Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Manche Wörter in Firefox grün und doppelt unterstrichen, virus?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 13.01.2014, 22:03   #1
leon2225
 
Manche Wörter in Firefox grün und doppelt unterstrichen, virus? - Standard

Manche Wörter in Firefox grün und doppelt unterstrichen, virus?



Guten Abend,
Seit einiger Zeit(1Woche?) sind einige Wörter im Firefox doppelt unterstrichen, außerdem öffnen sich des öfteren popups. Ich hoffe, ich habe alles richtig gemacht bin nähmlich neu hier.

Würde mich über Hilfe freuen
MfG Leon Farchau


PS: Mein system ist relativ neu (1monat denke ich) aufgesetzt deshalb kam ich nicht gleich darauf das es ein Virus sein könnte

Alt 13.01.2014, 22:10   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Manche Wörter in Firefox grün und doppelt unterstrichen, virus? - Standard

Manche Wörter in Firefox grün und doppelt unterstrichen, virus?



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 13.01.2014, 22:58   #3
leon2225
 
Manche Wörter in Firefox grün und doppelt unterstrichen, virus? - Standard

Manche Wörter in Firefox grün und doppelt unterstrichen, virus?



So hier sind die Ergebnisse:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-01-2014 02
Ran by Leon (administrator) on LEON-PC on 13-01-2014 22:39:42
Running from C:\Users\Leon\Desktop
Windows 7 Enterprise Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Dropbox, Inc.) C:\Users\Leon\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Spotify Ltd) C:\Users\Leon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-28] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [606024 2013-09-19] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-06-05] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Leon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-13] (Spotify Ltd)
HKCU\...\Run: [EA Core] - C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [3325952 2009-03-28] (Electronic Arts)
MountPoints2: {7aebf1cb-4481-11e3-9d54-806e6f6e6963} - E:\ASRSetup.exe
AppInit_DLLs: C:\Windows\system32\appinit_dll.dll [475424 2012-02-05] (Lucidlogix Inc.)
AppInit_DLLs-x32: C:\Windows\SysWOW64\appinit_dll.dll [429856 2012-02-05] (Lucidlogix Inc.)
Startup: C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Leon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: SurF! aindd Keeeep - {D15AD77C-60AC-8CF7-3E2D-25B2CFCE88F6} - C:\Program Files (x86)\SurF! aindd Keeeep\fw58ux.x64.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YoutubeAdblocker - {F11D979E-677F-EF57-1050-DCC2294EAFF7} - C:\Program Files (x86)\YoutubeAdblocker\ou.x64.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: SurF! aindd Keeeep - {D15AD77C-60AC-8CF7-3E2D-25B2CFCE88F6} - C:\Program Files (x86)\SurF! aindd Keeeep\fw58ux.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YoutubeAdblocker - {F11D979E-677F-EF57-1050-DCC2294EAFF7} - C:\Program Files (x86)\YoutubeAdblocker\ou.dll ()
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{436EEEF5-E0C0-46C8-80BB-7F1C6645CE19}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default
FF Homepage: www.psd-tutorials.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YoutubeAdblocker - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\Extensions\euyotod@vrdlpkk.org [2013-12-24]
FF Extension: greAtsaver - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\Extensions\oefxyaa@ueuippfm.net [2013-12-24]
FF Extension: DownloadHelper - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-11-07]
FF Extension: Firebug - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\Extensions\firebug@software.joehewitt.com.xpi [2013-12-07]
FF Extension: YouTube(TM) Ratings Preview - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\Extensions\jid0-G6461UajDjhNAwSukoedlkhD0XA@jetpack.xpi [2013-11-07]
FF Extension: Adblock Plus - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-03]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 [2013-11-03]
CHR Extension: (Google Drive) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 [2013-11-03]
CHR Extension: (YouTube) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-11-03]
CHR Extension: (Google Search) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-11-03]
CHR Extension: (avast! Online Security) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0 [2014-01-13]
CHR Extension: (YoutubeAdblocker) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlekihhfbckmbhjcchgdgohkfjipjcip\1.0 [2013-12-24]
CHR Extension: (Google Wallet) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 [2013-11-03]
CHR Extension: (greAtsaver) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nobomofikmhcbobabomhgniadhnalhnf\2.7 [2013-12-24]
CHR Extension: (Gmail) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 [2013-11-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-03]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-28] (AVAST Software)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2013-02-10] (Chris Pietschmann (hxxp://pietschsoft.com))
S2 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [x]

==================== Drivers (Whitelisted) ====================

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-28] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-28] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-09-19] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-29] (Disc Soft Ltd)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-01-13] ()
S1 aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-13 22:39 - 2014-01-13 22:39 - 00018330 _____ C:\Users\Leon\Desktop\FRST.txt
2014-01-13 22:38 - 2014-01-13 22:38 - 00000000 ____D C:\FRST
2014-01-13 22:33 - 2014-01-13 22:33 - 02075648 _____ (Farbar) C:\Users\Leon\Desktop\FRST64.exe
2014-01-13 21:51 - 2014-01-13 21:49 - 00602112 _____ (OldTimer Tools) C:\Users\Leon\Desktop\OTL.exe
2014-01-13 21:23 - 2014-01-13 21:23 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-01-12 17:55 - 2014-01-12 17:55 - 00004536 _____ C:\Users\Leon\AppData\Local\recently-used.xbel
2014-01-11 20:26 - 2014-01-11 20:26 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2014-01-11 20:26 - 2014-01-11 20:26 - 00000000 ____D C:\Riot Games
2014-01-11 20:26 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-01-11 20:26 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-01-11 20:26 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-01-11 20:25 - 2014-01-11 23:23 - 00000000 ____D C:\Users\Leon\AppData\Local\PMB Files
2014-01-11 20:25 - 2014-01-11 23:23 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-11 20:25 - 2014-01-11 20:25 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2014-01-11 20:16 - 2014-01-11 20:25 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Riot Games
2014-01-10 16:05 - 2014-01-10 16:05 - 00000388 _____ C:\Windows\LkmdfCoInst.log
2013-12-31 09:53 - 2014-01-13 21:23 - 00002978 _____ C:\Windows\PFRO.log
2013-12-31 09:53 - 2014-01-13 21:23 - 00000538 _____ C:\Windows\setupact.log
2013-12-31 09:53 - 2013-12-31 09:53 - 00000000 _____ C:\Windows\setuperr.log
2013-12-30 22:19 - 2013-12-30 22:19 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-30 22:19 - 2013-12-30 22:19 - 00000000 ____D C:\Program Files\CCleaner
2013-12-30 21:29 - 2013-12-30 21:29 - 00000000 ____D C:\Users\Leon\AppData\Local\Chris_Pietschmann_(http__
2013-12-30 21:21 - 2013-12-31 10:34 - 00000000 ____D C:\Program Files (x86)\Virtual Router
2013-12-28 19:19 - 2013-12-28 19:19 - 00000000 ____D C:\Users\Leon\Documents\MeinSpore-Kreationen
2013-12-28 19:19 - 2013-12-28 19:19 - 00000000 ____D C:\Users\Leon\AppData\Roaming\SPORE
2013-12-28 12:57 - 2013-12-28 12:58 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-25 01:04 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-12-25 01:04 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-12-25 01:04 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-25 01:04 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-12-25 01:04 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-12-25 01:04 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-12-25 01:04 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-12-24 23:26 - 2013-12-24 23:26 - 00000000 ____D C:\Users\Leon\AppData\Roaming\EZDownloader
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\Users\Leon\AppData\Local\Packages
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\ProgramData\YoutubeAdblocker
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\ProgramData\SurF! aindd Keeeep
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\ProgramData\f11f8d8eaf3da236
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\Program Files (x86)\YoutubeAdblocker
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\Program Files (x86)\SurF! aindd Keeeep
2013-12-24 20:38 - 2013-12-24 20:38 - 00000000 ____D C:\Users\Leon\AppData\Local\calibre-cache
2013-12-24 20:37 - 2013-12-24 20:38 - 00000000 ____D C:\Users\Leon\AppData\Roaming\calibre
2013-12-24 20:36 - 2013-12-25 22:43 - 00000936 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2013-12-24 20:36 - 2013-12-25 22:43 - 00000000 ____D C:\Program Files\Calibre2
2013-12-24 20:17 - 2013-12-24 20:51 - 00000000 ____D C:\ProgramData\QuickSet
2013-12-24 20:17 - 2013-12-24 20:49 - 00000000 ____D C:\ProgramData\InstallMate
2013-12-24 18:27 - 2013-12-24 18:27 - 00000000 ____D C:\Users\Leon\Documents\Logitech Gaming Software
2013-12-24 18:24 - 2013-12-24 18:24 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Leadertech
2013-12-24 18:24 - 2013-12-24 18:24 - 00000000 ____D C:\Users\Leon\AppData\Local\Logitech
2013-12-24 18:22 - 2014-01-10 16:05 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-12-24 18:22 - 2013-12-24 18:23 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-12-24 18:15 - 2013-12-24 18:22 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Logitech
2013-12-24 18:15 - 2013-12-24 18:22 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Logishrd
2013-12-24 18:15 - 2013-12-24 18:16 - 00000000 ____D C:\ProgramData\LogiShrd
2013-12-24 18:15 - 2013-12-24 18:15 - 00000000 ____D C:\Program Files\Logitech
2013-12-24 18:15 - 2013-12-24 18:15 - 00000000 ____D C:\Program Files\Common Files\Logishrd
2013-12-24 10:07 - 2014-01-13 14:21 - 00000000 ____D C:\Users\Leon\AppData\Roaming\FileAdvisor
2013-12-24 09:39 - 2013-12-24 09:39 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2013-12-24 09:33 - 2014-01-13 14:20 - 00000000 ____D C:\Program Files (x86)\File Type Advisor
2013-12-24 09:33 - 2013-12-24 09:33 - 00003514 _____ C:\Windows\System32\Tasks\FileAdvisorCheck
2013-12-24 09:33 - 2013-12-24 09:33 - 00003512 _____ C:\Windows\System32\Tasks\FileAdvisorUpdate
2013-12-23 22:53 - 2013-12-24 08:21 - 00000000 ____D C:\Users\Leon\AppData\Roaming\xrecode2
2013-12-23 22:53 - 2013-12-23 22:53 - 00000000 ____D C:\Program Files (x86)\xrecode II
2013-12-21 14:47 - 2013-12-21 14:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 23:27 - 2013-12-20 23:27 - 00000000 ____D C:\ProgramData\Sony
2013-12-20 23:27 - 2013-12-20 23:27 - 00000000 ____D C:\Program Files (x86)\Sony
2013-12-18 22:39 - 2013-12-18 22:39 - 00680624 ____N (ScreenTime Media) C:\Windows\SysWOW64\Fliqlo.scr
2013-12-18 22:39 - 2013-12-18 22:39 - 00680624 _____ (ScreenTime Media) C:\Windows\system32\Fliqlo.scr
2013-12-18 22:39 - 2013-12-18 22:39 - 00000000 ____D C:\Users\Leon\AppData\Local\Screentime
2013-12-18 22:39 - 2013-12-18 22:39 - 00000000 ____D C:\ProgramData\Screentime
2013-12-18 22:38 - 2013-12-18 22:38 - 144007134 _____ C:\Windows\DROPCLOCK.scr
2013-12-18 22:38 - 2013-12-18 22:38 - 00503380 _____ (SERIALGAMES Inc.) C:\Windows\DROPCLOCKUninst.exe
2013-12-18 22:38 - 2010-09-28 10:44 - 01245079 _____ (Axialis Software) C:\Windows\SysWOW64\nfsClockNightButterfly.scr
2013-12-18 22:37 - 2013-12-30 22:46 - 00000000 ____D C:\Users\Leon\AppData\Local\Axialis
2013-12-18 22:37 - 2013-12-18 22:38 - 00000000 ____D C:\Program Files (x86)\NewFreeScreensavers
2013-12-18 22:37 - 2010-08-26 14:17 - 01395159 _____ (Axialis Software) C:\Windows\SysWOW64\nfsSchoolAutumn.scr
2013-12-17 20:21 - 2013-12-17 20:21 - 00000000 ____D C:\Users\Leon\Documents\Electronic Arts
2013-12-17 20:15 - 2013-12-17 20:15 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-17 20:15 - 2013-12-17 20:15 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-17 19:53 - 2013-12-17 19:53 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-17 19:51 - 2013-12-28 19:08 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-12-17 19:42 - 2013-12-17 19:42 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2013-12-16 14:12 - 2013-12-16 14:12 - 00000000 ____D C:\ProgramData\Steam
2013-12-16 02:11 - 2013-12-16 02:11 - 00000000 ____D C:\Users\Leon\AppData\Roaming\.marble
2013-12-16 01:50 - 2013-12-16 01:50 - 00000000 ____D C:\Users\Leon\AppData\Roaming\NASA
2013-12-15 23:28 - 2013-12-15 23:28 - 00000000 ____D C:\Users\Leon\Documents\Anomaly Korea

