Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7 - V-9.1HD - hartnäckiger kleiner Teufel

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 02.07.2014, 22:25   #1
Dolores91
 
Windows 7 - V-9.1HD - hartnäckiger kleiner Teufel - Standard

Windows 7 - V-9.1HD - hartnäckiger kleiner Teufel



Hallo ihr lieben Leute,

mein Vater hat mich heute gebeten, seinen PC genauer unter die Lupe zu nehmen, weil er so langsam ist.
Also hab ich den ganzen Müll entsorgt (alte Programme über Systemsteuerung deinstalliert und ccCleaner laufen lassen).

Danach ist mir das Programm V-9.1HD aufgefallen. Mein Vater wusste nicht wo es herkam und als ich es deinstallieren wollte, passierte erst gar nichts (bzw. er hing anscheinend im Deinstallationsprozess fest). Beim zweiten Versuch wurde ich von Windows gefragt ob das Programm richtig deinstalliert wurde oder ob ich mit den empfohlenen Einstellungen deinstallieren möchte ( die genaue Meldung weiß ich leider nicht mehr). Kein Erfolg.

Ausserdem ist mir aufgefallen, dass bei allen Browsern ausser Firefox die Meldung: "Verbindung zum Proxyserver konnte nicht hergestellt werden" erscheint.

Ich habe auch AdwCleaner und JRT rüberlaufen lassen, habe aber leider nur das JRT-Log noch da.

Hier die Logs:

JRT-Log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Bernhard Gramller on 02.07.2014 at 16:41:16,80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\systweak



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\Users\Bernhard Gramller\AppData\Roaming\systweak"



~~~ FireFox

Emptied folder: C:\Users\Bernhard Gramller\AppData\Roaming\mozilla\firefox\profiles\3gfog6q1.tarnfox\minidumps [191 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.07.2014 at 16:51:05,97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST-Log
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Bernhard Gramüller (administrator) on BERNHARD-PC on 02-07-2014 17:13:11
Running from C:\Users\Bernhard Gramüller\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Paragon GmbH) C:\Program Files (x86)\Paragon Software\Drive Backup 9 Professional\Net Burner Service\NetBurnerService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\snuvcdsm.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Paragon Software Group) C:\Program Files (x86)\Paragon Software\Backup and Recovery 10 Suite\program\dbhagent.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Paragon Software Group) C:\Program Files (x86)\Paragon Software\Backup and Recovery 10 Suite\program\dbhservice.exe
(SourceForge.net) C:\Program Files (x86)\Password Safe\pwsafe.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Bernhard Gramüller\Downloads\Defogger.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [PLFSetL] => C:\Windows\PLFSetL.exe [94208 2008-07-03] (sonix)
HKLM\...\Run: [SNUVCDSM] => C:\Windows\snuvcdsm.exe [30080 2011-01-13] ()
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4694192 2013-11-13] (VIA)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DBHAgent] => C:\Program Files (x86)\Paragon Software\Backup and Recovery 10 Suite\program\dbhagent.exe [68176 2010-10-12] (Paragon Software Group)
HKLM-x32\...\Run: [tsnp2uvc] => C:\Windows\tsnp2uvc.exe [241664 2008-10-21] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [AnyProtect Scanner] => "C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe"
HKLM-x32\...\Run: [AnyProtect Tray] => "C:\Program Files (x86)\AnyProtectEx\AnyProtectTrayIcon.exe"
HKU\S-1-5-21-2608190726-782522321-3869468944-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2608190726-782522321-3869468944-1001\...\MountPoints2: {353e3193-0d5b-11e0-ac30-806e6f6e6963} - D:\.\Bin\ASSETUP.exe
HKU\S-1-5-21-2608190726-782522321-3869468944-1001\...\MountPoints2: {e09bcb3a-103b-11e0-ad8d-806e6f6e6963} - F:\Autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ulead Photo Express SE Calendar Checker.lnk
ShortcutTarget: Ulead Photo Express SE Calendar Checker.lnk -> C:\Program Files (x86)\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe (Ulead Systems, Inc.)
Startup: C:\Users\Bernhard Gramüller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Password Safe.lnk
ShortcutTarget: Password Safe.lnk -> C:\Program Files (x86)\Password Safe\pwsafe.exe (SourceForge.net)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:14320;https=127.0.0.1:14320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7DF833D42FA1CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dsl-start.computerbild.de/
URLSearchHook: HKCU - (No Name) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - No File
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {5BC688AA-1B74-4359-B6BE-57EA14A5D139} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF %3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
SearchScopes: HKCU - {71C8EAC2-D350-461c-991D-14FE0C4A9943} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
SearchScopes: HKCU - {93BA1745-3927-465D-A2AE-2586A5DA3361} URL = hxxp://search.zonealarm.com/search?Source=Browser&oemCode=ZLN20122690853725-1001&toolbarId=base&affiliateId=1025&Lan=de&utid=32c129ab00000000000020cf307c7704&q={searchTerms}&r=949
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
Toolbar: HKLM - FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - No File
Toolbar: HKLM-x32 - FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - No File
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
Toolbar: HKCU - No Name - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - No File
DPF: HKLM-x32 {B07F54E6-0806-47DB-B5D8-398F240776F2} file:///F:/viewer/ORDcmViewCD.ocx
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Bernhard Gramüller\AppData\Roaming\Mozilla\Firefox\Profiles\3gfog6q1.tarnfox
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Amazon
FF Homepage: hxxp://www.gmx.de/
FF NetworkProxy: "http", "81.82.240.204"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nosltd.com/getPlus+(R),version=1.6.2.97 - C:\Program Files (x86)\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npzylomgamesplayer.dll (Zylom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
FF SearchPlugin: C:\Users\Bernhard Gramüller\AppData\Roaming\Mozilla\Firefox\Profiles\o4hytkcw.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Bernhard Gramüller\AppData\Roaming\Mozilla\Firefox\Profiles\o4hytkcw.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Bernhard Gramüller\AppData\Roaming\Mozilla\Firefox\Profiles\o4hytkcw.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Bernhard Gramüller\AppData\Roaming\Mozilla\Firefox\Profiles\o4hytkcw.default\searchplugins\webde-suche.xml
FF Extension: Click&amp;Clean - C:\Users\Bernhard Gramüller\AppData\Roaming\Mozilla\Firefox\Profiles\3gfog6q1.tarnfox\Extensions\clickclean@hotcleaner.com [2013-03-27]
FF Extension: FireShot - C:\Users\Bernhard Gramüller\AppData\Roaming\Mozilla\Firefox\Profiles\3gfog6q1.tarnfox\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2014-06-04]
FF Extension: Facebook Disconnect - C:\Users\Bernhard Gramüller\AppData\Roaming\Mozilla\Firefox\Profiles\3gfog6q1.tarnfox\Extensions\facebook@disconnect.me.xpi [2012-04-30]
FF Extension: Language Pack Install Helper - C:\Users\Bernhard Gramüller\AppData\Roaming\Mozilla\Firefox\Profiles\3gfog6q1.tarnfox\Extensions\jid0-3qAYz7se7F3gEIA63LjbuEaPEDk@jetpack.xpi [2013-01-25]
FF Extension: Deutsch (DE) Language Pack - C:\Users\Bernhard Gramüller\AppData\Roaming\Mozilla\Firefox\Profiles\3gfog6q1.tarnfox\Extensions\langpack-de@firefox.mozilla.org.xpi [2013-01-25]
FF Extension: Long URL Please - C:\Users\Bernhard Gramüller\AppData\Roaming\Mozilla\Firefox\Profiles\3gfog6q1.tarnfox\Extensions\longurlplease@darragh.curran.xpi [2012-04-30]
FF Extension: GMX MailCheck - C:\Users\Bernhard Gramüller\AppData\Roaming\Mozilla\Firefox\Profiles\3gfog6q1.tarnfox\Extensions\toolbar@gmx.net.xpi [2012-06-28]
FF Extension: PrivacyChoice TrackerBlock - C:\Users\Bernhard Gramüller\AppData\Roaming\Mozilla\Firefox\Profiles\3gfog6q1.tarnfox\Extensions\trackerblock@privacychoice.org.xpi [2012-04-30]
FF Extension: ScrapBook - C:\Users\Bernhard Gramüller\AppData\Roaming\Mozilla\Firefox\Profiles\3gfog6q1.tarnfox\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2013-11-17]
FF Extension: Adblock Plus - C:\Users\Bernhard Gramüller\AppData\Roaming\Mozilla\Firefox\Profiles\3gfog6q1.tarnfox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-04-30]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-06-10]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKCU\...\Firefox\Extensions: [{98CBA277-EF6B-960E-B128-C37E2DF39C4B}] - C:\Program Files (x86)\-BlockAndSurfS\174.xpi

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Bernhard Gramller\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (J3S cbasscfg Plugin) - C:\Users\Bernhard Gramller\AppData\Local\Google\Chrome\User Data\Default\Extensions\godhaonflehefmbmgmlpenkpagcplgoa\1.0.26_0\cbasscfg.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Microsoft Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Zylom Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\npzylomgamesplayer.dll (Zylom)
CHR Plugin: (getPlusPlus for Adobe 16297) - C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (npFFApi) - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll No File
CHR Extension: (AdBlock) - C:\Users\Bernhard Gramüller\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-29]
CHR Extension: (Google Wallet) - C:\Users\Bernhard Gramüller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-08]
CHR Extension: (No Name) - C:\Users\Bernhard Gramüller\AppData\Local\Google\Chrome\User Data\Default\Extensions\oondmcfakdncoipflaalkpedjfeggbal [2014-06-30]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [801872 2014-06-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-06-26] (Avira Operations GmbH & Co. KG)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.) [File not signed]
R3 Disk Utility Dienst; C:\Program Files (x86)\Paragon Software\Backup and Recovery 10 Suite\program\dbhservice.exe [150096 2010-10-12] (Paragon Software Group)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NetBurnerService; C:\Program Files (x86)\Paragon Software\Drive Backup 9 Professional\Net Burner Service\NetBurnerService.exe [223248 2008-06-28] (Paragon GmbH)
S3 nosGetPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll [58944 2010-11-29] (NOS Microsystems Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [581568 2014-03-27] (RealNetworks, Inc.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-11] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.)
