, C:\Users\User\Downloads\SumatraPDFSetup-1Qzshwu.exe, In Quarantäne, [ec5d60132e4def47752da9da6b996799],
Trojan.AimBot, C:\Users\User\Downloads\SAMP Aimbot (1).zip, In Quarantäne, [f7528ae981fa57dfe9c5b93b40c31ee2],
Hacktool.Agent, C:\Users\User\Downloads\w7.loader.v1.9.6-DAZ.rar, In Quarantäne, [e1683d363c3fea4c53d6db707c85aa56],
PUP.Optional.Conduit.A, C:\Users\User\Downloads\IMVU (1).exe, In Quarantäne, [89c04330c3b8b5813396a1aaeb161ee2],
PUP.Optional.Conduit.A, C:\Users\User\Downloads\IMVU (2).exe, In Quarantäne, [8ebb6a096d0e3006c306321947ba58a8],
PUP.Optional.Conduit.A, C:\Users\User\Downloads\IMVU.exe, In Quarantäne, [72d788eb126946f059706edd34cdf60a],
PUP.Optional.Softonic, C:\Users\User\Downloads\SoftonicDownloader_fuer_cyberlink-powerdirector.exe, In Quarantäne, [5ced43305625a29448bf5bab7190857b],
PUP.Optional.Softonic, C:\Users\User\Downloads\SoftonicDownloader_fuer_imvu.exe, In Quarantäne, [d6732f44601bb97deb1c49bd5ba67090],
PUP.Optional.Softonic, C:\Users\User\Downloads\SoftonicDownloader_fuer_logitech-hd-webcam-software.exe, In Quarantäne, [05444d269ae164d261a6679f9c653dc3],
PUP.Optional.Softonic, C:\Users\User\Downloads\SoftonicDownloader_fuer_photo-booth-fur-windows-7.exe, In Quarantäne, [d6737cf7bac1270f80870006d62b59a7],
PUP.Optional.Softonic, C:\Users\User\Downloads\SoftonicDownloader_fuer_simple-webcam-capture.exe, In Quarantäne, [3a0fe093a2d90c2a4cbb1ee8639e3dc3],
PUP.Optional.Softonic, C:\Users\User\Downloads\SoftonicDownloader_fuer_webcammax.exe, In Quarantäne, [77d2a4cf9dde2a0c887f5fa7d42dc739],
PUP.Optional.Softonic, C:\Users\User\Downloads\SoftonicDownloader_fuer_windows-live-movie-maker.exe, In Quarantäne, [7acf195a2f4cfb3bc64126e0ea171ce4],
PUP.Optional.SweetIM, C:\Users\User\Downloads\AngryBirdsStarWarsSetup.exe, In Quarantäne, [3019185b90ebdd598c6f62218a7a8878],
Adware.InstallBrain, C:\Users\User\Downloads\CodecPerformerSetup.exe, In Quarantäne, [8bbeb6bded8eba7c3ee329e012efd52b],
PUP.BundleInstaller.DW, C:\Users\User\Downloads\codec_pack_659889_ch.exe, In Quarantäne, [b29742315f1c6bcb9e4fce37b150b64a],
PUP.Optional.4Shared, C:\Users\User\Downloads\Mod Pack Skins Yakuza V1.0.exe, In Quarantäne, [d8716c07007b3df9a5b854ca10f004fc],
PUP.Optional.InstalleRex, C:\Users\User\Downloads\GTA_SA_SNOW_MOD_samp.rar.exe, In Quarantäne, [84c5413257240135252046e7cc357c84],
PUP.Optional.4Shared, C:\Users\User\Downloads\teknogods.modern.warfare.3.mod.2.7.0.1.exe, In Quarantäne, [6cdd77fcd2a90333e7769688fc04dd23],
PUP.Optional.InstalleRex, C:\Users\User\Downloads\SkypEmoticons.exe, In Quarantäne, [bc8d4a2987f4ba7cba38232657aa02fe],
PUP.Optional.4Shared, C:\Users\User\Downloads\Backup Radar gta sa.exe, In Quarantäne, [c38690e396e5d85e85d869b5b05005fb],
PUP.Optional.OpenCandy, C:\Users\User\Downloads\PhotoScape_V3.6.3.exe, In Quarantäne, [9baedb980972201684e6aed644c0827e],
PUP.Optional.OneClickDownloader.A, C:\Users\User\Downloads\Deagle_(101).wav.exe, In Quarantäne, [f3561360b5c6f2446cee7d96e71aa45c],
PUP.Optional.InstallMonetizer, C:\Users\User\Downloads\Demo AWP WALLBANG Minute 13.rar.exe, In Quarantäne, [1b2e12614b303006f196feeebf447090],
PUP.Optional.Somoto, C:\Users\User\Downloads\FLVPlayerSetup-cuYIq75.exe, In Quarantäne, [df6a155e6b1046f0208298eb51b34cb4],