==================== One Month Modified Files and Folders =======

2014-01-13 22:39 - 2014-01-13 22:39 - 00018330 _____ C:\Users\Leon\Desktop\FRST.txt
2014-01-13 22:38 - 2014-01-13 22:38 - 00000000 ____D C:\FRST
2014-01-13 22:37 - 2013-12-13 00:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-13 22:33 - 2014-01-13 22:33 - 02075648 _____ (Farbar) C:\Users\Leon\Desktop\FRST64.exe
2014-01-13 22:32 - 2013-11-03 14:15 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-13 22:21 - 2013-11-04 17:03 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2014-01-13 22:12 - 2013-11-03 14:22 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Spotify
2014-01-13 21:49 - 2014-01-13 21:51 - 00602112 _____ (OldTimer Tools) C:\Users\Leon\Desktop\OTL.exe
2014-01-13 21:30 - 2009-07-14 05:45 - 00017712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-13 21:30 - 2009-07-14 05:45 - 00017712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-13 21:27 - 2013-11-03 13:19 - 01743690 _____ C:\Windows\WindowsUpdate.log
2014-01-13 21:26 - 2013-11-03 14:22 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Dropbox
2014-01-13 21:24 - 2013-11-06 23:01 - 00000000 ____D C:\Users\Leon\AppData\Local\Adobe
2014-01-13 21:23 - 2014-01-13 21:23 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-01-13 21:23 - 2013-12-31 09:53 - 00002978 _____ C:\Windows\PFRO.log
2014-01-13 21:23 - 2013-12-31 09:53 - 00000538 _____ C:\Windows\setupact.log
2014-01-13 21:23 - 2013-11-03 14:53 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-01-13 21:23 - 2013-11-03 14:15 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-13 21:23 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-13 21:11 - 2013-11-04 14:14 - 00000000 ____D C:\Users\Leon\.gimp-2.8
2014-01-13 20:23 - 2013-11-07 19:31 - 00000000 ____D C:\Users\Leon\AppData\Local\Spotify
2014-01-13 14:21 - 2013-12-24 10:07 - 00000000 ____D C:\Users\Leon\AppData\Roaming\FileAdvisor
2014-01-13 14:20 - 2013-12-24 09:33 - 00000000 ____D C:\Program Files (x86)\File Type Advisor
2014-01-12 21:59 - 2009-07-14 11:49 - 00699090 _____ C:\Windows\system32\perfh007.dat
2014-01-12 21:59 - 2009-07-14 11:49 - 00149230 _____ C:\Windows\system32\perfc007.dat
2014-01-12 21:59 - 2009-07-14 06:13 - 01619272 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-12 17:55 - 2014-01-12 17:55 - 00004536 _____ C:\Users\Leon\AppData\Local\recently-used.xbel
2014-01-12 13:16 - 2013-11-03 14:39 - 01591936 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-12 13:08 - 2013-11-04 18:02 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-11 23:23 - 2014-01-11 20:25 - 00000000 ____D C:\Users\Leon\AppData\Local\PMB Files
2014-01-11 23:23 - 2014-01-11 20:25 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-11 20:50 - 2013-12-04 19:48 - 00000000 ____D C:\Program Files\KMSpico
2014-01-11 20:26 - 2014-01-11 20:26 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2014-01-11 20:26 - 2014-01-11 20:26 - 00000000 ____D C:\Riot Games
2014-01-11 20:25 - 2014-01-11 20:25 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2014-01-11 20:25 - 2014-01-11 20:16 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Riot Games
2014-01-11 01:23 - 2013-11-03 13:31 - 00120784 _____ C:\Users\Leon\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-11 01:22 - 2009-07-14 05:45 - 05154064 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-11 00:47 - 2013-12-07 22:50 - 00000132 _____ C:\Users\Leon\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-01-10 16:08 - 2013-11-03 14:23 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-10 16:08 - 2013-11-03 13:18 - 00000000 ___RD C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-10 16:05 - 2014-01-10 16:05 - 00000388 _____ C:\Windows\LkmdfCoInst.log
2014-01-10 16:05 - 2013-12-24 18:22 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-12-31 10:34 - 2013-12-30 21:21 - 00000000 ____D C:\Program Files (x86)\Virtual Router
2013-12-31 09:53 - 2013-12-31 09:53 - 00000000 _____ C:\Windows\setuperr.log
2013-12-30 22:46 - 2013-12-18 22:37 - 00000000 ____D C:\Users\Leon\AppData\Local\Axialis
2013-12-30 22:24 - 2013-11-06 22:35 - 00000000 ____D C:\Users\Leon\AppData\Roaming\uTorrent
2013-12-30 22:24 - 2013-11-03 15:07 - 00000000 ____D C:\Users\Leon\AppData\Roaming\FileZilla
2013-12-30 22:24 - 2013-11-03 14:19 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Winamp
2013-12-30 22:24 - 2013-11-03 13:21 - 00000000 ____D C:\Users\Leon\AppData\Roaming\DAEMON Tools Lite
2013-12-30 22:23 - 2013-12-09 23:56 - 00000000 ____D C:\Windows\Minidump
2013-12-30 22:23 - 2013-11-04 00:22 - 00000000 ____D C:\Users\Leon\AppData\Local\CrashDumps
2013-12-30 22:23 - 2010-05-11 22:05 - 00000000 ____D C:\Windows\Panther
2013-12-30 22:19 - 2013-12-30 22:19 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-30 22:19 - 2013-12-30 22:19 - 00000000 ____D C:\Program Files\CCleaner
2013-12-30 21:29 - 2013-12-30 21:29 - 00000000 ____D C:\Users\Leon\AppData\Local\Chris_Pietschmann_(http__
2013-12-30 21:23 - 2013-11-03 13:52 - 00000436 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-30 21:14 - 2013-11-03 13:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-30 02:01 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-28 19:19 - 2013-12-28 19:19 - 00000000 ____D C:\Users\Leon\Documents\MeinSpore-Kreationen
2013-12-28 19:19 - 2013-12-28 19:19 - 00000000 ____D C:\Users\Leon\AppData\Roaming\SPORE
2013-12-28 19:08 - 2013-12-17 19:51 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-12-28 12:58 - 2013-12-28 12:57 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-28 12:58 - 2013-11-24 23:28 - 00001972 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-28 12:57 - 2013-11-03 15:01 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-28 12:57 - 2013-11-03 15:01 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-12-28 12:57 - 2013-11-03 15:01 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-28 12:57 - 2013-11-03 15:01 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-28 12:57 - 2013-11-03 15:01 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-28 12:57 - 2013-11-03 15:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-27 10:31 - 2013-11-04 14:56 - 00000000 ____D C:\Users\Leon\AppData\Local\gtk-2.0
2013-12-27 01:04 - 2013-11-03 14:41 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Skype
2013-12-25 22:43 - 2013-12-24 20:36 - 00000936 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2013-12-25 22:43 - 2013-12-24 20:36 - 00000000 ____D C:\Program Files\Calibre2
2013-12-24 23:26 - 2013-12-24 23:26 - 00000000 ____D C:\Users\Leon\AppData\Roaming\EZDownloader
2013-12-24 20:51 - 2013-12-24 20:17 - 00000000 ____D C:\ProgramData\QuickSet
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\Users\Leon\AppData\Local\Packages
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\ProgramData\YoutubeAdblocker
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\ProgramData\SurF! aindd Keeeep
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\ProgramData\f11f8d8eaf3da236
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\Program Files (x86)\YoutubeAdblocker
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\Program Files (x86)\SurF! aindd Keeeep
2013-12-24 20:49 - 2013-12-24 20:17 - 00000000 ____D C:\ProgramData\InstallMate
2013-12-24 20:38 - 2013-12-24 20:38 - 00000000 ____D C:\Users\Leon\AppData\Local\calibre-cache
2013-12-24 20:38 - 2013-12-24 20:37 - 00000000 ____D C:\Users\Leon\AppData\Roaming\calibre
2013-12-24 18:27 - 2013-12-24 18:27 - 00000000 ____D C:\Users\Leon\Documents\Logitech Gaming Software
2013-12-24 18:24 - 2013-12-24 18:24 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Leadertech
2013-12-24 18:24 - 2013-12-24 18:24 - 00000000 ____D C:\Users\Leon\AppData\Local\Logitech
2013-12-24 18:23 - 2013-12-24 18:22 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-12-24 18:22 - 2013-12-24 18:15 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Logitech
2013-12-24 18:22 - 2013-12-24 18:15 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Logishrd
2013-12-24 18:16 - 2013-12-24 18:15 - 00000000 ____D C:\ProgramData\LogiShrd
2013-12-24 18:15 - 2013-12-24 18:15 - 00000000 ____D C:\Program Files\Logitech
2013-12-24 18:15 - 2013-12-24 18:15 - 00000000 ____D C:\Program Files\Common Files\Logishrd
2013-12-24 13:38 - 2013-11-03 14:31 - 00000000 ____D C:\Program Files\CDBurnerXP
2013-12-24 13:38 - 2013-11-03 14:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-24 09:39 - 2013-12-24 09:39 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2013-12-24 09:33 - 2013-12-24 09:33 - 00003514 _____ C:\Windows\System32\Tasks\FileAdvisorCheck
2013-12-24 09:33 - 2013-12-24 09:33 - 00003512 _____ C:\Windows\System32\Tasks\FileAdvisorUpdate
2013-12-24 08:21 - 2013-12-23 22:53 - 00000000 ____D C:\Users\Leon\AppData\Roaming\xrecode2
2013-12-23 22:53 - 2013-12-23 22:53 - 00000000 ____D C:\Program Files (x86)\xrecode II
2013-12-23 18:02 - 2013-11-29 23:34 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-12-23 16:58 - 2013-11-03 13:17 - 00000000 ____D C:\Users\Leon
2013-12-22 22:03 - 2013-11-03 14:19 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Notepad++
2013-12-21 14:47 - 2013-12-21 14:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 23:27 - 2013-12-20 23:27 - 00000000 ____D C:\ProgramData\Sony
2013-12-20 23:27 - 2013-12-20 23:27 - 00000000 ____D C:\Program Files (x86)\Sony
2013-12-20 22:49 - 2013-11-03 14:18 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-20 22:49 - 2013-11-03 14:18 - 00000000 ____D C:\Program Files\WinRAR
2013-12-18 22:39 - 2013-12-18 22:39 - 00680624 ____N (ScreenTime Media) C:\Windows\SysWOW64\Fliqlo.scr
2013-12-18 22:39 - 2013-12-18 22:39 - 00680624 _____ (ScreenTime Media) C:\Windows\system32\Fliqlo.scr
2013-12-18 22:39 - 2013-12-18 22:39 - 00000000 ____D C:\Users\Leon\AppData\Local\Screentime
2013-12-18 22:39 - 2013-12-18 22:39 - 00000000 ____D C:\ProgramData\Screentime
2013-12-18 22:38 - 2013-12-18 22:38 - 144007134 _____ C:\Windows\DROPCLOCK.scr
2013-12-18 22:38 - 2013-12-18 22:38 - 00503380 _____ (SERIALGAMES Inc.) C:\Windows\DROPCLOCKUninst.exe
2013-12-18 22:38 - 2013-12-18 22:37 - 00000000 ____D C:\Program Files (x86)\NewFreeScreensavers
2013-12-17 20:21 - 2013-12-17 20:21 - 00000000 ____D C:\Users\Leon\Documents\Electronic Arts
2013-12-17 20:15 - 2013-12-17 20:15 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-17 20:15 - 2013-12-17 20:15 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-17 20:15 - 2013-11-03 15:01 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Adobe
2013-12-17 20:15 - 2013-11-03 14:23 - 00000000 ____D C:\ProgramData\Adobe
2013-12-17 20:15 - 2013-11-03 14:23 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-12-17 20:01 - 2013-11-06 23:49 - 00000000 ____D C:\Program Files\Adobe
2013-12-17 20:00 - 2013-11-06 23:47 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-12-17 19:53 - 2013-12-17 19:53 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-17 19:42 - 2013-12-17 19:42 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2013-12-16 18:32 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-16 14:12 - 2013-12-16 14:12 - 00000000 ____D C:\ProgramData\Steam
2013-12-16 03:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-16 02:34 - 2013-11-03 14:15 - 00000000 ____D C:\Users\Leon\AppData\Local\Google
2013-12-16 02:34 - 2013-11-03 14:15 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-16 02:11 - 2013-12-16 02:11 - 00000000 ____D C:\Users\Leon\AppData\Roaming\.marble
2013-12-16 01:50 - 2013-12-16 01:50 - 00000000 ____D C:\Users\Leon\AppData\Roaming\NASA
2013-12-15 23:28 - 2013-12-15 23:28 - 00000000 ____D C:\Users\Leon\Documents\Anomaly Korea

Some content of TEMP:
====================
C:\Users\Leon\AppData\Local\Temp\EAD41C0.exe
C:\Users\Leon\AppData\Local\Temp\EAD5E16.exe
C:\Users\Leon\AppData\Local\Temp\EADA12E.exe
C:\Users\Leon\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Leon\AppData\Local\Temp\sfareca00001.dll
C:\Users\Leon\AppData\Local\Temp\swt-win32-3349.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-11 02:15

==================== End Of Log ============================
         
--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-01-2014 02
Ran by Leon at 2014-01-13 22:40:12
Running from C:\Users\Leon\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

µTorrent (HKCU Version: 3.3.2.30303 - BitTorrent Inc.)
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden
Adobe Bridge CC (64 Bit) (x32 Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (x32 Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (x32 Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe InDesign CC (x32 Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop CC (x32 Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated) Hidden
Akamai NetSession Interface (HKCU Version:  - Akamai Technologies, Inc)
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.60524.2309 - ATI Technologies Inc.) Hidden
Asmedia ASM106x SATA Host Controller Driver (x32 Version: 1.3.1.000 - Asmedia Technology)
ASRock App Charger v1.0.5 (Version:  - ASRock Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.10524 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (Version: 3.0.829.0 - ATI Technologies, Inc.)
Audacity 2.0.5 (x32 Version: 2.0.5 - Audacity Team)
avast! Free Antivirus (x32 Version: 9.0.2011 - Avast Software)
BlueStacks App Player (x32 Version: 0.7.18.921 - BlueStack Systems, Inc.)
BlueStacks Notification Center (x32 Version: 0.7.18.921 - BlueStack Systems, Inc.)
calibre 64bit (Version: 1.17.0 - Kovid Goyal)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.0524.2352.41027 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0524.2352.41027 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0524.2352.41027 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0524.2352.41027 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help English (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help French (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help German (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
ccc-utility64 (Version: 2011.0524.2352.41027 - ATI) Hidden
CCleaner (Version: 4.09 - Piriform)
CDBurnerXP (Version: 4.5.2.4291 - CDBurnerXP)
CDBurnerXP (x32 Version: 4.5.2.4478 - CDBurnerXP)
Corel Graphics - Windows Shell Extension (Version: 16.1.0.843 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.1.843 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.1.843 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - DE (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.1 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (Version: 16.1.0.843 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.1 - Corel Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (x32 Version: 4.48.1.0347 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (Version:  - Microsoft)
Die Sims™ 3 (x32 Version: 1.42.130 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (x32 Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (x32 Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Lebensfreude (x32 Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (x32 Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (x32 Version: 4.0.87 - Electronic Arts)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
DROPCLOCK Screensaver (x32 Version:  - )
EA Download Manager (x32 Version: 5.0.0.255 - Electronic Arts, Inc.)
File Type Advisor 1.4 (x32 Version:  - filetypeadvisor.com)
FileZilla Client 3.7.3 (x32 Version: 3.7.3 - Tim Kosse)
Fliqlo Screen Saver (x32 Version:  - )
FormatFactory 3.1.1 (x32 Version: 3.1.1 - Free Time)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube Download version 3.2.18.1128 (x32 Version: 3.2.18.1128 - DVDVideoSoft Ltd.)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
GIMP 2.8.6 (Version: 2.8.6 - The GIMP Team)
Google Chrome (x32 Version: 65.143.49253 - Google, Inc.)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (x32 Version: 1 - Microsoft Corporation)
HydraVision (x32 Version: 4.2.206.0 - ATI Technologies Inc.) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (x32 Version: 11.1.048 - Intel Corporation)
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.18.10.3257 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.0.0.1032 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.3.214 - Intel Corporation)
Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 45 (x32 Version: 1.7.0.450 - Oracle)
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
KMSpico 3.1 (Version: 3.1 - )
League of Legends (x32 Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.51 (Version: 8.51.5 - Logitech Inc.)
Logitech Solar App 1.10 (Version: 1.10.3 - Logitech)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) German (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 en-US) (x32 Version: 24.2.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NewFreeScreensaver nfsClockNightButterfly (x32 Version:  - )
NewFreeScreensaver nfsSchoolAutumn (x32 Version:  - )
Notepad++ (x32 Version: 6.5.2 - Notepad++ Team)
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (x32 Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Skype™ 6.10 (x32 Version: 6.10.104 - Skype Technologies S.A.)
Sony PC Companion 2.10.181 (x32 Version: 2.10.181 - Sony)
SpeedFan (remove only) (x32 Version:  - )
SPORE™ (x32 Version: 1.00.0000 - Electronic Arts)
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
SurF! aindd Keeeep (x32 Version: 4.0.0.1450 - surrf uand  keep) <==== ATTENTION
TeamViewer 8 (x32 Version: 8.0.22298 - TeamViewer)
TL-WN822N/TL-WN821N Driver (x32 Version: 1.0.0 - TP-LINK)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2850060) 64-Bit Edition (Version:  - Microsoft)
VIRTU MVP 2.1.110 (Version: 2.1.110 - Lucidlogix Technologies LTD)
Virtual Router v1.0 (x32 Version: 1.0 - Chris Pietschmann)
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
Wecker für Windows 6.5 (x32 Version: 6.5 - Christoph Bünger Software)
Winamp (x32 Version: 5.65  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (Version: 5.01.0 - win.rar GmbH)
xrecode II 1.0.0.209 (x32 Version:  - )
YoutubeAdblocker (x32 Version: 2.2.0.1828 - YoutubeAdblocker) <==== ATTENTION