R1 HBtnKey; C:\Windows\System32\DRIVERS\wstbtndb.sys [9856 2007-09-15] (Lenovo)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37456 2010-10-12] (Paragon Software Group)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 SaiH353E; C:\Windows\System32\DRIVERS\SaiH353E.sys [178560 2008-04-04] (Saitek)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2014-04-21] (Synaptics Incorporated)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1799552 2009-05-06] ()
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
S2 STEC3; C:\Windows\SysWOW64\STEC3.sys [2368 2011-10-01] (AntiCracking) [File not signed]
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [50768 2010-10-12] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [566864 2010-10-12] (Paragon)
U3 DfSdkS;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-02 17:13 - 2014-07-02 17:14 - 00022400 _____ () C:\Users\Bernhard Gramüller\Downloads\FRST.txt
2014-07-02 17:11 - 2014-07-02 17:13 - 00000000 ____D () C:\FRST
2014-07-02 17:10 - 2014-07-02 17:11 - 00000498 _____ () C:\Users\Bernhard Gramüller\Downloads\defogger_disable.log
2014-07-02 17:10 - 2014-07-02 17:10 - 00000000 __SHD () C:\Users\Bernhard Gramüller\AppData\Local\EmieUserList
2014-07-02 17:10 - 2014-07-02 17:10 - 00000000 __SHD () C:\Users\Bernhard Gramüller\AppData\Local\EmieSiteList
2014-07-02 17:10 - 2014-07-02 17:10 - 00000000 _____ () C:\Users\Bernhard Gramüller\defogger_reenable
2014-07-02 17:04 - 2014-07-02 17:07 - 02083840 _____ (Farbar) C:\Users\Bernhard Gramüller\Downloads\FRST64.exe
2014-07-02 17:04 - 2014-07-02 17:04 - 00380416 _____ () C:\Users\Bernhard Gramüller\Downloads\Gmer-19357.exe
2014-07-02 17:03 - 2014-07-02 17:03 - 00050477 _____ () C:\Users\Bernhard Gramüller\Downloads\Defogger.exe
2014-07-02 16:51 - 2014-07-02 16:51 - 00001107 _____ () C:\Users\Bernhard Gramüller\Desktop\JRT.txt
2014-07-02 16:38 - 2014-07-02 16:38 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\Systweak
2014-07-02 16:33 - 2014-07-02 16:37 - 00000000 ____D () C:\AdwCleaner
2014-07-02 16:32 - 2014-07-02 16:32 - 00448512 _____ (OldTimer Tools) C:\Users\Bernhard Gramüller\Downloads\TFC.exe
2014-07-02 16:31 - 2014-07-02 16:32 - 01346519 _____ () C:\Users\Bernhard Gramüller\Downloads\adwcleaner_3.214.exe
2014-07-02 16:18 - 2014-07-02 16:38 - 00003156 _____ () C:\Windows\System32\Tasks\AdvancedDriverUpdaterRunAtStartup
2014-07-02 16:09 - 2014-07-02 16:09 - 00003138 _____ () C:\Windows\System32\Tasks\{ACCF1D9D-1D3C-4456-8953-4DA6A8368BEC}
2014-07-01 19:18 - 2014-07-02 16:52 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-01 19:18 - 2014-07-01 19:18 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-01 19:18 - 2014-07-01 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-01 19:18 - 2014-07-01 19:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 19:18 - 2014-07-01 19:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-01 19:18 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-01 19:18 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-01 19:18 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-01 19:16 - 2014-07-01 19:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bernhard Gramüller\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 19:12 - 2014-07-02 01:19 - 00000000 ____D () C:\Program Files (x86)\V-9.1HD
2014-07-01 19:12 - 2014-07-01 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T4PC
2014-06-30 22:35 - 2014-06-30 22:35 - 00001332 _____ () C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk
2014-06-30 20:47 - 2014-06-30 20:47 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-06-30 20:44 - 2014-06-30 20:44 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Local\com
2014-06-30 15:34 - 2014-06-30 15:34 - 00623696 _____ (Click Me In Limited) C:\Users\Bernhard Gramüller\AppData\Local\nsw2A0.tmp
2014-06-30 15:33 - 2014-07-01 16:39 - 00000000 ____D () C:\Users\Bernhard Gramüller\Downloads\567Ftmp
2014-06-30 15:33 - 2014-07-01 16:39 - 00000000 ____D () C:\Users\Bernhard Gramüller\Downloads\561Ftmp
2014-06-30 15:33 - 2014-06-30 15:33 - 00000000 ____D () C:\Users\Bernhard Gramüller\Downloads\566Ftmp
2014-06-30 15:33 - 2014-06-30 15:33 - 00000000 ____D () C:\Users\Bernhard Gramüller\Downloads\564Etmp
2014-06-30 03:43 - 2014-07-02 16:38 - 00218792 _____ () C:\Windows\PFRO.log
2014-06-29 23:34 - 2014-06-29 23:35 - 00000000 ____D () C:\Program Files (x86)\Mystery Murders - Der Fluch des Dornroeschen
2014-06-29 23:34 - 2014-06-29 23:34 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Murders - Der Fluch des Dornroeschen
2014-06-29 23:34 - 2014-06-29 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystery Murders - Der Fluch des Dornroeschen
2014-06-29 23:17 - 2014-06-29 23:19 - 00000000 ____D () C:\Program Files (x86)\Nightmares from the Deep - Davy Jones Sammleredition
2014-06-29 23:17 - 2014-06-29 23:17 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nightmares from the Deep - Davy Jones Sammleredition
2014-06-29 23:17 - 2014-06-29 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nightmares from the Deep - Davy Jones Sammleredition
2014-06-28 04:21 - 2014-07-02 16:38 - 00001344 _____ () C:\Windows\setupact.log
2014-06-28 04:21 - 2014-06-28 04:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-27 18:11 - 2011-06-10 16:58 - 04450528 _____ () C:\PX-1262-PVR_S3.0.13_20110610.AP
2014-06-26 06:17 - 2014-06-26 06:18 - 00025492 _____ () C:\Users\Bernhard Gramüller\Documents\cc_20140626_061729.reg
2014-06-26 06:12 - 2014-07-01 16:29 - 00001426 _____ () C:\Users\Bernhard Gramüller\Desktop\Registry kostenlos entrümpeln!.lnk
2014-06-26 06:11 - 2014-06-26 06:11 - 04812672 _____ (Piriform Ltd) C:\Users\Bernhard Gramüller\Downloads\ccsetup415_CB-DL-Manager [1].exe
2014-06-26 06:09 - 2014-06-26 06:09 - 00788832 _____ ( ) C:\Users\Bernhard Gramüller\Downloads\ccsetup415_CB-DL-Manager.exe
2014-06-25 23:03 - 2014-06-26 00:07 - 688671688 _____ (INTENIUM GmbH) C:\Users\Bernhard Gramüller\Downloads\PortalOfEvilDieGestohlenenSiegel.exe
2014-06-25 23:03 - 2014-06-25 23:56 - 456397568 _____ (INTENIUM GmbH) C:\Users\Bernhard Gramüller\Downloads\AshleyClarkDasGeheimnisDesRubins.exe
2014-06-25 21:59 - 2014-06-25 21:59 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\Goblinz
2014-06-25 17:05 - 2014-04-23 10:25 - 00936664 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-06-25 17:05 - 2014-04-23 10:25 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-06-23 23:41 - 2014-06-23 23:43 - 00000000 ____D () C:\Program Files (x86)\Mystery Expedition - Gefangene im Eis
2014-06-23 23:41 - 2014-06-23 23:41 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Expedition - Gefangene im Eis
2014-06-23 23:41 - 2014-06-23 23:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystery Expedition - Gefangene im Eis
2014-06-19 23:04 - 2014-06-26 00:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DEUTSCHLAND SPIELT
2014-06-19 23:04 - 2014-06-19 23:04 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\RedHedgehog Games
2014-06-19 21:52 - 2014-06-19 22:58 - 779299552 _____ (INTENIUM GmbH) C:\Users\Bernhard Gramüller\Downloads\SpaceLegendsAmEndeDerGalaxis.exe
2014-06-19 21:52 - 2014-06-19 22:40 - 427196528 _____ (INTENIUM GmbH) C:\Users\Bernhard Gramüller\Downloads\PennyMacey.exe
2014-06-19 16:28 - 2014-04-21 20:28 - 00031472 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2014-06-19 12:52 - 2014-06-19 12:52 - 00961360 _____ (Chip Digital GmbH) C:\Users\Bernhard Gramüller\Downloads\Tor Browser Paket - CHIP-Installer.exe
2014-06-19 01:52 - 2014-06-19 01:52 - 00018210 _____ () C:\Users\Bernhard Gramüller\Downloads\Samsung PE51H4500 - Details - COMPUTER BILD.html
2014-06-16 17:58 - 2014-06-16 17:58 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Local\Adobe
2014-06-13 22:51 - 2014-06-13 22:51 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\Brave Giant
2014-06-13 19:14 - 2014-06-13 20:19 - 820411480 _____ (INTENIUM GmbH) C:\Users\Bernhard Gramüller\Downloads\DemonHunter.exe
2014-06-13 19:09 - 2014-06-13 19:09 - 00237568 _____ (Big Fish Games) C:\Users\Bernhard Gramüller\Downloads\dark-strokes-the-legend-of-snow-kingdom-ce_s2_l2_gF8767T1L2_d2318173332.exe
2014-06-11 18:58 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 18:58 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 18:58 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 18:58 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 18:58 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 18:58 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 18:58 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 18:58 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 18:58 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 18:58 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 18:58 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 18:58 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 18:58 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 18:58 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 18:58 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 18:58 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 18:58 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 18:58 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 18:58 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 18:58 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 18:58 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 18:58 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 18:58 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 18:58 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 18:58 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 18:58 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 18:58 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 18:58 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 18:58 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 18:58 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 18:58 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 18:58 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 18:58 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 18:58 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 18:58 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 18:58 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 18:58 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 18:58 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 18:58 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 18:58 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 18:58 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 18:58 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 18:58 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 18:58 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 18:58 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 18:58 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 18:58 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 18:58 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 18:58 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 18:58 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 18:58 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 18:58 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 18:58 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 18:58 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 18:58 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 18:58 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 18:58 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 18:58 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 18:58 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 18:58 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 18:58 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 18:58 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 18:58 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 18:58 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 18:53 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 18:53 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-10 20:35 - 2014-06-10 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-10 20:35 - 2014-06-10 20:35 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-10 20:35 - 2014-06-10 20:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-08 22:27 - 2014-06-08 22:27 - 00237568 _____ (Big Fish Games) C:\Users\Bernhard Gramüller\Downloads\lost-lands-dark-overlord_s2_l2_gF8260T1L2_d2316001377.exe
2014-06-04 00:47 - 2014-06-04 00:47 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\MysteryTag
2014-06-03 22:09 - 2014-06-03 22:29 - 268962664 _____ (INTENIUM GmbH) C:\Users\Bernhard Gramüller\Downloads\DreamHillsGestohleneMagie.exe

==================== One Month Modified Files and Folders =======

2014-07-02 17:14 - 2014-07-02 17:13 - 00022400 _____ () C:\Users\Bernhard Gramüller\Downloads\FRST.txt
2014-07-02 17:13 - 2014-07-02 17:11 - 00000000 ____D () C:\FRST
2014-07-02 17:11 - 2014-07-02 17:10 - 00000498 _____ () C:\Users\Bernhard Gramüller\Downloads\defogger_disable.log
2014-07-02 17:10 - 2014-07-02 17:10 - 00000000 __SHD () C:\Users\Bernhard Gramüller\AppData\Local\EmieUserList
2014-07-02 17:10 - 2014-07-02 17:10 - 00000000 __SHD () C:\Users\Bernhard Gramüller\AppData\Local\EmieSiteList
2014-07-02 17:10 - 2014-07-02 17:10 - 00000000 _____ () C:\Users\Bernhard Gramüller\defogger_reenable
2014-07-02 17:10 - 2010-12-21 18:36 - 00000000 ____D () C:\Users\Bernhard Gramüller
2014-07-02 17:07 - 2014-07-02 17:04 - 02083840 _____ (Farbar) C:\Users\Bernhard Gramüller\Downloads\FRST64.exe
2014-07-02 17:04 - 2014-07-02 17:04 - 00380416 _____ () C:\Users\Bernhard Gramüller\Downloads\Gmer-19357.exe
2014-07-02 17:03 - 2014-07-02 17:03 - 00050477 _____ () C:\Users\Bernhard Gramüller\Downloads\Defogger.exe
2014-07-02 17:02 - 2010-12-27 00:08 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\Skype
2014-07-02 16:52 - 2014-07-01 19:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 16:52 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-02 16:51 - 2014-07-02 16:51 - 00001107 _____ () C:\Users\Bernhard Gramüller\Desktop\JRT.txt
2014-07-02 16:47 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-02 16:47 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-02 16:43 - 2013-09-24 18:40 - 00003090 _____ () C:\Windows\System32\Tasks\AdvancedDriverUpdater_UPDATES
2014-07-02 16:43 - 2013-09-24 18:40 - 00000316 _____ () C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job
2014-07-02 16:43 - 2010-12-22 01:40 - 01535652 _____ () C:\Windows\WindowsUpdate.log
2014-07-02 16:40 - 2014-03-23 10:22 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Local\PasswordSafe
2014-07-02 16:38 - 2014-07-02 16:38 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\Systweak
2014-07-02 16:38 - 2014-07-02 16:18 - 00003156 _____ () C:\Windows\System32\Tasks\AdvancedDriverUpdaterRunAtStartup
2014-07-02 16:38 - 2014-06-30 03:43 - 00218792 _____ () C:\Windows\PFRO.log
2014-07-02 16:38 - 2014-06-28 04:21 - 00001344 _____ () C:\Windows\setupact.log
2014-07-02 16:38 - 2010-12-27 00:08 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-02 16:38 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-02 16:37 - 2014-07-02 16:33 - 00000000 ____D () C:\AdwCleaner
2014-07-02 16:36 - 2013-06-08 19:00 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\Common
2014-07-02 16:36 - 2012-09-27 22:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-02 16:32 - 2014-07-02 16:32 - 00448512 _____ (OldTimer Tools) C:\Users\Bernhard Gramüller\Downloads\TFC.exe
2014-07-02 16:32 - 2014-07-02 16:31 - 01346519 _____ () C:\Users\Bernhard Gramüller\Downloads\adwcleaner_3.214.exe
2014-07-02 16:18 - 2010-12-27 00:08 - 00001134 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-02 16:09 - 2014-07-02 16:09 - 00003138 _____ () C:\Windows\System32\Tasks\{ACCF1D9D-1D3C-4456-8953-4DA6A8368BEC}
2014-07-02 01:19 - 2014-07-01 19:12 - 00000000 ____D () C:\Program Files (x86)\V-9.1HD
2014-07-01 20:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Globalization
2014-07-01 19:18 - 2014-07-01 19:18 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-01 19:18 - 2014-07-01 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-01 19:18 - 2014-07-01 19:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 19:18 - 2014-07-01 19:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-01 19:17 - 2014-07-01 19:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bernhard Gramüller\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 19:15 - 2013-01-25 10:04 - 00000000 ____D () C:\Users\Bernhard Gramüller\Desktop\Systemprogramme
2014-07-01 19:12 - 2014-07-01 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T4PC
2014-07-01 19:09 - 2014-02-24 20:48 - 00000000 ____D () C:\Program Files (x86)\MailFinder
2014-07-01 16:39 - 2014-06-30 15:33 - 00000000 ____D () C:\Users\Bernhard Gramüller\Downloads\567Ftmp
2014-07-01 16:39 - 2014-06-30 15:33 - 00000000 ____D () C:\Users\Bernhard Gramüller\Downloads\561Ftmp
2014-07-01 16:29 - 2014-06-26 06:12 - 00001426 _____ () C:\Users\Bernhard Gramüller\Desktop\Registry kostenlos entrümpeln!.lnk
2014-07-01 00:06 - 2010-12-30 22:45 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-30 22:36 - 2012-02-29 22:41 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\EleFun Games
2014-06-30 22:35 - 2014-06-30 22:35 - 00001332 _____ () C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk
2014-06-30 22:04 - 2011-12-26 21:20 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\casualArts
2014-06-30 22:04 - 2011-12-26 21:20 - 00000000 ____D () C:\ProgramData\casualArts
2014-06-30 21:01 - 2012-06-08 20:53 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\4 Friends Games
2014-06-30 20:47 - 2014-06-30 20:47 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-06-30 20:47 - 2013-09-20 18:27 - 00048128 ___SH () C:\Users\Bernhard Gramüller\Documents\Thumbs.db
2014-06-30 20:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-30 20:44 - 2014-06-30 20:44 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Local\com
2014-06-30 15:34 - 2014-06-30 15:34 - 00623696 _____ (Click Me In Limited) C:\Users\Bernhard Gramüller\AppData\Local\nsw2A0.tmp
2014-06-30 15:33 - 2014-06-30 15:33 - 00000000 ____D () C:\Users\Bernhard Gramüller\Downloads\566Ftmp
2014-06-30 15:33 - 2014-06-30 15:33 - 00000000 ____D () C:\Users\Bernhard Gramüller\Downloads\564Etmp
2014-06-29 23:35 - 2014-06-29 23:34 - 00000000 ____D () C:\Program Files (x86)\Mystery Murders - Der Fluch des Dornroeschen
2014-06-29 23:34 - 2014-06-29 23:34 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Murders - Der Fluch des Dornroeschen
2014-06-29 23:34 - 2014-06-29 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystery Murders - Der Fluch des Dornroeschen
2014-06-29 23:19 - 2014-06-29 23:17 - 00000000 ____D () C:\Program Files (x86)\Nightmares from the Deep - Davy Jones Sammleredition
2014-06-29 23:17 - 2014-06-29 23:17 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nightmares from the Deep - Davy Jones Sammleredition
2014-06-29 23:17 - 2014-06-29 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nightmares from the Deep - Davy Jones Sammleredition
2014-06-29 22:39 - 2012-11-10 21:24 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\DominiGames
2014-06-29 21:38 - 2011-05-22 21:13 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\Elephant Games
2014-06-28 04:21 - 2014-06-28 04:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-27 18:06 - 2013-02-23 12:18 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Local\Nero
2014-06-27 17:27 - 2014-03-02 07:44 - 00000436 _____ () C:\Windows\Tasks\One-Click Optimizer.job
2014-06-26 11:40 - 2013-05-31 12:56 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-26 06:18 - 2014-06-26 06:17 - 00025492 _____ () C:\Users\Bernhard Gramüller\Documents\cc_20140626_061729.reg
2014-06-26 06:12 - 2014-01-26 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-26 06:12 - 2014-01-26 15:34 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-26 06:11 - 2014-06-26 06:11 - 04812672 _____ (Piriform Ltd) C:\Users\Bernhard Gramüller\Downloads\ccsetup415_CB-DL-Manager [1].exe
2014-06-26 06:09 - 2014-06-26 06:09 - 00788832 _____ ( ) C:\Users\Bernhard Gramüller\Downloads\ccsetup415_CB-DL-Manager.exe
2014-06-26 00:43 - 2014-06-19 23:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DEUTSCHLAND SPIELT
2014-06-26 00:43 - 2013-02-06 21:44 - 00001131 _____ () C:\Users\Public\Desktop\GAME CENTER.lnk
2014-06-26 00:41 - 2011-01-10 23:31 - 00000000 ____D () C:\Program Files (x86)\DEUTSCHLAND SPIELT
2014-06-26 00:07 - 2014-06-25 23:03 - 688671688 _____ (INTENIUM GmbH) C:\Users\Bernhard Gramüller\Downloads\PortalOfEvilDieGestohlenenSiegel.exe
2014-06-25 23:56 - 2014-06-25 23:03 - 456397568 _____ (INTENIUM GmbH) C:\Users\Bernhard Gramüller\Downloads\AshleyClarkDasGeheimnisDesRubins.exe
2014-06-25 21:59 - 2014-06-25 21:59 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\Goblinz
2014-06-25 17:07 - 2013-11-03 19:06 - 00000000 ____D () C:\temp
2014-06-25 17:05 - 2014-05-13 17:11 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-06-24 18:10 - 2011-01-11 10:39 - 00000000 ____D () C:\Users\Bernhard Gramüller\Desktop\Spiele
2014-06-23 23:43 - 2014-06-23 23:41 - 00000000 ____D () C:\Program Files (x86)\Mystery Expedition - Gefangene im Eis
2014-06-23 23:41 - 2014-06-23 23:41 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Expedition - Gefangene im Eis
2014-06-23 23:41 - 2014-06-23 23:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystery Expedition - Gefangene im Eis
2014-06-20 16:13 - 2010-12-27 00:08 - 00004130 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 16:13 - 2010-12-27 00:08 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 00:07 - 2012-05-28 22:18 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\Fuzzy Bug Interactive
2014-06-19 23:04 - 2014-06-19 23:04 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\RedHedgehog Games
2014-06-19 22:58 - 2014-06-19 21:52 - 779299552 _____ (INTENIUM GmbH) C:\Users\Bernhard Gramüller\Downloads\SpaceLegendsAmEndeDerGalaxis.exe
2014-06-19 22:40 - 2014-06-19 21:52 - 427196528 _____ (INTENIUM GmbH) C:\Users\Bernhard Gramüller\Downloads\PennyMacey.exe
2014-06-19 22:10 - 2013-01-11 22:07 - 00000000 ____D () C:\ProgramData\Meridian93
2014-06-19 21:53 - 2011-10-17 21:27 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\Meridian93
2014-06-19 16:45 - 2014-04-29 10:29 - 00016552 _____ () C:\Users\Bernhard Gramüller\Documents\Eula0407DEU.tx_
2014-06-19 12:52 - 2014-06-19 12:52 - 00961360 _____ (Chip Digital GmbH) C:\Users\Bernhard Gramüller\Downloads\Tor Browser Paket - CHIP-Installer.exe
2014-06-19 01:52 - 2014-06-19 01:52 - 00018210 _____ () C:\Users\Bernhard Gramüller\Downloads\Samsung PE51H4500 - Details - COMPUTER BILD.html
2014-06-16 22:28 - 2012-11-28 22:44 - 00000000 ____D () C:\Users\Bernhard Gramüller\Desktop\Geschäft - Designs
2014-06-16 17:58 - 2014-06-16 17:58 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Local\Adobe
2014-06-15 22:24 - 2011-03-20 22:09 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\ERS Game Studios
2014-06-14 00:06 - 2013-12-15 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com
2014-06-14 00:06 - 2013-12-15 13:17 - 00000000 ____D () C:\Program Files (x86)\MyPlayCity.com
2014-06-13 22:51 - 2014-06-13 22:51 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\Brave Giant
2014-06-13 20:19 - 2014-06-13 19:14 - 820411480 _____ (INTENIUM GmbH) C:\Users\Bernhard Gramüller\Downloads\DemonHunter.exe
2014-06-13 19:15 - 2012-03-02 23:12 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\BlamGames
2014-06-13 19:09 - 2014-06-13 19:09 - 00237568 _____ (Big Fish Games) C:\Users\Bernhard Gramüller\Downloads\dark-strokes-the-legend-of-snow-kingdom-ce_s2_l2_gF8767T1L2_d2318173332.exe
2014-06-12 18:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 02:51 - 2012-09-27 22:19 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 02:51 - 2012-04-03 20:20 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-12 02:51 - 2011-05-16 15:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-12 00:07 - 2013-08-16 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 00:05 - 2010-12-25 18:16 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 00:03 - 2014-04-30 23:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 22:02 - 2012-06-01 20:58 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\Eipix
2014-06-11 18:42 - 2012-04-26 16:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-10 20:35 - 2014-06-10 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-10 20:35 - 2014-06-10 20:35 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-10 20:35 - 2014-06-10 20:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-10 20:35 - 2014-05-13 19:31 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-08 22:27 - 2014-06-08 22:27 - 00237568 _____ (Big Fish Games) C:\Users\Bernhard Gramüller\Downloads\lost-lands-dark-overlord_s2_l2_gF8260T1L2_d2316001377.exe
2014-06-08 21:10 - 2009-07-14 19:58 - 00713974 _____ () C:\Windows\system32\perfh007.dat
2014-06-08 21:10 - 2009-07-14 19:58 - 00154090 _____ () C:\Windows\system32\perfc007.dat
2014-06-08 21:10 - 2009-07-14 07:13 - 01648728 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-08 11:13 - 2014-06-11 18:53 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-11 18:53 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 16:03 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-04 00:47 - 2014-06-04 00:47 - 00000000 ____D () C:\Users\Bernhard Gramüller\AppData\Roaming\MysteryTag
2014-06-03 22:29 - 2014-06-03 22:09 - 268962664 _____ (INTENIUM GmbH) C:\Users\Bernhard Gramüller\Downloads\DreamHillsGestohleneMagie.exe

Some content of TEMP:
====================
C:\Users\Bernhard Gramüller\AppData\Local\Temp\avgnt.exe
C:\Users\Bernhard Gramüller\AppData\Local\Temp\BackupSetup.exe
C:\Users\Bernhard Gramüller\AppData\Local\Temp\optprosetup.exe
C:\Users\Bernhard Gramüller\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 00:36

==================== End Of Log ============================

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by Bernhard Gramüller at 2014-07-02 17:14:46
Running from C:\Users\Bernhard Gramüller\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

123 Free Solitaire v10.0 (HKLM-x32\...\123 Free Solitaire_is1) (Version: - TreeCardGames)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABC Amber Audio Converter (HKLM-x32\...\ABC Amber Audio Converter) (Version: - )
Adobe Download Manager (HKLM-x32\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.97 - NOS Microsystems Ltd.)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Advanced Driver Updater (HKLM-x32\...\Advanced Driver Updater_is1) (Version: 2.1.1086.15131 - Systweak Inc)
Ahnenforschung mit RS-AHNEN (HKLM-x32\...\Ahnenforschung mit RS-AHNEN) (Version: - )
Alamandi (HKLM-x32\...\Alamandi) (Version: 1.0.0.0 - INTENIUM GmbH)
Alchemy (HKLM-x32\...\3931d36f18c4a2615f822e5e84d9c737) (Version: - Zylom)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.22.2217.13862 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{838DA1F1-23F8-4C70-B190-AC51CB5A5ECD}) (Version: 3.1.45.72435 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.22.2217.13862 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver (x32 Version: 3.1.45.72435 - Alcor Micro Corp.) Hidden
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version: - )
Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Ashampoo Photo Commander 8 v.8.4.0 (HKLM-x32\...\Ashampoo Photo Commander 8_is1) (Version: 8.4.0 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 10 v.10.3.0 (HKLM-x32\...\{4209F371-88D4-AB00-ED2B-D6520C84D9D5}_is1) (Version: 10.03.00 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 2013 v.1.0.0 (HKLM-x32\...\{4209F371-7B85-60AD-E5CE-E4409D39E3DE}_is1) (Version: 1.00.00 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 8 v.8.13 (HKLM-x32\...\Ashampoo WinOptimizer 8_is1) (Version: 8.1.3 - Ashampoo GmbH & Co. KG)
Ashley Clark: Das Geheimnis des Rubins (HKLM-x32\...\Ashley Clark: Das Geheimnis des Rubins) (Version: 2.0.0.0 - INTENIUM GmbH)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
Autumn's Treasures - The Jade Coin (HKLM-x32\...\Autumn's Treasures - The Jade Coin_is1) (Version: 1.0 - MyPlayCity, Inc.)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bubble Chains 0.1.1 (HKLM-x32\...\Bubble_0) (Version: 0.1.1 - XlabSoft)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
COMPUTERBILD Datei-Reparierer (HKLM-x32\...\{113EBE84-73FA-4C44-8C4D-CAAA3AEE960C}) (Version: 1.0.0 - J3S)
COMPUTERBILD Datei-Reparierer (x32 Version: 1.0.0 - J3S) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
Demon Hunter: Chroniken des Übernatürlichen (HKLM-x32\...\Demon Hunter: Chroniken des Übernatürlichen) (Version: 2.0.0.0 - INTENIUM GmbH)
Der große Brain-Trainer (HKLM-x32\...\Der große Brain-Trainer) (Version: 1.0.0.0 - INTENIUM GmbH)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 2.3.1.37 - INTENIUM GmbH)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
EPU-6 Engine (HKLM-x32\...\{56B83336-FBC1-4C46-8613-90A9E3B440D6}) (Version: 1.03.02 - )
Fallen Shadows - Schatten der Kindheit (HKLM-x32\...\{AE2893E9-145A-41AC-85C6-ED046B13572E}) (Version: 1.0.0 - Happy Muffin Top)
Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
Flugsimulator (HKLM-x32\...\Flugsimulator_is1) (Version: - )
FreeLanguageTranslator2 (HKLM-x32\...\{8AA462CC-7F29-4F51-9D7F-68ED38658E92}) (Version: 2.02 - Decebal Mihailescu)
Gehirnjogging (HKLM-x32\...\Gehirnjogging) (Version: 1.0.0.0 - INTENIUM GmbH)
Gekko Mahjongg (Oster-Edition) (HKLM-x32\...\Gekko Mahjongg (Oster-Edition)) (Version: - )
Google Chrome (HKLM-x32\...\{6438EBAC-5305-39A5-A93E-88CDFA6CE947}) (Version: 65.61.49249 - Google, Inc.)
Google Earth (HKLM-x32\...\{C768790F-04FB-11E0-9B2C-001AA037B01E}) (Version: 6.0.1.2032 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Helicopter Simulation (HKLM-x32\...\Helicopter Simulation_is1) (Version: - )
Hidden Object Crosswords (HKLM-x32\...\Hidden Object Crosswords) (Version: 1.0.0.0 - INTENIUM GmbH)
Insel der Feen - Fairy Island (HKLM-x32\...\Insel der Feen - Fairy Island) (Version: 1.0.0.0 - INTENIUM GmbH)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Jet Simulator (HKLM-x32\...\Jet Simulator_is1) (Version: - )
Mail Undelete Recovery Toolbox Free 1.1 (HKLM-x32\...\Mail Undelete Recovery Toolbox Free_is1) (Version: - Recovery Toolbox)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Moorhuhn Total (HKLM-x32\...\{26BD3ED8-4879-400F-8DB0-28E0D0AD98BC}) (Version: - )
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MwSt. 2012 V8.1.0.4 (HKLM-x32\...\{120D0878-5C88-40A6-9991-DED7C8C88922}_is1) (Version: 8.1.0.4 - SVO-Webdesign GbR)
Mystery Expedition: Gefangene im Eis (HKLM-x32\...\BFG-Mystery Expedition - Gefangene im Eis) (Version: - )
Mystery Murders: Der Fluch des Dornröschen (HKLM-x32\...\BFG-Mystery Murders - Der Fluch des Dornroeschen) (Version: - )
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.17700 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (x32 Version: 12.0.9000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.18900 - Nero AG) Hidden
Nero Kwik Media (HKLM-x32\...\{C88F0D8E-3F3E-4E90-B8AA-EA24FACCFF3C}) (Version: 12.0.02200 - Nero AG)
Nero Kwik Media (x32 Version: 1.18.19600 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.13600.45.0 - Nero AG) Hidden
Nightmares from the Deep: Davy Jones Sammleredition (HKLM-x32\...\BFG-Nightmares from the Deep - Davy Jones Sammleredition) (Version: - )
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OfficeRecovery 2010 Essential 10.0.38278.1 (HKLM-x32\...\{224A804F-ABB4-4938-96EA-EC65BB699933}) (Version: 10.0.38278.1 - Recoveronix)
Online Games Manager v1.30 (HKLM-x32\...\Online Games Manager) (Version: 1.30.14 - Real Networks, Inc.)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Opera Stable 21.0.1432.67 (HKLM-x32\...\Opera 21.0.1432.67) (Version: 21.0.1432.67 - Opera Software ASA)
Paragon Backup & Recovery™ 10 Suite (HKLM-x32\...\{1E1DFF42-2EE8-4852-A7AB-C5174321D68F}) (Version: 90.00.0003 - Paragon Software)
Paragon Drive Backup™ 9 Professional (HKLM\...\{485DF5E7-8379-4BFA-BAE1-9B8DBFE0D6B4}) (Version: 1.00.0000 - Paragon Software)
Password Safe (HKLM-x32\...\Password Safe) (Version: - )
Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
Portal of Evil: Die gestohlenen Siegel (HKLM-x32\...\Portal of Evil: Die gestohlenen Siegel) (Version: 2.0.0.0 - INTENIUM GmbH)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.85.423.2014 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Relikte des Schicksals: Ein Krimi mit Penny Macey (HKLM-x32\...\Relikte des Schicksals: Ein Krimi mit Penny Macey) (Version: 2.0.0.0 - INTENIUM GmbH)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version: - Roadkil.Net)
RokQ 2.0 free edition 2.0 (HKLM-x32\...\RokQ 2.0 free edition) (Version: 2.0 - Christian Dietz)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.2.80601 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (x32 Version: 3.0.0.80601 - Samsung Electronics Co., Ltd.) Hidden
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.4.11328 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Space Legends: Am Ende der Galaxis (HKLM-x32\...\Space Legends: Am Ende der Galaxis) (Version: 2.0.0.0 - INTENIUM GmbH)
Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform)
Systweak PhotoStudio 2.1 (HKLM-x32\...\PhotoStudio_4281508C_4DA1_4d4e_81EB_725D55EC30DC_is1) (Version: 2.1.2954.85 - Systweak Inc.)
The Dream Voyagers: Die Traumheiler (HKLM-x32\...\The Dream Voyagers: Die Traumheiler) (Version: 2.0.0.0 - INTENIUM GmbH)
Ulead Photo Express 3.0 SE (HKLM-x32\...\Ulead Photo Express 3.0 SE) (Version: - )
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
USB Video Device (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.48200.117 - Sonix)
V-9.1HD (HKLM-x32\...\V-9.1HD) (Version: 1.34.6.10 - V-9.1HD)
VC 9.0 Runtime (x32 Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Windows Double Explorer 0.4 (HKLM-x32\...\Windows Double Explorer) (Version: 0.4 - )
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World Riddles: Seven Wonders (HKLM-x32\...\World Riddles: Seven Wonders) (Version: 1.0.0.0 - INTENIUM GmbH)
XMedia Recode 3.0.5.6 (HKLM-x32\...\XMedia Recode) (Version: 3.0.5.6 - Sebastian Dörfler)
Zylom Games Player Plugin (HKLM-x32\...\Zylom Games Player Plugin) (Version: - Zylom Games)

==================== Restore Points =========================

25-06-2014 15:03:50 Advanced Driver Updater
25-06-2014 15:05:19 Installiert Realtek Ethernet Controller Driver
01-07-2014 14:38:56 Advanced System Protector

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {008AF0C9-75E6-47B1-949B-94758314027F} - System32\Tasks\{418B3633-7C4B-4299-8DF0-0D75B2A4D62C} => C:\Users\Bernhard Gramüller\Desktop\CHESS.EXE
Task: {0A22EF9D-6004-4DA2-B086-2D6F3028B4D5} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {0B0D402E-150D-4915-89F0-A0C23F22C593} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-27] (Google Inc.)
Task: {0E9615C9-927C-4DE7-A9BC-A4544DA89F83} - \Advanced System Protector_startup No Task File <==== ATTENTION
Task: {10E2F2FF-956F-4237-B7C3-1609D4196110} - System32\Tasks\{F2D49516-E821-4911-B30E-0B9424763CBC} => F:\SETUP.EXE
Task: {12DA7EC2-B4C3-4D30-BB99-6B9C65D0476A} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {2EED9C1D-4DAD-4C6D-9157-78C4B8A850A1} - System32\Tasks\{B47A53DD-D772-46C8-B5C0-1AB4BC22537C} => C:\Users\Bernhard Gramüller\Desktop\CHESS.EXE
Task: {38225E53-619E-4034-8788-7DA91FA14696} - System32\Tasks\{60234162-1291-4C27-BF5E-A51778B4D1F6} => F:\INSTALL.EXE
Task: {3E218D0C-24F3-4D75-A516-44F5D78C35B5} - System32\Tasks\AdvancedDriverUpdaterRunAtStartup => C:\Program Files (x86)\Advanced Driver Updater\adu.exe [2013-03-08] (Systweak Inc)
Task: {4F8E97E0-86F8-4E09-9DDE-CE60265F6D96} - System32\Tasks\{BCA69864-17A7-4A0E-BD61-8880E0858B77} => E:\alice.exe
Task: {579C38CF-7A4D-4291-AE21-903E424FEA9C} - System32\Tasks\{A8F48BA2-BE0C-4311-A791-E10A67E50BBA} => F:\INSTALL.EXE
Task: {58049BF5-04FA-4A93-8464-34FB4E6225AE} - \RegClean Pro No Task File <==== ATTENTION
Task: {58F1B47E-724A-4AF0-A1E2-93421E1DA269} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {5F9090D6-6A7D-45A2-AE34-3C61F9C83D5B} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {8532683C-7F66-4A95-B184-B9904BCC6102} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2009-11-27] (ASUSTeK Computer Inc.)
Task: {A3DA37A8-8851-4F49-8944-E43A7905E21A} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: {A5539412-7596-4A92-B1D4-F2CDC7A83866} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-27] (Google Inc.)
Task: {B0F59500-53F5-48B9-92E6-E557A748488A} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {C5D4D482-3E6C-4553-9708-780E2DB93693} - System32\Tasks\{B7BA03F0-0AD3-48DD-BE2F-A25E359EDE91} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {C9607864-96DE-41F1-A405-E2AA80FE7D7A} - System32\Tasks\{3D262738-70EF-4E84-B817-7351032941CC} => C:\Program Files (x86)\VideoLAN\VLC\vlc.exe [2013-07-31] (VideoLAN)
Task: {CFBAF138-2ACA-4EB6-9B1B-8CCC17284C24} - System32\Tasks\One-Click Optimizer => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe [2013-11-19] (Ashampoo Development GmbH & Co. KG)
Task: {E27572A6-C3A1-44DB-AD1D-679A4AE8EAB8} - System32\Tasks\AdvancedDriverUpdater_UPDATES => C:\Program Files (x86)\Advanced Driver Updater\adu.exe [2013-03-08] (Systweak Inc)
Task: {E32E3DDE-AC4E-4EC1-8471-E88DA11F89D6} - System32\Tasks\{FCBDAEA3-26B6-415C-8350-997CC867ADB3} => C:\Users\Bernhard Gramüller\Desktop\CHESS.EXE
Task: {E58CE081-6679-4422-99C6-4D75075097FD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)
Task: {EB68703E-CEBB-49D1-BC84-48899AA395D9} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {EF5A9C64-8F81-4635-8706-C1DD89888103} - System32\Tasks\{E945DE2C-C5CB-43A4-BBE1-FD5232FF0067} => C:\Zylom Games\Dreamscapes - The Sandman Premium Edition\Dreamscapes_TheSandman_CE.exe
Task: {FF9F5342-40C7-4A87-B3C7-E11A1F0B07EF} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job => C:\Program Files (x86)\Advanced Driver Updater\adu.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\One-Click Optimizer.job => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe

==================== Loaded Modules (whitelisted) =============

2012-11-19 00:48 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-01-13 11:04 - 2011-01-13 11:04 - 00030080 _____ () C:\Windows\snuvcdsm.exe
2014-01-31 07:00 - 2012-11-14 09:22 - 00078456 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2014-01-31 07:00 - 2012-11-14 09:22 - 00386168 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-07-02 17:03 - 2014-07-02 17:03 - 00050477 _____ () C:\Users\Bernhard Gramüller\Downloads\Defogger.exe
2010-12-21 19:16 - 2009-04-22 21:20 - 00179712 _____ () C:\Program Files (x86)\ASUS\EPU-6 Engine\ASUSSERVICE.DLL
2010-12-21 19:16 - 2009-08-27 20:41 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-6 Engine\pngio.dll
2012-04-29 17:59 - 1999-09-06 16:33 - 00032768 _____ () C:\Program Files (x86)\Ulead Systems\Ulead Photo Express 3.0 SE\u32sn.dll
2014-06-10 20:35 - 2014-06-10 20:35 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:008FE370
AlternateDataStreams: C:\ProgramData\TEMP:00D99749
AlternateDataStreams: C:\ProgramData\TEMP:00F3978A
AlternateDataStreams: C:\ProgramData\TEMP:012BC84F
AlternateDataStreams: C:\ProgramData\TEMP:0168CC60
AlternateDataStreams: C:\ProgramData\TEMP:0205B36B
AlternateDataStreams: C:\ProgramData\TEMP:021703B2
AlternateDataStreams: C:\ProgramData\TEMP:02172F27
AlternateDataStreams: C:\ProgramData\TEMP:025DF3DE
AlternateDataStreams: C:\ProgramData\TEMP:02CC0035
AlternateDataStreams: C:\ProgramData\TEMP:036AA5DD
AlternateDataStreams: C:\ProgramData\TEMP:041C0562
AlternateDataStreams: C:\ProgramData\TEMP:0452501D
AlternateDataStreams: C:\ProgramData\TEMP:0474F714
AlternateDataStreams: C:\ProgramData\TEMP:04A18F36
AlternateDataStreams: C:\ProgramData\TEMP:04B1A0AC
AlternateDataStreams: C:\ProgramData\TEMP:04BC9A2C
AlternateDataStreams: C:\ProgramData\TEMP:04EAB86F
AlternateDataStreams: C:\ProgramData\TEMP:06CC3FD3
AlternateDataStreams: C:\ProgramData\TEMP:076F9EF8
AlternateDataStreams: C:\ProgramData\TEMP:0778CBF2
AlternateDataStreams: C:\ProgramData\TEMP:084612C9
AlternateDataStreams: C:\ProgramData\TEMP:08767DE0
AlternateDataStreams: C:\ProgramData\TEMP:092BD83A
AlternateDataStreams: C:\ProgramData\TEMP:09629F6E
AlternateDataStreams: C:\ProgramData\TEMP:097C4B7D
AlternateDataStreams: C:\ProgramData\TEMP:099BA123
AlternateDataStreams: C:\ProgramData\TEMP:09AEED56
AlternateDataStreams: C:\ProgramData\TEMP:0A701F26
AlternateDataStreams: C:\ProgramData\TEMP:0AC0213C
AlternateDataStreams: C:\ProgramData\TEMP:0AC32449
AlternateDataStreams: C:\ProgramData\TEMP:0ADCCF52
AlternateDataStreams: C:\ProgramData\TEMP:0B278A1A
AlternateDataStreams: C:\ProgramData\TEMP:0B79AB8D
AlternateDataStreams: C:\ProgramData\TEMP:0B9DC6BB
AlternateDataStreams: C:\ProgramData\TEMP:0BCD47A5
AlternateDataStreams: C:\ProgramData\TEMP:0C1258F3
AlternateDataStreams: C:\ProgramData\TEMP:0C2A17F2
AlternateDataStreams: C:\ProgramData\TEMP:0C9E06A2
AlternateDataStreams: C:\ProgramData\TEMP:0D060666
AlternateDataStreams: C:\ProgramData\TEMP:0D797314
AlternateDataStreams: C:\ProgramData\TEMP:0DE066A7
AlternateDataStreams: C:\ProgramData\TEMP:0E10B960
AlternateDataStreams: C:\ProgramData\TEMP:0F64164E
AlternateDataStreams: C:\ProgramData\TEMP:0FA1EAA7
AlternateDataStreams: C:\ProgramData\TEMP:0FAE191E
AlternateDataStreams: C:\ProgramData\TEMP:0FD8569B
AlternateDataStreams: C:\ProgramData\TEMP:0FE0A03C
AlternateDataStreams: C:\ProgramData\TEMP:104A1C3E
AlternateDataStreams: C:\ProgramData\TEMP:109734F6
AlternateDataStreams: C:\ProgramData\TEMP:10CB85CA
AlternateDataStreams: C:\ProgramData\TEMP:10DB9BB7
AlternateDataStreams: C:\ProgramData\TEMP:11590865
AlternateDataStreams: C:\ProgramData\TEMP:115EA582
AlternateDataStreams: C:\ProgramData\TEMP:120B3AFD
AlternateDataStreams: C:\ProgramData\TEMP:120E44A4
AlternateDataStreams: C:\ProgramData\TEMP:12258D63
AlternateDataStreams: C:\ProgramData\TEMP:12383CAE
AlternateDataStreams: C:\ProgramData\TEMP:128B55C8
AlternateDataStreams: C:\ProgramData\TEMP:12D21A9A
AlternateDataStreams: C:\ProgramData\TEMP:13019F4B
AlternateDataStreams: C:\ProgramData\TEMP:1322DDBD
AlternateDataStreams: C:\ProgramData\TEMP:1416AAA6
AlternateDataStreams: C:\ProgramData\TEMP:14A1BBE3
AlternateDataStreams: C:\ProgramData\TEMP:14B2E0BD
AlternateDataStreams: C:\ProgramData\TEMP:15734396
AlternateDataStreams: C:\ProgramData\TEMP:1604D047
AlternateDataStreams: C:\ProgramData\TEMP:16F4BC64
AlternateDataStreams: C:\ProgramData\TEMP:183A9046
AlternateDataStreams: C:\ProgramData\TEMP:186F8A82
AlternateDataStreams: C:\ProgramData\TEMP:18A25CF1
AlternateDataStreams: C:\ProgramData\TEMP:18B241CC
AlternateDataStreams: C:\ProgramData\TEMP:18B5F839
AlternateDataStreams: C:\ProgramData\TEMP:18E3BAF3
AlternateDataStreams: C:\ProgramData\TEMP:18E4BF6C
AlternateDataStreams: C:\ProgramData\TEMP:19474103
AlternateDataStreams: C:\ProgramData\TEMP:195E8317
AlternateDataStreams: C:\ProgramData\TEMP:19636FDD
AlternateDataStreams: C:\ProgramData\TEMP:1999DD0A
AlternateDataStreams: C:\ProgramData\TEMP:19F8EB29
AlternateDataStreams: C:\ProgramData\TEMP:1A15E356
AlternateDataStreams: C:\ProgramData\TEMP:1A259A13
AlternateDataStreams: C:\ProgramData\TEMP:1A5822A3
AlternateDataStreams: C:\ProgramData\TEMP:1A8854EC
AlternateDataStreams: C:\ProgramData\TEMP:1A8FDBA3
AlternateDataStreams: C:\ProgramData\TEMP:1B389835
AlternateDataStreams: C:\ProgramData\TEMP:1B96CF22
AlternateDataStreams: C:\ProgramData\TEMP:1C201DEB
AlternateDataStreams: C:\ProgramData\TEMP:1CD511E5
AlternateDataStreams: C:\ProgramData\TEMP:1D5FADCD
AlternateDataStreams: C:\ProgramData\TEMP:1E2D49E0
AlternateDataStreams: C:\ProgramData\TEMP:1E5EC928
AlternateDataStreams: C:\ProgramData\TEMP:1E87A273
AlternateDataStreams: C:\ProgramData\TEMP:1E942FB9
AlternateDataStreams: C:\ProgramData\TEMP:1EAB6298
AlternateDataStreams: C:\ProgramData\TEMP:1EC13383
AlternateDataStreams: C:\ProgramData\TEMP:1ECED34B
AlternateDataStreams: C:\ProgramData\TEMP:1F4329D4
AlternateDataStreams: C:\ProgramData\TEMP:1FA4C06F
AlternateDataStreams: C:\ProgramData\TEMP:1FF82161
AlternateDataStreams: C:\ProgramData\TEMP:2043337E
AlternateDataStreams: C:\ProgramData\TEMP:206470A5
AlternateDataStreams: C:\ProgramData\TEMP:20ABE827
AlternateDataStreams: C:\ProgramData\TEMP:2211E7A0
AlternateDataStreams: C:\ProgramData\TEMP:2313511A
AlternateDataStreams: C:\ProgramData\TEMP:2339C9FD
AlternateDataStreams: C:\ProgramData\TEMP:24164710
AlternateDataStreams: C:\ProgramData\TEMP:244E4E3A
AlternateDataStreams: C:\ProgramData\TEMP:254AD2ED
AlternateDataStreams: C:\ProgramData\TEMP:2680DDD5
AlternateDataStreams: C:\ProgramData\TEMP:26991AB9
AlternateDataStreams: C:\ProgramData\TEMP:2701CA70
AlternateDataStreams: C:\ProgramData\TEMP:271E16B0
AlternateDataStreams: C:\ProgramData\TEMP:27A88EF2
AlternateDataStreams: C:\ProgramData\TEMP:282CE153
AlternateDataStreams: C:\ProgramData\TEMP:28BE9DE0
AlternateDataStreams: C:\ProgramData\TEMP:28DFF83F
AlternateDataStreams: C:\ProgramData\TEMP:2979C892
AlternateDataStreams: C:\ProgramData\TEMP:29EA7E22
AlternateDataStreams: C:\ProgramData\TEMP:2A874675
AlternateDataStreams: C:\ProgramData\TEMP:2AC146B9
AlternateDataStreams: C:\ProgramData\TEMP:2AD33723
AlternateDataStreams: C:\ProgramData\TEMP:2AE74FF9
AlternateDataStreams: C:\ProgramData\TEMP:2B40A7DB
AlternateDataStreams: C:\ProgramData\TEMP:2C4F33F6
AlternateDataStreams: C:\ProgramData\TEMP:2C678471
AlternateDataStreams: C:\ProgramData\TEMP:2C84CA43
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:2E33E4A6
AlternateDataStreams: C:\ProgramData\TEMP:2E3F04BC
AlternateDataStreams: C:\ProgramData\TEMP:2E636DD9
AlternateDataStreams: C:\ProgramData\TEMP:2E928E6E
AlternateDataStreams: C:\ProgramData\TEMP:2F360FB3
AlternateDataStreams: C:\ProgramData\TEMP:2F474C84
AlternateDataStreams: C:\ProgramData\TEMP:2F70C0B4
AlternateDataStreams: C:\ProgramData\TEMP:2F947175
AlternateDataStreams: C:\ProgramData\TEMP:3086B95F
AlternateDataStreams: C:\ProgramData\TEMP:319D783D
AlternateDataStreams: C:\ProgramData\TEMP:31C9BA96
AlternateDataStreams: C:\ProgramData\TEMP:320208DA
AlternateDataStreams: C:\ProgramData\TEMP:32289BE8
AlternateDataStreams: C:\ProgramData\TEMP:3241739E
AlternateDataStreams: C:\ProgramData\TEMP:32AE8659
AlternateDataStreams: C:\ProgramData\TEMP:32EA849C
AlternateDataStreams: C:\ProgramData\TEMP:331B7520
AlternateDataStreams: C:\ProgramData\TEMP:33E58057
AlternateDataStreams: C:\ProgramData\TEMP:3480F458
AlternateDataStreams: C:\ProgramData\TEMP:34C443B4
AlternateDataStreams: C:\ProgramData\TEMP:35501BA4
AlternateDataStreams: C:\ProgramData\TEMP:3595B780
AlternateDataStreams: C:\ProgramData\TEMP:363E775E
AlternateDataStreams: C:\ProgramData\TEMP:366EFA1A
AlternateDataStreams: C:\ProgramData\TEMP:36ED5C45
AlternateDataStreams: C:\ProgramData\TEMP:371060CE
AlternateDataStreams: C:\ProgramData\TEMP:374CECA7
AlternateDataStreams: C:\ProgramData\TEMP:37C279BE
AlternateDataStreams: C:\ProgramData\TEMP:38534D53
AlternateDataStreams: C:\ProgramData\TEMP:3969ACF7
AlternateDataStreams: C:\ProgramData\TEMP:398D2775
AlternateDataStreams: C:\ProgramData\TEMP:398EFF0F
AlternateDataStreams: C:\ProgramData\TEMP:3A133158
AlternateDataStreams: C:\ProgramData\TEMP:3A28C54D
AlternateDataStreams: C:\ProgramData\TEMP:3ABC38E6
AlternateDataStreams: C:\ProgramData\TEMP:3B622E21
AlternateDataStreams: C:\ProgramData\TEMP:3B633DE9
AlternateDataStreams: C:\ProgramData\TEMP:3B71586E
AlternateDataStreams: C:\ProgramData\TEMP:3BDF57F4
AlternateDataStreams: C:\ProgramData\TEMP:3C4BD225
AlternateDataStreams: C:\ProgramData\TEMP:3C6860C5
AlternateDataStreams: C:\ProgramData\TEMP:3D033DEC
AlternateDataStreams: C:\ProgramData\TEMP:3D1D487A
AlternateDataStreams: C:\ProgramData\TEMP:3D4B733E
AlternateDataStreams: C:\ProgramData\TEMP:3D887DCC
AlternateDataStreams: C:\ProgramData\TEMP:3D922890
AlternateDataStreams: C:\ProgramData\TEMP:3E8A3E87
AlternateDataStreams: C:\ProgramData\TEMP:3EC5BC08
AlternateDataStreams: C:\ProgramData\TEMP:3F266659
AlternateDataStreams: C:\ProgramData\TEMP:401CAF8F
AlternateDataStreams: C:\ProgramData\TEMP:404908B5
AlternateDataStreams: C:\ProgramData\TEMP:406E0034
AlternateDataStreams: C:\ProgramData\TEMP:41289DF0
AlternateDataStreams: C:\ProgramData\TEMP:413177C4
AlternateDataStreams: C:\ProgramData\TEMP:4157BB05
AlternateDataStreams: C:\ProgramData\TEMP:41CB6858
AlternateDataStreams: C:\ProgramData\TEMP:4244811A
AlternateDataStreams: C:\ProgramData\TEMP:43CBFAB2
AlternateDataStreams: C:\ProgramData\TEMP:43F5FA9D
AlternateDataStreams: C:\ProgramData\TEMP:44712999
AlternateDataStreams: C:\ProgramData\TEMP:4577F5B4
AlternateDataStreams: C:\ProgramData\TEMP:45936E12
AlternateDataStreams: C:\ProgramData\TEMP:45A64DE6
AlternateDataStreams: C:\ProgramData\TEMP:460638C7
AlternateDataStreams: C:\ProgramData\TEMP:46283136
AlternateDataStreams: C:\ProgramData\TEMP:474022C7
AlternateDataStreams: C:\ProgramData\TEMP:4762F1D2
AlternateDataStreams: C:\ProgramData\TEMP:48862C37
AlternateDataStreams: C:\ProgramData\TEMP:488F7244
AlternateDataStreams: C:\ProgramData\TEMP:489EA5E5
AlternateDataStreams: C:\ProgramData\TEMP:48BCFDB6
AlternateDataStreams: C:\ProgramData\TEMP:48D6EA0F
AlternateDataStreams: C:\ProgramData\TEMP:494E4266
AlternateDataStreams: C:\ProgramData\TEMP:498B5975
AlternateDataStreams: C:\ProgramData\TEMP:49EA4410
AlternateDataStreams: C:\ProgramData\TEMP:49EB69E2
AlternateDataStreams: C:\ProgramData\TEMP:4A5CFD3B
AlternateDataStreams: C:\ProgramData\TEMP:4A8EB1C4
AlternateDataStreams: C:\ProgramData\TEMP:4AC7B5C1
AlternateDataStreams: C:\ProgramData\TEMP:4B7C28B1
AlternateDataStreams: C:\ProgramData\TEMP:4C3B92C7
AlternateDataStreams: C:\ProgramData\TEMP:4C3D5A8B
AlternateDataStreams: C:\ProgramData\TEMP:4C465B13
AlternateDataStreams: C:\ProgramData\TEMP:4C9782FB
AlternateDataStreams: C:\ProgramData\TEMP:4CD3F344
AlternateDataStreams: C:\ProgramData\TEMP:4D28BE4D
AlternateDataStreams: C:\ProgramData\TEMP:4D551822
AlternateDataStreams: C:\ProgramData\TEMP:4D8FCBEF
AlternateDataStreams: C:\ProgramData\TEMP:4E79C4F8
AlternateDataStreams: C:\ProgramData\TEMP:4EC7F009
AlternateDataStreams: C:\ProgramData\TEMP:4EFA2FC7
AlternateDataStreams: C:\ProgramData\TEMP:4F49DA66
AlternateDataStreams: C:\ProgramData\TEMP:4F852702
AlternateDataStreams: C:\ProgramData\TEMP:4FD3435F
AlternateDataStreams: C:\ProgramData\TEMP:5008417E
AlternateDataStreams: C:\ProgramData\TEMP:50868536
AlternateDataStreams: C:\ProgramData\TEMP:50DD4118
AlternateDataStreams: C:\ProgramData\TEMP:512E1728
AlternateDataStreams: C:\ProgramData\TEMP:5133A494
AlternateDataStreams: C:\ProgramData\TEMP:5164A01F
AlternateDataStreams: C:\ProgramData\TEMP:51A20D23
AlternateDataStreams: C:\ProgramData\TEMP:53B8C5D2
AlternateDataStreams: C:\ProgramData\TEMP:53BA2DF6
AlternateDataStreams: C:\ProgramData\TEMP:53F09A92
AlternateDataStreams: C:\ProgramData\TEMP:54380FEC
AlternateDataStreams: C:\ProgramData\TEMP:54403233
AlternateDataStreams: C:\ProgramData\TEMP:5453E5AF
AlternateDataStreams: C:\ProgramData\TEMP:5520ED93
AlternateDataStreams: C:\ProgramData\TEMP:5539129F
AlternateDataStreams: C:\ProgramData\TEMP:56699AAF
AlternateDataStreams: C:\ProgramData\TEMP:56FBA78D
AlternateDataStreams: C:\ProgramData\TEMP:57176330
AlternateDataStreams: C:\ProgramData\TEMP:57231008
AlternateDataStreams: C:\ProgramData\TEMP:574F975B
AlternateDataStreams: C:\ProgramData\TEMP:57B2B96C
AlternateDataStreams: C:\ProgramData\TEMP:57DFBE4E
AlternateDataStreams: C:\ProgramData\TEMP:58447932
AlternateDataStreams: C:\ProgramData\TEMP:587F3582
AlternateDataStreams: C:\ProgramData\TEMP:58A2C544
AlternateDataStreams: C:\ProgramData\TEMP:58B3FE52
AlternateDataStreams: C:\ProgramData\TEMP:58E38390
AlternateDataStreams: C:\ProgramData\TEMP:59465B40
AlternateDataStreams: C:\ProgramData\TEMP:59540531
AlternateDataStreams: C:\ProgramData\TEMP:59A6876B
AlternateDataStreams: C:\ProgramData\TEMP:5A068EE1
AlternateDataStreams: C:\ProgramData\TEMP:5A5477A9
AlternateDataStreams: C:\ProgramData\TEMP:5A63CC20
AlternateDataStreams: C:\ProgramData\TEMP:5A9F1AE5
AlternateDataStreams: C:\ProgramData\TEMP:5ACE199E
AlternateDataStreams: C:\ProgramData\TEMP:5C353220
AlternateDataStreams: C:\ProgramData\TEMP:5C3637D2
AlternateDataStreams: C:\ProgramData\TEMP:5C42F64A
AlternateDataStreams: C:\ProgramData\TEMP:5C5F2761
AlternateDataStreams: C:\ProgramData\TEMP:5C717402
AlternateDataStreams: C:\ProgramData\TEMP:5C9A6C78
AlternateDataStreams: C:\ProgramData\TEMP:5CB83528
AlternateDataStreams: C:\ProgramData\TEMP:5CE91C67
AlternateDataStreams: C:\ProgramData\TEMP:5D10C56A
AlternateDataStreams: C:\ProgramData\TEMP:5DB36C47
AlternateDataStreams: C:\ProgramData\TEMP:5E21B96B
AlternateDataStreams: C:\ProgramData\TEMP:5E73E1C2
AlternateDataStreams: C:\ProgramData\TEMP:5E9B629B
AlternateDataStreams: C:\ProgramData\TEMP:5ECEFF17
AlternateDataStreams: C:\ProgramData\TEMP:5EFEB6A1
AlternateDataStreams: C:\ProgramData\TEMP:5F56E7C1
AlternateDataStreams: C:\ProgramData\TEMP:5FC043A8
AlternateDataStreams: C:\ProgramData\TEMP:607A99D7
AlternateDataStreams: C:\ProgramData\TEMP:60E755E6
AlternateDataStreams: C:\ProgramData\TEMP:60F3D3BE
AlternateDataStreams: C:\ProgramData\TEMP:6294B369
AlternateDataStreams: C:\ProgramData\TEMP:62AF94A0
AlternateDataStreams: C:\ProgramData\TEMP:63210866
AlternateDataStreams: C:\ProgramData\TEMP:63C48B80
AlternateDataStreams: C:\ProgramData\TEMP:641A21EA
AlternateDataStreams: C:\ProgramData\TEMP:64E05835
AlternateDataStreams: C:\ProgramData\TEMP:65137F0D
AlternateDataStreams: C:\ProgramData\TEMP:65484F45
AlternateDataStreams: C:\ProgramData\TEMP:65C4D44A
AlternateDataStreams: C:\ProgramData\TEMP:65FE83E4
AlternateDataStreams: C:\ProgramData\TEMP:669AB5E1
AlternateDataStreams: C:\ProgramData\TEMP:66C764F5
AlternateDataStreams: C:\ProgramData\TEMP:66F7E5A9
AlternateDataStreams: C:\ProgramData\TEMP:674893F9
AlternateDataStreams: C:\ProgramData\TEMP:6757F885
AlternateDataStreams: C:\ProgramData\TEMP:67A91473
AlternateDataStreams: C:\ProgramData\TEMP:67E674B0
AlternateDataStreams: C:\ProgramData\TEMP:6896CCCE
AlternateDataStreams: C:\ProgramData\TEMP:691F4D97
AlternateDataStreams: C:\ProgramData\TEMP:69AF9D20
AlternateDataStreams: C:\ProgramData\TEMP:69F562A6
AlternateDataStreams: C:\ProgramData\TEMP:6A0A47E7
AlternateDataStreams: C:\ProgramData\TEMP:6A6D4AF4
AlternateDataStreams: C:\ProgramData\TEMP:6A9CA6CB
AlternateDataStreams: C:\ProgramData\TEMP:6AF6BB0E
AlternateDataStreams: C:\ProgramData\TEMP:6B3B5466
AlternateDataStreams: C:\ProgramData\TEMP:6BEADDC0
AlternateDataStreams: C:\ProgramData\TEMP:6C15BEAD
AlternateDataStreams: C:\ProgramData\TEMP:6C74C778
AlternateDataStreams: C:\ProgramData\TEMP:6CF828C2
AlternateDataStreams: C:\ProgramData\TEMP:6D208D7A
AlternateDataStreams: C:\ProgramData\TEMP:6D65CED0
AlternateDataStreams: C:\ProgramData\TEMP:6DA3BBF2
AlternateDataStreams: C:\ProgramData\TEMP:6DD124E2
AlternateDataStreams: C:\ProgramData\TEMP:6E39144C
AlternateDataStreams: C:\ProgramData\TEMP:6E65510A
AlternateDataStreams: C:\ProgramData\TEMP:6E90EDD7
AlternateDataStreams: C:\ProgramData\TEMP:6ECE93A8
AlternateDataStreams: C:\ProgramData\TEMP:6ED8B881
AlternateDataStreams: C:\ProgramData\TEMP:6EE8565A
AlternateDataStreams: C:\ProgramData\TEMP:6EFFF8B9
AlternateDataStreams: C:\ProgramData\TEMP:6FF14C72
AlternateDataStreams: C:\ProgramData\TEMP:702A7F20
AlternateDataStreams: C:\ProgramData\TEMP:70989864
AlternateDataStreams: C:\ProgramData\TEMP:709E81D4
AlternateDataStreams: C:\ProgramData\TEMP:70BDB805
AlternateDataStreams: C:\ProgramData\TEMP:70E897B5
AlternateDataStreams: C:\ProgramData\TEMP:710768C7
AlternateDataStreams: C:\ProgramData\TEMP:71AEFFEB
AlternateDataStreams: C:\ProgramData\TEMP:72449E7D
AlternateDataStreams: C:\ProgramData\TEMP:7254CF01
AlternateDataStreams: C:\ProgramData\TEMP:72A1B66A
AlternateDataStreams: C:\ProgramData\TEMP:72C99D4E
AlternateDataStreams: C:\ProgramData\TEMP:72E5CC07
AlternateDataStreams: C:\ProgramData\TEMP:747457CF
AlternateDataStreams: C:\ProgramData\TEMP:754E278B
AlternateDataStreams: C:\ProgramData\TEMP:75765D7B
AlternateDataStreams: C:\ProgramData\TEMP:762408BA
AlternateDataStreams: C:\ProgramData\TEMP:774A0E14
AlternateDataStreams: C:\ProgramData\TEMP:774C075A
AlternateDataStreams: C:\ProgramData\TEMP:795F6DEC
AlternateDataStreams: C:\ProgramData\TEMP:79A7F369
AlternateDataStreams: C:\ProgramData\TEMP:7ADA8871
AlternateDataStreams: C:\ProgramData\TEMP:7BB20DE8
AlternateDataStreams: C:\ProgramData\TEMP:7BB584AA
AlternateDataStreams: C:\ProgramData\TEMP:7BE5BAAB
AlternateDataStreams: C:\ProgramData\TEMP:7BFFC6A9
AlternateDataStreams: C:\ProgramData\TEMP:7C27C41C
AlternateDataStreams: C:\ProgramData\TEMP:7D938C9B
AlternateDataStreams: C:\ProgramData\TEMP:7D9B1030
AlternateDataStreams: C:\ProgramData\TEMP:7DC5D762
AlternateDataStreams: C:\ProgramData\TEMP:7E47A57F
AlternateDataStreams: C:\ProgramData\TEMP:7EB93F0E
AlternateDataStreams: C:\ProgramData\TEMP:7F477B0D
AlternateDataStreams: C:\ProgramData\TEMP:7FD60FAD
AlternateDataStreams: C:\ProgramData\TEMP:7FD8AECC
AlternateDataStreams: C:\ProgramData\TEMP:801ED9DF
AlternateDataStreams: C:\ProgramData\TEMP:80253E8D
AlternateDataStreams: C:\ProgramData\TEMP:8029E75F
AlternateDataStreams: C:\ProgramData\TEMP:80F63EC3
AlternateDataStreams: C:\ProgramData\TEMP:80FA23CA
AlternateDataStreams: C:\ProgramData\TEMP:8118F1F5
AlternateDataStreams: C:\ProgramData\TEMP:823606DE
AlternateDataStreams: C:\ProgramData\TEMP:8318A814
AlternateDataStreams: C:\ProgramData\TEMP:841E0E1B
AlternateDataStreams: C:\ProgramData\TEMP:8435AD8C
AlternateDataStreams: C:\ProgramData\TEMP:843D8419
AlternateDataStreams: C:\ProgramData\TEMP:84C34762
AlternateDataStreams: C:\ProgramData\TEMP:852F2262
AlternateDataStreams: C:\ProgramData\TEMP:85376176
AlternateDataStreams: C:\ProgramData\TEMP:86148D88
AlternateDataStreams: C:\ProgramData\TEMP:865F21BF
AlternateDataStreams: C:\ProgramData\TEMP:869C6B4A
AlternateDataStreams: C:\ProgramData\TEMP:86A7B7DD
AlternateDataStreams: C:\ProgramData\TEMP:86B7FDDB
AlternateDataStreams: C:\ProgramData\TEMP:871526BA
AlternateDataStreams: C:\ProgramData\TEMP:8751B175
AlternateDataStreams: C:\ProgramData\TEMP:87731E5E
AlternateDataStreams: C:\ProgramData\TEMP:87A3A233
AlternateDataStreams: C:\ProgramData\TEMP:8836A712
AlternateDataStreams: C:\ProgramData\TEMP:8855A119
AlternateDataStreams: C:\ProgramData\TEMP:8866C899
AlternateDataStreams: C:\ProgramData\TEMP:88C5973F
AlternateDataStreams: C:\ProgramData\TEMP:88FB7F72
AlternateDataStreams: C:\ProgramData\TEMP:8944C195
AlternateDataStreams: C:\ProgramData\TEMP:8A620099
AlternateDataStreams: C:\ProgramData\TEMP:8AE92FD3
AlternateDataStreams: C:\ProgramData\TEMP:8B480195
AlternateDataStreams: C:\ProgramData\TEMP:8B79243A
AlternateDataStreams: C:\ProgramData\TEMP:8BE7A048
AlternateDataStreams: C:\ProgramData\TEMP:8C3C65BE
AlternateDataStreams: C:\ProgramData\TEMP:8C8D234C
AlternateDataStreams: C:\ProgramData\TEMP:8D565A9B
AlternateDataStreams: C:\ProgramData\TEMP:8DBCF585
AlternateDataStreams: C:\ProgramData\TEMP:8E11CC80
AlternateDataStreams: C:\ProgramData\TEMP:8EBF0142
AlternateDataStreams: C:\ProgramData\TEMP:8F6B75BF
AlternateDataStreams: C:\ProgramData\TEMP:8FC568E1
AlternateDataStreams: C:\ProgramData\TEMP:90C320E1
AlternateDataStreams: C:\ProgramData\TEMP:918A387B
AlternateDataStreams: C:\ProgramData\TEMP:9195103F
AlternateDataStreams: C:\ProgramData\TEMP:9254F782
AlternateDataStreams: C:\ProgramData\TEMP:92BD9737
AlternateDataStreams: C:\ProgramData\TEMP:92CA7E75
AlternateDataStreams: C:\ProgramData\TEMP:9338F136
AlternateDataStreams: C:\ProgramData\TEMP:934CA750
AlternateDataStreams: C:\ProgramData\TEMP:943971F5
AlternateDataStreams: C:\ProgramData\TEMP:94B25DF5
AlternateDataStreams: C:\ProgramData\TEMP:95079543
AlternateDataStreams: C:\ProgramData\TEMP:9510DF8F
AlternateDataStreams: C:\ProgramData\TEMP:952245B1
AlternateDataStreams: C:\ProgramData\TEMP:9524D821
AlternateDataStreams: C:\ProgramData\TEMP:95D421DF
AlternateDataStreams: C:\ProgramData\TEMP:96372A73
AlternateDataStreams: C:\ProgramData\TEMP:968F624D
AlternateDataStreams: C:\ProgramData\TEMP:96AFAB10
AlternateDataStreams: C:\ProgramData\TEMP:97427454
AlternateDataStreams: C:\ProgramData\TEMP:97AAB7F2
AlternateDataStreams: C:\ProgramData\TEMP:981456CB
AlternateDataStreams: C:\ProgramData\TEMP:9836B5E4
AlternateDataStreams: C:\ProgramData\TEMP:98CD9221
AlternateDataStreams: C:\ProgramData\TEMP:98CF1A39
AlternateDataStreams: C:\ProgramData\TEMP:98DD1050
AlternateDataStreams: C:\ProgramData\TEMP:991283D0
AlternateDataStreams: C:\ProgramData\TEMP:993185CB
AlternateDataStreams: C:\ProgramData\TEMP:99515FFA
AlternateDataStreams: C:\ProgramData\TEMP:9968F0E2
AlternateDataStreams: C:\ProgramData\TEMP:997DA6D7
AlternateDataStreams: C:\ProgramData\TEMP:99B20AD0
AlternateDataStreams: C:\ProgramData\TEMP:9A60A5B3
AlternateDataStreams: C:\ProgramData\TEMP:9A88B65D
AlternateDataStreams: C:\ProgramData\TEMP:9B285B76
AlternateDataStreams: C:\ProgramData\TEMP:9BB8C675
AlternateDataStreams: C:\ProgramData\TEMP:9C7A32BB
AlternateDataStreams: C:\ProgramData\TEMP:9CE870B8
AlternateDataStreams: C:\ProgramData\TEMP:9E3D44B7
AlternateDataStreams: C:\ProgramData\TEMP:9E410D29
AlternateDataStreams: C:\ProgramData\TEMP:9EDA68BD
AlternateDataStreams: C:\ProgramData\TEMP:9EE6560D
AlternateDataStreams: C:\ProgramData\TEMP:A015B193
AlternateDataStreams: C:\ProgramData\TEMP:A0921B2C
AlternateDataStreams: C:\ProgramData\TEMP:A13B696A
AlternateDataStreams: C:\ProgramData\TEMP:A19DFC74
AlternateDataStreams: C:\ProgramData\TEMP:A1D3FEF0
AlternateDataStreams: C:\ProgramData\TEMP:A1FD5369
AlternateDataStreams: C:\ProgramData\TEMP:A2FF94DF
AlternateDataStreams: C:\ProgramData\TEMP:A391510C
AlternateDataStreams: C:\ProgramData\TEMP:A3B8F70C
AlternateDataStreams: C:\ProgramData\TEMP:A3E0A552
AlternateDataStreams: C:\ProgramData\TEMP:A4241298
AlternateDataStreams: C:\ProgramData\TEMP:A42B5698
AlternateDataStreams: C:\ProgramData\TEMP:A42FABF7
AlternateDataStreams: C:\ProgramData\TEMP:A4AF8D0D
AlternateDataStreams: C:\ProgramData\TEMP:A4B4192F
AlternateDataStreams: C:\ProgramData\TEMP:A4E7D25F
AlternateDataStreams: C:\ProgramData\TEMP:A52D07E2
AlternateDataStreams: C:\ProgramData\TEMP:A5584049
AlternateDataStreams: C:\ProgramData\TEMP:A5FC8FA1
AlternateDataStreams: C:\ProgramData\TEMP:A6345BDA
AlternateDataStreams: C:\ProgramData\TEMP:A6E01F67
AlternateDataStreams: C:\ProgramData\TEMP:A6F30843
AlternateDataStreams: C:\ProgramData\TEMP:A6FE7BCC
AlternateDataStreams: C:\ProgramData\TEMP:A73595DE
AlternateDataStreams: C:\ProgramData\TEMP:A78B31DD
AlternateDataStreams: C:\ProgramData\TEMP:A798AA1A
AlternateDataStreams: C:\ProgramData\TEMP:A7C40691
AlternateDataStreams: C:\ProgramData\TEMP:A8185163
AlternateDataStreams: C:\ProgramData\TEMP:A819A132
AlternateDataStreams: C:\ProgramData\TEMP:A8369371
AlternateDataStreams: C:\ProgramData\TEMP:A8ADEA55
AlternateDataStreams: C:\ProgramData\TEMP:A9223B61
AlternateDataStreams: C:\ProgramData\TEMP:A9562832
AlternateDataStreams: C:\ProgramData\TEMP:A9EBEE99
AlternateDataStreams: C:\ProgramData\TEMP:A9F13D2D
AlternateDataStreams: C:\ProgramData\TEMP:AA0017FD
AlternateDataStreams: C:\ProgramData\TEMP:AA5A61B2
AlternateDataStreams: C:\ProgramData\TEMP:AAA06E15
AlternateDataStreams: C:\ProgramData\TEMP:AABECEFB
AlternateDataStreams: C:\ProgramData\TEMP:AB0A5A80
AlternateDataStreams: C:\ProgramData\TEMP:ABBFFEA2
AlternateDataStreams: C:\ProgramData\TEMP:AC9F291E
AlternateDataStreams: C:\ProgramData\TEMP:ACB38255
AlternateDataStreams: C:\ProgramData\TEMP:ACCFA538
AlternateDataStreams: C:\ProgramData\TEMP:AD020DC3
AlternateDataStreams: C:\ProgramData\TEMP:AD179392
AlternateDataStreams: C:\ProgramData\TEMP:AD2DB2F9
AlternateDataStreams: C:\ProgramData\TEMP:ADEBE9CA
AlternateDataStreams: C:\ProgramData\TEMP:AE34D87E
AlternateDataStreams: C:\ProgramData\TEMP:AEC59117
AlternateDataStreams: C:\ProgramData\TEMP:AED4A2B7
AlternateDataStreams: C:\ProgramData\TEMP:AF465248
AlternateDataStreams: C:\ProgramData\TEMP:AFB24B00
AlternateDataStreams: C:\ProgramData\TEMP:AFBD0680
AlternateDataStreams: C:\ProgramData\TEMP:AFC732F7
AlternateDataStreams: C:\ProgramData\TEMP:B01EC114
AlternateDataStreams: C:\ProgramData\TEMP:B0456F0C
AlternateDataStreams: C:\ProgramData\TEMP:B0A727D1
AlternateDataStreams: C:\ProgramData\TEMP:B0EA26E5
AlternateDataStreams: C:\ProgramData\TEMP:B1786630
AlternateDataStreams: C:\ProgramData\TEMP:B21F2857
AlternateDataStreams: C:\ProgramData\TEMP:B2CCDB69
AlternateDataStreams: C:\ProgramData\TEMP:B2DC8D6B
AlternateDataStreams: C:\ProgramData\TEMP:B33464A5
AlternateDataStreams: C:\ProgramData\TEMP:B36361EE
AlternateDataStreams: C:\ProgramData\TEMP:B3A5945E
AlternateDataStreams: C:\ProgramData\TEMP:B3C7433B
AlternateDataStreams: C:\ProgramData\TEMP:B4258C5D
AlternateDataStreams: C:\ProgramData\TEMP:B4530133
AlternateDataStreams: C:\ProgramData\TEMP:B4F7687B
AlternateDataStreams: C:\ProgramData\TEMP:B504E4C2
AlternateDataStreams: C:\ProgramData\TEMP:B50D8729
AlternateDataStreams: C:\ProgramData\TEMP:B5FD4AA1
AlternateDataStreams: C:\ProgramData\TEMP:B61767F5
AlternateDataStreams: C:\ProgramData\TEMP:B64F7263
AlternateDataStreams: C:\ProgramData\TEMP:B69CF390
AlternateDataStreams: C:\ProgramData\TEMP:B6D84F71
AlternateDataStreams: C:\ProgramData\TEMP:B6E58523
AlternateDataStreams: C:\ProgramData\TEMP:B6E6C4EA
AlternateDataStreams: C:\ProgramData\TEMP:B8408597
AlternateDataStreams: C:\ProgramData\TEMP:B8791731
AlternateDataStreams: C:\ProgramData\TEMP:B88DC997
AlternateDataStreams: C:\ProgramData\TEMP:B8EB1B99
AlternateDataStreams: C:\ProgramData\TEMP:BACC4A79
AlternateDataStreams: C:\ProgramData\TEMP:BB0F4AA4
AlternateDataStreams: C:\ProgramData\TEMP:BBC9C1EB
AlternateDataStreams: C:\ProgramData\TEMP:BC38C00C
AlternateDataStreams: C:\ProgramData\TEMP:BCF55336
AlternateDataStreams: C:\ProgramData\TEMP:BCFEA004
AlternateDataStreams: C:\ProgramData\TEMP:BD0A043E
AlternateDataStreams: C:\ProgramData\TEMP:BD34FFC5
AlternateDataStreams: C:\ProgramData\TEMP:BD414E4B
AlternateDataStreams: C:\ProgramData\TEMP:BD50071F
AlternateDataStreams: C:\ProgramData\TEMP:BD84F7D6
AlternateDataStreams: C:\ProgramData\TEMP:BDDA21B6
AlternateDataStreams: C:\ProgramData\TEMP:BE0654D6
AlternateDataStreams: C:\ProgramData\TEMP:BE40C8A2
AlternateDataStreams: C:\ProgramData\TEMP:BE6B5FC3
AlternateDataStreams: C:\ProgramData\TEMP:BECA50FF
AlternateDataStreams: C:\ProgramData\TEMP:BEF18713
AlternateDataStreams: C:\ProgramData\TEMP:BF6C4AAC
AlternateDataStreams: C:\ProgramData\TEMP:C00C7190
AlternateDataStreams: C:\ProgramData\TEMP:C0D23A2F
AlternateDataStreams: C:\ProgramData\TEMP:C22674B6
AlternateDataStreams: C:\ProgramData\TEMP:C26A6AB3
AlternateDataStreams: C:\ProgramData\TEMP:C2F24DB5
AlternateDataStreams: C:\ProgramData\TEMP:C368C9EA
AlternateDataStreams: C:\ProgramData\TEMP:C370B84F
AlternateDataStreams: C:\ProgramData\TEMP:C37283B5
AlternateDataStreams: C:\ProgramData\TEMP:C3899C0B
AlternateDataStreams: C:\ProgramData\TEMP:C3A047E3
AlternateDataStreams: C:\ProgramData\TEMP:C3E7F2E9
AlternateDataStreams: C:\ProgramData\TEMP:C5340FA1
AlternateDataStreams: C:\ProgramData\TEMP:C55217E2
AlternateDataStreams: C:\ProgramData\TEMP:C5D15631
AlternateDataStreams: C:\ProgramData\TEMP:C6104C4F
AlternateDataStreams: C:\ProgramData\TEMP:C65B4BD1
AlternateDataStreams: C:\ProgramData\TEMP:C669F3E1
AlternateDataStreams: C:\ProgramData\TEMP:C6920A5D
AlternateDataStreams: C:\ProgramData\TEMP:C76D8487
AlternateDataStreams: C:\ProgramData\TEMP:C78DADEA
AlternateDataStreams: C:\ProgramData\TEMP:C7F08EA3
AlternateDataStreams: C:\ProgramData\TEMP:C82CA1C0
AlternateDataStreams: C:\ProgramData\TEMP:C89D1773
AlternateDataStreams: C:\ProgramData\TEMP:C8E3A625
AlternateDataStreams: C:\ProgramData\TEMP:C900B47A
AlternateDataStreams: C:\ProgramData\TEMP:C98828D3
AlternateDataStreams: C:\ProgramData\TEMP:CA1AFE85
AlternateDataStreams: C:\ProgramData\TEMP:CA7E8F16
AlternateDataStreams: C:\ProgramData\TEMP:CAB0171A
AlternateDataStreams: C:\ProgramData\TEMP:CB3667AF
AlternateDataStreams: C:\ProgramData\TEMP:CB5AA1E6
AlternateDataStreams: C:\ProgramData\TEMP:CB8C8B5D
AlternateDataStreams: C:\ProgramData\TEMP:CBAF0C30
AlternateDataStreams: C:\ProgramData\TEMP:CC141B05
AlternateDataStreams: C:\ProgramData\TEMP:CCD8056E
AlternateDataStreams: C:\ProgramData\TEMP:CE3AADB7
AlternateDataStreams: C:\ProgramData\TEMP:CE506F23
AlternateDataStreams: C:\ProgramData\TEMP:CF8AEC6E
AlternateDataStreams: C:\ProgramData\TEMP026A5A4
AlternateDataStreams: C:\ProgramData\TEMP086B88D
AlternateDataStreams: C:\ProgramData\TEMP103E81E
AlternateDataStreams: C:\ProgramData\TEMP1FE35E7
AlternateDataStreams: C:\ProgramData\TEMP434342F
AlternateDataStreams: C:\ProgramData\TEMP4558A0B
AlternateDataStreams: C:\ProgramData\TEMP4DD372D
AlternateDataStreams: C:\ProgramData\TEMP4E62FA9
AlternateDataStreams: C:\ProgramData\TEMP4F5419A
AlternateDataStreams: C:\ProgramData\TEMP621CFB8
AlternateDataStreams: C:\ProgramData\TEMP64DD961
AlternateDataStreams: C:\ProgramData\TEMP6A43EB0
AlternateDataStreams: C:\ProgramData\TEMP7740E2A
AlternateDataStreams: C:\ProgramData\TEMP7D0B4AF
AlternateDataStreams: C:\ProgramData\TEMP8A1AC56
AlternateDataStreams: C:\ProgramData\TEMP8F64D5A
AlternateDataStreams: C:\ProgramData\TEMP92A5893
AlternateDataStreams: C:\ProgramData\TEMPB76C881
AlternateDataStreams: C:\ProgramData\TEMPB77E2C4
AlternateDataStreams: C:\ProgramData\TEMPC0B1070
AlternateDataStreams: C:\ProgramData\TEMPC7EDF41
AlternateDataStreams: C:\ProgramData\TEMPC9915D2
AlternateDataStreams: C:\ProgramData\TEMPF5ABA3D
AlternateDataStreams: C:\ProgramData\TEMPF7A2D3E
AlternateDataStreams: C:\ProgramData\TEMPFFB9E98
AlternateDataStreams: C:\ProgramData\TEMP:E11D90D0
AlternateDataStreams: C:\ProgramData\TEMP:E1520A02
AlternateDataStreams: C:\ProgramData\TEMP:E265ED33
AlternateDataStreams: C:\ProgramData\TEMP:E2CFA9CD
AlternateDataStreams: C:\ProgramData\TEMP:E31EDFDE
AlternateDataStreams: C:\ProgramData\TEMP:E3615992
AlternateDataStreams: C:\ProgramData\TEMP:E3B0ACE0
AlternateDataStreams: C:\ProgramData\TEMP:E40AB54F
AlternateDataStreams: C:\ProgramData\TEMP:E4272706
AlternateDataStreams: C:\ProgramData\TEMP:E446CB48
AlternateDataStreams: C:\ProgramData\TEMP:E47BBD7B
AlternateDataStreams: C:\ProgramData\TEMP:E4996D81
AlternateDataStreams: C:\ProgramData\TEMP:E4E83517
AlternateDataStreams: C:\ProgramData\TEMP:E4FD113F
AlternateDataStreams: C:\ProgramData\TEMP:E517FE76
AlternateDataStreams: C:\ProgramData\TEMP:E5496666
AlternateDataStreams: C:\ProgramData\TEMP:E5AF754F
AlternateDataStreams: C:\ProgramData\TEMP:E6708F08
AlternateDataStreams: C:\ProgramData\TEMP:E6B95E40
AlternateDataStreams: C:\ProgramData\TEMP:E87AB4E3
AlternateDataStreams: C:\ProgramData\TEMP:E894A3ED
AlternateDataStreams: C:\ProgramData\TEMP:E8AEB2BF
AlternateDataStreams: C:\ProgramData\TEMP:E8B61305
AlternateDataStreams: C:\ProgramData\TEMP:E8BE0B80
AlternateDataStreams: C:\ProgramData\TEMP:E8C44CB4
AlternateDataStreams: C:\ProgramData\TEMP:E94FA418
AlternateDataStreams: C:\ProgramData\TEMP:E96A2658
AlternateDataStreams: C:\ProgramData\TEMP:EA2D3047
AlternateDataStreams: C:\ProgramData\TEMP:EBCF5924
AlternateDataStreams: C:\ProgramData\TEMP:EBF0842B
AlternateDataStreams: C:\ProgramData\TEMP:EC0A74A1
AlternateDataStreams: C:\ProgramData\TEMP:ED0B32CA
AlternateDataStreams: C:\ProgramData\TEMP:ED92736E
AlternateDataStreams: C:\ProgramData\TEMP:EDB03249
AlternateDataStreams: C:\ProgramData\TEMP:EDF12A30
AlternateDataStreams: C:\ProgramData\TEMP:EE198B1F
AlternateDataStreams: C:\ProgramData\TEMP:EE2DD6CC
AlternateDataStreams: C:\ProgramData\TEMP:EE445D7C
AlternateDataStreams: C:\ProgramData\TEMP:EF0BD3A1
AlternateDataStreams: C:\ProgramData\TEMP:EF0F3F33
AlternateDataStreams: C:\ProgramData\TEMP:EF123AF6
AlternateDataStreams: C:\ProgramData\TEMP:EF53A5CA
AlternateDataStreams: C:\ProgramData\TEMP:F1174C93
AlternateDataStreams: C:\ProgramData\TEMP:F135A76C
AlternateDataStreams: C:\ProgramData\TEMP:F1381B87
AlternateDataStreams: C:\ProgramData\TEMP:F13867C6
AlternateDataStreams: C:\ProgramData\TEMP:F176B6C6
AlternateDataStreams: C:\ProgramData\TEMP:F26F5952
AlternateDataStreams: C:\ProgramData\TEMP:F2B81C2E
AlternateDataStreams: C:\ProgramData\TEMP:F2E92DCD
AlternateDataStreams: C:\ProgramData\TEMP:F2EDC57C
AlternateDataStreams: C:\ProgramData\TEMP:F2F0A8AC
AlternateDataStreams: C:\ProgramData\TEMP:F3A185AE
AlternateDataStreams: C:\ProgramData\TEMP:F49868C8
AlternateDataStreams: C:\ProgramData\TEMP:F4BF61E8
AlternateDataStreams: C:\ProgramData\TEMP:F52DB269
AlternateDataStreams: C:\ProgramData\TEMP:F56BE392
AlternateDataStreams: C:\ProgramData\TEMP:F5B99CA4
AlternateDataStreams: C:\ProgramData\TEMP:F610C203
AlternateDataStreams: C:\ProgramData\TEMP:F68CB1A4
AlternateDataStreams: C:\ProgramData\TEMP:F6DA3F39
AlternateDataStreams: C:\ProgramData\TEMP:F74EC668
AlternateDataStreams: C:\ProgramData\TEMP:F7BF538D
AlternateDataStreams: C:\ProgramData\TEMP:F7F4DC88
AlternateDataStreams: C:\ProgramData\TEMP:F7FFE8AF
AlternateDataStreams: C:\ProgramData\TEMP:F816645E
AlternateDataStreams: C:\ProgramData\TEMP:F817E159
AlternateDataStreams: C:\ProgramData\TEMP:F83E8359
AlternateDataStreams: C:\ProgramData\TEMP:F860DBFD
AlternateDataStreams: C:\ProgramData\TEMP:F89F2593
AlternateDataStreams: C:\ProgramData\TEMP:F8DE80DB
AlternateDataStreams: C:\ProgramData\TEMP:F94DE3B1
AlternateDataStreams: C:\ProgramData\TEMP:F9689B72
AlternateDataStreams: C:\ProgramData\TEMP:F9F58B80
AlternateDataStreams: C:\ProgramData\TEMP:FB4262DE
AlternateDataStreams: C:\ProgramData\TEMP:FB71A279
AlternateDataStreams: C:\ProgramData\TEMP:FBA79096
AlternateDataStreams: C:\ProgramData\TEMP:FCBEDCFD
AlternateDataStreams: C:\ProgramData\TEMP:FD11E093
AlternateDataStreams: C:\ProgramData\TEMP:FD4C7AD3
AlternateDataStreams: C:\ProgramData\TEMP:FD6D11C9
AlternateDataStreams: C:\ProgramData\TEMP:FD6DB82C
AlternateDataStreams: C:\ProgramData\TEMP:FD7DCDA6
AlternateDataStreams: C:\ProgramData\TEMP:FDEE14AC
AlternateDataStreams: C:\ProgramData\TEMP:FF717A18
AlternateDataStreams: C:\ProgramData\TEMP:FFC3922F
AlternateDataStreams: C:\Users\Bernhard Gramüller\Downloads\PayPal_aktualisiert_die_AGB.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: ogmservice => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\Services: WPCSvc => 3

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-01-25 06:34:09.455
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-01-25 06:25:58.756
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-01-24 22:14:30.635
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-01-24 21:32:44.012
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-01-24 19:49:09.962
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-01-24 18:38:08.596
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-01-24 16:15:13.727
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-01-24 15:11:19.212
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-01-24 14:48:34.356
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-01-24 12:10:48.436
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 44%
Total physical RAM: 4094.05 MB
Available physical RAM: 2277.26 MB
Total Pagefile: 8186.29 MB
Available Pagefile: 6051.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:636.33 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:232.42 GB) (Free:203.87 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Volume) (Fixed) (Total:233.34 GB) (Free:233.23 GB) NTFS
Drive f: (PX-1263) (CDROM) (Total:0.01 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 3EEEB4A7)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 466 GB) (Disk ID: 4B83CCE6)
Partition 1: (Active) - (Size=232 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233 GB) - (Type=OF Extended)

==================== End Of Log ============================

Den GMER-Log konnte ich nicht erstellen, da sich das Programm beide Male mitten im Scan aufgehangen und meinen PC mit lahmgelegt hat.

Ich hoffe ihr könnt mir helfen, bin schon ein bisschen am Verzweifeln.

Danke schon mal
Andrea

Alt 03.07.2014, 06:50   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 - V-9.1HD - hartnäckiger kleiner Teufel - Standard

Windows 7 - V-9.1HD - hartnäckiger kleiner Teufel



hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________

__________________

Alt 03.07.2014, 16:45   #3
Dolores91
 
Windows 7 - V-9.1HD - hartnäckiger kleiner Teufel - Standard

Windows 7 - V-9.1HD - hartnäckiger kleiner Teufel



Danke für die schnelle Antwort, das mit den Code-Tags hab ich wohl überlesen, sorry.

Ich werde mich morgen gleich drum kümmern, wenn ich wieder am PC bin.
__________________

Alt 04.07.2014, 13:08   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 - V-9.1HD - hartnäckiger kleiner Teufel - Standard

Windows 7 - V-9.1HD - hartnäckiger kleiner Teufel



ok
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 7 - V-9.1HD - hartnäckiger kleiner Teufel
4d36e972-e325-11ce-bfc1-08002be10318, adobe, antivir, anyprotect, avira, browser, ccsetup, converter, defender, desktop, einstellungen, firefox, flash player, helper, homepage, iexplore.exe, langsam, mozilla, newtab, object, online games, port, realtek, registry, security, services.exe, software, svchost.exe, teredo, usb, windows



Ähnliche Themen: Windows 7 - V-9.1HD - hartnäckiger kleiner Teufel


  1. Windows 7 hartnäckiger Virus
    Plagegeister aller Art und deren Bekämpfung - 23.01.2015 (24)
  2. Windows 7 Hartnäckiger svchost Virus
    Log-Analyse und Auswertung - 09.12.2014 (18)
  3. Ein kleiner Dank
    Lob, Kritik und Wünsche - 23.05.2014 (0)
  4. Win7: ShopperPro, Quone8, BonanzaDeals etc, ein Haufen hartnäckiger Mist und Windows-Update blockiert
    Log-Analyse und Auswertung - 09.05.2014 (9)
  5. hartnäckiger Virus von Windows Messenger (MSN)
    Antiviren-, Firewall- und andere Schutzprogramme - 14.04.2010 (7)
  6. hartnäckiger Trojaner (TR/Agent.84992.9) in C:\Windows\System32\drivers\
    Plagegeister aller Art und deren Bekämpfung - 25.05.2009 (0)
  7. hi und hilfe mit deinem Teufel
    Plagegeister aller Art und deren Bekämpfung - 15.03.2009 (1)
  8. hartnäckiger unbekannter Plagegeist... "Windows Security Alert"
    Plagegeister aller Art und deren Bekämpfung - 02.11.2007 (11)
  9. Zum Teufel mit TR/Cleaner.A ....
    Plagegeister aller Art und deren Bekämpfung - 06.08.2007 (2)
  10. Wie Zum Teufel Ist Das Denn Möglich
    Plagegeister aller Art und deren Bekämpfung - 04.08.2007 (1)
  11. Mein kleiner Log
    Log-Analyse und Auswertung - 13.05.2006 (4)
  12. Was ist das zum Teufel?
    Plagegeister aller Art und deren Bekämpfung - 22.04.2006 (5)
  13. kleiner plagegeist
    Log-Analyse und Auswertung - 19.10.2004 (9)
  14. HILFE! Hartnäckiger hijacker, hartnäckiger Trojaner!
    Log-Analyse und Auswertung - 07.09.2004 (3)
  15. Kleiner Hinweis ...
    Archiv - 17.05.2003 (0)

Zum Thema Windows 7 - V-9.1HD - hartnäckiger kleiner Teufel - Hallo ihr lieben Leute, mein Vater hat mich heute gebeten, seinen PC genauer unter die Lupe zu nehmen, weil er so langsam ist. Also hab ich den ganzen Müll entsorgt - Windows 7 - V-9.1HD - hartnäckiger kleiner Teufel...
Archiv
Du betrachtest: Windows 7 - V-9.1HD - hartnäckiger kleiner Teufel auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.