PUP.Optional.Somoto, C:\Users\User\Downloads\FLVPlayerSetup-e17i8pa.exe, In Quarantäne, [3b0e4132681376c0831fa6dddf25dd23],
PUP.Optional.Installrex, C:\Users\User\Downloads\download.dll-files.com_bc8e5c4â?¦2a0b3_zlib.zip_0WLiXAbDgR.exe, In Quarantäne, [7dcc0172b9c2ed49d44790dcbb467888],
PUP.Optional.Softonic, C:\Users\User\Downloads\SoftonicDownloader_for_camtasia-studio.exe, In Quarantäne, [44053a39a4d7df57b65135d1ef126e92],
PUP.Optional.FreeNew.A, C:\Users\User\Downloads\Razer_Game_Booster_downloader.exe, In Quarantäne, [ed5ca3d044372d0993b9130168999d63],
Trojan.MSIL, C:\Users\User\Downloads\InstallIW4M (1).exe, In Quarantäne, [2524571c413ae353c777be8e857ce51b],
Trojan.MSIL, C:\Users\User\Downloads\InstallIW4M (2).exe, In Quarantäne, [15343b3885f6340268d63c1002fff010],
Trojan.MSIL, C:\Users\User\Downloads\InstallIW4M.exe, In Quarantäne, [123743302e4da98d5fdfda72d928946c],
PUP.Optional.4Shared, C:\Users\User\Downloads\Anti Cheat 1.0 + Samp Fix.exe, In Quarantäne, [95b43c370f6c58def568f12d7f81f60a],
PUP.Optional.4Shared, C:\Users\User\Downloads\anticrash para samp 0.3x by alexisflow99 (1).exe, In Quarantäne, [51f82b48a1da0135ed70d14df30d24dc],
PUP.Optional.4Shared, C:\Users\User\Downloads\anticrash para samp 0.3x by alexisflow99.exe, In Quarantäne, [91b86013f586ca6c6bf2f925b34d13ed],
PUP.Optional.Superfish.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Löschen bei Neustart, [77d29ed5d0abee48e998088cc43ecd33],
PUP.Optional.Superfish.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, In Quarantäne, [232682f1413abc7ad4ad583c27db639d],
Physische Sektoren: 0
(No malicious items detected)
(end)
zoek Code:
restore;|C_Users_User_AppData_Roaming_Mozilla_Firefox_Profiles_lpqe0v84.default_prefs__2023_.backup.vir|C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lpqe0v84.default\prefs.js
restore;|C_Users_User_AppData_LocalLow_{06FDA2D6-CAC1-BBDD-91AA-E81B907A5B1F}|C:\Users\User\AppData\LocalLow\{06FDA2D6-CAC1-BBDD-91AA-E81B907A5B1F}
restore;|C_Users_User_AppData_Local_Packages_windows_ie_ac_001_AC_{06FDA2D6-CAC1-BBDD-91AA-E81B907A5B1F}|C:\Users\User\AppData\Local\Packages\windows_ie_ac_001\AC\{06FDA2D6-CAC1-BBDD-91AA-E81B907A5B1F}
restore;|C_Windows_SysNative_config_systemprofile_AppData_Local_Packages_windows_ie_ac_001_AC_{AE08F98E-6780-75B3-08D9-D3E8AFD77FA2}|C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{AE08F98E-6780-75B3-08D9-D3E8AFD77FA2}
restore;|C_PROGRA~3_dibpjnjgdeendckdpigimgmolffmpoca|C:\PROGRA~3\dibpjnjgdeendckdpigimgmolffmpoca
restore;|C_PROGRA~3_2cbc95e7a1741a2b|C:\PROGRA~3\2cbc95e7a1741a2b
restore;|C_PROGRA~3_AdRemoverrUuTubbe|C:\PROGRA~3\AdRemoverrUuTubbe
restore;|C_PROGRA~2_ss Supporter|C:\PROGRA~2\ss Supporter
restore;|C_PROGRA~2_COMMON~1_DVDVideoSoft_bin|C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin
restore;|C_Program Files_Reimage|C:\Program Files\Reimage
restore;|C_PROGRA~3_InstallMate|C:\PROGRA~3\InstallMate
restore;|C_Users_User_AppData_Local_CRE|C:\Users\User\AppData\Local\CRE
restore;|C_Windows_SysWow64_searchplugins|C:\Windows\SysWow64\searchplugins
restore;|C_Windows_SysWow64_Extensions|C:\Windows\SysWow64\Extensions
restore;|C_Users_User_AppData_Local_{E6295A46-0AEE-400A-88D4-0A845D4AFD2B}.vir|C:\Users\User\AppData\Local\{E6295A46-0AEE-400A-88D4-0A845D4AFD2B}