==================== Restore Points  =========================

11-01-2014 19:16:49 Installed League of Legends
11-01-2014 19:25:28 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
11-01-2014 19:25:51 Installed League of Legends
11-01-2014 19:26:04 DirectX wurde installiert
12-01-2014 12:10:51 Windows Update
12-01-2014 12:13:40 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1A0198FC-F848-4998-8E15-97FA9FB577BA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {41E68387-C479-4AE1-B09B-52A974E40EC3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-28] (AVAST Software)
Task: {503DE7B9-FD17-4340-BC82-5523D776D358} - System32\Tasks\FileAdvisorCheck => C:\Program Files (x86)\File Type Advisor\file-type-advisor.exe [2013-09-04] (filetypeadvisor.com                                         )
Task: {7783C8A2-0399-4803-B9A2-24DFD68F4CF0} - System32\Tasks\FileAdvisorUpdate => C:\Program Files (x86)\File Type Advisor\fileadvisor.exe [2013-09-04] (File Type Advisor)
Task: {7DD4BF26-1930-40FB-B6F8-1A00A8933A31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-03] (Google Inc.)
Task: {7E195F64-C68B-472F-A551-A0F48E75BF25} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-03] (Google Inc.)
Task: {91FEC38F-5D99-4003-A261-C21B3277F302} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {A6F2A846-4447-4290-B091-576E6363A0D4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {C341AD07-E345-405B-9834-CD2267875E8B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {F829C907-D22A-4B2A-A901-C394863745CE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-13] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-16 18:02 - 2013-10-16 18:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-12-14 02:42 - 2012-12-14 02:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-01-13 18:23 - 2014-01-13 10:57 - 02153984 _____ () C:\Program Files\AVAST Software\Avast\defs\14011300\algo.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-11-03 15:01 - 2013-11-03 15:01 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Leon\AppData\Roaming\Dropbox\bin\libcef.dll
2013-11-23 10:39 - 2013-11-23 10:39 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\991a8d378a3e64b31c0f4770ba9ae071\IsdiInterop.ni.dll
2013-11-03 14:48 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-01-12 13:57 - 2014-01-13 22:21 - 00158720 _____ () C:\Users\Leon\AppData\Local\Temp\sfareca00001.dll
2013-11-04 17:16 - 2014-01-13 22:21 - 00192512 _____ () C:\Users\Leon\AppData\Local\Temp\sfamcc00001.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/13/2014 09:23:36 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/13/2014 09:01:52 PM) (Source: Application Hang) (User: )
Description: Programm HD-Frontend.exe, Version 0.7.18.921 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1a74

Startzeit: 01cf107d4fab0ca4

Endzeit: 32

Anwendungspfad: C:\Program Files (x86)\BlueStacks\HD-Frontend.exe

Berichts-ID: 89a44e4a-7c8d-11e3-a22a-bc5ff45cfc14

Error: (01/13/2014 06:53:18 AM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/12/2014 01:15:14 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version : 4.0.40305.0 - Fehler beim Initialisieren von .NET Framework.C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll konnte nicht geladen werden.

Error: (01/12/2014 01:06:17 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/11/2014 08:17:28 PM) (Source: MsiInstaller) (User: Leon-PC)
Description: Produkt: League of Legends -- Fehler 4153. Visual C++ 2005 SP1 Redistributable (x64) Eine erforderliche Abhängigkeit wurde nicht richtig installiert.

Error: (01/11/2014 00:19:20 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/11/2014 01:24:02 AM) (Source: Application Hang) (User: )
Description: Programm VirtualRouterClient.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: dcc

Startzeit: 01cf0e6359376b5b

Endzeit: 2

Anwendungspfad: C:\Program Files (x86)\Virtual Router\VirtualRouterClient.exe

Berichts-ID: a87f43e8-7a56-11e3-aeef-bc5ff45cfc14

Error: (01/11/2014 01:23:02 AM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/10/2014 05:22:07 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


System errors:
=============
Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.


Microsoft Office Sessions:
=========================
Error: (01/13/2014 09:23:36 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/13/2014 09:01:52 PM) (Source: Application Hang)(User: )
Description: HD-Frontend.exe0.7.18.9211a7401cf107d4fab0ca432C:\Program Files (x86)\BlueStacks\HD-Frontend.exe89a44e4a-7c8d-11e3-a22a-bc5ff45cfc14

Error: (01/13/2014 06:53:18 AM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/12/2014 01:15:14 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version : 4.0.40305.0 - Fehler beim Initialisieren von .NET Framework.C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll konnte nicht geladen werden.

Error: (01/12/2014 01:06:17 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/11/2014 08:17:28 PM) (Source: MsiInstaller)(User: Leon-PC)
Description: Produkt: League of Legends -- Fehler 4153. Visual C++ 2005 SP1 Redistributable (x64) Eine erforderliche Abhängigkeit wurde nicht richtig installiert.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/11/2014 00:19:20 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/11/2014 01:24:02 AM) (Source: Application Hang)(User: )
Description: VirtualRouterClient.exe1.0.0.0dcc01cf0e6359376b5b2C:\Program Files (x86)\Virtual Router\VirtualRouterClient.exea87f43e8-7a56-11e3-aeef-bc5ff45cfc14

Error: (01/11/2014 01:23:02 AM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/10/2014 05:22:07 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


==================== Memory info =========================== 

Percentage of memory in use: 31%
Total physical RAM: 8087.06 MB
Available physical RAM: 5562.94 MB
Total Pagefile: 16172.3 MB
Available Pagefile: 13373.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:97.56 GB) (Free:19.5 GB) NTFS
Drive d: (Medien) (Fixed) (Total:368.1 GB) (Free:272.66 GB) NTFS
Drive f: (MY 1TB) (Fixed) (Total:931.51 GB) (Free:302.4 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 25866498)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=368 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

==================== End Of Log ============================
         
__________________

Alt 14.01.2014, 15:11   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Manche Wörter in Firefox grün und doppelt unterstrichen, virus? - Standard

Manche Wörter in Firefox grün und doppelt unterstrichen, virus?



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.01.2014, 17:07   #5
leon2225
 
Manche Wörter in Firefox grün und doppelt unterstrichen, virus? - Standard

Manche Wörter in Firefox grün und doppelt unterstrichen, virus?



so habe jetzt alle scans gemacht :
Malwarebytes Anti-Malware
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.14.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Leon :: LEON-PC [Administrator]

14.01.2014 16:23:11
mbam-log-2014-01-14 (16-23-11).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 213834
Laufzeit: 3 Minute(n), 5 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 12
HKCR\CLSID\{F11D979E-677F-EF57-1050-DCC2294EAFF7} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F11D979E-677F-EF57-1050-DCC2294EAFF7} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F11D979E-677F-EF57-1050-DCC2294EAFF7} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F11D979E-677F-EF57-1050-DCC2294EAFF7} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F11D979E-677F-EF57-1050-DCC2294EAFF7} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{D15AD77C-60AC-8CF7-3E2D-25B2CFCE88F6} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D15AD77C-60AC-8CF7-3E2D-25B2CFCE88F6} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D15AD77C-60AC-8CF7-3E2D-25B2CFCE88F6} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D15AD77C-60AC-8CF7-3E2D-25B2CFCE88F6} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D15AD77C-60AC-8CF7-3E2D-25B2CFCE88F6} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\Program Files (x86)\SAVE (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 38
C:\Program Files (x86)\YoutubeAdblocker\ou.dll (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SurF! aindd Keeeep\fw58ux.dll (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\SurF! aindd Keeeep\_N1MUuT.exe (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\YoutubeAdblocker\58k.exe (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\AU0.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\AU1.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\AU2.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\BACK.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\HA0.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\HA1.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\HA2.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\HI0.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\HI1.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\HI2.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\IN0.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\IN1.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\IN2.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\KO0.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\KO1.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\KO2.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\NO0.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\NO1.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\NO2.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\RE0.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\RE1.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\RE2.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\SA0.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\SA1.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\SA2.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\SE0.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\SE1.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\SE2.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\SP0.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\SP1.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\SP2.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\UN0.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\UN1.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SAVE\UN2.DAT (Adware.WhenU) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
Adw Cleander:
Code:
ATTFilter
# AdwCleaner v3.017 - Bericht erstellt am 14/01/2014 um 16:42:01
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Enterprise Service Pack 1 (64 bits)
# Benutzername : Leon - LEON-PC
# Gestartet von : D:\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\QuickSet
Ordner Gelöscht : C:\ProgramData\YoutubeAdblocker
Ordner Gelöscht : C:\Program Files (x86)\YoutubeAdblocker
Ordner Gelöscht : C:\Users\Leon\AppData\Roaming\EZDownloader

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.3j3F.scode", "(function(){try{if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};}catch(e){};if(window.self==window.top){var script=document.createElement('scri[...]
Zeile gelöscht : user_pref("extensions.AG9.scode", "(function(){try{if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};}catch(e){};if(window.self.location.protocol.indexOf('hxxp')>-1 && window.self==[...]

-\\ Google Chrome v31.0.1650.63

[ Datei : C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3636 octets] - [14/01/2014 16:40:22]
AdwCleaner[S0].txt - [3448 octets] - [14/01/2014 16:42:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3508 octets] ##########
         
Junkware Removal Tool

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Enterprise x64
Ran by Leon on 14.01.2014 at 16:54:00,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\caphyon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F11D979E-677F-EF57-1050-DCC2294EAFF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F11D979E-677F-EF57-1050-DCC2294EAFF7}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F11D979E-677F-EF57-1050-DCC2294EAFF7}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted the following from C:\Users\Leon\AppData\Roaming\mozilla\firefox\profiles\es8j12kt.default\prefs.js

user_pref("extensions.3j3F.scode", "(function(){try{if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};}catch(e){};if(window.self==window.top){var script=doc
user_pref("extensions.3j3F.url", "hxxp://getjpiproxy.info/sync2/?q=hfZ9ofV9CShEAen0qHa5tMqLDe49CNU0mwkMCMlNhd9FrHwGrTnFpjkErHnMBzqUojw9rdwFqdw8qdkGqSh7hfs0pihPBMn0pdnHqjU7qdUF
user_pref("extensions.AG9.scode", "(function(){try{if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};}catch(e){};if(window.self.location.protocol.indexOf('h
Emptied folder: C:\Users\Leon\AppData\Roaming\mozilla\firefox\profiles\es8j12kt.default\minidumps [63 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.01.2014 at 16:56:16,40
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST:

FRST.txt

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-01-2014 02
Ran by Leon (administrator) on LEON-PC on 14-01-2014 17:01:35
Running from C:\Users\Leon\Desktop
Windows 7 Enterprise Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Spotify Ltd) C:\Users\Leon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Electronic Arts) C:\Program Files (x86)\Electronic Arts\EADM\Core.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterClient.exe
(Dropbox, Inc.) C:\Users\Leon\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-28] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [606024 2013-09-19] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-06-05] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Leon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-13] (Spotify Ltd)
HKCU\...\Run: [EA Core] - C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [3325952 2009-03-28] (Electronic Arts)
MountPoints2: {09048c4d-591c-11e3-a79a-bc5ff45cfc14} - H:\autorun.exe
MountPoints2: {7aebf1cb-4481-11e3-9d54-806e6f6e6963} - E:\ASRSetup.exe
AppInit_DLLs: C:\Windows\system32\appinit_dll.dll [475424 2012-02-05] (Lucidlogix Inc.)
AppInit_DLLs-x32: C:\Windows\SysWOW64\appinit_dll.dll [429856 2012-02-05] (Lucidlogix Inc.)
Startup: C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Leon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: SurF! aindd Keeeep - {D15AD77C-60AC-8CF7-3E2D-25B2CFCE88F6} - C:\Program Files (x86)\SurF! aindd Keeeep\fw58ux.x64.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{436EEEF5-E0C0-46C8-80BB-7F1C6645CE19}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default
FF Homepage: www.psd-tutorials.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YoutubeAdblocker - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\Extensions\euyotod@vrdlpkk.org [2013-12-24]
FF Extension: greAtsaver - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\Extensions\oefxyaa@ueuippfm.net [2013-12-24]
FF Extension: DownloadHelper - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-11-07]
FF Extension: Firebug - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\Extensions\firebug@software.joehewitt.com.xpi [2013-12-07]
FF Extension: YouTube(TM) Ratings Preview - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\Extensions\jid0-G6461UajDjhNAwSukoedlkhD0XA@jetpack.xpi [2013-11-07]
FF Extension: Adblock Plus - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-03]

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 [2013-11-03]
CHR Extension: (Google Drive) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 [2013-11-03]
CHR Extension: (YouTube) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-11-03]
CHR Extension: (Google Search) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-11-03]
CHR Extension: (avast! Online Security) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0 [2014-01-13]
CHR Extension: (YoutubeAdblocker) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlekihhfbckmbhjcchgdgohkfjipjcip\1.0 [2013-12-24]
CHR Extension: (Google Wallet) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 [2013-11-03]
CHR Extension: (greAtsaver) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nobomofikmhcbobabomhgniadhnalhnf\2.7 [2013-12-24]
CHR Extension: (Gmail) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 [2013-11-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-03]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-28] (AVAST Software)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2013-02-10] (Chris Pietschmann (hxxp://pietschsoft.com))
S2 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [x]

==================== Drivers (Whitelisted) ====================

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-28] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-28] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-09-19] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-29] (Disc Soft Ltd)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-01-14] ()
S1 aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-14 16:56 - 2014-01-14 16:56 - 00002014 _____ C:\Users\Leon\Desktop\JRT.txt
2014-01-14 16:52 - 2014-01-14 16:52 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-01-14 16:48 - 2014-01-14 16:48 - 00000000 ____D C:\Windows\ERUNT
2014-01-14 16:46 - 2014-01-14 16:46 - 01037068 _____ (Thisisu) C:\Users\Leon\Desktop\JRT.exe
2014-01-14 16:40 - 2014-01-14 16:42 - 00000000 ____D C:\AdwCleaner
2014-01-14 15:55 - 2014-01-14 15:55 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-14 15:55 - 2014-01-14 15:55 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Malwarebytes
2014-01-14 15:55 - 2014-01-14 15:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-14 15:55 - 2014-01-14 15:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-14 15:55 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-13 22:40 - 2014-01-13 22:41 - 00032765 _____ C:\Users\Leon\Desktop\Addition.txt
2014-01-13 22:39 - 2014-01-14 17:01 - 00017634 _____ C:\Users\Leon\Desktop\FRST.txt
2014-01-13 22:38 - 2014-01-13 22:38 - 00000000 ____D C:\FRST
2014-01-13 22:33 - 2014-01-13 22:33 - 02075648 _____ (Farbar) C:\Users\Leon\Desktop\FRST64.exe
2014-01-13 21:51 - 2014-01-13 21:49 - 00602112 _____ (OldTimer Tools) C:\Users\Leon\Desktop\OTL.exe
2014-01-12 17:55 - 2014-01-12 17:55 - 00004536 _____ C:\Users\Leon\AppData\Local\recently-used.xbel
2014-01-11 20:26 - 2014-01-11 20:26 - 00000000 ____D C:\Riot Games
2014-01-11 20:26 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-01-11 20:26 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-01-11 20:26 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-01-11 20:25 - 2014-01-11 23:23 - 00000000 ____D C:\Users\Leon\AppData\Local\PMB Files
2014-01-11 20:25 - 2014-01-11 23:23 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-11 20:25 - 2014-01-11 20:25 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2014-01-11 20:16 - 2014-01-11 20:25 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Riot Games
2014-01-10 16:05 - 2014-01-10 16:05 - 00000388 _____ C:\Windows\LkmdfCoInst.log
2013-12-31 09:53 - 2014-01-14 16:52 - 00012982 _____ C:\Windows\PFRO.log
2013-12-31 09:53 - 2014-01-14 16:52 - 00000818 _____ C:\Windows\setupact.log
2013-12-31 09:53 - 2013-12-31 09:53 - 00000000 _____ C:\Windows\setuperr.log
2013-12-30 22:19 - 2013-12-30 22:19 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-30 22:19 - 2013-12-30 22:19 - 00000000 ____D C:\Program Files\CCleaner
2013-12-30 21:29 - 2013-12-30 21:29 - 00000000 ____D C:\Users\Leon\AppData\Local\Chris_Pietschmann_(http__
2013-12-30 21:21 - 2013-12-31 10:34 - 00000000 ____D C:\Program Files (x86)\Virtual Router
2013-12-28 19:19 - 2013-12-28 19:19 - 00000000 ____D C:\Users\Leon\Documents\MeinSpore-Kreationen
2013-12-28 19:19 - 2013-12-28 19:19 - 00000000 ____D C:\Users\Leon\AppData\Roaming\SPORE
2013-12-28 12:57 - 2013-12-28 12:58 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-25 01:04 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-12-25 01:04 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-12-25 01:04 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-25 01:04 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-12-25 01:04 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-12-25 01:04 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-12-25 01:04 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-12-24 20:50 - 2014-01-14 16:32 - 00000000 ____D C:\ProgramData\SurF! aindd Keeeep
2013-12-24 20:50 - 2014-01-14 16:32 - 00000000 ____D C:\Program Files (x86)\SurF! aindd Keeeep
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\Users\Leon\AppData\Local\Packages
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\ProgramData\f11f8d8eaf3da236
2013-12-24 20:38 - 2013-12-24 20:38 - 00000000 ____D C:\Users\Leon\AppData\Local\calibre-cache
2013-12-24 20:37 - 2013-12-24 20:38 - 00000000 ____D C:\Users\Leon\AppData\Roaming\calibre
2013-12-24 20:36 - 2013-12-25 22:43 - 00000936 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2013-12-24 20:36 - 2013-12-25 22:43 - 00000000 ____D C:\Program Files\Calibre2
2013-12-24 20:17 - 2013-12-24 20:49 - 00000000 ____D C:\ProgramData\InstallMate
2013-12-24 18:27 - 2013-12-24 18:27 - 00000000 ____D C:\Users\Leon\Documents\Logitech Gaming Software
2013-12-24 18:24 - 2013-12-24 18:24 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Leadertech
2013-12-24 18:24 - 2013-12-24 18:24 - 00000000 ____D C:\Users\Leon\AppData\Local\Logitech
2013-12-24 18:22 - 2014-01-10 16:05 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-12-24 18:22 - 2013-12-24 18:23 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-12-24 18:15 - 2013-12-24 18:22 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Logitech
2013-12-24 18:15 - 2013-12-24 18:22 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Logishrd
2013-12-24 18:15 - 2013-12-24 18:16 - 00000000 ____D C:\ProgramData\LogiShrd
2013-12-24 18:15 - 2013-12-24 18:15 - 00000000 ____D C:\Program Files\Logitech
2013-12-24 18:15 - 2013-12-24 18:15 - 00000000 ____D C:\Program Files\Common Files\Logishrd
2013-12-24 10:07 - 2014-01-13 14:21 - 00000000 ____D C:\Users\Leon\AppData\Roaming\FileAdvisor
2013-12-24 09:39 - 2013-12-24 09:39 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2013-12-24 09:33 - 2014-01-13 14:20 - 00000000 ____D C:\Program Files (x86)\File Type Advisor
2013-12-24 09:33 - 2013-12-24 09:33 - 00003514 _____ C:\Windows\System32\Tasks\FileAdvisorCheck
2013-12-24 09:33 - 2013-12-24 09:33 - 00003512 _____ C:\Windows\System32\Tasks\FileAdvisorUpdate
2013-12-23 22:53 - 2013-12-24 08:21 - 00000000 ____D C:\Users\Leon\AppData\Roaming\xrecode2
2013-12-23 22:53 - 2013-12-23 22:53 - 00000000 ____D C:\Program Files (x86)\xrecode II
2013-12-21 14:47 - 2013-12-21 14:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 23:27 - 2013-12-20 23:27 - 00000000 ____D C:\ProgramData\Sony
2013-12-20 23:27 - 2013-12-20 23:27 - 00000000 ____D C:\Program Files (x86)\Sony
2013-12-18 22:39 - 2013-12-18 22:39 - 00680624 ____N (ScreenTime Media) C:\Windows\SysWOW64\Fliqlo.scr
2013-12-18 22:39 - 2013-12-18 22:39 - 00680624 _____ (ScreenTime Media) C:\Windows\system32\Fliqlo.scr
2013-12-18 22:39 - 2013-12-18 22:39 - 00000000 ____D C:\Users\Leon\AppData\Local\Screentime
2013-12-18 22:39 - 2013-12-18 22:39 - 00000000 ____D C:\ProgramData\Screentime
2013-12-18 22:38 - 2013-12-18 22:38 - 144007134 _____ C:\Windows\DROPCLOCK.scr
2013-12-18 22:38 - 2013-12-18 22:38 - 00503380 _____ (SERIALGAMES Inc.) C:\Windows\DROPCLOCKUninst.exe
2013-12-18 22:38 - 2010-09-28 10:44 - 01245079 _____ (Axialis Software) C:\Windows\SysWOW64\nfsClockNightButterfly.scr
2013-12-18 22:37 - 2013-12-30 22:46 - 00000000 ____D C:\Users\Leon\AppData\Local\Axialis
2013-12-18 22:37 - 2013-12-18 22:38 - 00000000 ____D C:\Program Files (x86)\NewFreeScreensavers
2013-12-18 22:37 - 2010-08-26 14:17 - 01395159 _____ (Axialis Software) C:\Windows\SysWOW64\nfsSchoolAutumn.scr
2013-12-17 20:21 - 2013-12-17 20:21 - 00000000 ____D C:\Users\Leon\Documents\Electronic Arts
2013-12-17 20:15 - 2013-12-17 20:15 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-17 20:15 - 2013-12-17 20:15 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-17 19:53 - 2013-12-17 19:53 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-17 19:51 - 2013-12-28 19:08 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-12-17 19:42 - 2013-12-17 19:42 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2013-12-16 14:12 - 2013-12-16 14:12 - 00000000 ____D C:\ProgramData\Steam
2013-12-16 02:11 - 2013-12-16 02:11 - 00000000 ____D C:\Users\Leon\AppData\Roaming\.marble
2013-12-16 01:50 - 2013-12-16 01:50 - 00000000 ____D C:\Users\Leon\AppData\Roaming\NASA
2013-12-15 23:28 - 2013-12-15 23:28 - 00000000 ____D C:\Users\Leon\Documents\Anomaly Korea

==================== One Month Modified Files and Folders =======

2014-01-14 17:02 - 2014-01-13 22:39 - 00017634 _____ C:\Users\Leon\Desktop\FRST.txt
2014-01-14 17:00 - 2009-07-14 05:45 - 00017712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-14 17:00 - 2009-07-14 05:45 - 00017712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-14 16:57 - 2009-07-14 11:49 - 00699090 _____ C:\Windows\system32\perfh007.dat
2014-01-14 16:57 - 2009-07-14 11:49 - 00149230 _____ C:\Windows\system32\perfc007.dat
2014-01-14 16:57 - 2009-07-14 06:13 - 01619272 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-14 16:56 - 2014-01-14 16:56 - 00002014 _____ C:\Users\Leon\Desktop\JRT.txt
2014-01-14 16:55 - 2013-11-03 13:52 - 00000435 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-14 16:54 - 2013-11-03 14:22 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Dropbox
2014-01-14 16:53 - 2013-11-06 23:01 - 00000000 ____D C:\Users\Leon\AppData\Local\Adobe
2014-01-14 16:52 - 2014-01-14 16:52 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-01-14 16:52 - 2013-12-31 09:53 - 00012982 _____ C:\Windows\PFRO.log
2014-01-14 16:52 - 2013-12-31 09:53 - 00000818 _____ C:\Windows\setupact.log
2014-01-14 16:52 - 2013-11-03 14:53 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-01-14 16:52 - 2013-11-03 14:15 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-14 16:52 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-14 16:51 - 2013-11-03 13:19 - 01827487 _____ C:\Windows\WindowsUpdate.log
2014-01-14 16:48 - 2014-01-14 16:48 - 00000000 ____D C:\Windows\ERUNT
2014-01-14 16:46 - 2014-01-14 16:46 - 01037068 _____ (Thisisu) C:\Users\Leon\Desktop\JRT.exe
2014-01-14 16:42 - 2014-01-14 16:40 - 00000000 ____D C:\AdwCleaner
2014-01-14 16:40 - 2013-11-03 14:22 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Spotify
2014-01-14 16:37 - 2013-12-13 00:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-14 16:32 - 2013-12-24 20:50 - 00000000 ____D C:\ProgramData\SurF! aindd Keeeep
2014-01-14 16:32 - 2013-12-24 20:50 - 00000000 ____D C:\Program Files (x86)\SurF! aindd Keeeep
2014-01-14 16:32 - 2013-11-03 14:15 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-14 16:18 - 2013-12-07 22:50 - 00000132 _____ C:\Users\Leon\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-01-14 15:55 - 2014-01-14 15:55 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-14 15:55 - 2014-01-14 15:55 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Malwarebytes
2014-01-14 15:55 - 2014-01-14 15:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-14 15:55 - 2014-01-14 15:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-13 22:41 - 2014-01-13 22:40 - 00032765 _____ C:\Users\Leon\Desktop\Addition.txt
2014-01-13 22:38 - 2014-01-13 22:38 - 00000000 ____D C:\FRST
2014-01-13 22:33 - 2014-01-13 22:33 - 02075648 _____ (Farbar) C:\Users\Leon\Desktop\FRST64.exe
2014-01-13 22:21 - 2013-11-04 17:03 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2014-01-13 21:49 - 2014-01-13 21:51 - 00602112 _____ (OldTimer Tools) C:\Users\Leon\Desktop\OTL.exe
2014-01-13 21:11 - 2013-11-04 14:14 - 00000000 ____D C:\Users\Leon\.gimp-2.8
2014-01-13 20:23 - 2013-11-07 19:31 - 00000000 ____D C:\Users\Leon\AppData\Local\Spotify
2014-01-13 14:21 - 2013-12-24 10:07 - 00000000 ____D C:\Users\Leon\AppData\Roaming\FileAdvisor
2014-01-13 14:20 - 2013-12-24 09:33 - 00000000 ____D C:\Program Files (x86)\File Type Advisor
2014-01-12 17:55 - 2014-01-12 17:55 - 00004536 _____ C:\Users\Leon\AppData\Local\recently-used.xbel
2014-01-12 13:16 - 2013-11-03 14:39 - 01591936 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-12 13:08 - 2013-11-04 18:02 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-11 23:23 - 2014-01-11 20:25 - 00000000 ____D C:\Users\Leon\AppData\Local\PMB Files
2014-01-11 23:23 - 2014-01-11 20:25 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-11 20:50 - 2013-12-04 19:48 - 00000000 ____D C:\Program Files\KMSpico
2014-01-11 20:26 - 2014-01-11 20:26 - 00000000 ____D C:\Riot Games
2014-01-11 20:25 - 2014-01-11 20:25 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2014-01-11 20:25 - 2014-01-11 20:16 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Riot Games
2014-01-11 01:23 - 2013-11-03 13:31 - 00120784 _____ C:\Users\Leon\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-11 01:22 - 2009-07-14 05:45 - 05154064 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-10 16:08 - 2013-11-03 14:23 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-10 16:08 - 2013-11-03 13:18 - 00000000 ___RD C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-10 16:05 - 2014-01-10 16:05 - 00000388 _____ C:\Windows\LkmdfCoInst.log
2014-01-10 16:05 - 2013-12-24 18:22 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-12-31 10:34 - 2013-12-30 21:21 - 00000000 ____D C:\Program Files (x86)\Virtual Router
2013-12-31 09:53 - 2013-12-31 09:53 - 00000000 _____ C:\Windows\setuperr.log
2013-12-30 22:46 - 2013-12-18 22:37 - 00000000 ____D C:\Users\Leon\AppData\Local\Axialis
2013-12-30 22:24 - 2013-11-06 22:35 - 00000000 ____D C:\Users\Leon\AppData\Roaming\uTorrent
2013-12-30 22:24 - 2013-11-03 15:07 - 00000000 ____D C:\Users\Leon\AppData\Roaming\FileZilla
2013-12-30 22:24 - 2013-11-03 14:19 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Winamp
2013-12-30 22:24 - 2013-11-03 13:21 - 00000000 ____D C:\Users\Leon\AppData\Roaming\DAEMON Tools Lite
2013-12-30 22:23 - 2013-12-09 23:56 - 00000000 ____D C:\Windows\Minidump
2013-12-30 22:23 - 2013-11-04 00:22 - 00000000 ____D C:\Users\Leon\AppData\Local\CrashDumps
2013-12-30 22:23 - 2010-05-11 22:05 - 00000000 ____D C:\Windows\Panther
2013-12-30 22:19 - 2013-12-30 22:19 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-30 22:19 - 2013-12-30 22:19 - 00000000 ____D C:\Program Files\CCleaner
2013-12-30 21:29 - 2013-12-30 21:29 - 00000000 ____D C:\Users\Leon\AppData\Local\Chris_Pietschmann_(http__
2013-12-30 21:14 - 2013-11-03 13:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-30 02:01 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-28 19:19 - 2013-12-28 19:19 - 00000000 ____D C:\Users\Leon\Documents\MeinSpore-Kreationen
2013-12-28 19:19 - 2013-12-28 19:19 - 00000000 ____D C:\Users\Leon\AppData\Roaming\SPORE
2013-12-28 19:08 - 2013-12-17 19:51 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-12-28 12:58 - 2013-12-28 12:57 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-28 12:58 - 2013-11-24 23:28 - 00001972 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-28 12:57 - 2013-11-03 15:01 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-28 12:57 - 2013-11-03 15:01 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-12-28 12:57 - 2013-11-03 15:01 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-28 12:57 - 2013-11-03 15:01 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-28 12:57 - 2013-11-03 15:01 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-28 12:57 - 2013-11-03 15:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-27 10:31 - 2013-11-04 14:56 - 00000000 ____D C:\Users\Leon\AppData\Local\gtk-2.0
2013-12-27 01:04 - 2013-11-03 14:41 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Skype
2013-12-25 22:43 - 2013-12-24 20:36 - 00000936 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2013-12-25 22:43 - 2013-12-24 20:36 - 00000000 ____D C:\Program Files\Calibre2
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\Users\Leon\AppData\Local\Packages
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\ProgramData\f11f8d8eaf3da236
2013-12-24 20:49 - 2013-12-24 20:17 - 00000000 ____D C:\ProgramData\InstallMate
2013-12-24 20:38 - 2013-12-24 20:38 - 00000000 ____D C:\Users\Leon\AppData\Local\calibre-cache
2013-12-24 20:38 - 2013-12-24 20:37 - 00000000 ____D C:\Users\Leon\AppData\Roaming\calibre
2013-12-24 18:27 - 2013-12-24 18:27 - 00000000 ____D C:\Users\Leon\Documents\Logitech Gaming Software
2013-12-24 18:24 - 2013-12-24 18:24 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Leadertech
2013-12-24 18:24 - 2013-12-24 18:24 - 00000000 ____D C:\Users\Leon\AppData\Local\Logitech
2013-12-24 18:23 - 2013-12-24 18:22 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-12-24 18:22 - 2013-12-24 18:15 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Logitech
2013-12-24 18:22 - 2013-12-24 18:15 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Logishrd
2013-12-24 18:16 - 2013-12-24 18:15 - 00000000 ____D C:\ProgramData\LogiShrd
2013-12-24 18:15 - 2013-12-24 18:15 - 00000000 ____D C:\Program Files\Logitech
2013-12-24 18:15 - 2013-12-24 18:15 - 00000000 ____D C:\Program Files\Common Files\Logishrd
2013-12-24 13:38 - 2013-11-03 14:31 - 00000000 ____D C:\Program Files\CDBurnerXP
2013-12-24 13:38 - 2013-11-03 14:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-24 09:39 - 2013-12-24 09:39 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2013-12-24 09:33 - 2013-12-24 09:33 - 00003514 _____ C:\Windows\System32\Tasks\FileAdvisorCheck
2013-12-24 09:33 - 2013-12-24 09:33 - 00003512 _____ C:\Windows\System32\Tasks\FileAdvisorUpdate
2013-12-24 08:21 - 2013-12-23 22:53 - 00000000 ____D C:\Users\Leon\AppData\Roaming\xrecode2
2013-12-23 22:53 - 2013-12-23 22:53 - 00000000 ____D C:\Program Files (x86)\xrecode II
2013-12-23 18:02 - 2013-11-29 23:34 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-12-23 16:58 - 2013-11-03 13:17 - 00000000 ____D C:\Users\Leon
2013-12-22 22:03 - 2013-11-03 14:19 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Notepad++
2013-12-21 14:47 - 2013-12-21 14:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 23:27 - 2013-12-20 23:27 - 00000000 ____D C:\ProgramData\Sony
2013-12-20 23:27 - 2013-12-20 23:27 - 00000000 ____D C:\Program Files (x86)\Sony
2013-12-20 22:49 - 2013-11-03 14:18 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-20 22:49 - 2013-11-03 14:18 - 00000000 ____D C:\Program Files\WinRAR
2013-12-18 22:39 - 2013-12-18 22:39 - 00680624 ____N (ScreenTime Media) C:\Windows\SysWOW64\Fliqlo.scr
2013-12-18 22:39 - 2013-12-18 22:39 - 00680624 _____ (ScreenTime Media) C:\Windows\system32\Fliqlo.scr
2013-12-18 22:39 - 2013-12-18 22:39 - 00000000 ____D C:\Users\Leon\AppData\Local\Screentime
2013-12-18 22:39 - 2013-12-18 22:39 - 00000000 ____D C:\ProgramData\Screentime
2013-12-18 22:38 - 2013-12-18 22:38 - 144007134 _____ C:\Windows\DROPCLOCK.scr
2013-12-18 22:38 - 2013-12-18 22:38 - 00503380 _____ (SERIALGAMES Inc.) C:\Windows\DROPCLOCKUninst.exe
2013-12-18 22:38 - 2013-12-18 22:37 - 00000000 ____D C:\Program Files (x86)\NewFreeScreensavers
2013-12-17 20:21 - 2013-12-17 20:21 - 00000000 ____D C:\Users\Leon\Documents\Electronic Arts
2013-12-17 20:15 - 2013-12-17 20:15 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-17 20:15 - 2013-12-17 20:15 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-17 20:15 - 2013-11-03 15:01 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Adobe
2013-12-17 20:15 - 2013-11-03 14:23 - 00000000 ____D C:\ProgramData\Adobe
2013-12-17 20:15 - 2013-11-03 14:23 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-12-17 20:01 - 2013-11-06 23:49 - 00000000 ____D C:\Program Files\Adobe
2013-12-17 20:00 - 2013-11-06 23:47 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-12-17 19:53 - 2013-12-17 19:53 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-17 19:42 - 2013-12-17 19:42 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2013-12-16 18:32 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-16 14:12 - 2013-12-16 14:12 - 00000000 ____D C:\ProgramData\Steam
2013-12-16 03:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-16 02:34 - 2013-11-03 14:15 - 00000000 ____D C:\Users\Leon\AppData\Local\Google
2013-12-16 02:34 - 2013-11-03 14:15 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-16 02:11 - 2013-12-16 02:11 - 00000000 ____D C:\Users\Leon\AppData\Roaming\.marble
2013-12-16 01:50 - 2013-12-16 01:50 - 00000000 ____D C:\Users\Leon\AppData\Roaming\NASA
2013-12-15 23:28 - 2013-12-15 23:28 - 00000000 ____D C:\Users\Leon\Documents\Anomaly Korea

Some content of TEMP:
====================
C:\Users\Leon\AppData\Local\Temp\EAD41C0.exe
C:\Users\Leon\AppData\Local\Temp\EAD5E16.exe
C:\Users\Leon\AppData\Local\Temp\EADA12E.exe
C:\Users\Leon\AppData\Local\Temp\Quarantine.exe
C:\Users\Leon\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Leon\AppData\Local\Temp\sfareca00001.dll
C:\Users\Leon\AppData\Local\Temp\swt-win32-3349.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-11 02:15

==================== End Of Log ============================
         
--- --- ---


Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-01-2014 02
Ran by Leon at 2014-01-13 22:40:12
Running from C:\Users\Leon\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

µTorrent (HKCU Version: 3.3.2.30303 - BitTorrent Inc.)
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden
Adobe Bridge CC (64 Bit) (x32 Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (x32 Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (x32 Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe InDesign CC (x32 Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop CC (x32 Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated) Hidden
Akamai NetSession Interface (HKCU Version:  - Akamai Technologies, Inc)
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.60524.2309 - ATI Technologies Inc.) Hidden
Asmedia ASM106x SATA Host Controller Driver (x32 Version: 1.3.1.000 - Asmedia Technology)
ASRock App Charger v1.0.5 (Version:  - ASRock Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.10524 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (Version: 3.0.829.0 - ATI Technologies, Inc.)
Audacity 2.0.5 (x32 Version: 2.0.5 - Audacity Team)
avast! Free Antivirus (x32 Version: 9.0.2011 - Avast Software)
BlueStacks App Player (x32 Version: 0.7.18.921 - BlueStack Systems, Inc.)
BlueStacks Notification Center (x32 Version: 0.7.18.921 - BlueStack Systems, Inc.)
calibre 64bit (Version: 1.17.0 - Kovid Goyal)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.0524.2352.41027 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0524.2352.41027 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0524.2352.41027 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0524.2352.41027 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help English (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help French (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help German (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
ccc-utility64 (Version: 2011.0524.2352.41027 - ATI) Hidden
CCleaner (Version: 4.09 - Piriform)
CDBurnerXP (Version: 4.5.2.4291 - CDBurnerXP)
CDBurnerXP (x32 Version: 4.5.2.4478 - CDBurnerXP)
Corel Graphics - Windows Shell Extension (Version: 16.1.0.843 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.1.843 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.1.843 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - DE (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.1 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (Version: 16.1.0.843 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.1 - Corel Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (x32 Version: 4.48.1.0347 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (Version:  - Microsoft)
Die Sims™ 3 (x32 Version: 1.42.130 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (x32 Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (x32 Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Lebensfreude (x32 Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (x32 Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (x32 Version: 4.0.87 - Electronic Arts)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
DROPCLOCK Screensaver (x32 Version:  - )
EA Download Manager (x32 Version: 5.0.0.255 - Electronic Arts, Inc.)
File Type Advisor 1.4 (x32 Version:  - filetypeadvisor.com)
FileZilla Client 3.7.3 (x32 Version: 3.7.3 - Tim Kosse)
Fliqlo Screen Saver (x32 Version:  - )
FormatFactory 3.1.1 (x32 Version: 3.1.1 - Free Time)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube Download version 3.2.18.1128 (x32 Version: 3.2.18.1128 - DVDVideoSoft Ltd.)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
GIMP 2.8.6 (Version: 2.8.6 - The GIMP Team)
Google Chrome (x32 Version: 65.143.49253 - Google, Inc.)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (x32 Version: 1 - Microsoft Corporation)
HydraVision (x32 Version: 4.2.206.0 - ATI Technologies Inc.) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (x32 Version: 11.1.048 - Intel Corporation)
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.18.10.3257 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.0.0.1032 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.3.214 - Intel Corporation)
Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 45 (x32 Version: 1.7.0.450 - Oracle)
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
KMSpico 3.1 (Version: 3.1 - )
League of Legends (x32 Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.51 (Version: 8.51.5 - Logitech Inc.)
Logitech Solar App 1.10 (Version: 1.10.3 - Logitech)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) German (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 en-US) (x32 Version: 24.2.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NewFreeScreensaver nfsClockNightButterfly (x32 Version:  - )
NewFreeScreensaver nfsSchoolAutumn (x32 Version:  - )
Notepad++ (x32 Version: 6.5.2 - Notepad++ Team)
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (x32 Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Skype™ 6.10 (x32 Version: 6.10.104 - Skype Technologies S.A.)
Sony PC Companion 2.10.181 (x32 Version: 2.10.181 - Sony)
SpeedFan (remove only) (x32 Version:  - )
SPORE™ (x32 Version: 1.00.0000 - Electronic Arts)
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
SurF! aindd Keeeep (x32 Version: 4.0.0.1450 - surrf uand  keep) <==== ATTENTION
TeamViewer 8 (x32 Version: 8.0.22298 - TeamViewer)
TL-WN822N/TL-WN821N Driver (x32 Version: 1.0.0 - TP-LINK)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2850060) 64-Bit Edition (Version:  - Microsoft)
VIRTU MVP 2.1.110 (Version: 2.1.110 - Lucidlogix Technologies LTD)
Virtual Router v1.0 (x32 Version: 1.0 - Chris Pietschmann)
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
Wecker für Windows 6.5 (x32 Version: 6.5 - Christoph Bünger Software)
Winamp (x32 Version: 5.65  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (Version: 5.01.0 - win.rar GmbH)
xrecode II 1.0.0.209 (x32 Version:  - )
YoutubeAdblocker (x32 Version: 2.2.0.1828 - YoutubeAdblocker) <==== ATTENTION

==================== Restore Points  =========================

11-01-2014 19:16:49 Installed League of Legends
11-01-2014 19:25:28 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
11-01-2014 19:25:51 Installed League of Legends
11-01-2014 19:26:04 DirectX wurde installiert
12-01-2014 12:10:51 Windows Update
12-01-2014 12:13:40 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1A0198FC-F848-4998-8E15-97FA9FB577BA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {41E68387-C479-4AE1-B09B-52A974E40EC3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-28] (AVAST Software)
Task: {503DE7B9-FD17-4340-BC82-5523D776D358} - System32\Tasks\FileAdvisorCheck => C:\Program Files (x86)\File Type Advisor\file-type-advisor.exe [2013-09-04] (filetypeadvisor.com                                         )
Task: {7783C8A2-0399-4803-B9A2-24DFD68F4CF0} - System32\Tasks\FileAdvisorUpdate => C:\Program Files (x86)\File Type Advisor\fileadvisor.exe [2013-09-04] (File Type Advisor)
Task: {7DD4BF26-1930-40FB-B6F8-1A00A8933A31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-03] (Google Inc.)
Task: {7E195F64-C68B-472F-A551-A0F48E75BF25} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-03] (Google Inc.)
Task: {91FEC38F-5D99-4003-A261-C21B3277F302} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {A6F2A846-4447-4290-B091-576E6363A0D4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {C341AD07-E345-405B-9834-CD2267875E8B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {F829C907-D22A-4B2A-A901-C394863745CE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-13] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-16 18:02 - 2013-10-16 18:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-12-14 02:42 - 2012-12-14 02:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-01-13 18:23 - 2014-01-13 10:57 - 02153984 _____ () C:\Program Files\AVAST Software\Avast\defs\14011300\algo.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-11-03 15:01 - 2013-11-03 15:01 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Leon\AppData\Roaming\Dropbox\bin\libcef.dll
2013-11-23 10:39 - 2013-11-23 10:39 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\991a8d378a3e64b31c0f4770ba9ae071\IsdiInterop.ni.dll
2013-11-03 14:48 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-01-12 13:57 - 2014-01-13 22:21 - 00158720 _____ () C:\Users\Leon\AppData\Local\Temp\sfareca00001.dll
2013-11-04 17:16 - 2014-01-13 22:21 - 00192512 _____ () C:\Users\Leon\AppData\Local\Temp\sfamcc00001.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/13/2014 09:23:36 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/13/2014 09:01:52 PM) (Source: Application Hang) (User: )
Description: Programm HD-Frontend.exe, Version 0.7.18.921 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1a74

Startzeit: 01cf107d4fab0ca4

Endzeit: 32

Anwendungspfad: C:\Program Files (x86)\BlueStacks\HD-Frontend.exe

Berichts-ID: 89a44e4a-7c8d-11e3-a22a-bc5ff45cfc14

Error: (01/13/2014 06:53:18 AM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/12/2014 01:15:14 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version : 4.0.40305.0 - Fehler beim Initialisieren von .NET Framework.C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll konnte nicht geladen werden.

Error: (01/12/2014 01:06:17 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/11/2014 08:17:28 PM) (Source: MsiInstaller) (User: Leon-PC)
Description: Produkt: League of Legends -- Fehler 4153. Visual C++ 2005 SP1 Redistributable (x64) Eine erforderliche Abhängigkeit wurde nicht richtig installiert.

Error: (01/11/2014 00:19:20 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/11/2014 01:24:02 AM) (Source: Application Hang) (User: )
Description: Programm VirtualRouterClient.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: dcc

Startzeit: 01cf0e6359376b5b

Endzeit: 2

Anwendungspfad: C:\Program Files (x86)\Virtual Router\VirtualRouterClient.exe

Berichts-ID: a87f43e8-7a56-11e3-aeef-bc5ff45cfc14

Error: (01/11/2014 01:23:02 AM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/10/2014 05:22:07 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


System errors:
=============
Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.


Microsoft Office Sessions:
=========================
Error: (01/13/2014 09:23:36 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/13/2014 09:01:52 PM) (Source: Application Hang)(User: )
Description: HD-Frontend.exe0.7.18.9211a7401cf107d4fab0ca432C:\Program Files (x86)\BlueStacks\HD-Frontend.exe89a44e4a-7c8d-11e3-a22a-bc5ff45cfc14

Error: (01/13/2014 06:53:18 AM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/12/2014 01:15:14 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version : 4.0.40305.0 - Fehler beim Initialisieren von .NET Framework.C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll konnte nicht geladen werden.

Error: (01/12/2014 01:06:17 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/11/2014 08:17:28 PM) (Source: MsiInstaller)(User: Leon-PC)
Description: Produkt: League of Legends -- Fehler 4153. Visual C++ 2005 SP1 Redistributable (x64) Eine erforderliche Abhängigkeit wurde nicht richtig installiert.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/11/2014 00:19:20 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/11/2014 01:24:02 AM) (Source: Application Hang)(User: )
Description: VirtualRouterClient.exe1.0.0.0dcc01cf0e6359376b5b2C:\Program Files (x86)\Virtual Router\VirtualRouterClient.exea87f43e8-7a56-11e3-aeef-bc5ff45cfc14

Error: (01/11/2014 01:23:02 AM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/10/2014 05:22:07 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


==================== Memory info =========================== 

Percentage of memory in use: 31%
Total physical RAM: 8087.06 MB
Available physical RAM: 5562.94 MB
Total Pagefile: 16172.3 MB
Available Pagefile: 13373.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:97.56 GB) (Free:19.5 GB) NTFS
Drive d: (Medien) (Fixed) (Total:368.1 GB) (Free:272.66 GB) NTFS
Drive f: (MY 1TB) (Fixed) (Total:931.51 GB) (Free:302.4 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 25866498)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=368 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

==================== End Of Log ============================
         
bis jetzt schonmal vielen dank!
Mfg Leon Farchau


Alt 15.01.2014, 10:04   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Manche Wörter in Firefox grün und doppelt unterstrichen, virus? - Standard

Manche Wörter in Firefox grün und doppelt unterstrichen, virus?




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Manche Wörter in Firefox grün und doppelt unterstrichen, virus?

Alt 15.01.2014, 22:56   #7
leon2225
 
Manche Wörter in Firefox grün und doppelt unterstrichen, virus? - Standard

Manche Wörter in Firefox grün und doppelt unterstrichen, virus?



So alles scans durchgeführt.
Problem noch nicht behoben.

Eset
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=433e6787199bd7478aa204ce7ec6460d
# engine=16661
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-15 03:16:36
# local_time=2014-01-15 04:16:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 71 77 1552965 1570735 0 0
# compatibility_mode=5893 16776573 100 94 273931 141428846 0 0
# scanned=263250
# found=6
# cleaned=0
# scan_time=5361
sh=2A7CFED0AE01BF6EF3D6CBAB1E10952EF3C9826F ft=1 fh=c71c001162cf5fce vn="a variant of Win64/Adware.MultiPlug.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YoutubeAdblocker\ou.x64.dll.vir"
sh=2A7CFED0AE01BF6EF3D6CBAB1E10952EF3C9826F ft=1 fh=c71c001162cf5fce vn="a variant of Win64/Adware.MultiPlug.A application" ac=I fn="C:\Program Files (x86)\SurF! aindd Keeeep\fw58ux.x64.dll"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="D:\$RECYCLE.BIN\S-1-5-21-830548151-4247152805-1485277237-1000\$RYXJ38W.Battle-RELOADED\rld-walb.iso"
sh=A1A7E19F91924F91C28557B29ED745B07A65F774 ft=1 fh=05454cf7396f8e7e vn="multiple threats" ac=I fn="D:\Downloads\anders\African elephants Clock.exe"
sh=20F7E4E126B9DE19F0DE8FF2026690B637CF0A31 ft=1 fh=05454cf77e97df4f vn="multiple threats" ac=I fn="D:\Downloads\anders\Blot Clock 2.3.exe"
sh=708D6E829C310808B2FD901DBF857359285F821F ft=1 fh=05454cf7e4bc2072 vn="multiple threats" ac=I fn="D:\Downloads\anders\Water Color Clock.exe"
         
SecurityCheck
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.78  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 45  
 Java SE Development Kit 7 Update 45 
 Adobe Flash Player 11.9.900.170  
 Adobe Reader XI  
 Mozilla Firefox (26.0) 
 Mozilla Thunderbird (24.2.0) 
 Google Chrome 31.0.1650.63  
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
und FRST


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2014 01
Ran by Leon (administrator) on LEON-PC on 15-01-2014 22:51:42
Running from C:\Users\Leon\Desktop
Windows 7 Enterprise Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Spotify Ltd) C:\Users\Leon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterClient.exe
(Dropbox, Inc.) C:\Users\Leon\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Spotify Ltd) C:\Users\Leon\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Leon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Leon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Leon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Leon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Leon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
() C:\Users\Leon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Leon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Frontend.exe
() C:\Users\Leon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-28] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [606024 2013-09-19] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-06-05] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Leon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-13] (Spotify Ltd)
HKCU\...\Run: [EA Core] - C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [3325952 2009-03-28] (Electronic Arts)
MountPoints2: {09048c4d-591c-11e3-a79a-bc5ff45cfc14} - H:\autorun.exe
MountPoints2: {7aebf1cb-4481-11e3-9d54-806e6f6e6963} - E:\ASRSetup.exe
AppInit_DLLs: C:\Windows\system32\appinit_dll.dll [475424 2012-02-05] (Lucidlogix Inc.)
AppInit_DLLs-x32: C:\Windows\SysWOW64\appinit_dll.dll [429856 2012-02-05] (Lucidlogix Inc.)
Startup: C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Leon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: SurF! aindd Keeeep - {D15AD77C-60AC-8CF7-3E2D-25B2CFCE88F6} - C:\Program Files (x86)\SurF! aindd Keeeep\fw58ux.x64.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{436EEEF5-E0C0-46C8-80BB-7F1C6645CE19}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default
FF Homepage: www.psd-tutorials.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YoutubeAdblocker - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\Extensions\euyotod@vrdlpkk.org [2013-12-24]
FF Extension: greAtsaver - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\Extensions\oefxyaa@ueuippfm.net [2013-12-24]
FF Extension: DownloadHelper - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-11-07]
FF Extension: Firebug - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\Extensions\firebug@software.joehewitt.com.xpi [2013-12-07]
FF Extension: YouTube(TM) Ratings Preview - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\Extensions\jid0-G6461UajDjhNAwSukoedlkhD0XA@jetpack.xpi [2013-11-07]
FF Extension: Adblock Plus - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\es8j12kt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-03]

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 [2013-11-03]
CHR Extension: (Google Drive) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 [2013-11-03]
CHR Extension: (YouTube) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-11-03]
CHR Extension: (Google Search) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-11-03]
CHR Extension: (avast! Online Security) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0 [2014-01-13]
CHR Extension: (YoutubeAdblocker) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlekihhfbckmbhjcchgdgohkfjipjcip\1.0 [2013-12-24]
CHR Extension: (Google Wallet) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 [2013-11-03]
CHR Extension: (greAtsaver) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nobomofikmhcbobabomhgniadhnalhnf\2.7 [2013-12-24]
CHR Extension: (Gmail) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 [2013-11-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-03]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-28] (AVAST Software)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2013-02-10] (Chris Pietschmann (hxxp://pietschsoft.com))
S2 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [x]

==================== Drivers (Whitelisted) ====================

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-28] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-28] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-09-19] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-29] (Disc Soft Ltd)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-01-15] ()
S1 aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-15 22:51 - 2014-01-15 22:51 - 00000000 ____D C:\Users\Leon\Desktop\FRST-OlderVersion
2014-01-15 22:47 - 2014-01-15 22:47 - 00987410 _____ C:\Users\Leon\Desktop\SecurityCheck.exe
2014-01-15 17:12 - 2014-01-15 17:12 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-01-15 14:45 - 2014-01-15 14:45 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-14 16:56 - 2014-01-14 16:56 - 00002014 _____ C:\Users\Leon\Desktop\JRT.txt
2014-01-14 16:48 - 2014-01-14 16:48 - 00000000 ____D C:\Windows\ERUNT
2014-01-14 16:46 - 2014-01-14 16:46 - 01037068 _____ (Thisisu) C:\Users\Leon\Desktop\JRT.exe
2014-01-14 16:40 - 2014-01-14 16:42 - 00000000 ____D C:\AdwCleaner
2014-01-14 15:55 - 2014-01-14 15:55 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-14 15:55 - 2014-01-14 15:55 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Malwarebytes
2014-01-14 15:55 - 2014-01-14 15:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-14 15:55 - 2014-01-14 15:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-14 15:55 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-13 22:40 - 2014-01-13 22:41 - 00032765 _____ C:\Users\Leon\Desktop\Addition.txt
2014-01-13 22:39 - 2014-01-15 22:51 - 00018840 _____ C:\Users\Leon\Desktop\FRST.txt
2014-01-13 22:38 - 2014-01-15 22:51 - 00000000 ____D C:\FRST
2014-01-13 22:33 - 2014-01-15 22:51 - 02076160 _____ (Farbar) C:\Users\Leon\Desktop\FRST64.exe
2014-01-13 21:51 - 2014-01-13 21:49 - 00602112 _____ (OldTimer Tools) C:\Users\Leon\Desktop\OTL.exe
2014-01-12 17:55 - 2014-01-12 17:55 - 00004536 _____ C:\Users\Leon\AppData\Local\recently-used.xbel
2014-01-11 20:26 - 2014-01-11 20:26 - 00000000 ____D C:\Riot Games
2014-01-11 20:26 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-01-11 20:26 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-01-11 20:26 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-01-11 20:25 - 2014-01-11 23:23 - 00000000 ____D C:\Users\Leon\AppData\Local\PMB Files
2014-01-11 20:25 - 2014-01-11 23:23 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-11 20:25 - 2014-01-11 20:25 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2014-01-11 20:16 - 2014-01-11 20:25 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Riot Games
2014-01-10 16:05 - 2014-01-10 16:05 - 00000388 _____ C:\Windows\LkmdfCoInst.log
2013-12-31 09:53 - 2014-01-15 17:12 - 00014302 _____ C:\Windows\PFRO.log
2013-12-31 09:53 - 2014-01-15 17:12 - 00001042 _____ C:\Windows\setupact.log
2013-12-31 09:53 - 2013-12-31 09:53 - 00000000 _____ C:\Windows\setuperr.log
2013-12-30 22:19 - 2013-12-30 22:19 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-30 22:19 - 2013-12-30 22:19 - 00000000 ____D C:\Program Files\CCleaner
2013-12-30 21:29 - 2013-12-30 21:29 - 00000000 ____D C:\Users\Leon\AppData\Local\Chris_Pietschmann_(http__
2013-12-30 21:21 - 2013-12-31 10:34 - 00000000 ____D C:\Program Files (x86)\Virtual Router
2013-12-28 19:19 - 2013-12-28 19:19 - 00000000 ____D C:\Users\Leon\Documents\MeinSpore-Kreationen
2013-12-28 19:19 - 2013-12-28 19:19 - 00000000 ____D C:\Users\Leon\AppData\Roaming\SPORE
2013-12-28 12:57 - 2013-12-28 12:58 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-25 01:04 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-12-25 01:04 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-12-25 01:04 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-25 01:04 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-12-25 01:04 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-12-25 01:04 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-12-25 01:04 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-12-24 20:50 - 2014-01-14 16:32 - 00000000 ____D C:\ProgramData\SurF! aindd Keeeep
2013-12-24 20:50 - 2014-01-14 16:32 - 00000000 ____D C:\Program Files (x86)\SurF! aindd Keeeep
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\Users\Leon\AppData\Local\Packages
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\ProgramData\f11f8d8eaf3da236
2013-12-24 20:38 - 2013-12-24 20:38 - 00000000 ____D C:\Users\Leon\AppData\Local\calibre-cache
2013-12-24 20:37 - 2013-12-24 20:38 - 00000000 ____D C:\Users\Leon\AppData\Roaming\calibre
2013-12-24 20:36 - 2013-12-25 22:43 - 00000936 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2013-12-24 20:36 - 2013-12-25 22:43 - 00000000 ____D C:\Program Files\Calibre2
2013-12-24 20:17 - 2013-12-24 20:49 - 00000000 ____D C:\ProgramData\InstallMate
2013-12-24 18:27 - 2013-12-24 18:27 - 00000000 ____D C:\Users\Leon\Documents\Logitech Gaming Software
2013-12-24 18:24 - 2013-12-24 18:24 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Leadertech
2013-12-24 18:24 - 2013-12-24 18:24 - 00000000 ____D C:\Users\Leon\AppData\Local\Logitech
2013-12-24 18:22 - 2014-01-10 16:05 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-12-24 18:22 - 2013-12-24 18:23 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-12-24 18:15 - 2013-12-24 18:22 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Logitech
2013-12-24 18:15 - 2013-12-24 18:22 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Logishrd
2013-12-24 18:15 - 2013-12-24 18:16 - 00000000 ____D C:\ProgramData\LogiShrd
2013-12-24 18:15 - 2013-12-24 18:15 - 00000000 ____D C:\Program Files\Logitech
2013-12-24 18:15 - 2013-12-24 18:15 - 00000000 ____D C:\Program Files\Common Files\Logishrd
2013-12-24 10:07 - 2014-01-13 14:21 - 00000000 ____D C:\Users\Leon\AppData\Roaming\FileAdvisor
2013-12-24 09:39 - 2013-12-24 09:39 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2013-12-24 09:33 - 2014-01-13 14:20 - 00000000 ____D C:\Program Files (x86)\File Type Advisor
2013-12-24 09:33 - 2013-12-24 09:33 - 00003514 _____ C:\Windows\System32\Tasks\FileAdvisorCheck
2013-12-24 09:33 - 2013-12-24 09:33 - 00003512 _____ C:\Windows\System32\Tasks\FileAdvisorUpdate
2013-12-23 22:53 - 2013-12-24 08:21 - 00000000 ____D C:\Users\Leon\AppData\Roaming\xrecode2
2013-12-23 22:53 - 2013-12-23 22:53 - 00000000 ____D C:\Program Files (x86)\xrecode II
2013-12-21 14:47 - 2013-12-21 14:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 23:27 - 2013-12-20 23:27 - 00000000 ____D C:\ProgramData\Sony
2013-12-20 23:27 - 2013-12-20 23:27 - 00000000 ____D C:\Program Files (x86)\Sony
2013-12-18 22:39 - 2013-12-18 22:39 - 00680624 ____N (ScreenTime Media) C:\Windows\SysWOW64\Fliqlo.scr
2013-12-18 22:39 - 2013-12-18 22:39 - 00680624 _____ (ScreenTime Media) C:\Windows\system32\Fliqlo.scr
2013-12-18 22:39 - 2013-12-18 22:39 - 00000000 ____D C:\Users\Leon\AppData\Local\Screentime
2013-12-18 22:39 - 2013-12-18 22:39 - 00000000 ____D C:\ProgramData\Screentime
2013-12-18 22:38 - 2013-12-18 22:38 - 144007134 _____ C:\Windows\DROPCLOCK.scr
2013-12-18 22:38 - 2013-12-18 22:38 - 00503380 _____ (SERIALGAMES Inc.) C:\Windows\DROPCLOCKUninst.exe
2013-12-18 22:38 - 2010-09-28 10:44 - 01245079 _____ (Axialis Software) C:\Windows\SysWOW64\nfsClockNightButterfly.scr
2013-12-18 22:37 - 2013-12-30 22:46 - 00000000 ____D C:\Users\Leon\AppData\Local\Axialis
2013-12-18 22:37 - 2013-12-18 22:38 - 00000000 ____D C:\Program Files (x86)\NewFreeScreensavers
2013-12-18 22:37 - 2010-08-26 14:17 - 01395159 _____ (Axialis Software) C:\Windows\SysWOW64\nfsSchoolAutumn.scr
2013-12-17 20:21 - 2013-12-17 20:21 - 00000000 ____D C:\Users\Leon\Documents\Electronic Arts
2013-12-17 20:15 - 2013-12-17 20:15 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-17 20:15 - 2013-12-17 20:15 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-17 19:53 - 2013-12-17 19:53 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-17 19:51 - 2013-12-28 19:08 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-12-17 19:42 - 2013-12-17 19:42 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2013-12-16 14:12 - 2013-12-16 14:12 - 00000000 ____D C:\ProgramData\Steam
2013-12-16 02:11 - 2013-12-16 02:11 - 00000000 ____D C:\Users\Leon\AppData\Roaming\.marble
2013-12-16 01:50 - 2013-12-16 01:50 - 00000000 ____D C:\Users\Leon\AppData\Roaming\NASA

==================== One Month Modified Files and Folders =======

2014-01-15 22:52 - 2014-01-13 22:39 - 00018840 _____ C:\Users\Leon\Desktop\FRST.txt
2014-01-15 22:51 - 2014-01-15 22:51 - 00000000 ____D C:\Users\Leon\Desktop\FRST-OlderVersion
2014-01-15 22:51 - 2014-01-13 22:38 - 00000000 ____D C:\FRST
2014-01-15 22:51 - 2014-01-13 22:33 - 02076160 _____ (Farbar) C:\Users\Leon\Desktop\FRST64.exe
2014-01-15 22:47 - 2014-01-15 22:47 - 00987410 _____ C:\Users\Leon\Desktop\SecurityCheck.exe
2014-01-15 22:37 - 2013-12-13 00:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-15 22:32 - 2013-11-03 14:15 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-15 22:20 - 2013-11-03 14:22 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Spotify
2014-01-15 21:24 - 2013-11-03 13:52 - 00000435 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-15 21:24 - 2013-11-03 13:19 - 01271192 _____ C:\Windows\WindowsUpdate.log
2014-01-15 17:21 - 2009-07-14 05:45 - 00017712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-15 17:21 - 2009-07-14 05:45 - 00017712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-15 17:15 - 2013-11-03 14:22 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Dropbox
2014-01-15 17:13 - 2013-11-06 23:01 - 00000000 ____D C:\Users\Leon\AppData\Local\Adobe
2014-01-15 17:12 - 2014-01-15 17:12 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-01-15 17:12 - 2013-12-31 09:53 - 00014302 _____ C:\Windows\PFRO.log
2014-01-15 17:12 - 2013-12-31 09:53 - 00001042 _____ C:\Windows\setupact.log
2014-01-15 17:12 - 2013-11-03 14:53 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-01-15 17:12 - 2013-11-03 14:15 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-15 17:12 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-15 14:45 - 2014-01-15 14:45 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-15 14:19 - 2009-07-14 11:49 - 00699090 _____ C:\Windows\system32\perfh007.dat
2014-01-15 14:19 - 2009-07-14 11:49 - 00149230 _____ C:\Windows\system32\perfc007.dat
2014-01-15 14:19 - 2009-07-14 06:13 - 01619272 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-15 14:17 - 2013-12-07 22:50 - 00000132 _____ C:\Users\Leon\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-01-14 23:46 - 2013-11-04 17:03 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2014-01-14 16:56 - 2014-01-14 16:56 - 00002014 _____ C:\Users\Leon\Desktop\JRT.txt
2014-01-14 16:48 - 2014-01-14 16:48 - 00000000 ____D C:\Windows\ERUNT
2014-01-14 16:46 - 2014-01-14 16:46 - 01037068 _____ (Thisisu) C:\Users\Leon\Desktop\JRT.exe
2014-01-14 16:42 - 2014-01-14 16:40 - 00000000 ____D C:\AdwCleaner
2014-01-14 16:32 - 2013-12-24 20:50 - 00000000 ____D C:\ProgramData\SurF! aindd Keeeep
2014-01-14 16:32 - 2013-12-24 20:50 - 00000000 ____D C:\Program Files (x86)\SurF! aindd Keeeep
2014-01-14 15:55 - 2014-01-14 15:55 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-14 15:55 - 2014-01-14 15:55 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Malwarebytes
2014-01-14 15:55 - 2014-01-14 15:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-14 15:55 - 2014-01-14 15:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-13 22:41 - 2014-01-13 22:40 - 00032765 _____ C:\Users\Leon\Desktop\Addition.txt
2014-01-13 21:49 - 2014-01-13 21:51 - 00602112 _____ (OldTimer Tools) C:\Users\Leon\Desktop\OTL.exe
2014-01-13 21:11 - 2013-11-04 14:14 - 00000000 ____D C:\Users\Leon\.gimp-2.8
2014-01-13 20:23 - 2013-11-07 19:31 - 00000000 ____D C:\Users\Leon\AppData\Local\Spotify
2014-01-13 14:21 - 2013-12-24 10:07 - 00000000 ____D C:\Users\Leon\AppData\Roaming\FileAdvisor
2014-01-13 14:20 - 2013-12-24 09:33 - 00000000 ____D C:\Program Files (x86)\File Type Advisor
2014-01-12 17:55 - 2014-01-12 17:55 - 00004536 _____ C:\Users\Leon\AppData\Local\recently-used.xbel
2014-01-12 13:16 - 2013-11-03 14:39 - 01591936 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-12 13:08 - 2013-11-04 18:02 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-11 23:23 - 2014-01-11 20:25 - 00000000 ____D C:\Users\Leon\AppData\Local\PMB Files
2014-01-11 23:23 - 2014-01-11 20:25 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-11 20:50 - 2013-12-04 19:48 - 00000000 ____D C:\Program Files\KMSpico
2014-01-11 20:26 - 2014-01-11 20:26 - 00000000 ____D C:\Riot Games
2014-01-11 20:25 - 2014-01-11 20:25 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2014-01-11 20:25 - 2014-01-11 20:16 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Riot Games
2014-01-11 01:23 - 2013-11-03 13:31 - 00120784 _____ C:\Users\Leon\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-11 01:22 - 2009-07-14 05:45 - 05154064 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-10 16:08 - 2013-11-03 14:23 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-10 16:08 - 2013-11-03 13:18 - 00000000 ___RD C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-10 16:05 - 2014-01-10 16:05 - 00000388 _____ C:\Windows\LkmdfCoInst.log
2014-01-10 16:05 - 2013-12-24 18:22 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-12-31 10:34 - 2013-12-30 21:21 - 00000000 ____D C:\Program Files (x86)\Virtual Router
2013-12-31 09:53 - 2013-12-31 09:53 - 00000000 _____ C:\Windows\setuperr.log
2013-12-30 22:46 - 2013-12-18 22:37 - 00000000 ____D C:\Users\Leon\AppData\Local\Axialis
2013-12-30 22:24 - 2013-11-06 22:35 - 00000000 ____D C:\Users\Leon\AppData\Roaming\uTorrent
2013-12-30 22:24 - 2013-11-03 15:07 - 00000000 ____D C:\Users\Leon\AppData\Roaming\FileZilla
2013-12-30 22:24 - 2013-11-03 14:19 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Winamp
2013-12-30 22:24 - 2013-11-03 13:21 - 00000000 ____D C:\Users\Leon\AppData\Roaming\DAEMON Tools Lite
2013-12-30 22:23 - 2013-12-09 23:56 - 00000000 ____D C:\Windows\Minidump
2013-12-30 22:23 - 2013-11-04 00:22 - 00000000 ____D C:\Users\Leon\AppData\Local\CrashDumps
2013-12-30 22:23 - 2010-05-11 22:05 - 00000000 ____D C:\Windows\Panther
2013-12-30 22:19 - 2013-12-30 22:19 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-30 22:19 - 2013-12-30 22:19 - 00000000 ____D C:\Program Files\CCleaner
2013-12-30 21:29 - 2013-12-30 21:29 - 00000000 ____D C:\Users\Leon\AppData\Local\Chris_Pietschmann_(http__
2013-12-30 21:14 - 2013-11-03 13:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-30 02:01 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-28 19:19 - 2013-12-28 19:19 - 00000000 ____D C:\Users\Leon\Documents\MeinSpore-Kreationen
2013-12-28 19:19 - 2013-12-28 19:19 - 00000000 ____D C:\Users\Leon\AppData\Roaming\SPORE
2013-12-28 19:08 - 2013-12-17 19:51 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-12-28 12:58 - 2013-12-28 12:57 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-28 12:58 - 2013-11-24 23:28 - 00001972 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-28 12:57 - 2013-11-03 15:01 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-28 12:57 - 2013-11-03 15:01 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-12-28 12:57 - 2013-11-03 15:01 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-28 12:57 - 2013-11-03 15:01 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-28 12:57 - 2013-11-03 15:01 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-28 12:57 - 2013-11-03 15:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-27 10:31 - 2013-11-04 14:56 - 00000000 ____D C:\Users\Leon\AppData\Local\gtk-2.0
2013-12-27 01:04 - 2013-11-03 14:41 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Skype
2013-12-25 22:43 - 2013-12-24 20:36 - 00000936 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2013-12-25 22:43 - 2013-12-24 20:36 - 00000000 ____D C:\Program Files\Calibre2
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\Users\Leon\AppData\Local\Packages
2013-12-24 20:50 - 2013-12-24 20:50 - 00000000 ____D C:\ProgramData\f11f8d8eaf3da236
2013-12-24 20:49 - 2013-12-24 20:17 - 00000000 ____D C:\ProgramData\InstallMate
2013-12-24 20:38 - 2013-12-24 20:38 - 00000000 ____D C:\Users\Leon\AppData\Local\calibre-cache
2013-12-24 20:38 - 2013-12-24 20:37 - 00000000 ____D C:\Users\Leon\AppData\Roaming\calibre
2013-12-24 18:27 - 2013-12-24 18:27 - 00000000 ____D C:\Users\Leon\Documents\Logitech Gaming Software
2013-12-24 18:24 - 2013-12-24 18:24 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Leadertech
2013-12-24 18:24 - 2013-12-24 18:24 - 00000000 ____D C:\Users\Leon\AppData\Local\Logitech
2013-12-24 18:23 - 2013-12-24 18:22 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-12-24 18:22 - 2013-12-24 18:15 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Logitech
2013-12-24 18:22 - 2013-12-24 18:15 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Logishrd
2013-12-24 18:16 - 2013-12-24 18:15 - 00000000 ____D C:\ProgramData\LogiShrd
2013-12-24 18:15 - 2013-12-24 18:15 - 00000000 ____D C:\Program Files\Logitech
2013-12-24 18:15 - 2013-12-24 18:15 - 00000000 ____D C:\Program Files\Common Files\Logishrd
2013-12-24 13:38 - 2013-11-03 14:31 - 00000000 ____D C:\Program Files\CDBurnerXP
2013-12-24 13:38 - 2013-11-03 14:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-24 09:39 - 2013-12-24 09:39 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2013-12-24 09:33 - 2013-12-24 09:33 - 00003514 _____ C:\Windows\System32\Tasks\FileAdvisorCheck
2013-12-24 09:33 - 2013-12-24 09:33 - 00003512 _____ C:\Windows\System32\Tasks\FileAdvisorUpdate
2013-12-24 08:21 - 2013-12-23 22:53 - 00000000 ____D C:\Users\Leon\AppData\Roaming\xrecode2
2013-12-23 22:53 - 2013-12-23 22:53 - 00000000 ____D C:\Program Files (x86)\xrecode II
2013-12-23 18:02 - 2013-11-29 23:34 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-12-23 16:58 - 2013-11-03 13:17 - 00000000 ____D C:\Users\Leon
2013-12-22 22:03 - 2013-11-03 14:19 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Notepad++
2013-12-21 14:47 - 2013-12-21 14:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 23:27 - 2013-12-20 23:27 - 00000000 ____D C:\ProgramData\Sony
2013-12-20 23:27 - 2013-12-20 23:27 - 00000000 ____D C:\Program Files (x86)\Sony
2013-12-20 22:49 - 2013-11-03 14:18 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-20 22:49 - 2013-11-03 14:18 - 00000000 ____D C:\Program Files\WinRAR
2013-12-18 22:39 - 2013-12-18 22:39 - 00680624 ____N (ScreenTime Media) C:\Windows\SysWOW64\Fliqlo.scr
2013-12-18 22:39 - 2013-12-18 22:39 - 00680624 _____ (ScreenTime Media) C:\Windows\system32\Fliqlo.scr
2013-12-18 22:39 - 2013-12-18 22:39 - 00000000 ____D C:\Users\Leon\AppData\Local\Screentime
2013-12-18 22:39 - 2013-12-18 22:39 - 00000000 ____D C:\ProgramData\Screentime
2013-12-18 22:38 - 2013-12-18 22:38 - 144007134 _____ C:\Windows\DROPCLOCK.scr
2013-12-18 22:38 - 2013-12-18 22:38 - 00503380 _____ (SERIALGAMES Inc.) C:\Windows\DROPCLOCKUninst.exe
2013-12-18 22:38 - 2013-12-18 22:37 - 00000000 ____D C:\Program Files (x86)\NewFreeScreensavers
2013-12-17 20:21 - 2013-12-17 20:21 - 00000000 ____D C:\Users\Leon\Documents\Electronic Arts
2013-12-17 20:15 - 2013-12-17 20:15 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-17 20:15 - 2013-12-17 20:15 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-17 20:15 - 2013-11-03 15:01 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Adobe
2013-12-17 20:15 - 2013-11-03 14:23 - 00000000 ____D C:\ProgramData\Adobe
2013-12-17 20:15 - 2013-11-03 14:23 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-12-17 20:01 - 2013-11-06 23:49 - 00000000 ____D C:\Program Files\Adobe
2013-12-17 20:00 - 2013-11-06 23:47 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-12-17 19:53 - 2013-12-17 19:53 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-17 19:42 - 2013-12-17 19:42 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2013-12-16 18:32 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-16 14:12 - 2013-12-16 14:12 - 00000000 ____D C:\ProgramData\Steam
2013-12-16 03:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-16 02:34 - 2013-11-03 14:15 - 00000000 ____D C:\Users\Leon\AppData\Local\Google
2013-12-16 02:34 - 2013-11-03 14:15 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-16 02:11 - 2013-12-16 02:11 - 00000000 ____D C:\Users\Leon\AppData\Roaming\.marble
2013-12-16 01:50 - 2013-12-16 01:50 - 00000000 ____D C:\Users\Leon\AppData\Roaming\NASA

Some content of TEMP:
====================
C:\Users\Leon\AppData\Local\Temp\EAD200D.exe
C:\Users\Leon\AppData\Local\Temp\EAD41C0.exe
C:\Users\Leon\AppData\Local\Temp\EAD5E16.exe
C:\Users\Leon\AppData\Local\Temp\EADA12E.exe
C:\Users\Leon\AppData\Local\Temp\Quarantine.exe
C:\Users\Leon\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Leon\AppData\Local\Temp\sfareca00001.dll
C:\Users\Leon\AppData\Local\Temp\swt-win32-3349.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-11 02:15

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-01-2014 02
Ran by Leon at 2014-01-13 22:40:12
Running from C:\Users\Leon\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

µTorrent (HKCU Version: 3.3.2.30303 - BitTorrent Inc.)
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden
Adobe Bridge CC (64 Bit) (x32 Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (x32 Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (x32 Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe InDesign CC (x32 Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop CC (x32 Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated) Hidden
Akamai NetSession Interface (HKCU Version:  - Akamai Technologies, Inc)
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.60524.2309 - ATI Technologies Inc.) Hidden
Asmedia ASM106x SATA Host Controller Driver (x32 Version: 1.3.1.000 - Asmedia Technology)
ASRock App Charger v1.0.5 (Version:  - ASRock Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.10524 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (Version: 3.0.829.0 - ATI Technologies, Inc.)
Audacity 2.0.5 (x32 Version: 2.0.5 - Audacity Team)
avast! Free Antivirus (x32 Version: 9.0.2011 - Avast Software)
BlueStacks App Player (x32 Version: 0.7.18.921 - BlueStack Systems, Inc.)
BlueStacks Notification Center (x32 Version: 0.7.18.921 - BlueStack Systems, Inc.)
calibre 64bit (Version: 1.17.0 - Kovid Goyal)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.0524.2352.41027 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0524.2352.41027 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0524.2352.41027 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0524.2352.41027 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help English (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help French (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help German (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
ccc-utility64 (Version: 2011.0524.2352.41027 - ATI) Hidden
CCleaner (Version: 4.09 - Piriform)
CDBurnerXP (Version: 4.5.2.4291 - CDBurnerXP)
CDBurnerXP (x32 Version: 4.5.2.4478 - CDBurnerXP)
Corel Graphics - Windows Shell Extension (Version: 16.1.0.843 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.1.843 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.1.843 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - DE (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.1 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (Version: 16.1.0.843 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.1 - Corel Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (x32 Version: 4.48.1.0347 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (Version:  - Microsoft)
Die Sims™ 3 (x32 Version: 1.42.130 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (x32 Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (x32 Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Lebensfreude (x32 Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (x32 Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (x32 Version: 4.0.87 - Electronic Arts)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
DROPCLOCK Screensaver (x32 Version:  - )
EA Download Manager (x32 Version: 5.0.0.255 - Electronic Arts, Inc.)
File Type Advisor 1.4 (x32 Version:  - filetypeadvisor.com)
FileZilla Client 3.7.3 (x32 Version: 3.7.3 - Tim Kosse)
Fliqlo Screen Saver (x32 Version:  - )
FormatFactory 3.1.1 (x32 Version: 3.1.1 - Free Time)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube Download version 3.2.18.1128 (x32 Version: 3.2.18.1128 - DVDVideoSoft Ltd.)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
GIMP 2.8.6 (Version: 2.8.6 - The GIMP Team)
Google Chrome (x32 Version: 65.143.49253 - Google, Inc.)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (x32 Version: 1 - Microsoft Corporation)
HydraVision (x32 Version: 4.2.206.0 - ATI Technologies Inc.) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (x32 Version: 11.1.048 - Intel Corporation)
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.18.10.3257 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.0.0.1032 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.3.214 - Intel Corporation)
Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 45 (x32 Version: 1.7.0.450 - Oracle)
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
KMSpico 3.1 (Version: 3.1 - )
League of Legends (x32 Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.51 (Version: 8.51.5 - Logitech Inc.)
Logitech Solar App 1.10 (Version: 1.10.3 - Logitech)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) German (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 en-US) (x32 Version: 24.2.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NewFreeScreensaver nfsClockNightButterfly (x32 Version:  - )
NewFreeScreensaver nfsSchoolAutumn (x32 Version:  - )
Notepad++ (x32 Version: 6.5.2 - Notepad++ Team)
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (x32 Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Skype™ 6.10 (x32 Version: 6.10.104 - Skype Technologies S.A.)
Sony PC Companion 2.10.181 (x32 Version: 2.10.181 - Sony)
SpeedFan (remove only) (x32 Version:  - )
SPORE™ (x32 Version: 1.00.0000 - Electronic Arts)
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
SurF! aindd Keeeep (x32 Version: 4.0.0.1450 - surrf uand  keep) <==== ATTENTION
TeamViewer 8 (x32 Version: 8.0.22298 - TeamViewer)
TL-WN822N/TL-WN821N Driver (x32 Version: 1.0.0 - TP-LINK)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2850060) 64-Bit Edition (Version:  - Microsoft)
VIRTU MVP 2.1.110 (Version: 2.1.110 - Lucidlogix Technologies LTD)
Virtual Router v1.0 (x32 Version: 1.0 - Chris Pietschmann)
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
Wecker für Windows 6.5 (x32 Version: 6.5 - Christoph Bünger Software)
Winamp (x32 Version: 5.65  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (Version: 5.01.0 - win.rar GmbH)
xrecode II 1.0.0.209 (x32 Version:  - )
YoutubeAdblocker (x32 Version: 2.2.0.1828 - YoutubeAdblocker) <==== ATTENTION

==================== Restore Points  =========================

11-01-2014 19:16:49 Installed League of Legends
11-01-2014 19:25:28 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
11-01-2014 19:25:51 Installed League of Legends
11-01-2014 19:26:04 DirectX wurde installiert
12-01-2014 12:10:51 Windows Update
12-01-2014 12:13:40 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1A0198FC-F848-4998-8E15-97FA9FB577BA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {41E68387-C479-4AE1-B09B-52A974E40EC3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-28] (AVAST Software)
Task: {503DE7B9-FD17-4340-BC82-5523D776D358} - System32\Tasks\FileAdvisorCheck => C:\Program Files (x86)\File Type Advisor\file-type-advisor.exe [2013-09-04] (filetypeadvisor.com                                         )
Task: {7783C8A2-0399-4803-B9A2-24DFD68F4CF0} - System32\Tasks\FileAdvisorUpdate => C:\Program Files (x86)\File Type Advisor\fileadvisor.exe [2013-09-04] (File Type Advisor)
Task: {7DD4BF26-1930-40FB-B6F8-1A00A8933A31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-03] (Google Inc.)
Task: {7E195F64-C68B-472F-A551-A0F48E75BF25} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-03] (Google Inc.)
Task: {91FEC38F-5D99-4003-A261-C21B3277F302} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {A6F2A846-4447-4290-B091-576E6363A0D4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {C341AD07-E345-405B-9834-CD2267875E8B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {F829C907-D22A-4B2A-A901-C394863745CE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-13] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-16 18:02 - 2013-10-16 18:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-12-14 02:42 - 2012-12-14 02:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-01-13 18:23 - 2014-01-13 10:57 - 02153984 _____ () C:\Program Files\AVAST Software\Avast\defs\14011300\algo.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-11-03 15:01 - 2013-11-03 15:01 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Leon\AppData\Roaming\Dropbox\bin\libcef.dll
2013-11-23 10:39 - 2013-11-23 10:39 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\991a8d378a3e64b31c0f4770ba9ae071\IsdiInterop.ni.dll
2013-11-03 14:48 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-01-12 13:57 - 2014-01-13 22:21 - 00158720 _____ () C:\Users\Leon\AppData\Local\Temp\sfareca00001.dll
2013-11-04 17:16 - 2014-01-13 22:21 - 00192512 _____ () C:\Users\Leon\AppData\Local\Temp\sfamcc00001.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/13/2014 09:23:36 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/13/2014 09:01:52 PM) (Source: Application Hang) (User: )
Description: Programm HD-Frontend.exe, Version 0.7.18.921 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1a74

Startzeit: 01cf107d4fab0ca4

Endzeit: 32

Anwendungspfad: C:\Program Files (x86)\BlueStacks\HD-Frontend.exe

Berichts-ID: 89a44e4a-7c8d-11e3-a22a-bc5ff45cfc14

Error: (01/13/2014 06:53:18 AM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/12/2014 01:15:14 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version : 4.0.40305.0 - Fehler beim Initialisieren von .NET Framework.C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll konnte nicht geladen werden.

Error: (01/12/2014 01:06:17 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/11/2014 08:17:28 PM) (Source: MsiInstaller) (User: Leon-PC)
Description: Produkt: League of Legends -- Fehler 4153. Visual C++ 2005 SP1 Redistributable (x64) Eine erforderliche Abhängigkeit wurde nicht richtig installiert.

Error: (01/11/2014 00:19:20 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/11/2014 01:24:02 AM) (Source: Application Hang) (User: )
Description: Programm VirtualRouterClient.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: dcc

Startzeit: 01cf0e6359376b5b

Endzeit: 2

Anwendungspfad: C:\Program Files (x86)\Virtual Router\VirtualRouterClient.exe

Berichts-ID: a87f43e8-7a56-11e3-aeef-bc5ff45cfc14

Error: (01/11/2014 01:23:02 AM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/10/2014 05:22:07 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


System errors:
=============
Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (01/13/2014 10:40:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.


Microsoft Office Sessions:
=========================
Error: (01/13/2014 09:23:36 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/13/2014 09:01:52 PM) (Source: Application Hang)(User: )
Description: HD-Frontend.exe0.7.18.9211a7401cf107d4fab0ca432C:\Program Files (x86)\BlueStacks\HD-Frontend.exe89a44e4a-7c8d-11e3-a22a-bc5ff45cfc14

Error: (01/13/2014 06:53:18 AM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/12/2014 01:15:14 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version : 4.0.40305.0 - Fehler beim Initialisieren von .NET Framework.C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll konnte nicht geladen werden.

Error: (01/12/2014 01:06:17 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/11/2014 08:17:28 PM) (Source: MsiInstaller)(User: Leon-PC)
Description: Produkt: League of Legends -- Fehler 4153. Visual C++ 2005 SP1 Redistributable (x64) Eine erforderliche Abhängigkeit wurde nicht richtig installiert.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/11/2014 00:19:20 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/11/2014 01:24:02 AM) (Source: Application Hang)(User: )
Description: VirtualRouterClient.exe1.0.0.0dcc01cf0e6359376b5b2C:\Program Files (x86)\Virtual Router\VirtualRouterClient.exea87f43e8-7a56-11e3-aeef-bc5ff45cfc14

Error: (01/11/2014 01:23:02 AM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (01/10/2014 05:22:07 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


==================== Memory info =========================== 

Percentage of memory in use: 31%
Total physical RAM: 8087.06 MB
Available physical RAM: 5562.94 MB
Total Pagefile: 16172.3 MB
Available Pagefile: 13373.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:97.56 GB) (Free:19.5 GB) NTFS
Drive d: (Medien) (Fixed) (Total:368.1 GB) (Free:272.66 GB) NTFS
Drive f: (MY 1TB) (Fixed) (Total:931.51 GB) (Free:302.4 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 25866498)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=368 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

==================== End Of Log ============================
         
MfG
Leon

Alt 16.01.2014, 16:23   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Manche Wörter in Firefox grün und doppelt unterstrichen, virus? - Standard

Manche Wörter in Firefox grün und doppelt unterstrichen, virus?



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Program Files (x86)\SurF! aindd Keeeep
D:\$RECYCLE.BIN
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Fertig

Falls Du Lob oder Kritik loswerden möchtest kannst Du das hier tun


Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.01.2014, 20:07   #9
leon2225
 
Manche Wörter in Firefox grün und doppelt unterstrichen, virus? - Standard

Manche Wörter in Firefox grün und doppelt unterstrichen, virus?



Guten Abend,
ich hatte in den letzten Tage viel Schulisches zu tun und deshalb komme ich erst jetzt dazu:
HTML-Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-01-2014 01
Ran by Leon at 2014-01-16 19:21:00 Run:1
Running from C:\Users\Leon\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Program Files (x86)\SurF! aindd Keeeep
D:\$RECYCLE.BIN
         
*****************

C:\Program Files (x86)\SurF! aindd Keeeep => Moved successfully.
D:\$RECYCLE.BIN => Moved successfully.

==== End of Fixlog ====
Sie schreiben von fertig usw. aber weg ist der Virus noch nicht ....

MfG Leon Farchau

Alt 19.01.2014, 10:41   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Manche Wörter in Firefox grün und doppelt unterstrichen, virus? - Standard

Manche Wörter in Firefox grün und doppelt unterstrichen, virus?



Zitat:
Sie schreiben von fertig usw. aber weg ist der Virus noch nicht ....
muss er aber sein, denn meine Frage "noch Probleme" wurde ignoriert.......

Das nervt, lest doch einfach meine Posts bis zum Ende.....

Firefox deinstallieren, keine Daten behalten, neu installieren.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.01.2014, 14:46   #11
leon2225
 
Manche Wörter in Firefox grün und doppelt unterstrichen, virus? - Standard

Manche Wörter in Firefox grün und doppelt unterstrichen, virus?



Danke, das schien es gewesen zu sein, jetzt ist er endlich weg!
Ohne kleinkariert zu sein: ich bin auf die Frage eingegangen
Zitat:
Problem noch nicht behoben.
MfG
Leon

PS vielen Dank!

Alt 20.01.2014, 12:33   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Manche Wörter in Firefox grün und doppelt unterstrichen, virus? - Standard

Manche Wörter in Firefox grün und doppelt unterstrichen, virus?



ups überlesen . Sorry, aber im regelfall wird das immer ignoriert.

Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Manche Wörter in Firefox grün und doppelt unterstrichen, virus?
abend, adware.whenu, doppel, doppelt, einiger, firefox, guten, hilfe, neu, popups, pup.optional.multiplug.a, richtig, system, virus, virus?, win32/packed.vmprotect.aah, win64/adware.multiplug.a, wörter, wörter grün, öffnen




Ähnliche Themen: Manche Wörter in Firefox grün und doppelt unterstrichen, virus?


  1. Firefox, Wörter doppelt blau unterstrichen, Werbung an den Seiten und am unteren Bildschirmrand
    Log-Analyse und Auswertung - 05.08.2015 (19)
  2. Windows 8 und Firefox...Einzelne Wörter doppelt unterstrichen/Werbepopups/Werbelinks
    Plagegeister aller Art und deren Bekämpfung - 11.04.2015 (9)
  3. wörter grün und blau doppelt unterstrichen
    Log-Analyse und Auswertung - 19.11.2014 (8)
  4. Firefox, einzelne Wörter in blauer Schrift und doppelt unterstrichen, beim Hoovern erscheint ein Popup/Werbung
    Log-Analyse und Auswertung - 12.07.2014 (17)
  5. Windows 8.1, Firefox, Wörter doppelt blau unterstrichen, Werbung an den Seiten und am unteren Bildschirmrand
    Plagegeister aller Art und deren Bekämpfung - 06.06.2014 (12)
  6. Windows 8: Einzelne Wörter grün, doppelt unterstrichen und verlinkt mit Werbung etc.
    Plagegeister aller Art und deren Bekämpfung - 21.03.2014 (14)
  7. Firefox Werbung am Rand und doppelt grün unterstrichene Wörter
    Log-Analyse und Auswertung - 03.03.2014 (3)
  8. Wörter in texten grün unterlegt und doppelt unterstrichen
    Alles rund um Windows - 02.03.2014 (18)
  9. Firefox --> Einzelne Wörter doppelt unterstrichen, blau unterlegt. Popups öffnen sich beim Herüberfahren
    Plagegeister aller Art und deren Bekämpfung - 02.03.2014 (1)
  10. Wörter werden plötzlich zu links, sind grün und doppelt unterstrichen
    Plagegeister aller Art und deren Bekämpfung - 17.01.2014 (9)
  11. Windows 7 grün unterlegte Wörter doppelt unterstrichen.
    Log-Analyse und Auswertung - 15.01.2014 (3)
  12. mediaplayertotal doppelt-grün unterstrichen
    Log-Analyse und Auswertung - 06.01.2014 (23)
  13. Wörter erscheinen im Browser Grün und doppelt unterstrichen
    Log-Analyse und Auswertung - 30.12.2013 (9)
  14. Werbeblöcke; Popups von http://rvzr-a.akamaihd.net/; Wörter grün unterstrichen; ... Nerviges im Browser
    Plagegeister aller Art und deren Bekämpfung - 23.12.2013 (20)
  15. Windows 7, 64bit - Virus eingefangen; Seiten-interne Links sind grün und doppelt unterstrichen; Pop-ups gehen auf, etc.
    Plagegeister aller Art und deren Bekämpfung - 17.12.2013 (9)
  16. Habe einen Virus, der Wörter auf Internetseiten grün unterstrichen anzeigt
    Log-Analyse und Auswertung - 01.12.2013 (10)
  17. Links auf Websites - grün und doppelt unterstrichen - Werbung
    Alles rund um Windows - 29.07.2013 (1)

Zum Thema Manche Wörter in Firefox grün und doppelt unterstrichen, virus? - Guten Abend, Seit einiger Zeit(1Woche?) sind einige Wörter im Firefox doppelt unterstrichen, außerdem öffnen sich des öfteren popups. Ich hoffe, ich habe alles richtig gemacht bin nähmlich neu hier. Würde - Manche Wörter in Firefox grün und doppelt unterstrichen, virus?...
Archiv
Du betrachtest: Manche Wörter in Firefox grün und doppelt unterstrichen, virus? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.