restore;|C_Users_User_AppData_Roaming_started2.vir|C:\Users\User\AppData\Roaming\started2
restore;|C_Users_User_AppData_Roaming_dx.ini.vir|C:\Users\User\AppData\Roaming\dx.ini
restore;|C_Users_User_AppData_Roaming_prefs.js.vir|C:\Users\User\AppData\Roaming\prefs.js
restore;|C_Users_User_AppData_Local_BIT3C44.tmp.vir|C:\Users\User\AppData\Local\BIT3C44.tmp
restore;|C_Users_User_Downloads_FreeYouTubeToMP3Converter (1).exe.vir|C:\Users\User\Downloads\FreeYouTubeToMP3Converter (1).exe
restore;|C_Users_User_Downloads_FreeYouTubeToMP3Converter (2).exe.vir|C:\Users\User\Downloads\FreeYouTubeToMP3Converter (2).exe
restore;|C_Users_User_Downloads_FreeYouTubeToMP3Converter (3).exe.vir|C:\Users\User\Downloads\FreeYouTubeToMP3Converter (3).exe
restore;|C_Users_User_Downloads_FreeYouTubeToMP3Converter (4).exe.vir|C:\Users\User\Downloads\FreeYouTubeToMP3Converter (4).exe
restore;|C_Users_User_Downloads_FreeYouTubeToMP3Converter.exe.vir|C:\Users\User\Downloads\FreeYouTubeToMP3Converter.exe
restore;|C_Users_User_Downloads_FreeYouTubeToMP3Converter34430 (1).exe.vir|C:\Users\User\Downloads\FreeYouTubeToMP3Converter34430 (1).exe
restore;|C_Users_User_Downloads_FreeYouTubeToMP3Converter5628.exe.vir|C:\Users\User\Downloads\FreeYouTubeToMP3Converter5628.exe
restore;|C_Users_User_Downloads_FreeYouTubeToMP3Converter_3.12.32.327.exe.vir|C:\Users\User\Downloads\FreeYouTubeToMP3Converter_3.12.32.327.exe
restore;|C_Windows_Reimage.ini.vir|C:\Windows\Reimage.ini
restore;|C_Users_User_AppData_Roaming_install_flashplayer11x32_mssd_aih.exe.vir|C:\Users\User\AppData\Roaming\install_flashplayer11x32_mssd_aih.exe
restore;|C_Users_User_AppData_Local_Google_Chrome_User Data_Default_Extensions_dibpjnjgdeendckdpigimgmolffmpoca|C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dibpjnjgdeendckdpigimgmolffmpoca
restore;|C_Users_User_AppData_Local_Google_Chrome_User Data_Default_Extensions_dibpjnjgdeendckdpigimgmolffmpoca|C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dibpjnjgdeendckdpigimgmolffmpoca
restore;|C_Users_User_AppData_Local_Google_Chrome_User Data_Default_Local Storage_chrome-extension_dibpjnjgdeendckdpigimgmolffmpoca_0.localstorage.vir|C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dibpjnjgdeendckdpigimgmolffmpoca_0.localstorage
restore;|C_Users_User_AppData_Local_Google_Chrome_User Data_Default_Local Storage_chrome-extension_dibpjnjgdeendckdpigimgmolffmpoca_0.localstorage-journal.vir|C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dibpjnjgdeendckdpigimgmolffmpoca_0.localstorage-journal
restore;|C_Users_User_AppData_Local_Google_Chrome_User Data_Default_Local Storage_chrome-extension_dibpjnjgdeendckdpigimgmolffmpoca_0.localstorage.vir|C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dibpjnjgdeendckdpigimgmolffmpoca_0.localstorage
restore;|C_Users_User_AppData_Local_Google_Chrome_User Data_Default_Local Storage_chrome-extension_dibpjnjgdeendckdpigimgmolffmpoca_0.localstorage-journal.vir|C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dibpjnjgdeendckdpigimgmolffmpoca_0.localstorage-journal
|
So funktioniert es:
FRST 32-Bit | FRST 64-Bit
AdwCleaner auf deinen Desktop.
Malwarebytes Anti-Malware 
SecurityCheck und:
